BigTech impact, regulation and challenges. Will we see BigTechs invading financial services?
Currently, BigTech firms cover numerous industries from e-commerce and IT solutions to DeFi infrastructures and are entering finance. As a result, BigTechs may significantly affect the digital economy as a whole. There are no limits to scale financial services in the fastest way to establish business by using data from a range of other services provided to meet customer needs and ensure customer experience in the most convenient manner. BigTechs collect different types of data and have a unique position among other players to compare customer data across sectors. Being experts in data analysis and technologies, BigTechs use their own capabilities for monetisation purposes and benefit from economies of scale.
In this review, I am sharing some thoughts about how BigTechs can change the structure of financial services and what kind of challenges supervisors and regulators face across the markets.
Tech expansion and financial services
It is not surprising that BigTech firms enter financial services, and the Covid-19 pandemic was the perfect time to expand rapidly in different channels. Despite the positive effect on the financial inclusion and easy access to services, this gives rise to concerns among regulators in relation to data management, privacy and security of sensitive information. At the same time, BigTechs bring visible competition to and dominance in specific market sectors, and as the case effect they increase the entry barrier to new market players. In addition, partnerships of BigTechs and other large market players may intensify operations and affect critical services, thus presenting a new type of systemic risk.
BigTech companies, such as Amazon, Google, Meta, Paypal and Apple, have the potential to disrupt the financial services industry in several ways. They have already been represented in the digital payments space. They offer services such as mobile payments, peer-to-peer transfers, and digital wallets, which can rival traditional financial services providers.
BigTech firms may use existing service distribution channels to expand the product line from insurance and lending to crypto.
Some BigTech companies have started to offer basic banking services, such as savings accounts, loans, and insurance. For example, Amazon has launched payment and collection services available in several countries. Before that, it launched a service called Amazon cashier, which allows users to deposit their paychecks directly into their Amazon accounts and use the funds to make purchases. In Europe, paychecks are not so popular, the Baltic states even skipped this stage in banking services. However, people in the countries with low financial inclusion and limited access to banking can benefit from such application.
In addition to product lines, BigTech companies are also exploring the use of blockchain technology to improve the efficiency, security, and transparency of financial services offering products and services in a safer and faster way.
It should be noted that BigTech companies have access to vast amounts of data, deep analysis and can leverage it to offer personalised financial services, such as investment advice, credit scoring, and risk assessment.
This "organizational competence" increases the comparative advantage of BigTechs among traditional banking sectors. The use of data and artificial intelligence (AI) creates very targeted and focused personalised customer experience. In fact, traditional banking currently does not offer a similar approach, while BigTechs, which accumulate data from different sources, can do it in just a couple of steps or clicks. Imagine the abovementioned approach arranged through a merger or acquisition deal. BigTech firms partner with traditional financial services providers or acquire them to expand the range of their offers.
Can we expect the impact on financial stability, competition, and market manipulation risk?
BigTech firms have the potential for disrupting financial stability in several ways. Currently in Latvia we do not see a direct risk of such disruption, however, we need to keep in mind that BigTechs produce new risks at any time, even when regulation is fragmented.
Systemic risk is the most important component to be considered. Operations of BigTech firms may expand and become interconnected to the extent that their failure could cause a chain reaction and harm the stability of the entire financial system. This is because they may provide critical services, such as cross-border payments and lending, to a large number of people and businesses. Low entry barriers and attractive usability ensure takeover of a significant number of customers within any country.
In addition to systemic risk, BigTechs may raise monopoly issues. BigTech firms collect vast amounts of data on their customers and may collect even more giving them a significant advantage over traditional financial institutions. This data could be used to gain a monopoly on certain services, such as credit scoring or investment advice, which could harm competition and stability. Just imagine having daily services free of charge! What will happen with competition?
This will lead to market manipulation when BigTech firms use their market power to manipulate financial markets of banking services, causing artificial price movements that could harm investors and the stability of the financial system and make traditional businesses unprofitable. Or it can have the opposite effect: BigTech firms can crowd out traditional financial institutions, reducing competition and leading to the concentration of power in the hands of a few large companies. This could result in higher prices, reduced access to credit, and lower quality financial services for consumers and businesses. Both cases will have an impact on financial stability.
As regards digitalisation and technological progress, BigTech firms may also manipulate financial markets. For example, they can use their advanced technology and large amounts of data to engage in algorithmic trading, which involves using algorithms to execute trades based on market data and trends. This could allow them to gain an unfair advantage over other market participants, leading to artificial price movements and market manipulation.
In the age when information is everything BigTech firms can have access to sensitive financial information that gives them an unfair advantage over other market participants. This could allow them to engage in insider trading, which involves using non-public information to make trades that are likely to be profitable. In addition, they can use their market power to concentrate their trades in certain markets, which could lead to artificial price movements and market manipulation. This could also result in a lack of competition and reduced market efficiency. As players in financial markets, BigTechs may use their market power to provide liquidity to certain markets, which could allow them to manipulate prices and reduce market efficiency. This could result in artificial price movements that harm investors and the stability of the financial system.
It is important for regulators to be aware of these risks and to take measures to prevent BigTech firms from using their market power to manipulate financial markets.
This can include implementing regulations that ensure fair and transparent markets and enforcing penalties for market manipulation.
Other risks
It is not only BigTechs that can present risks to financial stability but also other providers of financial services. For example, there are IT providers among BigTechs that provide critical services by storing and processing data, ensuring cloud services and AI operations. Currently regulators and supervisors do not have relevant tools to control and set limits to avoid concentration of risks. Again, at the moment the financial stability risk is not critical, but it is growing.
One more concern that must be mentioned is the cybersecurity risk. BigTech firms can be vulnerable to cyberattacks, which could lead to the loss of sensitive financial data or the disruption of critical financial services. This could have a cascading effect on the stability of the financial system.
Last year and this year cybersecurity and InfoSec are one of the major focus areas in our Latvian supervision activities across banking and non-banking financial sectors. This area is in focus at EU level as well.
So, it is important for regulators to be aware of these risks and to take proactive measures to address them. This can involve establishing regulations which ensure that BigTech firms are subject to the same standards as traditional financial institutions and implementing measures to mitigate systemic risk and promote stability. Moreover, regulators may also need to coordinate with their counterparts in other countries to ensure that the effects of a failure of a BigTech firm are contained and do not harm the stability of the global financial system.
What about regulation of BigTechs?
The entry of BigTech firms into the financial services space, especially in the small countries, like the Baltic states, has the potential to increase competition and innovation, leading to better products and services for consumers. However, it also raises concerns about privacy, data protection, and the concentration of power in the hands of a few large companies. Current regulation of BigTechs is very sectoral and does not fully cover the regulatory requirements relating to financial services, thus giving rise to concerns about customer protection. Regulatory provisions are fragmented across the globe and do not include the activity-based regulation principle: it is not based on the type of entity and activity therefore we need to understand how to address financial stability risks.
Typically, regulators use three approaches of regulatory frameworks: restriction, segregation or isolation, and inclusion. There could be a combination between them in practice. However, the major dilemma here is how to supervise cross-border activity of BigTech firms when they are registered and regulated in one country but provide services in other countries or operate across the globe?
Supervising the cross-border activities of BigTech firms can be a challenge due to the complex nature of their operations and the divergent regulations in different countries. Here are a few strategies that regulators can use to address these challenges:
- International cooperation is important. Regulators from different countries (EU, US, Asia) can work together to establish a common framework for supervising the cross-border activities of BigTech firms. This can involve sharing information, coordinating investigations, and harmonising regulations. Even general principles or guidelines will be beneficial.
- Jurisdiction should be discussed and aligned to existing data protection policies. Regulators can determine which jurisdiction is best suited to oversee BigTech firms' activities based on factors, such as where the firm's headquarters and its customers are located, and where its data is stored. In the EU it is crucial to ensure the data processing and storage of data that belongs to European customers within the EU territory. In addition, according to common practice, regulated market participants have to ensure that the local team of professional compliance experts is available in the host country. Most probably, international agreements will be required to organise supervision and exchange information between different jurisdictions.
- Regulators can ensure that their regulations are technology neutral, meaning that they apply equally to traditional financial services providers and BigTech firms. This will level the playing field and prevent BigTech firms from having an unfair advantage. The technology neutral regulation principle has already been introduced among EU countries.
- Data protection and privacy will remain the most challenging area of supervision. On the one hand, regulators can ensure that BigTech firms comply with data protection and privacy regulations by requiring them to implement robust security measures, obtain the consent from their customers, and provide authorised authorities with access to their data. On the other hand, despite GDPR there are plenty of requirements set at national level which differ from country to country.
Conclusions and what we can do now
Some years ago, Libra shocked everyone: customers, regulators and policy makers. On the one hand, we wonder who is allowed to design and issue money: governments, central banks, companies? On the other hand, Bitcoin and Ethereum are still alive despite distrust, leaks, market downturn, etc. As a result of business creation and experimentation over and over again, development of innovations is taking place faster than the majority of population is able to keep abreast of it. The question is: are central banks prepared for what will happen next – massive inclusion and transformation?
Cross-border regulation of BigTechs is challenging, as some authorities may not act in the same way. It is not necessarily the case where regulators should prevent the expansion of BigTech firms. Instead, they should focus on ensuring that these firms are subject to appropriate regulations and standards that take into account the potential risks posed by their size and market power. This could involve establishing rules that ensure fair competition, prevent market manipulation, and protect consumer data and financial information. At the same time, regulators should also ensure that traditional financial institutions are not unfairly disadvantaged by the entry of BigTech firms into the financial services space.
So what will we do if there is no local regulation of BigTech firms? In reality, regulators may have limited but valuable options to supervise BigTech activities. Regulators can advocate the development of national regulations that specifically address the activities of BigTech firms. This can involve working with policymakers to draft legislation that addresses the unique challenges posed by these firms. As data protection policy (GDPR) is already in place at EU level, it is not unified globally, so regulators can agree on global standards for data protection and privacy or implement codes of conduct that set out the ethical standards or guidelines.
It is important to ensure cooperation across countries (EU, ES, Asia) by sharing information and best practices or negotiating mutual recognition agreements that allow for cross-border enforcement. In addition, regulators encourage multi-stakeholder collaboration, bringing together industry representatives, civil society organizations, and government agencies to discuss and address the challenges posed by BigTech firms.
Supervision of cross-border activities of BigTech firms requires a combination of international cooperation, jurisdiction, technology-neutral regulation, and a focus on data protection and privacy. In the absence of local regulations, regulators may have to be creative and innovative in their approach to supervising the activities of BigTech firms. By collaborating with other countries and leveraging existing laws, they can help ensure that these firms operate in a responsible and transparent manner.