The 3rd Global Fintech Regulator Survey

Alexander Apostolides (CCAF), Sarah Ombija (CCAF), Zain Umer (CCAF), Kyriakos Christofi (CCAF), Philip Rowan (CCAF), Nick Clark (CCAF), Bryan Zhang (CCAF), Juliet Ongwae (CCAF), Matt Grasser (CCAF), Simone di Castri (CCAF), Jose Miguel Mestanza (CCAF), Pedro Schilling de Carvalho (CCAF), Shuli Hu (CCAF), Harish Natarajan (World Bank), Buddy Buruku (World Bank), and Nana Yaa Boakye-Adjei (World Bank)

Download the report

This study aims to understand the extent to which policymakers continue to be impacted by the COVID-19 pandemic as we move away from the crisis. The survey provides insights into the types of consumer risks that have emerged because of the pandemic and the impact of such risks on policy objectives. The survey also explores the important role of information technology systems and infrastructures in supporting oversight and supervision across fintech verticals.

Highlights from the report

The survey asked a range of questions covering four key themes:

  • The medium-term impact of COVID-19 on policy responses to fintech.
  • Perceptions of continuing and emerging consumer risks within fintech and their implications for consumer protection.
  • The landscape of different types of digital regulatory and supervisory infrastructures (DRSI) used to enable effective regulation and oversight of fintech markets.
  • A mapping of suptech activities.

COVID-19 continues to catalyse financial authorities in EMDEs to prioritise fintech-related work to deepen financial inclusion. Fifty-six percent of respondents in EMDEs have increased the priority of fintech compared to 35% of respondents in advanced economies. This is particularly the case in sub-Saharan Africa (SSA) where 75% of respondents report an increase in fintech prioritisation. Regulatory innovation initiatives, such as innovation offices and regulatory sandboxes, are specific areas of growth in EMDEs.

Generally, respondents perceive that fintech aligns with their overarching policy objectives. However, a significant proportion cite concerns about effectively mitigating existing and emerging consumer risks. Respondents report capacity and resource constraints as the main challenge in addressing consumer risks. Overall, authorities are most worried about their internal capacity to effectively mitigate consumer risks related to digital assets and cryptoassets.

The top three risks that have increased for survey respondents due to COVID-19 relate to cybersecurity, fraud and scams, and other consumer protection issues. Seventy-eight percent of respondents considers threats to cybersecurity as the top risk in fintech. Fraud and scams are the second most common risk, reported by 67% of respondents, up from 18% in the 2020 survey. General consumer protection risks are of greater concern for financial authorities in EMDEs (56%) compared to those in advanced economies (43%).

Using suptech applications to effectively respond to consumer risks is an important objective for a large proportion of respondents. However, consumer education and literacy initiatives are the most common ways financial authorities currently respond to risks to consumers. 

Far more respondents in advanced economies use DSRI than those in EMDEs, and the most common applications are for consumer protection and ongoing supervision. 

Regulators would like to use DRSI for monitoring competition practices, policymaking, and international regulatory co-ordination. The most desired area for DRSI application is monitoring competition practices, cited by 50% of respondents. However, it is also the regulatory function with the lowest currently active/operational DRSI, reported by just 6% of respondents.

Forty percent of respondents indicated an aim to apply DRSI to open banking. Other digital initiatives that regulators and supervisors are interested in are digital ID/e-KYC, CBDCs, and digital asset supervision. Limited knowledge and/or expertise is a fundamental challenge to developing effective DRSI for more financial authorities in EMDEs. 

Sixty eight percent of all respondents who have a suptech initiative focus on prudential monitoring. This is followed by market conduct and anti-money laundering (AML) and combating the financing of terrorism (CFT), cited by 48% and 44% of respondents.

Existing suptech initiatives largely support collecting or analysing data or automating workflows, with more than half the respondents (60%) reporting that their suptech initiatives are underpinned by APIs, 58% by descriptive analytics tools, and 50% by web portals. Limited data analytics capabilities, budgetary constraints, and data and reporting issues are the main challenges that make it difficult for respondents to implement suptech tools. 

Respondents reported several benefits of suptech adoption. Improved risk-based supervision, as well as improved scope, accuracy, consistency, and timeliness of collected information, and more efficient use of resources are the biggest positive impacts of suptech adoption. Other benefits cited include greater internal supervisor co-ordination and more efficient information flows.

Policy implications and potential areas for further work 

The survey data presented in this study enables discussions on policy implications for both financial authorities and the wider development community. These areas are interrelated and mutually reinforcing.

There are opportunities to strengthen and enhance fintech-related consumer protection measures. The creation of new business models that may sit outside the regulatory perimeter of many jurisdictions, limits authorities’ ability to establish supervisory approaches that help mitigate consumer risks arising from these new business models. Authorities may need technical and capacity-building support in applying approaches, such as ‘test and learn’ or sandboxes, to help facilitate oversight of these business models and keep consumers protected, ahead of establishing or extending the regulatory framework perimeter to include such activities. 

A considered and co-ordinated policy response is also important to address the concerns and uncertainty relating to consumer risk in the digital assets sector. This might include evaluating the potential risks and harm that may arise in the sector and providing better data and technology to support financial authorities. However, capacity building is also needed so that regulators can better understand the digital assets space and thus respond to the challenges it might create. 

Supporting enhanced cybersecurity frameworks is becoming ever more important in the face of rapid digital transformation.4 This is particularly the case in EMDEs, where financial and regulatory infrastructure may be less resilient to emerging challenges compared to that in advanced economies. 

Strategically strengthening digital and regulatory supervisory infrastructure capabilities would support several positive outcomes, for both financial authorities and supervised firms, while mitigating some of the challenges they experience. 

An area of particular interest is the application of suptech tools. Resource and capacity constraints are limiting many financial authorities’ ability to effectively deploy and/or scale suptech activities. Fundamental to this challenge is access to necessary data. To realise the potential of suptech in overseeing financial markets, authorities will also require support in developing effective data science techniques. 

Finally, tying a number of these themes together, financial authorities need research, capacity building, and technical support to balance the benefits and risks of the increased digitalisation of financial services. This is particularly the case for respondents in EMDEs, who perceive that both the potential benefits and risks of this digitalisation are higher compared to their counterparts in advanced economies.