Will The New Wave of Data Laws Affect Fintech?

Fintech, otherwise known as the financial technology market, is on a very strong growth trajectory, having already disrupted the banking world in a powerful way. From mobile payments, to artificial intelligence, insurance and investment services, Fintech has gradually transformed the way we bank since the day the US Federal Reserve introduced the Fedwire Funds Service back in 1918, which used morse code and telegraph to transfer funds electronically.

These are now-archaic technologies, but it marked the beginning of the end for ‘old-fashioned’ banking. The internet was the true gamechanger, though, ultimately sparking the creation of cryptocurrency (Bitcoin being the first) ten years ago, and having enabled the normalisation of online banking for close to 20 years now. 

The stats say it all. In 2017, 93 percent of businesses used cloud services. In 2018, the global cryptocurrency market reached $700 billion. Today, 69 percent of the world’s banks have experimented with blockchain, and 30 percent of large financial organisations have used artificial intelligence already this year. In today’s foreign exchange markets, financial technology is playing a huge part in forex automation, opening forex to new global markets that connect new traders and experienced investors. Of the parts of the financial industry today experiencing disruption due to Fintech, the consumer banking sector leads the way, with 72 percent. 

The reality is that banks and firms have realised that unless they invest in tech-based solutions, they risk being left behind. The global Fintech market is only at its beginning - but will it be trampled down before it has barely begun thanks to the new wave of data privacy laws we are seeing worldwide?

As background, the EU’s GDPR was the start of something big. The introduction of the General Data Protection Regulations was the most meaningful and impactful change to data regulation in over 20 years. Not only does it impact the ways European businesses operate, but also any company or organisation in the world collecting data on European citizens.

It fundamentally upends the way data has been handled until now, requiring organisations and companies to gain permission from internet users and those whose data is collected, forcing transparency regarding the use of such data, and requiring that such data be deleted if the user does not agree to its usage. Until this point in time, companies have largely been doing whatever they please with people’s personal information - their health data, consumption habits, personal details, and more. It was essentially a free for all, until now.

And now, other countries are following suit. In the U.S., California recently introduced sweeping new privacy regulations that resemble the GDPR, in what is considered to be the beginning of a wave of similar regulations that will follow suit in states across the country. 

But will these regulations have the intended impact? Or is BigTech “too big” to let privacy regulations impact its strong growth trajectory? In Europe, it looks like not even the GDPR has been able to fully penetrate BigTech in the way privacy advocates hoped it would. Next month, Whatsapp is due to hear whether it has broken the GDPR for not being transparent enough with users about how it has been using their personal data.

Under the GDPR, Whatsapp could be liable to pay up to 4 percent of its annual revenue - which is no small sum - but somehow, the decision making process has been pushed back until next year. Whatsapp simply lodged a procedural complaint which has delayed the case by several months, and which could be the first of much pushback by BigTech companies to stave off the damaging impacts that the GDPR might have on company profitability. Already, Google has been fined $57 million for breaching the terms of the GDPR. Will Whatsapp be the next?

Increased scrutiny over the handling of personal data will certainly make things harder for FinTech companies to operate. The appeal of using Fintech lies in its ease of use, but these new regulations explicitly require companies to gain user consent for their personal data to be collected, and that they clarify the purpose for which the data is being collected, as well as seek additional consent if they want to share that information with third parties.

This will obviously make every aspect of Fintech more complex and difficult to manage. Will it be too much for companies to bear? At this stage, the financial opportunities to be gained by Fintech companies outweigh the effort required to adhere to new regulations, so my guess is - no. Not yet. 

There is a lot for Fintech to fear right now. BigTech’s push into banking, with Apple releasing its own credit card and Facebook having previously launched Libra - a digital payment system.

There are cyber risks. Increased regulation. The list goes on. Is enhanced data security yet another potentially destructive risk? Your guess is as good as mine, at this stage.