Alex LaPlante, managing director of research, and Charlotte Watson, research analyst, Global Risk Institute, are authors of a research paper called The Great Fintech Debate: Risks and Rewards of Financial Innovation.
We have entered a new era of innovation where advancements in computer processing and data storage have opened the doors to cutting-edge analytic techniques and better service. The financial-services sector, in particular, has seen a significant uptake in innovative solutions such as digital banking, robo-advisers, artificial intelligence and blockchain, to name a few.
The advent of these financial technologies and the companies that provide them (fintechs) present numerous opportunities for all financial sector participants and their customers, including increased efficiency, cost savings and tailored experiences. But, as we all know, there is no such thing as a free lunch. With these rewards come several risks that, if not properly identified, understood and managed, pose threats to consumers, financial institutions and the soundness of the financial system as a whole.
As Mark Carney, Governor of the Bank of England, said in a speech last year at the Deutsche Bundesbank G20 conference, “the challenge for policymakers is to ensure that fintech develops in a way that maximizes the opportunities and minimizes the risks for society. After all, the history of financial innovation is littered with examples that led to early booms, growing unintended consequences and eventual busts.”
Although regulation is often portrayed as a damper on innovation, a lack of regulatory oversight may lead to financial firms with inadequate risk-management functions, making them particularly susceptible to shocks. Fintech firms are less likely to participate in government programs that backstop consumer deposits such as those provided by the Canadian Deposit Insurance Corp. Consequently, consumers may have little hope of recovering funds from failing fintech companies. Taking this one step further, some financial innovations, such as cryptocurrencies, that are centred on anonymity make the tracking of and recovery from fraud virtually impossible.
The Canadian financial sector has historically been dominated by large institutions. Fintech companies are bringing a large number of innovative products to consumers, forcing incumbents to adjust to a changing marketplace. To facilitate the quick implementation and delivery of fintech solutions, many financial institutions have turned to collaborating with, outsourcing to, or purchasing fintech firms. Although these strategic partnerships will likely reduce a financial institution’s customer churn and revenue loss, and bring risk-governance best practices to the fintechs, they also introduce new risks including third party/vendor management that may fall outside of the financial institution’s perimeter.
The most significant risk posed by fintech, however, may be cyber-risk. Unlike large established companies with multimillion-dollar cybersecurity budgets, fintech firms, particularly those in the startup phase, have fewer resources to allocate to cyberissues, making them particularly vulnerable to attacks including data breaches. As the industry moves toward the use of open application programming interfaces (APIs), it may fall upon the customers to be aware of the risks of sharing data with untrustworthy apps. Financial institutions will need to be clear about who is liable for customer losses resulting from cyberattacks that are connected to their platforms.
As incumbent financial institutions, fintechs and their customers become more interconnected, the number of entry points that hackers can exploit will grow dramatically, increasing the likelihood that sensitive data will be compromised. The development of open APIs, cloud computing and other new tools increase the number of vulnerabilities. With new technologies emerging daily and hackers becoming ever more adept, institutions must allocate increasing resources to ensure their firms remain secure and are capable of mitigating new threats.
As was learned from the great financial crisis, the interconnected nature of the financial system can quickly propagate shocks throughout the industry. Fintech has and will continue to increase the extent and complexity of this interconnectedness and may pose new sources of volatility and herding behaviour that will amplify shocks. Paired with new fintech-related risks such as cyberattacks, the weakest links in the financial system will heighten system-wide vulnerabilities, increasing the risk of contagion. An attack on a technology that has been widely adopted, such as digital wallets or third-party cloud-computing services, could have a devastating impact.
In today’s interconnected, always-online world where consumers increasingly expect tailored, automated experiences similar to those provided by Amazon and the like, fintech is here to stay. Whether the risks of fintech outweigh the myriad benefits will largely depend on the approaches the financial and regulatory sectors take to manage the risks.
As Mr. Carney said, policymakers must strive to create policies that mitigate the risks of fintech without detracting from its potential to transform the financial-services industry in positive ways. Ultimately, the financial sector must weigh the risks of implementing fintech solutions against the risk of lagging behind. And failing to adapt to the fintech revolution may be the most significant risk of all.