International FinTech Regulation - Part 1

A version of this post originally appeared on The FinReg Blog hosted by the Global Financial Markets Center at Duke Law School.

Financial regulators have been finding new ways to cooperate and coordinate policy formation since the Basel Committee was created in the early 1970s. Sectoral groups (IOSCO for securities, IAIS for insurance) were joined by cross-functional groups following the Asian Financial crisis (the Financial Stability Forum) and the most recent financial crisis (the Financial Stability Board). Additionally, since 2002, securities regulators have expanded cross-border coordination regarding enforcement actions through a Multilateral Memorandum of Understanding (MMOU) under the auspices of IOSCO.

These established groups may now have company in the FinTech[1] sector, as discussed below. However, it is a challenging time for policymakers to launch a new regulatory cooperation mechanism.

As a recent blogpost here on The FinReg Blog noted, and as previous research noted regarding the EU and the current global cooperation framework, cross-border regulatory cooperation increasingly faces credibility challenges. GFIN policymakers will need to address from the beginning looming legitimacy gaps at other international regulatory standard-setting bodies in order for their proposed cooperation framework to deliver welfare-enhancing outcomes.

In the interim, policymakers will continue to refine regulatory frameworks[2] to address digital challenges[3] even as they create “sandbox” mechanisms that exempt FinTech firms from full compliance with regulations to facilitate experimentation with “proof of concept” technology. Over time, questions concerning the impact on the competitive landscape seem inevitable. In addition, since policy formation at the national level will continue in parallel, policy divergences seem likely to emerge despite increased cooperation within a GFIN mechanism.

Cryptocurrency issuers may be particularly at risk of heightened regulatory risk since the GFIN proposal targets a trio of issues particularly relevant to their business: (i) anti-money laundering (AML) and counter-terrorism finance (CTF) technology standards; (ii) payments system policy; and (iii) “cross-border identity verification.”

Traditionally, policymakers would assess whether different standards create an “uneven” playing field internationally that compromises cross-border competition. The GFIN proposal instead adopts the language of technology and payment systems to assess whether national regulatory standards impede “interoperability” across borders.

Regardless of the language chosen, the policy challenge for regulators in a cross-border context remains the same today as it did in the early 1970s when the Basel Committee was created: creating mechanisms for regulators to compare notes, share information and potentially facilitate the creation of comparable (if not harmonized) regulatory standards. The success – or failure – of the GFIN structure will thus have a material impact on the regulatory policy risks faced by FinTech firms and cryptocurrency issuers since the GFIN framework (if launched) will operate in parallel to existing securities law enforcement mechanisms.

The GFIN Proposal – Much More Than a Global Sandbox

On August 8, 2018, eleven regulators plus one World Bank Consultative Group (which includes a broad range of entities, including non-governmental entities), proposed the establishment of a “Global Financial Innovation Network” (GFIN)[4]. Comments are due to the Financial Conduct Authority (FCA) in the United Kingdom by October 14, 2018.

The proposal seeks to facilitate FinTech firms’ ability to “trial new ideas with consumers or other market participants in multiple jurisdictions working with the appropriate authorities”[5] by providing contact information and other “opportunities for support” to FinTech firms navigating multi-jurisdictional issues. Consequently, the GFIN Proposal provides a potential foundation for a “global sandbox” through which FinTech firms could experiment in multiple jurisdictions simultaneously long before they must comply with the full regulatory compliance burden of any individual jurisdiction.

GFIN policymakers underscored that their proposal does not create a “global passport” for firms participating in national sandbox frameworks. They do not seek to create an automatic right of entry for participating FinTech firms into participating GFIN jurisdictions because any such passporting would “require regulatory convergence” which is “likely a long-term prospect.”[6]

Sandboxes currently exempt FinTech firms from selected regulatory requirements in their Home country. The exemptions vary across countries as well as by duration. Accelerated opportunities to operate in multiple sandboxes simultaneously could easily create incentives for FinTech firms and regulators to accelerate regulatory policy convergence in order to support experimentation.

These are uncharted waters for regulators. Typically, cross-border expansion follows establishment and fully compliance with regulatory standards in one jurisdiction. Simultaneous expansion and experimentation before (i) a basic business model has been verified AND (ii) a regulatory framework has been articulated raises important issues – and opportunities – regarding how regulatory standards will be formed and complied with in the FinTech sector. Insufficient attention to identified credibility issues in policy formation today will generate an adverse impact on the effectiveness of the policy framework for FinTech regulation from the beginning.

Initial attempts to address cross-border FinTech issues generated a flurry of specialized bilateral memoranda of understanding over the last 18 months. The GFIN proposal transforms these agreements into plurilateral structures, potentially intensifying pressure on policymakers to accelerate cross-border market access for participating FinTech firms.

The potential for regulatory policy competition is as real as the potential for market competition, particularly as policymakers begin identifying FinTech regulatory policy as a strategically significant component of international competitiveness,[7] exposing FinTech firms and cryptocurrency issuers to heightened regulatory policy risks from policy divergences.

Conducting simultaneous or sequential trial use cases in multiple jurisdictions with streamlined regulatory approvals potentially also expands substantially the amount of data available to both firms and regulators about how, why, and how much consumers in different countries interact with different FinTech solutions without requiring regulators to share data across borders. It would also represent a significant uptick in official sector engagement regarding the FinTech sector at an earlier stage of business formation and in a more cooperative stance than is traditional, particularly if regulators coordinate and cooperate in funneling support and information to participating companies.

If implemented as proposed, FinTech firms in GFIN jurisdictions thus seem poised to receive accelerator-like support from official sector entities which seems likely to translate into a significant competitive advantage once participating FinTech firms go to market for external funding and customers. Sandboxes in general raise intriguing questions about when (or how) government support for innovation crosses the boundary into formal state support that provides competitive advantages to a few chosen preferred providers relative to other firms that did not have access to the sandbox for experimentation. The GFIN amplifies those questions and places them on the international stage.

Cross-Border Standard Setting In the Wings?

The GFIN proposal positions participating jurisdictions to wield considerable influence over FinTech policy formation over time. Consider the three policy areas identified for priority action:

  • Anti-money laundering (AML) and counter-terrorism finance (CTF) technology standards;

  • Payments system policy; and

  • Standards regarding “cross-border identity verification.”

These are the three policy areas central to blockchain and DLT technology use cases. Successful joint engagement across these issues could indirectly create an ecosystem that accelerates cryptocurrency issuance by providing policy certainty in participating jurisdictions.

In addition, a focus on cross-border identity verification suggests regulators are poised to play a larger role in data privacy policy.

Financial regulators currently are completing a multi-year post-crisis technical initiative to roll out global standards for attaching a “Legal Entity Identifier” (LEI) to each financial transaction. Shifting gears to focus on standardized, interoperable standards for identify verification would expand engagement by financial regulators in data privacy policy at the individual level. The impact on entities not otherwise subject to financial regulation (e.g., technology companies active in the DLT/blockchain industry) could be significant.

The Geopolitics of FinTech Regulatory Cooperation – Missing Pieces

Initially, the GFIN group seems designed to generate diversification (and, thus, some credibility), with a nearly even balance across sectors and geographies:

But four FinTech/crypto currency powerhouse jurisdictions (Japan, Malaysia, Korea, and Switzerland) and all of Latin America are missing from the initial GFIN grouping.

Most interestingly, nearly all GFIN regulatory bodies (9 out of 12) are also signatories of the IOSCO MMOU regarding securities law enforcement cooperation. Since most global securities regulators have determined that Initial Coin Offerings (ICOs) and other cryptocurrency related investment vehicles are subject to securities regulation[8], the GFIN mechanism would thus intensify opportunities for simultaneous policy formation and enforcement cooperation in this sector.

The question then becomes whether the resulting standards formation process would have legitimacy.

The World Bank Consultative Group to Assist the Poor – Financial Inclusion Policy Formation

Intriguingly, the proposed GFIN includes as a full member an entity affiliated with a multilateral organization: the World Bank Consultative Group to Assist the Poor (WBCGAP). Technically, this group has no regulatory authority. Moreover, its members are not financial regulators. While the majority are from the official sector (multilateral development banks, national aid agencies, the European Commission), its membership includes non-governmental organizations (NGOs) such as foundations affiliated with private sector financial firms (Citi, MasterCard, MetLife) and charitable groups (the Bill and Melinda Gates Foundation). All WBCGAP members share a policy goal: promoting financial inclusion.

The WBCGAP’s unique structure thus raises challenging questions for GFIN regulators in jurisdictions with transparency requirements regarding regulatory policy formation. Key questions include:

  • What kind of Chinese walls (if any) exist between the non-governmental foundations and the regulators in the WBCGAP?

  • What kind of Chinese walls (if any) exist between the foundations and their private sector sponsors regarding GFIN activities?

  • Does the inclusion of advocates for one policy priority (e.g., financial inclusion) create the potential for other policy priorities (e.g., financial stability, AML/CFT) to be de-emphasized?

  • Does the inclusion of non-governmental advocates provide a mechanism to enhance the credibility of potential policy outcomes?

As Professor Jan Riepe noted at the end of July, “if transnational actors set standards instead of national democratic authorities, the standard setters might suffer from apparent legitimacy deficits.” The challenge is accentuated in the United States, where the Administrative Procedure Act specifically prohibits federal regulators from setting standards before the proposals have been published and before the general public has had an opportunity to comment.


Policymakers struggling to remain ahead of the innovation curve understandably seek to intensify their ability to share information and enhance their ability to cooperate internationally to address shared challenges. In a world where data and funds can cross borders at the speed of light, they have no choice. The GFIN proposal presents a concrete effort to formalize enhanced cross-border policy cooperation. To create a credible framework that generates welfare-enhancing outcomes, however, policymakers will need to address the legitimacy gaps that have stymied other international regulatory standard-setters.

Barbara C. Matthews (JD/LLM ’91) is Founder and Chief Executive of BCMstrategy, Inc., a technology start-up that is developing patented technology that measures policy risk and anticipates outcomes. She is also Non-resident Senior Fellow at the Atlantic Council. When in government, she served as the first U.S. Treasury Department Attache to the European Union and, before that, as Senior Counsel to the House Financial Services Committee.

[1] Advances in machine learning and artificial intelligence combine with distributed ledger technologies (DLT), blockchain technologies, and new data sets to deliver significant enhancements in operational efficiencies for financial firms. They create opportunities for new entrants to disrupt familiar underwriting processes by delivering new data sets for risk measurement and risk pricing. They also create opportunities for private sector currencies to generate alternative payment mechanisms. Parallel shifts in compliance solutions (“RegTech”) hold the promise of enhancing the effectiveness and efficiency of internal oversight structures as well as related regulatory reporting operations.

[2] For example, a United States banking regulator has created a specialized banking charter for FinTech firms that provide intermediation and/or payment services; chartered firms must comply with various minimum regulatory capital, liquidity and other requirements. Policy Statement on Financial Technology Companies’ Eligibility to Apply for National Bank Charters, Office of the Comptroller of the Currency (July 31, 2018)(Available at: See also Comptroller’s Licensing Manual Supplement: Considering Charter Applications From Financial Technology Companies, Office of the Comptroller of the Currency (July 31, 2018). Available at:

[3] An overview of American regulatory policy issues raised by FinTech innovations can be found through this Coursera link.

[4] Global Financial Innovation Network (GFIN): Consultation Document (August 2018)(“GFIN Proposal”). Available at:

[5] Id., p. 43.

[6] Id., p. 47.

[7] A Financial System That Creates Economic Opportunities Nonbank Financials, Fintech, and Innovation, U.S. Department of the Treasury (July 31, 2018)(available at:—Nonbank-Financials-Fintech-and-Innovation_0.pdf). (p. 14: “…regulators should take meaningful steps to facilitate and enhance the nation’s strength in technology and work toward the common goals of fostering vibrant financial markets and promoting growth through responsible innovation.”). Switzerland looks to liberalise cryptocurrency regulation, Financial Times (July 2, 2018)(available at: Other countries forge ahead on crypto regulations, New York Times (June 27, 2018)(available at:

[8] Representative examples include: Virtual Currencies: The Role of the SEC and the CFTC, Testimony by SEC Chairman Jay Clayton to the Senate Committee on Banking, Housing and Urban Affairs (February 2018)(available at: ). Abu Dhabi Global Markets Launches Crypto Asset Regulation Framework, Abu Dhabi Global Market (June 25, 2018)(available at: Statement on Initial Coin Offerings, Financial Conduct Authority (September 12, 2017)(available at: MAS clarifies regulatory position on the offer of digital tokens in Singapore, Monetary Authority of Singapore (August 1, 2017)(available at:; Hedge Funds and Cryptocurrencies: a top-down analysis of Malta’s regulatory framework, The FinRegBlog (August 16, 2018)(available at:

Featured Posts