On 8 February 2017, the International Organisation of Securities Commissions (“IOSCO”) released a report which describes the evolution of innovative business models, based on FinTech, which are transforming the financial services industry. This report looks to various FinTech products/services and their perceived benefits, for example, financing platforms (e.g. peer-to-peer lending (“P2P”) and equity crowdfunding (“ECF”)), retail trading and investment platforms (e.g. e.g. robo-advisers) and distributed ledger technology (“DLT”) (e.g. blockchain and smart contracts).

To balance this, IOSCO have provided their views on the risks and challenges posed by certain FinTech products/services, in addition to, the types of action regulators can take to manage these challenges in a meaningful way so not to halt the advancement of FinTech. Please see below for a brief overview of the report.


P2P and ECF are essentially sources of finance. P2P lending is able to provide credit to borrowers (in particular, small and medium sized enterprises (“SMEs”)) who may not normally get access to loans from a bank and provide such finance with much lower interest rates. Additionally, as mentioned above, ECF creates an alternative means of accessing equity finance without the entrepreneur/small business having the administrative burden and cost of an initial public offering, but with the ability to attract interest from the general public and also angel investors who may subsequently lend more than financial assistance. On the other side, ECF provides investors with a new asset in the form of early stage equity investments in small, growing businesses.

For both firms and investors, robo-advice provides cost saving benefits i.e. for a firm, the use of an automated system means potentially saving money on employing individuals, and this has a knock-on effect for investors who are subsequently able to access advice and invest at a lower cost.

With regards to DLT, the main benefits are the traceability and accessibility of records, even for regulators, allowing them access to real time records. The speed that such data can be accessed also means that settlement of securities can be carried out in a matter of minutes, whereas it can often take days through a clearinghouse. Clearinghouses usually use a central database, which is comparatively much more susceptible to security breaches than the use of DLT, where security is enhanced through encryption of every ‘block’ of information in the blockchain.


One of the most contentious risks surrounding P2P and ECF platforms is that the services they provide are, in reality, not just execution-only. This means that the platforms could be carrying out regulated activities without authorisation i.e. that of general solicitation, offering collective investment schemes, advising on securities and broker-dealer activities. This type of malpractice could lead to the platform being shut down which consequently means investors losing a lot of money. Where platforms are not regulated, the investor’s recourse in terms of protection and getting back a proportion, if any, of their invested money, is very narrow.

Platforms that offer e.g. trading functionalities to their users, or that offer investment advice on securities (such as robo-advisers), typically also require a license. Even if a platform is not required to be licensed in a certain jurisdiction, as noted above, the cross-border availability of its services may trigger licensing requirements, or possibly a violation thereof, in overseas markets where investors are based.

In the case of automated information platforms or automated advice, conflicts of interest may emerge if, for example, the underlying algorithm is programmed to direct investors towards a specific range of “preferred” investment alternatives or intermediaries for which the platform or its affiliates receive higher commissions or other forms of compensation. Furthermore, unforeseen errors in algorithms could ultimately lead to mis-selling of investments or decision making not necessarily in the client’s best interests. On the other side, more sophisticated and complex algorithms can result in advice that is harder for investors to understand.

Furthermore, in the case of DLT and smart contracts, although they are technically advantageous because they reduce the risk of human error through automated systems, if an error does arise, it can be much more difficult to locate and resolve by virtue of the complexity of the coding mechanisms. This can be particularly problematic in the case of DLT, because once a transaction is validated and logged in the blockchain, the transactions cannot be modified, cancelled or revoked. At that point, the other counterparty has to rely on the counterparty who has instigated the error, to carry out a reverse transaction. Additionally, from a legal perspective, whether a smart contract can constitute a legally binding contract under law in all jurisdictions, is still under discussion.

Regulators response to the risks/challenges

There is a fundamental difficulty for investors to sell/exit from their investments due to ECF platforms having limited secondary market liquidity (primarily because the small companies funded through equity crowdfunding are rarely listed companies). In order to manage this, these are the types of solutions that IOSCO have seen so far as imposed by P2P platforms:

  • developing secondary markets in order to trade/sell their P2P loans;
  • the imposition of caps on maximum investments;
  • only allowing qualified investors to participate;
  • including caps on the maximum capital an issuer/borrower can raise via P2P and ECF; and
  • conducting due diligence on borrowers/issuers and different models whereby the amount of funds raised are released back to investors where fundraising targets not met.

The sophistication and complexity of FinTech products and services means that regulators need to ensure they have the appropriate resources and have employed very technically able individuals to be able to properly understand the technology driving the trading and advice, and to properly scrutinise this market.

The overarching view is that, FinTech, for the retail consumer, reflects accessibility. For example, crowdfunding platforms providing retail consumers with the ability to invest in private equity without the usual minimum investments of tens of thousands of pounds. Additionally, robo-advice provides the type of advice usually only afforded to institutional clients by traditional advisors, and furthermore, the advice is usually in layman terms. From a regulator’s point of view, this accessibility also means great supervisory potential, where they can leverage the capability to access and process the data that these systems possess, which could potentially enable them to easily analyse compliance with regulatory requirements.

Ultimately, it is down to regulators to understand how the financial services industry is changing with the evolution of FinTech and that they need to become familiar with how these new products and services intersect with financial regulation. The UK has come some way in doing this through setting up labs and accelerator programmes (e.g. the Bank of England FinTech Accelerator) and FCA sandboxes, which enables regulatory flexibility for FinTech companies to work together with the FCA and ensure that appropriate consumer protection safeguards are built into their products/services before they reach the mass market.

For more information and to read the full report, please click here.

If you need any advice on the regulation of FinTech products/ services, Cleveland & Co, your external in-house counsel, are here to help.