The regulator’s latest Business Plan emphasises a commitment to supporting innovation
Few things drive the adoption of technology more than regulation; there has always been a symbiotic relationship between the two. I can’t remember a document in the past few years that has better demonstrated this than the FCA 2019/20 Business Plan published a couple of weeks ago.
The document should be essential reading for anyone involved in industry technology. It presents an almost endless list of opportunities while, at the same time, calling out some very real issues where I fear many advice firms may be falling far short of what the regulator expects.
Cyber security is a constant theme. For all the benefits technology brings, the challenges of maintaining robust security seem to grow endlessly.
I have recently identified no fewer than 26 different areas where it is prudent for firms to have different security policies in place. This highlights the sheer volume of policies a firm needs to maintain.
In my business, we now have monthly data security meetings involving the entire team to ensure everyone is up to speed. After all, we are all only as strong as our weakest link.
The FCA Business Plan confirms that the regulator now uses ethical hackers to test firms’ potential vulnerabilities. While advisers are unlikely to be high on its list for testing, it is probably worth having a documented plan to demonstrate what your firm does to maintain security of both physical and electronic data.
In its paper last November on cyber and technology resilience, the FCA said smaller firms have challenges maintaining a view of what information they hold. It is inevitable there will be some follow-up action in this area, so if you don’t have a process in place, it is worth building one now and documenting it before questions arise.
One area in which I definitely expect to see a crackdown before too long is the use of unencrypted emails. While there are systems available that advisers can use to protect communications, insurers, platforms, asset managers and mortgage lenders do not make this easy. We need to see far more industry collaboration in this area.
Opportunities abound While it is important to be aware of the challenges the Business Plan presents, it also makes some very positive statements around how technology can advance the advice market.
I am surprised it did not make more of its commitment to establish an advisory group on the creation of open finance. This is a concept many have been advocating for some time as an evolution of the work carried out on open banking, the pension dashboards and the development of similar services in other areas of personal finance, such as asset management and mortgages.
This is a hugely positive step and I suspect work on open finance may end up overtaking the much-delayed pension dashboards project. The UK has been widely recognised as a key innovator in open banking and it is crucial we extend this across the full range of personal finance products.
Open finance has huge potential to drive export opportunities and ensure the continuing role of London as the global centre of the financial services industry, despite any fallout from Brexit.
The FCA also highlights its continued support for “regtech” as a way to both reduce the cost of compliance and achieve better consumer outcomes. It is particularly notable that the Global Financial Innovation Network, which the FCA chairs, has now been extended to include 29 regulators and other global bodies.
There is a commitment to run a small pilot of cross-border trials with the 17 other regulators that are part of GFIN. This is a very positive step that will help the fintech economies in each of the jurisdictions involved.
The benefit of such an environment should not be understated and it is a huge positive against the background of Brexit.
Leaving the European Union was expected to severely damage the British fintech sector, yet one recent report identified there are now as many UK-based unicorns (firms believed to have over $1bn, or £772m, in value) as there are in California.
There is widespread recognition that the FCA has played a huge role in making this possible and, while a few suggest it has been too generous to other countries in leading and sharing best practice, I think the benefits of such an approach far outweigh the negatives.
Overall, the FCA Business Plan should be applauded for supporting innovation, while recognising the considerable challenges cyber security presents.
Ian McKenna is director of the Financial Technology Research Centre