5 minute read
INDUSTRY RISK
HORIZON SCANNING
In an increasingly tumultuous market, Fintech companies need to proactively identify and manage ‘extinction risks’.
Advertisement
SYNERGIA FOUNDATION
RESEARCH TEAM
Accelerated by the COVID-19 pandemic, the global fintech industry has been booming, attracting billions of dollars in investments. In a sector previously dominated by traditional institutions and processes, it has expanded financial access for millions of unbanked customers, leveraging technological innovation and societal demand. It has also become a key enabler of more efficient and competitive financial markets by increasing transparency, reducing costs and boosting the speed of service.
Besides app-based banking services, fintech promises to revolutionise online lending, wealth management as well as investment and trading platforms. However, while the future looks promising for the industry, it will have its fair share of risks to manage, mitigate and hedge. In fact, fintech businesses have a unique combination of exposures that are not necessarily applicable to traditional financial services, such as cyber events, technology failure, political sanctions and regulatory compliance. In this context, it will be critical for them to monitor real-time events and adopt risk management practices.
REGULATORY EXPOSURE
For long, fintech companies have prided themselves as industry disruptors, unconstrained by the regulatory principles that govern banks and other traditional financial institutions. However, with an increase in reach and exposure, they are being subject to more scrutiny from domestic and foreign regulators who have taken cognisance of their operations and products. Data Protection Regulation (GDPR) and Payment Service Providers Directive (PSD2) have established clear requirements for protecting data and securing system infrastructures. This will naturally be applicable to fintech companies operating in the EU. In addition to this, national jurisdictions have imposed their own regulatory requirements like the Autorité des Marchés Financiers (AMF) in France or the Federal Financial Supervisory Authority (BaFin) in Germany.
If such regulations are not followed carefully, fintech businesses run the risk of being caught in noncompliance and fined heavily. They may also lose their good reputation on the market, making it imperative for the industry to seamlessly adapt to regulatory changes. In many cases, however, the regulatory scope in jurisdictions fails to keep up with the pace of technological change. This makes the standardisation of compliance processes difficult, increasing the risks for fintech businesses. Moreover, the differing regulations in multiple territories pose a challenge for internationally operating businesses.
Today, it is important to understand that geopolitics and technology are inseparably intertwined, with critical implications for the regulatory architecture. Without comprehending the geopolitical context of regulatory changes, the approach adopted by fintech firms will be reactive, as opposed to being proactive.
prepared to tackle disruptions that arise from regulatory oversight. The constitution of a Compliance, Investigations and/or Financial Crime unit, tasked with monitoring regulatory changes, may be helpful in this regard.
GEOPOLITICAL INCIDENTS
While most fintech companies are aware of the need to track regulatory changes that impact their businesses, the underlying geopolitical events are often ignored. This is in stark contrast to industries like oil and mining, which often have an informed appreciation of political risks, owing to their operations in volatile markets.
Today, it is important to understand that geopolitics and technology are inseparably intertwined, with critical implications for the regulatory architecture. Without comprehending the geopolitical context of regulatory changes, the approach adopted by fintech firms will be reactive, as opposed to being proactive. For instance, with the United Kingdom exiting the EU, fintech businesses in the country have witnessed several changes in relation to licensing requirements, data protection etc. It would have been difficult to anticipate these regulatory risks without engaging in a non-linear horizon scanning of the political events surrounding Brexit.
Similarly, the use of sanctions as a political tool can disrupt fintech businesses around the world. This was seen when President Trump invoked sanctions against Iran as part of his maximum pressure campaign in 2016. By announcing that organisations doing business with Iran would face the imposition of sanctions, he had dragged the Belgium-based fintech company SWIFT into the geopolitical standoff. Given that SWIFT had provided the fundamental infrastructure for the international banking system, its ability to disconnect a whole country from the global financial community was an attractive weapon for the U.S.
Owing to such factors, a comprehensive understanding of geopolitical events is absolutely imperative for fintech firms to analyse the full scope of risks and opportunities they face on a daily basis. This is particularly true in the context of a shifting power landscape and fractured global alliances.
MISCELLANEOUS RISKS
The success of fintech companies is predicated on the deployment of innovative technologies. But this heavy reliance on technology infrastructure is also a point of vulnerability. Any sort of technology failure can result in a disruption of services, which translates to reduced income and a loss of customers for the fintech company.
Similarly, increased dependence on the Internet can lead to greater security threats. Advanced covert surveillance techniques can be manipulated by cybercriminals and other malicious actors to monitor and steal data. Breach of network security and a denial-of-service attack is also major concern. Against this backdrop, it is critical to bolster the cybersecurity infrastructure of fintech firms. From devising a comprehensive data security policy to hiring experienced IT and cyber risk management teams, there are a number of options that fintech firms can explore.
Finally, the unpredictability of market events constitutes a major operational risk for fintech firms. A sudden incident can cause the financial system to overreact, leading to serious liquidity and solvency problems for fintech companies. Factors like contagion, pro-cyclicality or excess volatility in the market can also disrupt services. In this context, the operations and customer support teams must be prepared to think on their feet and develop rapid risk-containment practices. The 2021 short squeeze of GameStop, which caused tremors in the global finance and regulatory policy, should serve as a cautionary tale for the industry.
FINTECH RISKS
STRATEGIC
l IPOs l Mergers &
Acquisitions l No substantial operational
CONDUCT
l Reputational risk l Behavioural risk l Anti Money Laundering Specifications
REGULATORY
l Evolving regulation issues l Over -egulation and regulatory uncertainty
PEOPLE
l Attraction and retention of talent l Wellbeing &
Performance of staff l Staff Competency
OPERATIONAL
l Cyber l Fraud l Clients, Products & Business Practice l Buisness Disruption & Systems Failures l Governance Processes l Service Provision l Data provision and privacy l Complexity of IT ad reliance on this IT
FINANCIAL
l Volatility Risk l Interest Rate Risk l Asset Values l Cash Flow & Liquidity l Valuation l Competition to generate investment from ventre capital firm l Credit Risk
