Regulating the digital economy
July 2022 | TALKINGPOINT | SECTOR ANALYSIS
Financier Worldwide Magazine
July 2022 Issue
FW discusses regulating the digital economy with Meera Ragha, Diego Ballon Ossio, Daniel Schwarz, Jamie Andrew and Nicola Hemsley at Clifford Chance LLP.
FW: Could you provide an overview of how digital technologies have reshaped the economy in recent years?
Ragha: Artificial intelligence (AI), machine learning (ML), the blockchain and other digital technologies are having an increasingly profound effect on the financial markets, particularly for payments, lending and wealth management. In the payments sector, consumers are shifting away from cash payments toward electronic wallets, QR codes, peer-to-peer payments and buy now, pay later (BNPL) products. This trend is projected to increase, with the value of the global e-commerce market forecast to hit over $8 trillion in transaction value by 2025, according to FIS. Institutional investors have increased their adoption of cryptocurrencies, decentralised finance and non-fungible tokens (NFTs), meaning these technologies are more interconnected with traditional financial markets and can impact the wider economy. Nowhere is this more evident than the crypto space, where the volatility of a leading stablecoin, TerraUSA, created ripples across a range of crypto businesses. Regulators across the globe are grappling with how to manage the risks associated with these new innovations and any effect on traditional markets.
“Progress is being made on reporting and data sharing between jurisdictions, and tax authorities have begun seizing crypto assets linked to financial crimes.”
FW: Broadly speaking, what legal and regulatory challenges does the digital economy pose to existing supervisory objectives imposed on regulators? What general approach are regulators taking toward oversight of the digital economy, to address and manage such perceived risks?
Ragha: There is a regulatory focus on consumer protection, as evident in the supervisory approach in the payments sector. Following the insolvency of Wirecard, regulators in the EU and UK are increasingly focused on protecting consumers, requiring payment and e-money firms to improve their prudential risk management and safeguarding arrangements. Policymakers are also focusing on combatting money laundering, terrorist financing and financial crime. In the crypto space, the Financial Action Task Force (FAFT) has recommended that regulators introduce the ‘Travel Rule’, requiring certain transfers of crypto assets to be accompanied by identifiable information on the originator and beneficiary. The purpose is to improve the transparency of crypto asset transfers and ensure such transactions are not used for illicit purposes, or to circumvent sanctions. However, these rules present significant practical compliance challenges, and highlight that policymakers continue to grapple with the age-old question of how to regulate new technologies effectively without stifling innovation.
“High-profile cyber incidents and the misuse of individuals’ data demonstrates that regulation is required.”
FW: Do you see any fundamental deficiencies in the regulatory approaches being adopted in the UK or EU?
Ossio: In the EU, the draft Markets in Crypto Assets Regulation continues to be debated. In the UK, the government published two policy responses to previous consultations which together appear to delineate the direction of travel in the UK regarding stablecoins and financial promotions. However, no specific crypto asset regulatory framework is in force. Instead, regulators in the EU and UK are relying on regimes which implement anti-money laundering (AML) requirements mandated by the FATF, including the Travel Rule. This creates fundamental deficiencies for the development of the nascent crypto asset industry. On the one hand, there is evidence of AML regimes being used to put in place prudential safeguards, systems and controls and even consumer protection measures. On the other hand, without final rules being in place, crypto asset services providers are unable to plan ahead and develop business plans that will be compatible with the applicable rules once in force.
FW: What trends are you seeing in competition policy and the need to control market concentration in the digital economy?
Schwarz: In recent years, much of the focus of competition policy in the digital sector has shifted away from long investigations of anticompetitive conduct and toward ex-ante regulation. For example, the EU’s Digital Markets Act will impose a range of ‘fair competition’ obligations on large digital ‘gate keepers’, including requirements to allow alternative payment systems on their platforms. Initiatives such as the UK’s Open Banking Regime and the EU’s Payment Services Directive (PSD2) also pursue competition policy objectives by opening banks’ payments infrastructure to third parties. When reviewing mergers involving providers of digital financial services, competition authorities are increasingly scrutinising transactions that involve an acquisition of a potential or nascent competitor, such as the review of PayPal/iZettle by the UK Competition and Markets Authority (CMA), and adopting narrow market definitions when assessing whether a merger could result in excessive market concentration, such as equity crowdfunding platforms in the UK in Crowdcube/Seedrs, or leveraged loan fixed-income indices, in S&P Global/IHS Markit.
“Much of the focus of competition policy in the digital sector has shifted away from long investigations of anticompetitive conduct and toward ex-ante regulation.”
FW: How would you describe the regulatory response to growing data privacy and cyber security concerns that have emerged from the burgeoning digital economy?
Andrew: From 2016, starting with the wide-ranging EU NIS Directive and the EU General Data Protection Regulation (GDPR), which first brought privacy and cyber to the top of the regulatory agenda, we have seen other major regions adopt similar wholesale new privacy regimes, including the California Consumer Privacy Act (CCPA), China’s Personal Information Protection Law, Brazil’s General Data Protection Law (GDPL), India’s data protection bill and most recently the EU’s Digital Services Act and the UK’s Online Safety Bill. The increasing digitisation of our lives and our greater participation in online and virtual worlds, as amplified by the coronavirus (COVID-19) pandemic, means that appropriate safeguarding of individuals’ data only becomes more important. High-profile cyber incidents and the misuse of individuals’ data demonstrates that regulation is required. Key challenges include ensuring that regulation works in the context of rapidly accelerating technology developments, such as the metaverse, cryptocurrencies and NFTs, and in a global economy where companies are navigating multiple regimes.
FW: Could you provide an insight into the more pressing taxation issues sparked by the digital economy?
Hemsley: Legislators and tax authorities around the globe continue to grapple with two key taxation issues. The first is how to tax crypto assets. Approaches vary widely from country to country, from issuing guidance on how existing legislation applies to crypto assets, to creating specific crypto-tax regimes, to complete silence. Furthermore, the work of even the most engaged countries is far from over, given the pace of innovation; for example, there is very little guidance on staking, NFTs and decentralised finance (DeFi), and there is an increasing call for crypto asset taxation to be shaped by policy considerations, such as energy consumption. The second is how to combat tax evasion and other crimes facilitated by the decentralised, anonymous nature of the digital economy. Progress is being made on reporting and data sharing between jurisdictions, including the Organisation for Economic Co-operation and Development (OECD) Crypto-Asset Reporting Framework and the EU’s DAC8, and tax authorities have begun seizing crypto assets linked to financial crimes.
“Transaction monitoring as well as token and chain analysis tools are becoming a standard requirement to obtain registration for authorisation.”
FW: What steps are regulators taking in an effort to promote the development of innovative technology and services while building in safety measures against possible harms?
Ossio: Regulatory authorities have been focused on liaising with the industry through open forums and regulatory sandboxes. The UK Financial Conduct Authority (FCA) has recently held a crypto-sprint workshop where industry representatives worked on novel policy approaches to certain products and services in the crypto space. It also runs a widely publicised regulatory sandbox where innovative projects obtain guidance and support in a test environment. Such initiatives allow participant businesses to understand the supervisory focus of the regulators and to design businesses within the regulatory risk appetite. The wider focus of regulatory authorities seems to be on imposing stringent risk warnings in respect of most crypto assets. In respect of certain products, the regulator has imposed selling bans.
FW: For companies operating in the digital economy, to what extent do you expect compliance requirements and processes to become more complex going forward?
Ossio: From experience in assisting new market entrants obtaining their licence or registration with various regulators in the UK and EU, it is clear that regulators have high expectations in respect of avoiding money laundering and terrorist financing in connection with crypto assets that are being intermediated through them. Transaction monitoring as well as token and chain analysis tools are becoming a standard requirement to obtain registration for authorisation. In the UK, we are also seeing marketing and promotional requirements being developed in respect of the intermediation of crypto assets. These include cooling-off periods and tailored risk warnings. As such, it appears that compliance requirements and regulatory expectation around the use of sophisticated monitoring and analysis tools are increasing.
“The environmental, social and governance (ESG) agenda will shape the evolution of the digital economy.”
FW: What are your predictions for the evolution of the digital economy in the months and years ahead? How confident are you that regulators can keep pace with the dramatic speed of technological change?
Ragha: The environmental, social and governance (ESG) agenda will shape the evolution of the digital economy. A key aspect of aiming to achieve an equitable and inclusive transition to a net-zero economy is ESG disclosures, including climate-related financial disclosures and reporting requirements in relation to diversity and inclusion. The use of sophisticated data sets, together with distributed ledger technologies (DLT), such as blockchain, and AI will assist with gathering data and meeting reporting requirements. Regulators have introduced a wide range of ESG-related rules and regulations, particularly in the asset management space, to help facilitate investment decisions. There is increased regulatory security of greenwashing, where companies or funds make exaggerated claims about their ESG credentials, as evidenced by the US Securities and Exchange Commission’s (SEC’s) recent fine of BNY Mellon’s investment adviser division in relation to its misstatement and omission of information about ESG investment considerations for mutual funds under its management.
Meera Ragha is a senior associate in the financial regulation group at Clifford Chance in London, where she advises on UK and EU financial regulation and compliance. She specialises in acting for payment institutions, e-money issuers, banks, merchants, payments platforms and technology companies on a range of payments and FinTech regulation, including PSD2, regulatory reforms relating to cryptocurrencies, and the impact of the financial services regulatory framework in the EU and UK on FinTech products. She can be contacted on +44 (0)20 7006 5421 or by email: meera.ragha@cliffordchance.com.
Diego Ballon Ossio is a senior associate specialising in advising technology companies, financial institutions and other market participants on regulatory aspects of digital asset trading and custody. He gained significant experience in financial regulation working at the UK Financial Conduct Authority (and predecessor organisation) from 2010 to 2015 and has been ranked by Legal 500 as a “rising star” since 2020. He is a member of the Financial Markets Law Committee Working Group on FinTech. He can be contacted on +44 (0)20 7006 3425 or by email: diego.ballonossio@cliffordchance.com.
Daniel Schwarz is a senior associate at Clifford Chance LLP, advising businesses and governments on all areas of competition law. He is a legal fellow at Cambridge University's Centre for Finance, Technology & Regulation. He has lectured at HM Treasury, Bank of Spain, OECD and Oxford University. He previously worked as a counsel at the International Monetary Fund in Washington, DC. He can be contacted on +44 (0)20 7006 8924 or by email: daniel.schwarz@cliffordchance.com.
Jamie Andrew is a senior associate who is experienced in advising on contemporary and emerging technology issues, particularly in the context of data, including global data regulation, exploitation and cyber incident preparedness and response. He is also experienced in negotiating strategic commercial contracts, particularly in the context of FinTech solutions and financial technology procurement. He can be contacted on +44 (0)20 7006 1367 or by email: jamie.andrew@cliffordchance.com.
Nicola Hemsley is a partner in the Clifford Chance London tax practice. She advises corporates, financial investors and financial institutions on the tax aspects of a wide variety of cross-border corporate, equity capital markets and finance transactions. She specialises in mergers and acquisitions, public takeovers, joint ventures and initial public offerings (IPOs). She can be contacted on +44 (0)20 7006 4215 or by email: nicola.hemsley@cliffordchance.com.
© Financier Worldwide
THE PANELLISTS
Clifford Chance LLP