The EU Digital Finance PackageDigital transformation in the financial services sector
The European Commission adopted a Digital Finance Package end of September 2020. This complex set of initiatives endeavors to create a competitive EU financial services sector giving consumers access to innovative financial products, while ensuring consumer protection and financial stability. The package includes a Digital Finance and Retail Payments Strategy, as well as legislative proposals on crypto-assets and digital resilience. If adopted, these proposals will affect both established firms in the financial services sector and new FinTech market entrants.
1. Digital Finance Strategy
The Digital Finance Strategy generally sets out how Europe can support the digital transformation in finance in the coming years, while regulating the related risks. It aims to make financial services more digital-friendly and to stimulate responsible innovation and competition amongst EU financial services providers. Further, it covers four broad priority areas, as well as related measures to achieve those priorities.
The first priority is removing fragmentation in the Digital Single Market so that consumers have access to financial products across borders and that FinTech start-ups can scale-up and grow.
The adaptation of the EU regulatory framework facilitating digital innovation in the interest of consumers and market efficiency forms a second priority. In this context, the European Commission proposes its legislative initiatives on crypto-assets, which are further discussed below.
The European Commission aims, as a third priority, to create a European financial data space to promote data-driven innovation, building on the broader European Data Strategy. At the same time, the European Commission is particularly vigilant about maintaining the EU’s very high standards on privacy and data protection.
The fourth priority consists of addressing the challenges and risks with digital transformation. In this respect, the European Commission prepared a legislative proposal on digital operational resilience, which is further described below. In order to ensure consumer protection and a level playing field between existing financial institutions and new market entrants, particular attention has been paid to the principle “same activity, same risk, same rules”.
2. Legislative proposals on crypto-assets
The Digital Finance Strategy is accompanied by a proposed legal framework on crypto-assets (i.e. digital representations of values or rights that can be stored and traded electronically). This framework is divided into a proposal for a Regulation on markets in crypto-assets (“MiCA”) and a proposal for a Regulation on a pilot regime for market infrastructures based on distributed ledger technology (“DLT pilot regime”). The objective is to boost innovation while preserving financial stability and protecting investors from risks.
In this respect, the European Commission differentiates between those crypto-assets already governed by EU legislation and other crypto-assets.
Where crypto-assets are covered by EU financial services legislation, there is a lack of legal certainty on how to apply existing EU financial regulation (e.g. the Prospectus Regulation, MiFID II and the Central Security Depositary Regulation). This situation leads to limited security token issuances in the primary market, and limits the potential use of DLT in financial markets, as demonstrated by a lack of DLT-based market infrastructures (such as trading venues or central security depositaries) enabling the trading of security tokens and the settlement of transactions.
The crypto-assets that already fall under existing EU financial services legislation will remain subject to that legislation. However, under the DLT pilot regime, the European Commission is also proposing a pilot regime for market infrastructures willing to develop trading and settlement of transactions in financial instruments in crypto-asset form. This pilot regime represents a controlled environment that allows temporary derogations from existing rules so that regulators can gain experience in the use of DLT in market infrastructures, while ensuring that they can deal with risks relating to investor protection, market integrity and financial stability. The intention is to enable companies to test and learn more about how existing rules are applied in practice.
Where crypto-assets are not covered by EU financial services regulations, the absence of applicable rules to services related to such assets (such as exchanges, trading platforms, crypto custody and wallet providers) leaves consumers and investors exposed to substantial risks. There are also substantial market integrity risks (e.g. market manipulation) in the secondary market of crypto-assets. Some Member States have put in place bespoke rules at the national level for all – or a subset of – crypto-assets falling outside current EU regulation. This leads to regulatory fragmentation, which distorts competition in the Single Market, makes it more difficult for crypto-asset service providers to scale up their activities cross-border and leads to regulatory arbitrage.
The MiCA proposal will apply to the previously unregulated crypto-assets (including ‘stablecoins’) and will set strict requirements for issuers of crypto-assets and crypto-asset services providers willing to apply for an authorization to provide their services in the EU. Safeguards include capital requirements, custody of assets, a mandatory complaint holder procedure available to investors and investor rights against the issuer. These new rules will allow operators authorized in one Member State to passport their services across the EU and prohibit market abuse in the secondary markets for crypto-assets.
3. Legislative proposals on digital operational resilience
The second group of legislative proposals will create a regulatory framework on digital operational resilience. The ever-increasing dependency of the financial services sector on software and digital processes means that Information Communication Technologies (ICT) risks are inherent in finance. The European Commission intends to prevent and mitigate those risks via a proposal for a Regulation on digital operational resilience for the financial sector (“DORA”) and a proposal for a Directive amending several other directives.
DORA will require all firms to ensure they can withstand all types of ICT-related disruptions and threats. Financial entities such as banks, stock exchanges, clearing houses and FinTech companies will have to respect strict standards for: (i) ICT risk management, (ii) ICT-related incident reporting, (iii) digital operational resilience testing and (iv) the sound monitoring of ICT third-party risk. DORA will also allow financial services firms to set-up arrangements around the exchange of cyber threat information and intelligence amongst themselves.
In addition, the European Commission introduces an oversight framework at EU level on critical ICT third-party service providers, including cloud computing service providers. In this respect, the European Supervisory Authorities (ESAs) will operate as Lead Overseers for each critical ICT third-party service provider and receive powers to ensure that technology services providers fulfilling a critical role to the functioning of the financial sector are adequately monitored on a pan-European scale. The national supervisors will act as enforcers.
4. Retail Payments Strategy
A renewed strategy for modern and safe retail payments embodies the last pillar of the Digital Finance Package. With this strategy, the European Commission seeks to further develop the European payments market so that Europe can benefit fully from innovation and opportunities that come along with digitalization. The strategy focuses on four key priorities.
Firstly, the European Commission proposes to promote digital and instant payment solutions with a pan-European reach. Citizens and businesses in Europe should benefit from a broad and diverse range of high-quality payment solutions, supported by a competitive and innovative payments market and based on safe, efficient and accessible infrastructures.
The second priority is the development of a competitive and innovative payments market. The intention is to support the further development of open banking, to further align the EU legal framework for retail payments and to ensure a high level of security and consumer protection.
The European Commission further focuses on the creation of efficient retail payment systems and other support infrastructures by reinforcing inter-operability, ensuring direct access by non-bank players and eliminating access restrictions to essential technical infrastructures to facilitate mobile contactless payments.Enabling more efficient international payments (including remittances), which supports the international role of the euro, is the fourth priority.