Denis Beau: What European financial sovereignty in a digital world

Speech by Mr Denis Beau, First Deputy Governor of the Bank of France, at the conference "Assises de la Technologie Financière", Paris, 17 October 2019.

The views expressed in this speech are those of the speaker and not the view of the BIS.

Ladies and Gentlemen,

I would like to thank Ms. de la Raudière for her invitation to this conference, which reflects the financial community's ever growing interest in the ongoing evolution of the banking and financial system. The organisers of this conference asked me to give you my perspective as central banker and supervisor on the complex issues involved in the boom of digitisation in the financial sector.

I will attempt to meet this challenge, by first observing that, for some years now, Europe has entered a world where digital technology is profoundly changing the business models of many economic sectors. The banking and financial sector is no exception. New players are entering the market with new proposals, more suited to the uses and requirements of the "digital" consumer. They challenge established players by fragmenting a traditionally highly integrated value chain. The first of these new entrants are FinTechs. These start-ups are able to outperform the historical players on a link in the value chain, providing new services to consumers or reducing costs. The second are BigTechs. They rely on huge amounts of data and their experience of how to deal with them; by taking advantage of network effects, they are starting to attack strategic links in this value chain (services with high technological added value and sometimes customer relations) in order to be able to offer new profit generating activities. Thanks to their dominance of certain sectors - let us take the example of cloud computing - and to their ability to expand - their cash reserves enable them to penetrate a market, to dominate it and to use technology to set up barriers to entry - these new entrants are giving rise to a significant risk of dependency, or even captivity, for established financial players. While BigTechs today are, at least in Europe, subcontractors of banks and insurance companies, we cannot rule out a reversal of business models which would confine financial institutions to the role of specialised service providers: credit origination, middle and back office, compliance.

These prospects raise several questions in terms of European sovereignty: how can we effectively protect citizens' data (be they payment or personal data) and offer them real control over their use? How, in a global ecosystem with ever more open architectures, can we increase the strength and resilience of the financial system in the face of cyber risks? How can we encourage the development of pan-European payment solutions in the face of rising competition from non-European players in the payment solutions segment? In the fight against money laundering and the financing of terrorism (AML-CFT), how can we respond effectively to the challenge posed by crypto-assets, many of which were designed on the principle of anonymity and the bypassing of the rule of law? Finally, a question addressed more directly to me, as central banker and supervisor: how can we consider exercising our regulatory missions in a financial sector whose contours and functioning are undergoing change?

In my opinion, appropriate responses to these questions must be based on three pillars: (i) a clear assessment, (ii) a sufficiently open mind to propose frameworks adapted to new paradigms and (iii) the collective boldness to innovate. And I would like to share with you some thoughts on these three topics.

 (i) Assessment

The digital revolution now enables some companies to rely on a potential customer base equivalent to the combined population of Europe, the United States and China, in order to make significant incursions, and potentially systemic ones, currently mainly in the field of payments and fund transfers.

The magnitude of these network effects and the speed at which they can be exploited are likely to radically alter the scope and intensity of competition in the markets in which they are present. They can also contribute to exacerbating not only the size of the benefits but also the risks that they create for the stability of the financial system and monetary stability. Should this prospect lead us to seek to preserve the status quo? I see at least two reasons for not going down that road.

The first is that the technologies that allow these changes in scale carry progress. Technological revolutions, from the early stages of the internet to the boom in blockchain protocols to artificial intelligence, have given rise to, and can still continue to do so, new services, many daily improvements for consumers, in particular financial services including, and we are extremely attentive to that, better financial inclusion.

Second, there is no reason to assume that the current framework for regulating financial services is intangible and cannot be adjusted to respond to changes, including in scale, brought about by technological innovation to ensure that potential risks are properly managed. A simple example: the customer experience for opening a remote account in France, compared to other European countries, wasn't sufficiently fluid. The players that we have met often mentioned as a potential impediment the French transposition of the 4th European anti-money laundering directive, which would not make it possible to fully capitalise on the advantages of technology. We have taken note of the problem and set up a working group, led by the ACPR Fintech - Innovation unit within the framework of the ACPR-AMF Fintech Forum, bringing together technology providers, financial institutions and public authorities. The aim was to co-construct proposals based on an objective assessment of regulations and technological state of the art, while ensuring the efficiency of AML/CFT frameworks. The result is that these proposals have almost all been adopted for the transposition of the 5th directive. We know how to think outside the box when necessary. However, to maintain a smooth risk management for projects that are likely to exploit huge network effects, and thus likely to create significant risks to financial and monetary stability, it would be prudent to ensure that regulation frameworks are perfectly tailored to the risks posed before rolling out these projects in the market.

In order to help complete the adjustment of the regulatory and supervisory framework to these profound changes, central banks and supervisors first have the advantage of their legitimacy, which is primarily due to their institutional mandates: prudential supervision, financial stability, and conduct of monetary policy. Their legitimacy is also rooted in their experience of crises and their contributions to solving them. However, to live up to this legitimacy, it is up to the public authorities to identify the new risks, both in terms of their nature and magnitude, and to provide clear, strong and relevant responses.

(ii) An open mind is necessary to achieve this objective: it must lead us to propose frameworks that are tailored to the new challenges and associated risks.

The specificities of the changes brought about by the digital revolution and in particular the multinational scope of the resulting network effects also require us to advocate for a reinforcement of international cooperation between authorities in order to ensure a better coherence of the national regulatory frameworks and to propose changes that affect global governance. To illustrate this point, I will choose an example outside the financial sector: that of the general regulation on the protection of personal data (RGPD). By setting up a common framework for the protection and circulation of personal data, the European Union has not only harmonised its regulations and reaffirmed its own values, but has also defined a global reference in this area, raising interest among many partners, in particular the United States, shaken by repeated scandals whose symbol remains Cambridge Analytica.

In my view, our proposals and actions should be guided by two principles.

First of all, we need to think in terms of an open system. We must take into account the development of interactions of all kinds between the participants in the various "ecosystems" on which the development of financial services is now based. It is a prerequisite for being able to legitimately claim to regulate interconnections. It is also a prerequisite for ensuring an appropriate perimeter for the regulations to be adapted as well as the coordination and coherence at national, European and international level of these adaptations.

To be more concrete, let us take the example of Open Banking. The regulatory framework set out by the second Payment Services Directive (PSD2) has lifted the technical and legal barriers to accessing payment account data. The immediate consequence has been the development of a new ecosystem offering consumers a wealth of new services. However, we have also imposed high data protection requirements at the European level, in particular in the rules governing access to this information.

Second principle: in order not to be mere spectators of change or react to it too late, we must fully take on the prospective observation, experimentation, and operational commitment. In the area of payments, the recent BigTech initiatives with a global impact have once again brought the current inefficiency of cross-border payment solutions to the forefront. However, the issues of financial stability, monetary policy and sovereignty raised by these projects should encourage us to operationalise our efforts to promote more efficient payment systems where appropriate by considering an operational involvement of central banks, based on the consistent and coordinated use of new technologies.

As regards infrastructures, we have taken an interest in blockchain technology since its early stages. We were the first central bank to develop, regarding the specific use of SEPA creditor credentials, a decentralised register system based on a blockchain protocol, the "MADRE" register. Of course, this is only a first step, which does not exhaust an extremely vast and diversified field of experimentation. The question that arises today is: which systems could become more efficient or offer greater possibilities as a result of technical decentralisation?

In the field of regulation and supervision conducted by the ACPR, we applied the same principles. Take the case of Artificial Intelligence (AI). How do we concretely define the conditions for a controlled development of artificial intelligence and define the principles of its control? It is in this spirit that we designed our IA workshops: the ACPR FinTech experts and the Banque de France data scientists met established players to understand their perception of these technologies and assess their level of maturity. In the areas of AML-CFT, internal models and consumer protection, the lessons learned from these meetings and tests under production conditions will provide us with crucial information for building a future framework conducive to controlling the development of Artificial Intelligence.

 (iii) Aware of the importance of the issues and clairvoyant as to their complexity, ready to change our regulation and the exercise of our missions, we must also be bold, that is to say, innovative. To conclude this speech, I would like to stress two important elements.

First, European financial sovereignty does not depend solely on the authorities of its Member States or on the regulations drawn up by the European Commission; it depends first and foremost on the vitality of the European ecosystem and on the innovation effort of all players, be they established or new. In this regard, the Europe of payments should seize the opportunity offered by the digital revolution to develop a pan-European payment solution. Our institutions are an integral component of this European ecosystem and intend to play their full part in it: the Banque de France Lab, the ACPR Fintech-Innovation unit, with its joint ACPR-AMF Fintech Forum, and all public authorities, are fully mobilised to support the expansion and growth of this ecosystem.

Second, we also apply this injunction to innovate to ourselves: we can only achieve our objectives and truly support the market if we ourselves are innovative. In this respect, our projects are and must remain numerous. I have already mentioned MADRE, I would like to make a special mention of our analysis of "weak signals" by artificial intelligence, to detect fragile companies. This project is remarkable by the cooperation that it involves between a wide variety of public players: the Direction générale des entreprises (DGE), the Délégation générale à l'emploi et à la formation professionnelle (DGEFP), the Agence centrale des organismes de sécurité sociale (ACOSS) and the Direction interministérielle du numérique et du système d'information et de communication de l'État (DINSIC) and of course the Banque de France.

Our search for innovation also means innovation in work methods and project implementation: intrapreneurship, which we have set up at the ACPR, is a good illustration of this. The idea is to mobilise all employees, in order to bring out the innovations that are most suited to our missions and then have them implemented by "intrapreneurs", who are bestowed with great autonomy, comparable to that of start-uppers, for the development of their project. Our first intrapreneurship programme will enable us, I hope, to benefit within 9 months to a year from artificial intelligence tools to conduct our supervisory missions.

All of these initiatives are as vital as they are exciting. They are the DNA of our institutions, and I am convinced, the reflection of that of the French and European ecosystem.

Thank you for your attention.