Developing regulation poses problems for smaller payments players

by Lucy Frost
man with laptop and phone

Share this post

As the regulatory landscape continues to evolve, is innovation at risk in the fintech space?

The economic environment has put a strain on many businesses, but for smaller market participants, some of these challenges are being compounded by what seems to be an ever-deepening regulatory landscape.

The Financial Conduct Authority (FCA) is broadly expected by market participants to expand the regulatory environment for payments firms, leading to questions over how effective such regulation is.

“For me the question is: is the current regulatory framework fit for purpose?” asks Konstantinos Adamos, senior legal counsel at Revolut. “Does it help foster innovation? Are the rules proportionate and agile to foster new technologies? I’m inclined to say yes – although clearly there are pain points.

“The EU and the UK have a progressive set of rules for payments. Take open banking as an example, this is something we have had for several years in Europe, but in the US, this is only just starting.”

Other market participants pointed to the difficulties for regulators in tackling a space that is constantly changing due to the rate of innovation, such as open banking.

“Payments are subject to a variety of risks, including operational, liquidity, reputational, business and fraud,” explains Tara Rice, head of secretariat of the BIS Committee on Payments and Market Infrastructures (CPMI), which helps influence the agenda for payments policymakers around the world.

“Innovation may introduce new dimensions to these risks and new challenges in terms of detecting, managing and mitigating them. At the same time, it can offer end users more choices for making payments – and more efficiently.”

Open banking headaches

Perhaps the area of regulation posing most problems for innovation is open banking. Open banking came into the UK’s regulation through the EU’s PSD2 and was transposed into law pre-Brexit. However, this regulation is now set to be reviewed.

“The government needs to ensure open banking is set up for success,” says Luke Kosky, fintech policy lead at the Coalition for a Digital Economy (Coadec). “Right now, we are at a bit of a crossroads where the regulatory regime is going to be transitioning into a new chapter.”

Another key element of the open banking regime set to be reviewed is the competition angle. While these changes will set the market on a “long term sustainable footing”, according to Mercer, the uncertainty in the regulatory regime could be difficult for firms to manage.

The use of open banking is only going to become more important as merchants move away from card-based payments due to the high levels of fees that come with it for retailers.

Tier-based approach

Payments are regulated in a very similar way to banks, with compliance teams working on prudential requirements, Know Your Customer (KYC) and more. However, these requirements are tiered in payments, such that firms with larger risks have to disclose and comply with more detailed regulation, whereas smaller players that carry smaller risk don’t.

For Bradley Rice, partner at Ashurst, this difference is key to a healthy regulatory landscape.

“Payments and e-money firms come in many different guises and are of many different sizes,” he says. “Trying to regulate them all in the same way that you would a bank is not necessarily the right way to regulate the industry.

“That said, there are some payment firms, particularly those with e-money licences, that can do pretty much everything a bank can, but isn’t regulated like a bank.”

An example of this would be in prudential requirements where e-money firms do not have to hold nearly so much capital as banks.

However, for Rice, as the payments ecosystem continues to develop and the regulatory landscape does with it, the gap between the larger players with the heavier regulatory burdens and the smaller players with the lighter touch compliance could grow to such an extent that more tiers in the middle should be added to this approach.

“The gap at the moment is such that the fully regulated tier has become so big and diverse that they almost need to create another tier within that,” he goes on to add.

For Rice, this could look like a three-tiered approach with smaller firms at their current level of regulation, systemically important firms facing the full set of requirements and a tier in the middle for bigger firms, which are not as systemically important.

Crypto concerns

Where regulation could be posing the most problems for fintech innovation may be in crypto, particularly in the face of the UK’s financial promotions regime.

The proposed update to this regulation categorised crypto as a high-risk investment, meaning that any adverts put out by crypto-asset services providers (CASPs) to audiences in the UK would need to be authorised first. The consultation faced high levels of criticism when it was released due to the very low number of organisations that would be allowed to approve firms’ advertising campaigns.

However, according to the consultation report, published at the beginning of February, firms who are already registered with the FCA under the anti-money laundering regime are exempt from this; and therefore do not have to seek third-party approval to run ads.

But, as only 34 CASPs are registered under the UK’s anti-money laundering regime, a large number of companies in the space will still need to find third parties to pre-approve any advertising campaign – whether they’re based in or outside the UK.

This could be challenging, says Revolut’s Adamos: “Current evidence suggests a lack of suitably authorised firms in the market who would be willing to approve crypto promotions, meaning that overseas providers will find it difficult to market their services in the UK without obtaining an FCA registration.”

Regulators will continue to prepare crypto guardrails in the wake of the FTX collapse at the end of last year. But exactly how they implement this remains to be seen.

As the payments sector continues to innovate and change, the dynamic between the industry and regulators will need to remain balanced to promote an innovative and trustworthy payments landscape.

“We should avoid approaching issues regarding the relationship between regulation and innovation with an ‘either or’ attitude,” says BIS CPMI’s Rice. “They can and should co-exist. Healthy regulation is an essential foundation upon which innovative solutions can be developed and thrive in a sustainable way.”

More To Explore


Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?