FinTech Regulation 101 Joint Regulator Info Session Mark Adams Senior Executive Leader, Strategic Intelligence and Co-ordinator, Innovation Hub Tony Richards Head of Payments Policy, RBA Neil Grummit General Manager, Credit and Operational Risk Services Bradley Brown Acting National Manager, Strategic Intelligence & Policy Este Darin-Cooper Director, Regulation and Strategy

Outline of today Five short presentations – Our agency’s role – Our agency’s interest – How we can assist fintech – Any matters to highlight Questions & Answers panel

Fintech: Some numbers – US$ estimates $20B global investment $300M Australian investment $77B US alternative finance $4.5B UK alternative finance $350M Australian alternative finance $19B assets under roboadvice in USA $20B global savings for financial sector via blockchain over next decade

Australia’s financial regulatory framework Parliament Governance Resources Culture Government ASICAPRA Regulators OAIC AUSTRAC ATORBAACCC Treasury Council of Financial Regulators Prudential Sector data collection Corporate Financial markets and services Payments Financial stability Competition Financial system regulation responsibilities Tax and SMSF compliance AML/CTFPrivacy Source: FSI Interim Report 2014

Current financial regulatory perimeters CONDUCT REGULATION  Market participants  Marketplace lenders  Managed investment schemes  Wholesale dealers, funds and advisers  Non-bank lenders  Financial advisers  Financial brokers and intermediaries  Custodians  Credit rating agencies  Retail FX dealers PRUDENTIAL REGULATION  ADIs  Insurers  Superannuation funds  Central clearing parties  Credit rating agencies  Purchase payment facilities  Retail payment systems  Card schemes OUTSIDE THE PERIMETER  SMSFs  Fund administrators  Technology providers  Virtual currencies RETAIL PAYMENT SYSTEMS REGULATION  Non-cash payment facility issuers Source: FSI Interim Report 2014

By contrast: US financial regulatory framework

ASIC’s Innovation Hub

ASIC - Topics Innovationhub.asic.gov.au – for informal assistance Digital advice consultation paper Marketplace lending information sheet FCA cooperation agreement Regulatory sandbox

Existing sandbox framework Modular licensing Operate as a representative ASIC discretion – organisational competency Informal assistance Power and policy exists to grant waivers and no action letters Working draft graphic

Tony Richards Reserve Bank of Australia

Payments System Board Mandate Powers under the PSRA and PSNA are to be used to – control risk in the financial system – promote efficiency in the payments system – promote competition in the market for payment services Powers under the Corporations Act are to be used to – contribute to overall stability of the financial system

Neil Grummit APRA

APRA – What do we do? Role prudential supervision => entity financial & operational resilience + systemic stability Regulatory requirements much more onerous within the prudential perimeter But prudential perimeter is small & defined by the ‘Industry Acts’ banking general insurance life insurance superannuation private health insurance

APRA – & FinTech No idea how this will develop => principles-based, technology neutral approach informed by consideration of materiality Many (most?) developments will fall outside prudential perimeter, but will be employed by APRA regulated entities? How can we help? Engage on prudential framework (e.g. how to stay outside!) Exercise our various discretions where warranted

Bradley Brown AUSTRAC

AUSTRAC’s vision and functions A financial system free from criminal abuse. Australia’s Financial Intelligence Agency – collect and disseminate actionable intelligence – 45 domestic partners, 83 international partners Australia’s AML/CTF Regulator – educate, supervise, enforce – effective regulatory reform Collaboration, innovation and inspiration

AML/CTF Act – key obligations A person that provides a designated service is a reporting entity, and has obligations under the Act to: – enrol or register with AUSTRAC – implement and maintain an AML/CTF program to identify, assess and manage the risk of money laundering and terrorism financing – identify their customers and undertake ongoing customer due diligence – submit reports to AUSTRAC – keep records.

Our interest in fintechs Drivers of change Digital Transformation of the financial industry Proliferation of Non-Cash transactions More ‘customer-centric’ in product design and delivery Opportunities Exploiting technologies – distributed ledger / digital identity / biometrics

Key messages Opportunities in public / private partnerships We are open to engagement – influence design and embed regulatory safeguards – co-discovery of potential applications – consider applications for relief New approaches to regulation

Este Darin-Cooper OAIC

Protecting information rights –­ advancing information policy

Privacy – why you should care Risks of ignoring privacy Tips to minimise your risk profile Overview

Good data handling practice drives commercial success Build consumer trust Avoid reputational damage Why privacy?

Damage to your reputation  jeopardise funding / scaling / acquisition Need to redesign to retrofit privacy  cost and delay Regulatory scrutiny  increased compliance obligations Public sanctions  damage to reputation / bottom line The risks of ignoring privacy

Conduct privacy impact assessments (PIAs) Be open and transparent Collect and retain anonymised data where possible Secure the data you hold Be prepared for a data breach Tips to minimise your risk profile

Questions & Answers Panel