EU falling short on fintech regulations

Two key European Union laws—the General Data Protection Regulation (GDPR) and the fifth Anti-Money Laundering Directive (AMLD5)—are hindering the future growth of financial technology (‘fintech’) and blockchain businesses in the region, says a London lawyer specialising in the sector.

GDPR, which focuses on data protection and privacy in the European Union and addresses the transfer of personal data outside the region, came into force in 2018.

AMLD5 came into effect in January this year, when the 28 EU member states reached a deadline to transpose its requirements into their domestic legal systems.

The directive brought cryptocurrencies, virtual asset businesses and e-wallet firms within the scope of anti-money laundering legislation. It includes the obligation for service providers in virtual currencies to perform customer due diligence and to submit suspicious activity reports to law enforcement bodies.

EU regulations like GDPR have binding legal force in every member state, while member states have some discretion on how to transpose directives like AMLD5 into their national laws.

“You have more and more barriers in terms of set-up costs for SMEs”

This element of discretion is now causing problems, according to James Burnie, a partner at London-based law firm Gunner Cooke.

Burnie specialises in advising fintech, blockchain and crypto-asset businesses.

James Burnie

“Different EU countries have taken AMLD5 and are using it as the basis for different systems where you have to be regulated to do crypto,” Burnie told New Money Review.

“Some EU countries have effectively therefore reverse-engineered a licensing regime for crypto-assets into the directive. Germany, for example, has gold-plated the directive and added its own capital adequacy requirements for crypto businesses.”

This extra step creates two problems, according to Burnie.

“First, you have more and more barriers in terms of set-up costs for small and medium-sized enterprises (SMEs),” he said.

“Second, by comparison with EU legislation like the Markets in Financial Instruments Directive (‘MiFID’), which gives you passporting rights—once you’ve gone through the pain of getting a licence in one EU country, you can then operate in any other—AMLD5 was not designed for that and doesn’t work in the same way. You can’t passport.”

The net result of this uneven playing field is that fintech firms are having second thoughts about setting up in the EU, said Burnie.

“I’ve seen people wanting to go into Europe, looking at the costs and then coming back to the UK,” he said.

The imminent end of the transition period for the UK to exit the EU—planned for the end of the year—is also a factor for fintech businesses deciding where to set up their operations, said Burnie.

“Imagine that after Brexit the UK does a trade deal with Australia with regulatory cross-recognition,” Burnie told New Money Review.

“You can then set up an entity in Australia and another in the UK and you’re in both time zones, so you can easily offer a 24-hour service. That might be more appealing in an internet-based company than putting all your eggs in one continent—Europe.”

“GDPR is a complete nightmare for blockchain firms”

Burnie went on to criticise GDPR, which was introduced by EU to beef up consumer rights over the ownership and transfer of data.

“GDPR is a complete nightmare for blockchain firms,” he said.

“It was created pre-blockchain, doesn’t work for some aspects of blockchain, and, although there are some workarounds, it is too onerous and often doesn’t achieve what it set out to do,” he added.

Burnie forecast that the combined effect of AMLD5 and GDPR may well be an entrenchment of the competitive position of the largest companies within the region.

Counterintuitively, despite being the apparent targets of GDPR, the largest internet firms, such as Google and Facebook, have already been cited as the key beneficiaries of the regulation.

“Where certain EU countries have taken too heavy handed an approach to regulating crypto, for example by requiring high levels of capital adequacy, the result is likely to be that smaller businesses will be driven out the market,” Burnie said.

“This could lead the largest firms, such as banks, being the only industry players, as well as stifling smaller businesses.”

According to Burnie, the UK may benefit from increased fintech activity as a result. By one recent estimate, London is already the world’s fintech hub, with investment in start-ups within the sector increasing by 500 percent in the last three years.

“It’s usually the smaller firms doing the more interesting and innovative stuff, and so countries, such as the UK, which focus on taking a proportionate approach to regulation, will benefit as hubs for these firms,” Burnie said.

Sign up here for our monthly newsletter

Click here for a full list of episodes of the New Money Review podcast: the future of money in 30 minutes

Comments are closed.