Growing concerns: The risk, innovation and regulation trilemma facing fintech
If fintech had one superpower, it would be the ability to hone in on the most quietly frustrating parts of banking - the parts that most of us have learned to live with - and the ability to create products that address those frustrations.
One of my favorite ways of looking at the emergence of fintech in the last 15 years is through the lens of unbundling - deconstructing products built by incumbent banks and building cheaper/better alternatives. And nothing seemingly wrong with it. The fintech alternative is convenient and cheaper and almost all of them seem to have a supporting role in financial inclusion.
Purely from a product perspective, this is a useful lens. This is also what fintech investments are postulated on; $9 billion poured into fintechs in 2021 in India alone and 12 new unicorns were born in the sector in the same year; a Nearly 200% rise in investments into fintechs YoY.
To say that the sector is expanding at breakneck speed is doing it justice.
What it misses, however, is the deconstruction, happening in parallel, of the technical, analytical, operational, and regulatory infrastructure that those product bundles were built on top of.
The International Monetary Fund (IMF)’s Global Financial Stability report warns of this breakneck speed precisely. It says the proliferation of Fintech companies and their increasing share in financial transactions globally are making the risk of financial instability more real.
At 87%, India has the highest FinTech adoption rate in the world against the global average of 64%
How many times have we read that statistic? Plenty.
But such innovation and disruptions in the financial sector have often occurred in a regulatory grey zone where rules are not adequately defined.
For instance, mobile wallets were developed in a regulatory grey space in the late 2000s in the aftermath of the telecom sector boom. In response, the Reserve Bank of India (RBI) issued guidelines for their operation, such as limiting the amount of money that can be stored in a wallet, thereby curtailing the larger systemic risks that wallets could have posed.
Or take UPI - every additional layer of innovation comes with a layer of ordinance from the National Payments Corporation of India (NPCI). Most recently, crypto-trading platform Coinbase came under the NPCI radar for facilitating payments on its platform via UPI. The RBI has always maintained its apprehensions about crypto, but there have been no regulations and crypto exchanges continue using UPI to conduct business. Some even speculate that these exchanges operate multiple Merchant IDs and everything eventually becomes a cat and mouse game in a legal grey area.
Even UPI credit currently operates in a regulatory grey area.
A digital lending agreement between a fintech and an RBI-regulated entity, it’s essentially a ‘scan now, pay later’ option for customers to avail instant credit. When UPI 2.0 was launched in August 2018, it allowed for linking overdraft (OD) accounts with the platform to avail credit.
But most fintechs that offer credit on UPI don’t impose an OD account requirement on their customers. One such fintech even said that UPI credit via OD facility isn’t a compulsion.
If I had a penny for everytime I wrote ‘a legal grey area’ in this piece…
Short-term loans through OD facilities aren’t popular - they require the customer to pledge the loan against a Fixed Deposit or their salary. More often than not, customers that avail credit through UPI are new-to-credit, maintain low balance accounts and might not even get an approval for an OD facility.
Thus, the requirement for an OD might sound the death knell for a lot of recent products launched by the fast-growing fintechs.
Typically, credit in the fintech world is geared towards the financially underserved.
That means lower income brackets and smaller ticket size of loans.
This report by Transunion CIBIL and Google showed that the share of small-ticket loan disbursals of up to Rs 25,000 has gone up among all kinds of personal loans to 60% in 2020 from 10% in 2017. The report also mentions that half of new-to-credit borrowers are less than 30 years old.
Too much risk?
There’s an inherent perceived risk by virtue of being, borrowing from or partnering with a fintech - that the younger, thin-file, non-collateralised borrower is risky. And I can see why that’s the first impression one gets; but the amount of credit disbursed, the purpose of credit and the behavior of the customer otherwise (that can be determinant of delinquency) might paint a different picture.
And assessing that behavior is the core competency of fintechs. The technology that fintechs have so meticulously built - AI & ML models that efficiently cull data, in record speed, and reveal insights about delinquency risk and how to manage at-risk accounts - must account for something?
When we consider a developing economy, like India, where there are more credit outliers than traditionally creditworthy individuals, the question of risk gets interesting. Who’s risky and why is one more risky than the other?
For instance, there’s literature that says a bank’s exposure to security collaterals as a risk-mitigating measure can in fact be a source of additional risk, as asset valuation fluctuates due to factors exogenous to a bank’s control. Studies have also found how risky borrowers are more likely to pledge more collaterals, a concept called ‘moral hazard’ – or how an asset valuation changes due to unobservable borrower actions after.
Does that mean secure loans are bad? Certainly not.
At Finbox, our Financial Inclusion Score (FIS) has been proven to lift borrower portfolios through highly accurate segmentation during onboarding and contain default risks with targeted collection efforts. We’ve built risk models that assess 5000 data points; sure, it creates new opportunities for us but does it create a safe way of assessing risk?
When you’re looking at fintechs and new models of credit and risk, it’s not just about looking at the rewards and upside, but making sure that we’re not comparing apples to oranges.
So how can regulation adapt to put these apples and oranges in the same basket?
There are no straight answers. But the way I look at it, there are a few reasons why these regulatory grey areas exist in the financial services industry
There are multiple regulatory entities involved - The RBI, NPCI, Securities and Exchange Board of India (SEBI), Telecom Regulatory Authority of India (TRAI) and Insurance Regulatory and Development Authority (IRDA). There is no single regulatory body or specific set of guidelines dedicated to FinTechs.
Each state has its own views on the start-up ecosystem, which could hamper how inter-state, online-only fintechs function.
Innovation is happening faster than regulators can blink.
In my experience, the best strategy to regulate is to align incentives. The industry has been asking for tax reliefs, GST waivers and zero Merchant Discount Rates (MDR) in India. More often than not, if regulation isn’t aligned with incentives, they don’t work as effectively.
Fintech does not exist in a vacuum. What I mean by that is, it exists in the gambit of financial services which are regulated and technology that’s not illegal. So when we talk about the risk of fintech running amok, is it a fintech problem or a larger, financial services industry problem? Or is it a bigger, operational, technology problem where we have not figured out how to regulate data?
What’s also happening is micromanaging of fintech innovation - the 30% cap on UPI transactions by third party apps. The NPCI has justified the cap as a means to address the risks associated with the UPI ecosystem and also as a means to protect it. But that raised more questions than it provided answers.
From a business perspective, the anti-competition environment created by the volume cap will hamper innovation, quality and growth. One could argue that inadequate competition might result in complacency, which, in turn, might impact the customer experience. Regulators don’t have the incentive to retain customers or maintain a high Net Promoter Score (NPS); their only goal is to mitigate perceived risk and that’s fair.
On the other hand, fintechs have plenty of incentive to retain customers, to provide seamless customer experience, to make sure they maintain low default rates, to make sure they don’t lose money on bad loans and also an incentive to grow in a secure way.
To that extent, the RBI is putting in the work - with its regulatory sandboxes, working groups on fintech, intentions to set up a committee to overlook innovation and development in fintech.
There’s room for everyone.
If fintechs had another superpower, it would be the ability to adapt. Given India’s large underbanked demographic with unmet financial needs, evolving consumer behavior has immense potential for fintechs, banks and for financial inclusion at large. It’s just a matter of creating an unambiguous environment and encouraging the development of more market-ready innovative solutions.