The EU’s Opt-in Regulatory Framework for Crowdlending: Expediency at the Expense of FinTech Investor Protection?

Debt-based crowdfunding (‘crowdlending’ or ‘peer to peer lending’) is growing as an alternative finance market within the EU. Yet it has many risks for investors. A lack of regulation of the emerging industry in most Member States contrasts with the stringent rules applicable to traditional banks. Unfortunately, the EU’s plans to regulate the crowdlending market fall short of what is required in terms of rigorous standard setting, by allowing EU platform operators the autonomy to opt in or out of EU authorisation and supervision.

The EU goal of broadening access to finance for SMEs fits squarely within the Capital Markets Union and the FinTech Action Plan. However, an emphasis on facilitating market entry by FinTech operators should not come at the expense of appropriate base-line legal barriers to market entry and an appropriate licensing and regulatory framework. Underlying the 2018 draft Crowdfunding Regulation is the facilitation of SME access to alternative finance through both equity-based crowdfunding and debt-based crowdfunding. Although both form part of the alternative finance industry, equity-based crowdfunding and crowdlending have quite different business models despite both constituting web platform-based means of alternative finance serving the SME sector. It does a disservice to each (but particularly to crowdlending) to bundle them together when designing a regulatory framework, given that entirely different investor protection concerns are raised in relation to issuing shares and effecting loan agreements. In particular, the distinct risks and consequences for crowdlending investors of loan defaults and platform collapse loom large.

In line with the drive to fund start-ups, the scope of the draft Crowdfunding Regulation as applied to crowdlending is limited to project originators which are businesses borrowing for business purposes. While this is explicable given the focus on SME finance, nonetheless leaving retail peer to peer lending out in the cold at the phase of regulatory design has the unfortunate effect of excluding high-risk arrangements involving the most vulnerable parties from the regulatory mix.

Significant doubts arise concerning the robustness of the higher order regulatory choices evident in the draft Crowdfunding Regulation, in relation to crowdlending for business purposes. The major threshold regulatory decision taken by the Commission has been to consider and reject two options of (i) non-intervention in the crowdlending market, and (ii) provision of a completely harmonised authorisation regime for crowdfunding including crowdlending. Instead, it has plumped for a halfway house between the two. The draft Crowdlending Regulation envisages that crowdlending operators would be permitted to choose between compliance with national law or an EU authorisation label conferred and supervised by ESMA (the ‘European Securities and Markets Authority’). It seems that the EU authorisation option is largely targeted at platform operators with cross-border operations. For those operators who opt in, a credible authorisation and supervision regime under ESMA would apply, centred on appropriate governance,. ESMA would be able to impose a range of penalties including turnover-based fines on non-compliant platform operators it has authorised. Unfortunately this approach lacks credibility in terms of correcting market failures, given that authorisation with attendant ESMA supervision is not compulsory in any circumstances.

The choice of providing an opt-in framework in place of a harmonised one is curious and provides a great deal of regulatory autonomy to platform operators to do as they please, given how sketchily the emerging FinTech sector is regulated in many EU Member States. On a cost-benefit analysis, existing platform operators may choose not to opt in to EU authorisation, so as to avoid both the costs of adapting their business model for authorisation and the reputational risks associated with non-compliance under ESMA supervision. The continuing absence of a true single market regime will create a two-tier system, allowing EU platform operators in low barrier Member States to pragmatically escape the imposition of meaningful entry barriers as well as governance, credit assessment, money handling, disclosure and complaints handling requirements.

What is proposed would not unsettle bespoke national legal frameworks (or the absence of such in most Member States) which govern crowdlending operations. As such, crowdlending operations that are provided by operators in compliance with national law would be entirely outside the suite of protections and supervision provided for in the draft Regulation. This regulatory approach hardly seems justifiable from an investor protection perspective, particularly given the fact that national bespoke regulation of the sector is the exception rather than the rule. This would entrench existing regulatory fragmentation: enabling platform operators to choose Member State law or the opt-in framework provides an entirely legitimate dichotomous choice between a race to the top or a race to the bottom. Light touch national frameworks and markets are likely to be strategically targeted by platform operators on a cost-benefit basis. Crucially, this may well occur even where platform operators have cross-border operations and could otherwise benefit from the passporting effect of the proposed alternative EU authorisation label. Inevitably, high legal costs for market participants will continue if not increase, as the regulatory restrictions and freedoms associated with both the EU label and alternative national regimes are compared by existing and would-be market entrants..

It is disappointing that the Commission’s starting point has not been to harmonise a proportionate regime for true regulatory equivalence in the internal market for crowdlending. If ultimately adopted, the opt-in EU authorisation label would likely be adopted by platform operators that  believe in a race to the top and are classically low risk. On the other hand, it would allow less scrupulous crowdlending operators to target Member States where regulation is weak as an operational base. For their part, Member States where regulation of the FinTech sector is absent or light may choose not to further refine national regimes given the cushion provided by the existence of the directly applicable (albeit opt-in) EU regulation. It is important that EU policy-makers go back to the drawing board to revisit regulatory design and to consider the debilitating effects of both regulatory fragmentation and regulatory arbitrage for the developing crowdlending sector. As the FinTech sector evolves, expedient facilitation within the EU should not come at the expense of base-line common standards and meaningful regulatory supervision for all providers.

Deirdre Ahern is Associate Professor of Law at Trinity College, Dublin.