Faculty of law blogs / UNIVERSITY OF OXFORD

Regulating Fintech: A Harm-Focused Approach


Hilary J Allen
Professor of Law at the American University Washington College of Law


Time to read

4 Minutes

When policymakers talk about regulating fintech, they often skip the important preliminary issue of why we regulate finance in the first place.  In the United Statesand many other countries as well—financial regulatory agencies were created in response to demonstrated investor or consumer harms, or episodes of financial instability.  Our financial regulatory agencies therefore tend to have consumer protection, investor protection, or financial stability as their centerpiece mandate.  Other statutory mandates, like promoting efficiency, competition, and preventing crime, have sometimes been grafted onto these core mandates, but very few financial regulatory agencies have statutory mandates to promote private sector innovation.  That is as it should be.  The private sector will always innovate and does not require regulatory cheerleaders.  Regulators should focus on ensuring that private-sector innovation does not inflict harm on the public.

In my recent article, I push back against the notion that financial regulation should bend to accommodate private sector fintech innovation.  Financial regulatory bodies were established to limit the public harms of private activities, and so regulators should concern themselves less with regulatory sandboxes, waivers, and other dispensations designed to nurture innovation.  Instead, financial regulators should focus more on ensuring that users of fintech offerings receive the same regulatory protections that are afforded to users of other kinds of financial products and services.  There may be costs to such an approach: it is possible that some innovation may be impeded by regulatory safeguards.  But before we worry about foregone innovation, it’s important to ask baseline questions about who a particular innovation will be useful for, and whether the promised use cases (particularly claims of financial inclusion) are realistic.  Not all innovation is socially beneficial, and weeding out innovation that is profitable for industry but harmful for society should be considered a policy win. 

And let’s be frank: a lot of fintech innovation has a fairly checkered track record.  The use of crypto in ransomware, money laundering, and sanctions evasion is well-known, and fintech technologies have facilitated a myriad of new scam opportunities.  Fintech business models often purport to improve financial inclusion, but many deliver only predatory inclusion (meaning access is provided to members of marginalized groups who have typically been denied financial services, but on exploitative terms that help cement those groups’ marginalized status).  When we think of fintech and predatory inclusion, crypto offerings immediately spring to mind, but some other fintech products (including lending and earned-wage access products) also exploit vulnerable consumers. 

Many fintech business models also claim to improve efficiency, but from whose perspective?  When new fintech technologies improve efficiencies, they create new winners and losers in the processand the most vulnerable are often the losers.  Sometimes (as is particularly evident with crypto and other DLT-based fintech offerings), it’s hard to point to any efficiency gains other than the efficiency gains that come from avoiding regulation.  Fintech’s touted benefits for competition also tend to arise when fintech is able to obtain a competitive edge by not complying with the rules that apply to everyone else.  But it does not necessarily follow that less regulation is good for competition: financial regulation can be an important tool in preventing abuse of market power.  The lightly regulated crypto markets, for example, exhibit concentrations of market power strong enough to make most traditional financial intermediaries blush.  As my article highlights, blockchain technology intentionally incurs considerable inefficiencies in order to achieve technological decentralization, but that technological decentralization does nothing to prevent economic centralization.

Notwithstanding that blocking harmful fintech innovation is good policy, the term ‘innovation’ has a powerful pull that can be challenging for financial regulators to resist (as I explore in more detail in my forthcoming article on fintech and techno-solutionism).  Those who seek to profit from fintech innovation, as well as their supporters in elected positions, will decry harm-focused financial regulation. Perhaps more insidiously, financial regulators may internalize rhetoric about regulation being an obstacle to innovation, and refrain from discharging their statutory mandates as a resultparticularly if they feel they lack the technological expertise necessary to engage with fintech.  But that cedes the ground to fintech developers who often seem to know surprisingly little about finance and its history of harms and keep repeating them as a result.  Technological expertise should not be prioritized over financial regulatory expertise.   

To be clear, financial regulators should indeed seek to learn about new technologies and how they might impact the financial industry.  There may even be beneficial ‘suptech’ applications of these technologies that can further regulators’ investor protection, consumer protection and financial stability mandates.  But regulators do not need to grant regulatory dispensations to the fintech industry in order to learn about these technologies.  Accommodative approaches like waivers, sandboxes, and bespoke regulatory regimes can confer unwarranted legitimacy on fintech business models. 

Just as fintech itself has a checkered track record, regulatory approaches to fintech also have a checkered track record.  Some rightly focus on addressing harm, but others are overly accommodative.  My article uses examples from agency rule-makings (and informal guidance), supervision, and enforcement to illustrate where regulators have accommodated fintech, and where they have tried to tame it (or at least mitigate harms with a coping strategy). The most important take-away from this exploration is that harm can thrive in environments of accommodative inaction.  The article therefore concludes by beginning to envisage what a comprehensive, proactive approach to taming the harms of fintech would look like.  The ideal would be to place the onus on the fintech industry to develop the financial and economic domain expertise necessary to demonstrate to regulators’ satisfaction that their technology-based business models will not be overly harmful to the public.


Hilary J. Allen is Professor at the American University’s Washington College of Law. The author can be reached on hjallen@wcl.american.edu.


The author’s full article can be found here


With the support of