The document discusses trends in financial technology (FinTech) regulation. It notes that regulators must balance financial stability, consumer protection, and innovation. New technologies are transforming finance but also present risks. The document outlines regulatory challenges from technologies like blockchain, cryptocurrencies, and cloud computing. It predicts regulators will support FinTech through sandboxes and holistic frameworks while addressing issues like cybersecurity, data privacy, and cross-border consistency.

1. Diving into the regulatory world: what lies ahead for FinTech
Slide 1: Intro (10 sec)
Having a thorough understanding of relevant financial policies and regulations is critical for the success
of FinTech businesses. Today, we will look back to see how financial regulations work, delve into the
regulator's mind, analyze the emerging risks from the technologies and predict what lies ahead for
FinTech in the regulatory world.
Slide 2: The regulatory development wheel (1 min)
1. Ever since the beginning of the existence of financial markets, there have been policy makers and
regulators tasked with overseeing the markets by establishing financial policies and regulations.
2. Interesting enough, the policies and regulations have a significant impact on how the markets
develop and evolve over time.
3. Although we have witnessed break-through technologies in the past, this so-called FinTech era is
the very first time we are seeing multiple emerging and transformative technologies and
innovations that are significantly transforming/disrupting the financial markets.
a. One study shows that across 20 markets, 33% of digitally active consumers are making
use of FinTech products and services.
b. New technologies and innovations are changing the way people make payments, transfer
money, borrow and lend money, make investments, as well as re-shaping the
infrastructure of the financial market, including its functions.
c. Today technology has an enormous amount of impact on the financial markets, financial
policies, and financial regulations, like never before.
Slide 3: The Regulatory Change Cycle (2 min)
1. Challenges in the financial market come in many forms. As you all know, the most abrupt and
impactful challenges that require drastic change in the laws and regulations are financial crises.
2. In 1997, the Asian financial crisis led to an overhaul in the financial policies and banking
regulations in many countries. In Thailand, as the first and the hardest-hit country, the crisis left
us with hundreds of new laws and regulations, but we emerged with a somewhat more balanced
and sustainable banking system.
3. In 2008, in the aftermath of the global financial crisis, the US introduced a series of regulatory
proposals addressing consumer protection, executive pay cuts, capital requirements, expanded
regulation of the shadow banking system and derivatives, and enhanced authority for the Federal
Reserve to safely wind-down systemically important institutions.
a. The Dodd–Frank Act (The Dodd-Frank Wall Street Reform and Consumer Protection
Act of 2010) was enacted and the Consumer Financial Protection Bureau was formally
established.
b. The Basel III capital and liquidity standards were adopted by countries around the world.
4. But now policymakers and regulators around the world are facing a new kind of challenge;
emerging technologies are dramatically transforming the financial services landscape — creating
opportunities as well as challenges for consumers, service providers and regulators alike.
Slide 4: Finding the Equilibrium Point (2 min)
1. I still remember the first day in my Financial Regulation class when I was studying in the US.
The professor said that when it comes to financial regulations, it always comes down to the very

2. two fundamentals "financial market stability and integrity" and "consumer and investor
protection."
2. Now policymakers and regulators need to weigh these two fundamentals whilst at the same time
must ensure that they do not hinder innovation.
Slide 5: Keeping up with the pace of technological innovation (2 min)
1. The 3Ds "distributed, decentralized, disintermediation" mean more efficient and cheaper financial
products. To regulators, the following questions may occur.
a. Will a more decentralized financial system be more stable, or less?
b. Will risks be more dispersed?
c. Will the diminished role of traditional intermediaries mean that emerging risks are more
likely to go undetected?
2. There are other things that keep regulators up at night, like:
a. migration to unregulated sectors;
b. money-laundering and terrorist-financing risks;
c. operational risks related to IT;
d. cybercrime and cybersecurity;
e. outsourcing risks;
f. legal uncertainty;
g. transparency vs. privacy; and
h. accountability
3. The rise of FinTech requires regulators to apply regulatory principles to new settings created by
new technologies and business models. For example, regulators may need to consider how to
ensure investment suitability when investors rely on robo-advisors.
4. Regulators will need to consider if legislative solutions are necessary or if interim measures like
supervisory guidelines and development of industry standards, would be sufficient.
Slide 6: Regulatory trends for FinTech
1. A: AML/CTF (1 min)
a. Financial intermediaries, be it financial institutions or other types of reporting entities,
must verify the identities of their customers through KYC/CDD processes and report
suspicious transactions to authorities.
b. In the digital world, how do you know the person you're interacting with is really the
person they say they are? How do you reconcile the differences of these two worlds?
c. Regulators in many countries are still trying to find suitable criteria that are both practical
and can effectively manage AML/CTF risks. Which technologies are acceptable? VDO
conference? Selfie photo? Biometrics like fingerprints, facial recognition, iris scanning?
d. For new products, like crypto assets (i.e. cryptocurrencies), the Financial Action Task
Force (FATF) has already provided guidance to its members on how they should address
the risks.
e. For Thailand, one very interesting development is the National Digital ID or NDID,
which is an infrastructure that provides online service providers with standardized ways
to identify and authenticate their subscribers or customers using existing digital
identifications from other participants.
2. B: Blockchain (1 min)
a. Blockchain
i. Regulators in many markets are studying the implications of this technology.

3. ii. Given the diversity of blockchain applications, there is no "one size fits all"
regulatory approach. Regulators will need to adopt new regulations or refine
existing ones for each blockchain application.
iii. In addition to regulating DLT by the "legal code," markets are also examining the
possibilities of regulating DLT by the "technical code," which could be in the
form of international technical standards.
iv. [Private organizations in several countries like the US, UK, and Australia are
getting together to work on the ISO international standards for blockchain.]
b. Crypto-assets
i. Crypto-assets, which are now the preferred term for cryptocurrencies, were
created outside the boundaries of traditional regulatory frameworks. While many
crypto-assets may not meet the definition of financial instruments, some of them
function in a similar way.
ii. In the past, different approaches have been adopted by regulators around the
world, where in some countries, they are outright banned, somewhat restrictive,
regulated or permitted within a specific regulatory framework.
iii. This year, crypto-assets and ICOs will become more strictly regulated in a
number of countries. Regulators are forced or inspired to take a more pro-active
role in shaping cryptocurrency markets.
3. C: Cybersecurity (1)
a. All regulators know that "great technologies come with great risks." Countering cyber
risk has been highlighted as the European Parliament's "number one priority."
b. As more FIs rely on "shadow infrastructure" — cloud computing, data analytics, AI —
maintained by outsourcing service providers  operational and contagion risks are
multiplying. The Financial Stability Board even warned that the next financial crisis may
result from institutions being "too connected" by shared technologies, software use and
common vendors.
c. Regulators will likely strictly enforce cybersecurity and outsourcing rules but will need to
balance this in a way which does not impede innovation.
4. D: Data (1)
a. Data privacy
i. Data is valuable but dangerous. Data is the oil fueling the digital economy.
ii. Regulators around the world are imposing or reviewing data privacy regulations.
In Thailand, the draft personal data protection law has recently been approved by
the Cabinet and is expected to be issued this year.
iii. In addition to local laws, business operators sometimes need to comply with
other laws:
1. the EU's General Data Protection Regulations (GDPR) applies to any
organization, regardless of geographic location, that controls or processes
the data of an EU resident.
2. GDPR will have significant impact on FinTechs in areas such as
customer consent, transparency of data arrangements, accountability,
data breaches and more.
b. Open banking
i. PSD2 is built on the concept of open banking and data portability.
ii. PSD2 allows other PSPs connectivity to access customer account data and
initiate payments.

4. iii. While PSD2 is a European initiative, it provides an example for other markets
such as China and the United States that are taking gradual steps toward open
banking.
5. Support for FinTech (15 sec)
a. There will likely continue to be government or regulator support for FinTech through the
use of sandboxes, easing of existing rules, and tax incentives.
c. The UK's FCA even announced the goal of a global regulatory sandbox for FinTech that
will promote multi-jurisdictional solution design, removing compliance problems when
FinTech innovators go global and may have to deal with hundreds of different
requirements and regimes.
6. Holistic approach (1 min)
a. Some countries may initiate holistic and systemic approach to regulate and support
FinTech.
b. The EU has announced the EC's FinTech Action Plan, which is a legislative proposal for
a new EU framework. Overall, the Commission's FinTech Action Plan takes a holistic
approach to understanding where the balance lies between supporting innovation and
competition, while still protecting customers and maintaining financial stability. One
example would be assessment of the applicability of current regulatory frameworks
across the EU for cryptocurrencies and initial coin offerings.
c. The draft FinTech Act of Thailand also takes a holistic approach to tackle a variety of
pain points experienced in the FinTech market such as the legal uncertainty of electronic
transactions, data access and e-KYC.
7. Cross-border (1 min)
a. We may continue to see regulatory divergence where different countries take different
approaches to regulate certain products and technologies such as in crypto-asset markets.
b. With uncoordinated responses by regulators, activities in this area may simply migrate
toward more lightly regulated jurisdictions in a "race to the bottom."
c. The rapid pace of innovation and its borderless nature calls for building an international
consensus.
d. Innovators interested in global mobility must have a clear understanding of not just their
local geography, but also how other countries are regulating FinTech offerings.
8. Rise of RegTech (1 min)
a. RegTech allows for automated channels to conform with regulatory requirements such as
reporting. It integrates compliance into the design of business processes both on a human
and technological level.
b. RegTech can help both business operators to efficiently comply with a number of
regulations as well as regulators to more effectively monitor and enforce regulations.
Food for thought (15 sec)
1. Regulation is not poison. Regulators are not always your enemies.
2. If you understand the policies and reasons behind the regulations, you will be able to
appropriately address the concerns of regulators.
3. So, constructively engage in conversations with regulators to find the best solution for your
business.