By Alex Vronces
Despite the parade claiming it’s a win for competition and innovation, the Retail Payment Activities Act will only be as good for these things as its administrator, the Bank of Canada, is.
Tabled as part of this government’s 2021 budget, the new legislation comes with requirements for fintechs that hold and move money. Fintechs will need to safeguard the funds of their customers. They’ll also need to deal with the range of operational risks that could materialize in the course of doing business, including system failures, human errors, or disruptions caused by external events. Once the regime is up and running, fintechs in payments will need to register with the Bank of Canada and demonstrate they do these things.
If you’re still wondering what these things mean, don’t worry — you’re not alone. The Retail Payment Activities Act offers little in the way of specifics. Specifics will show up in forthcoming regulations. But even then, when the regulations are drafted and hit the Canada Gazette, I suspect fintechs in payments will still be wondering how to earn their regulator’s stamp of approval.
Consider what Ron Morrow, advisor to the governor of the Bank of Canada, said of the new framework to the Senate’s standing committee on banking, trade and commerce in May: “It’s going to be principles-based.”
Principles-based frameworks are synonymous with discretion-based frameworks. Instead of pointing to a rigid, exacting rulebook that tells fintechs precisely what they need to do in each and every case, the Bank of Canada is supposed to be more involved, working closely with fintechs to interpret broad rules or principles to tell them how to comply.
Advocates of principles-based regulation think it’s more accommodating of innovation, since broad rules or principles give regulators the leeway to bless unconventional business models. When a rule is rigid and specific, it bars anything deviant and novel from existing in the market, which deprives society of the experimentation essential to progress.
But the principles-based approach to regulation is like the golden rule, a millennia-old moral edict that says to treat others how you want to be treated. It’d be a fine rule if not for the fact that it’s only as fine as its practitioner. The golden rule delegates to its practitioner the utmost discretion. What if, for example, the practitioner is a masochist?
The risk with the Bank of Canada is not that it’s a masochist (as far as I can tell). The risk with the Bank of Canada is that it’s imbued with a culture of risk-aversion and technocratic authority that clashes with the culture of “permissionless innovation” that fintechs need to thrive in Canada.
According to Adam Thierer, a senior research fellow at George Mason University’s Mercatus Center, permissionless innovation is a derivative of the popular saying, “It’s easier to beg forgiveness than seek permission.” To steal more from Mr. Thierer’s latest book, permissionless innovation is the guiding principle for “evasive entrepreneurs” who use technology to get around outdated regulatory frameworks or who unabashedly flout the law.
The story of fintech is as much about permissionless innovation as it is about anything else.
Fintech is a portmanteau that combines finance and technology. If you have a broad definition of the word “technology,” then fintech is ancient. The millennia-old Sumerian abacus is an example of fintech. So are traditional financial institutions, such as banks. By the all-encompassing definition of technology, everything ranging from the computerization of banks’ back-offices to automated teller machines and clearinghouses is fintech innovation.
Of course, people are saying something else when they deploy the term “fintech” today. Since the Internet revolution, fintech has referred more to who is innovating than to what exactly the innovation is.
Increasingly, technology companies not regulated like financial institutions are doing what financial institutions do. They’re lending. They’re investing. They’re holding and moving money. They’re building apps that help people better manage their financial lives. They’re even issuing cards that let Canadians pay for things online and at the cash register. They’re doing what financial institutions do for certain market segments, but better: faster, cheaper, safer, easier, and the list goes on.
That’s despite not being regulated like financial institutions. That’s despite the barriers to entry, which are high for fintechs in Canada.
In Canada, fintechs can’t access national payment systems. Only federally regulated financial institutions can access national payment systems because they’re sufficiently regulated under creatively named legislation — banks under the Bank Act, insurance companies under the Insurance Companies Act, and trust and loan companies under the Trust and Loan Companies Act.
Despite the lack of explicit permission to do what federally regulated financial institutions do, fintechs in payments have gone ahead and found ways to do it anyway.
Some fintechs partner with banks or other technology companies that power their payment solutions from behind the scenes. Others create closed-loop payment systems, using their own books as a clearing and settlement system, rather than relying on clearinghouses or other legacy payment rails. Some fintechs are using blockchain technology and experimenting with cryptocurrency, circumventing not only financial-sector regulation, but our monetary system altogether.
But stories about permissionless innovation are always at risk of coming to an end. As unregulated innovations become ubiquitous, governments are prone to regulate them.
Isn’t that, after all, what’s happening in Canada?
“Given the rapid pace of innovation in the retail payments space, the federal government needs to put in place a new oversight framework to ensure the retail payments ecosystem evolves in such a way that payment services remain reliable and safe for end users,” reads the federal government’s last consultation paper on the subject.
When it comes to the Retail Payments Activities Act, a principles-based oversight framework is the way to go. Innovations in technology are changing how payments work. So are innovations in business models and governance. We don’t know where these innovations are taking us. In fact, we never do. That’s why only principles-based regulation can equip the Bank of Canada with the interpretative wiggle-room it needs to deal with a foggy future.
But wiggle-room doesn’t guarantee a principle of permissionless innovation. A precautionary principle can also permeate the wiggle-room the Bank of Canada has, flipping the popular saying on its head: “It’s better to seek permission than beg forgiveness.”
This risk is not contrived. The scope of the Retail Payment Activities Act is broad, including language that allows for the capture of digital currencies under the framework. What’s more, the Retail Payment Activities Act is going to require that fintechs notify the Bank of Canada before changing their business models or offering novel payment solutions.
You don’t need to be a techno-utopian libertarian to see that, principles-based or not, regulatory discretion can take us down a path to regulatory repression. Maybe the Bank of Canada will be too cautious, categorizing the more experimental fintechs as riskier. Maybe the Bank of Canada will compel the more experimental fintechs to adhere to stricter requirements, making it difficult for them to realize their value proposition.
This is not a trivial risk for an institution that concerns itself with monetary policy and the stability of the financial system more than anything else. If you frequent the payments ecosystem’s hallways, you’ve already heard the chatter: there is a concern that the Bank of Canada will regulate fintechs like they oversee Payments Canada’s clearing and settlement systems and Interac’s e-Transfer service — out of public sight, out of public mind, and inclined to be more attuned to what could go wrong than to what could go right.
Of course, the Bank of Canada already recognizes it will need to do things differently. As Rebecca Spence, a spokesperson for the Bank of Canada, recently told The Logic, regulating fintechs is “quite different from our current mandate.” Mr. Morrow also told the senate committee in May that fintechs in payments “will require a very different supervisory approach.”
Though institutions can change, reinventing oneself isn’t simple. There isn’t a switch Tiff Macklem can flip to change the character of the Bank of Canada, making it, at the margin, less risk-averse and technocratic. Institutions are sticky and their evolution path-dependent: what they were yesterday influences what they are today and what they will be tomorrow.
But there is a glimmer of hope. Under the Retail Payment Activities Act, the Bank of Canada will have a duty to “consider the efficiency of payment services and the interests of end users.” Part of that is considering the effects of their work on competition and innovation — or, by the Bank of Canada’s own admission decades ago, it ought to be.
If the Retail Payment Activities Act is only going to be as good for competition and innovation as its administrator is, then all fintechs can do is encourage the Bank of Canada to be just that.
One way is to remind the Bank of Canada of how fintechs got here: experimenting without permission, fast and with bold ambitions. So I’d advise the Bank of Canada to use its wiggle-room to err on the side of permissionless innovation in the face of business models or payment solutions it’s unsure of. The future of competition and innovation will depend on it.