导读
国际清算银行一直在密切关注大型科技公司及其在金融领域的发展。数据是数字经济的中心,各大科技巨头可以通过现有用户数据,克服金融服务的规模限制,打造“数据-网络-活动”(DNA)循环。其次,这些公司从各业务线高效地收集不同类型的数据并整合,以开发或改进服务模式,并率先利用人工智能进行数据管理和分析。
科技巨头可以改善金融服务、提高金融市场效率和增强金融包容性,同时可能会引发行业的快速变化并带来挑战。数据效率和隐私之间需要得到权衡;科技巨头威胁了竞争秩序,能够在细分市场建立主导地位,直接影响市场竞争和消费者福利。
中央银行和金融监管机构也要考量一系列的金融稳定因素。科技巨头公司有着潜在的系统重要性,这些公司固有的实质性相互依赖性也会带来风险。然而,现有的行业法规不是针对科技公司设计的,不适用于可能的溢出效应或其潜在的系统相关性。
国际清算银行一直主张直接监管大型高科技公司,思考如何补充现有的行业法规,让政府能够解决科技巨头公司的监管及其带来的金融系统性风险。
国际清算银行提出了三种方法,可以作为新监管框架的基础。第一,禁止科技巨头从事受监管的金融活动。这种方法从根本上缓解了对金融稳定的担忧,但金融领域的大型科技服务的优势也将削弱。第二,将科技公司的金融服务集中在一家金融控股公司的旗下。这个金融机构必须独立,以减轻非金融活动对金融活动的潜在影响。但这也会妨碍协同效应和规模经济的发展。第三,这些科技巨头需要遵守对管理、业务、运营弹性以及财务稳健性的要求。这种方法适合现有的商业模式。无论选择哪种方法,实施针对这些公司的监管框架都将充满挑战。
作者丨奥古斯丁·卡斯滕斯(国际清算银行总裁)
Big techs in finance: forging a new regulatory path
Bigtechs and data
Agustín Carstens, General Manager of the Bank for International Settlements
February 8, 2023
We at the BIS have been closely following large technology firms (bigtechs) and their advances into finance1. Bigtechs’ reach extends across a wide range of industries, with existing core businesses grounded in e-commerce and social media, among others. From this base, they have expanded into finance.
To understand how bigtechs can easily make forays into finance, one must grasp the key role of data. Indeed, bigtechs have fully embraced the centrality of data in the digital economy. This is what distinguishes them from other firms. It also shapes their unique characteristics. Let me mention those that are particularly relevant for policymakers.
First, bigtechs can overcome limits to scale in financial services provision by using user data from their existing businesses. Their business model revolves around users’ direct interactions and the data generated as a by-product of these interactions.
They use that data to offer a range of services that exploit the inherent network effects in digital services, a phenomenon where more users attract ever more users. In this way, bigtechs can establish a substantial presence in financial services very quickly through what we call the ‘data-network-activities’ (DNA) loop.
Second, bigtechs collect different types of data from the various business lines they straddle2. They are uniquely positioned to combine that data to uncover patterns and insights that can help them improve their services or offer new ones3.
This combination of different types of data across sectors carries efficiency gains and is key to bigtechs’ provision of digital services.
Third, bigtechs are unrivalled experts in data management and analysis. They devote significant resources to developing or acquiring state-of-the-art technologies. After all, access to large troves of data generates value only if you also have the technological capabilities to analyse it and monetise it.
Bigtechs have been pioneers in leveraging artificial intelligence techniques for this purpose4. To be sure, these capabilities have high fixed costs, but once that is overcome the marginal cost of handling more data is negligible.
Therefore, bigtechs benefit from significant economies of scale in their use of data. For other firms, reaping the benefits of such economies of scale is a tall order.
Data management is thus at the core of bigtech activities, and the financial sector is all about managing information. Coupled with bigtechs’ relentless drive to expand, their growing and already substantial footprint in financial services should come as no surprise.
Moreover, the trend towards greater digitalisation, which the COVID-19 pandemic has accelerated, has allowed bigtechs to fortify their market positions even further.
Public policy challenges
Given their size and customer reach, bigtechs’ entry into finance could trigger rapid change in the industry, generating both opportunities and challenges. The potential benefits of bigtechs’ entry into finance include improved customer outcomes, increased financial market efficiency and enhanced financial inclusion.
For example, BIS research has shown that access to innovative (QR code-based) payment methods provided by bigtechs helps micro firms build up credit history, and the use of bigtech credit can ease access to bank credit5. And there are many more examples.
But it’s not all roses in the garden. The economic features that make bigtechs powerful in lowering costs and supporting financial inclusion also create new challenges for policymakers6.
First, data governance. Bigtechs have large amounts of personal data, and their use comes with a trade-off between data efficiency and privacy. While detailed data may help align products on offer with consumer preferences and lower costs, there are risks to consumers, especially when sensitive data are shared.
Moreover, bigtechs can engage in price discrimination, making consumers worse off7. Restricting the use of data may help, but could have costs for allocative efficiency8.
Second, competition is at threat in the presence of bigtechs. While bigtechs can initially bring greater competition, network effects allow them to quickly build positions of dominance in specific market segments, for example by increasing user switching costs or raising barriers to entry. And the resulting concentration dynamics have a direct effect on market contestability and consumer welfare. Thus, new entry may not increase market contestability. Moreover, in the case of network industries market failures and externalities may arise.
Last, but certainly not least, there are important financial stability considerations which fall squarely within the mandates of central banks and financial regulators. Let me elaborate on specific concerns around the financial stability risks arising from bigtechs in finance.
One concern centres on bigtechs’ potential systemic importance. Financial services currently represent a relatively small part of bigtechs’ overall activities, but this can change rapidly through the DNA loop. They may quickly become ‘too big to fail’.
This gives rise to concerns about the emergence of dominant firms with excessive concentration of market power and a possibly systemic footprint in the financial system.
A second concern is emerging around the risks from substantive interdependencies inherent in bigtech activities9. These arise between bigtech entities because they share data and provide relevant services to each other. They also share technological platforms and applications and use a common payment infrastructure10.
Meanwhile, interdependencies with outside parties arise from joint ventures with financial institutions in providing financial services. These partnerships can entail an opaque distribution of responsibilities that diffuses accountability and hinders adequate oversight. They also have the potential to intensify operational, reputational and consumer protection risks as well as moral hazard issues.
Then there is a third concern around the role of bigtechs as providers of critical services. Financial institutions have come to heavily depend on bigtech technology services, and this is exacerbated by bigtechs’ tendency towards market concentration.
While these services bring many advantages, the widespread dependency on them is forming single points of failure, and hence creating new forms of systemic risk at the technology services level. This type of risk is particularly evident in the market for cloud computing, which is highly concentrated and now dominated by a handful of bigtechs11.
As a consequence, disruptions in the operations of one bigtech could have a substantial impact on the financial system12. In other words, greater operational risks can translate into greater financial stability risks, especially when critical services are highly concentrated.
The concerns I have just discussed are aggravated by shortcomings in the current regulatory approach, which is not fully fit for purpose to deal with the unique set of challenges arising from bigtechs’ entry into financial services.
The current regulatory approach and its shortcomings
Most financial activities in which bigtechs engage are governed by sectoral regulations. And the existing ones can at best partially address the risks I outlined earlier.
These regulations are grounded on the main supervisory concerns in each sector, be they the protection of depositors, policyholders or investors. They were not designed with bigtechs in mind and therefore are not geared towards possible spillover effects across all the activities bigtechs perform, or their potential systemic relevance.
And yet they determine the applicable regulatory treatment for bigtechs’ financial activities, the width of the regulatory perimeter and the reach of supervisory oversight.
Importantly, such regulations tend to follow an activity-based approach, where providers must hold licences for specific business lines13. Activity-based regulation constrains an activity on a standalone basis by imposing restrictions on how it can be performed.
It does not vary according to the type of entity that performs the activity. It also does not consider possible spillover effects from other activities performed by the same entity14.
In contrast, entity-based regulation constrains a combination of activities at the entity level by imposing restrictions on an entity’s characteristics that affect the likelihood and repercussions of its failure. Such combinations of activities affect an entity’s resilience.
The financial stability risks of such combinations cannot be addressed by constraining individual activities, without any controls on the critical interactions across bigtech entities and their activities. In short, a purely activity-based framework for regulation is ill suited to address the policy challenges bigtechs pose.
Forging a new regulatory path
Without a doubt, a regulatory re-think is warranted, and we need a new path to follow. One that considers the key role of data in bigtechs’ DNA-based business model. One that strikes the right balance between benefits and risks.
We at the BIS have argued for some time now that we have to go one step further and regulate bigtechs directly15. More concretely, we need to consider how best to complement existing activity-based rules under sectoral regulations with group-wide entity-based requirements that would allow authorities to address financial stability risks emerging from the interactions between the different financial and commercial activities that bigtechs perform16.
It is high time to move from theory to practice and consider tangible options for regulatory actions. Now let me attempt to put forward a blueprint for thinking about what such options could look like.
Recent BIS publications have identified three regulatory approaches that could serve as a basis for a new regulatory framework for bigtechs in finance17.
First, the restriction approach would prohibit bigtechs from engaging in regulated financial activities. It follows the logic inherent in the traditional separation of commerce and banking that prevails in many jurisdictions.
This approach radically alleviates financial stability concerns as bigtechs would be left only with their non-financial business lines. Yet it would deprive them from using big data to solve asymmetric information problems, for example assigning credit scores to small and opaque firms that do not have collateral18. It would therefore remove the numerous benefits that bigtech services in finance have brought.
Second, the segregation approach would require a bigtech’s financial services to be grouped together under the umbrella of a financial holding company. This financial subgroup would have to meet prudential and other requirements. And it would be ring-fenced to mitigate the potential for contagion effects from non-financial to financial activities.
This could be achieved by banning the use of common group-wide technological platforms and any form of data-sharing between the financial and non-financial parts of the bigtech group.
This approach is conceptually simple, increases the transparency of a bigtech’s organisational structure and facilitates oversight. Yet it would prevent bigtechs from realising synergies and economies of scale, and from generating insights from data generated across sectors.
It would therefore come with some of the shortcomings of the restriction approach. In all likelihood, this would lead – at least some – bigtechs to exit financial services altogether.
Third, the inclusion approach would make bigtechs with significant financial activities subject to group-wide requirements on governance, conduct of business, operational resilience and, only when appropriate, financial soundness.
This is because most bigtech risks are not strictly related to their financial soundness but their data-driven business model. Requirements would be levied on the group as a whole, including the bigtech parent.
This approach is tailored to existing business models. It acknowledges the fundamental role of data within bigtech groups and their tendency to use them to achieve dominant market positions.
As such, it would not prevent bigtechs from making efficient use of data collected from different activities, like the previous two approaches, as long as they observe sound data governance principles and effective pro-competition rules on a group-wide basis.
However, the inclusion approach is more complex than the segregation approach, as it requires effective monitoring of global groups that conduct a large variety of activities.
The segregation and inclusion approaches are to some extent mutually compatible, and in practice a combination of both may be desirable. Such a holistic approach could combine a prudential sub-consolidation of the financial part of a bigtech group (as under the segregation approach) with group-wide requirements on governance, conduct of business and operational resilience (as under the inclusion approach). Importantly, it would avoid efficiency losses in the use of data that (too) tight ring-fencing measures could cause.
Regardless of the approach chosen, the implementation of any comprehensive entity-based regulatory framework for bigtechs is beset with challenges and raises a host of practical questions.
One is how to ensure effective cooperation and information-sharing between financial, data and competition authorities at the local and crossborder level.
Another is whether any one authority has the expertise required to serve as lead supervisor for global groups that engage in a wide set of data-driven financial and non-financial activities.
Yet another is about enforcement and extraterritoriality, especially when bigtech services are performed by entities incorporated in foreign jurisdictions. This, together with unavoidable political considerations, may also explain why progress towards a new framework has been slow19.
And, I’m afraid to say, as we are working on devising an adequate policy response to bigtechs, challenges will continue to emerge. Innovation never rests, as recent advancements in artificial intelligence and the emergence of quantum computing make clear. But I am confident that the international community will find ways to address current and coming challenges.
ConclusionTo support the search for answers, a thorough international policy debate is essential. After all, international standards are the only way to shape a consistent policy response. As the saying goes, policymaking is poetry, implementation prose. But before we can even think of implementation, we need to consider the right policies.
编译:黄津怡
本制:董熙君
来源|BIS
版面编辑|邸馨逸
责任编辑|李锦璇、蒋旭
总监制|朱霜霜
近期热文
- 海外之声丨IMF副总裁:数字化助推亚洲生产力发展
- 海外之声丨IMF研究部主任:全球经济仍将进一步放缓
- 海外之声丨IMF副总裁李波:全球监管机构需迅速行动遏制加密货币风险扩散
- 海外之声丨IMF总裁:今年中国GDP增速将达到5.2%
- 海外之声丨国际清算银行总经理:迎接新兴市场央行的新时代