Big Tech could face more activity-based regulation under EU financial laws

07 February 2022 17:14


EU financial services laws could inch towards an approach based on regulating activities rather than entities, as watchdogs today proposed wide-ranging new measures to capture the incursion into payments, lending and insurance of digital giants like Meta, Google and Uber.

The advice published today by the European Supervisory Authorities responsible for banks, insurers and securities markets doesn’t fundamentally change an approach that seeks to regulate financial entities. But it could mean supervision also covers Big Tech companies that offer financial services on the side.

Part of the proposed reform is just tweaking dated rules written for a world where financial advice would be provided soberly on paper, rather than via increasingly sophisticated trading apps that reward stock purchases with game-like confetti and flashing lights.

But it is also likely to mean extra rules for big groups that combine financial and non-financial activities in ways that likely fall through the cracks of existing law because they don’t meet the threshold for specific supervision.

Regulatory millstone

EU financial laws typically focus on holding big institutions like banks or insurers liable for misselling or reckless behavior. Those that meet the bar face regulatory controls in every area, from the capital they must hold against risk to who they can appoint to their board.

In 2019, advisors to the European Commission noted that approach could lead to unfair competition from Big Tech players, which can end up offering similar financial services without being tied to a regulatory millstone.

Regulators now want to correct that. For the biggest mixed-activity groups, the EU's executive arm “could consider a supplementary supervisory framework addressing the group in its entirety, not only the entities providing financial services, and take account of interdependencies by both financial and non-financial group entities,” the report today said.

That would include rules to ensure tech giants are well-governed, report on risks and have enough provisions to pay their way — all of which would be triggered when the company passes a set threshold of financial-service activity.

There would also likely be rules governing how financial products are marketed, and how complaints are dealt with. This could apply, for example, when ride-sharing companies offer a payment service, or when holidaymakers are sold travel insurance as an add-on.

That’s something financial regulators care about deeply given the potential for misselling in markets like insurance or securities, and seems likely to extend existing proposals under the Digital Services Act requiring major online platforms to have dispute settlement procedures.


A new regulatory framework won’t happen overnight. Technically, and confusingly, the supervisory authorities today requested that the commission ask them to consider the merits of a new law.

The commission first made a similar request to look at the specific area of cryptocurrency regulation back in 2017. Over four years later, lawmakers are still considering the resulting legal changes. By the time anything is actually in place, digital and financial markets will likely have transformed once again.

Even if it's far in the future, the augurs aren’t great for the digital sector.

EU legislation on digital operational resilience in the financial sector, or DORA, sought to limit the financial risk of financial institutions who outsource data to the same clutch of cloud computing firms. That proposal, not yet finalized, saw a clash of regulatory cultures, widespread industry complaints of duplicate reporting, and requirements to locate business in Europe.

Yet now it appears DORA was just EU regulators dipping their toe in the water, as today’s report notes many further risks that could arise from financial institutions outsourcing digital services.

There is still much more to come.

Related Articles

No results found