The State Bank of Vietnam: Fintech poses a number of potential challenges and risks

“With the development of Fintech companies, the State Bank and a number of related organizations, like many regulatory agencies around the world, are facing new issues in State management”

That is the central point of the State Bank of Vietnam’s (SBV) evaluation of the presence and growth of financial technology (Fintech) operations in Vietnam in the past and present.

Many possible obstacles and risks have been raised, requiring the SBV’s role as the focal point for the development of a draft decree on a Fintech Regulatory Sandbox in the banking sector, which is currently nearing completion and will be released soon.

Many policy challenges

In the past, the world banking industry in general, and the Vietnamese banking industry in particular, have seen a strong application of new technologies associated with the Fourth Industrial Revolution’s achievements, such as cloud computing, big data analytics, sharing open data via application programming interface (open API), blockchain, artificial intelligence (AI), and so on, into business models, product and service provision, and ways for banks and credit institutions to approach and interact with clients in order to improve operational efficiency and customer experience, allowing customers to transact promptly, safely, and conveniently with appropriate services at reasonable costs.

Furthermore, the trend of Fintech development in Vietnam is evident in the fact that technology startups and non-bank organizations with technological strengths participate in activities in the banking-finance sector (Fintech companies) in the form of developing solutions to support banking activities without directly providing services to end-users or directly providing solutions and new services independently.

More precisely, over the last several years, a huge number of Fintech companies have emerged to participate in a variety of operations in the Vietnamese market.

According to the SBV, the number of companies operating or participating in the provision of Fintech services and solutions in Vietnam has increased rapidly from around 40 companies at the end of 2016 to around 200 companies now, with a wide range of activities including payment, peer-to-peer lending, credit scoring, personal financial management, etc., Payment account for a substantial number of them, with 47 intermediary payment service providers licensed by the State Bank, while peer-to-peer lending (P2P Lending) has about 100 companies, many of which are foreign-invested.

Many large domestic technology companies and enterprises, usually companies with technology strengths and large customer groups, such as FPT, Viettel, VNPT, Vingroup, and others, participate in the Fintech field, either directly through investment activities to form companies providing Fintech solutions, or indirectly through the establishment of investment funds, incubators to support Fintech startups, and so on.

According to the State Bank of Vietnam (SBV), the rapid development and expansion of Fintech’s scope has caused financial – monetary authorities in many countries to face difficulties and challenges in management and supervision, including anti-money laundering and counter-terrorist financing (AML/CFT), network security, user data protection, consumer and investor protection, and so forth.

With the emergence of Fintech companies supplying or participating in, cooperating in providing services and solutions in many different industries and fields, such as peer-to-peer lending (P2P Lending), payments, cross-border money transfers, personal financial management, data sharing via application programming interfaces (API), the State Bank and a number of related agencies, like many regulatory agencies around the world, are facing new challenges in state management.

Because most of the above Fintech companies’ fields of activity currently lack a comprehensive legal framework or specific legal regulations to govern them, they may pose risks and negative consequences in a variety of areas, including fair competition, financial stability, network security, and consumer rights protection.

Furthermore, the above-mentioned development trend of interlacing cooperation and competition poses a slew of policy and regulatory challenges for state management agencies in balancing innovation promotion, fair competition between traditional financial institutions and Fintech firms, and financial stability and consumer protection assurance.

For example, the SBV stated that some companies using the name “P2P Lending Model” take advantage of people’s lack of knowledge and understanding to cheat, advertise falsely, promise high profits and high interest rates to defraud people’s capital who invest in this lending model, or deceive borrowers about “low” interest rates and favorable loan terms while calculating and applying “exorbitantly high” real interest rates, significantly harming people’s lives.

Some agreements between parties in the P2P Lending model (P2P Lending companies and investors, P2P Lending companies and third parties, P2P Lending companies and borrowers…) lack clarity and transparency, as well as legal binding, and there is no mechanism for monitoring and post-checking the proper use and management of loans by borrowers, potentially leading to disputes and lawsuits.

At the regional and international level, many countries around the world have taken a proactive approach by establishing a Fintech Regulatory Sandbox in response to Fintech’s emergence as independent entities (such as Fintech startups) or as technology solutions applied and deployed in the provision of products and services by traditional financial institutions.

According to SBV, the Fintech Regulatory Sandbox is one of the most preferred policy tools and approaches adopted by many countries to accelerate innovation, enhance competitiveness, and efficiency in the banking-finance industry by allowing solutions to be tested with real transactions in a controlled environment that is limited in scope, scale, and testing time.

In order to reduce risks and their consequences, the solutions in the Regulatory Sandbox will be subjected to regular and ongoing supervision by banking-financial management agencies. Management and supervision agencies, as well as potential service providers, will use the information, data, and test results for products and services participating in this Regulatory Sandbox to evaluate the feasibility, benefits, and risks of the solution, thereby making the next appropriate decision and course of action.

“In view of the aforementioned trend and context, Vietnam must develop a regulatory framework in the form of a decree regulating Fintech activities as soon as possible in order to promote innovation, limit unfair competition, prevent illegal acts in the name of Fintech, and safeguard the interests of service users. At the same time, the process of operating this framework provides a practical basis for relevant state management agencies to amend and supplement current regulations, complete the legal framework, and issue management regulations in the future in the direction of facilitating and adapting Fintech activities in the banking sector,” the State Bank asked, adding that it is currently finalizing this draft decree.

And many potential risks

Looking back on both the approach and the research process, the SBV has consistently stated that Fintech is a new activity that poses potential risks to market participants such as traditional financial institutions, customers who use service users, and businesses that provide Fintech services and solutions.

Some types of possible risks to Fintech activities summarized at this time include: (i) Market abuse; (ii) Security and data breach; (iii) Liquidity and Credit risk (iv) Money Laundering and Financing of Terrorism (AML/CFT); (v) High intermediary fee; (vi) Lack of transparency; (vii) Illegal debt collection activities.

“Although the above risks have been recognized, they have not been reviewed and clarified in a thorough, comprehensive, and accurate manner. “Each solution may have a risk profile with varied levels and frequencies of dangers that cannot be observed and analyzed at this time,” according to the State Bank.

Accordingly, the draft decree designating the State Bank as the focal point for development outlines a number of risk management policies, including: (i)Regulations on the responsibilities of participating organizations in developing an adequate risk management framework that protects service users; (ii) Regulations on the responsibility for information and reporting of organizations participating in the Fintech Regulatory Sandbox; (iii) Regulations on the authority and responsibilities of state management agencies in the processes of receiving, appraising, and evaluating registration applications for testing and implementation; deciding on the issuance and revocation of test certificates and test completion certificates; inspecting and supervising the Fintech Regulatory Sandbox.

The above regulations are in place to ensure that regulatory agencies closely monitor the testing process and that firms participating in the Regulatory Sandbox take the utmost precautions to avoid and mitigate risks.

The State Bank, on the other hand, stated that it is impossible to regulate and totally eliminate risks that arise during the testing process, even with policies and measures in place.

The Core Fintech Regulatory Sandbox is intended to discover and assess the risks and advantages of any Fintech solution, as well as to maintain and control those risks (if any). As a result, testing organizations will be closely monitored, supervised, and evaluated by state management agencies during the testing process, allowing them to better control risks (if any), better protect customers’ interests, and avoid negative consequences when compared to large-scale, long-term deployment.

State management agencies can make judgments and assessments about the level of risk, its impact, and the probability of failure and success of test solutions based on the level of impact and influence of various categories of risks. The state management agency will use this information to determine the right plan of action, which may include terminating the trial, issuing a test completion certificate, or extending the trial for the testing organization.

As a result, the SBV proposed and completed the draft decree on the basis of studying best practices in Fintech operations management policies around the world as well as the actual situation of Fintech activities, with the goal of hedging risks within a controlled range without limiting and completely eliminating risks, thereby drawing effective management lessons and building a legal framework to promote innovation while still ensuring financial stability and consumer protection.