Implications of Data Privacy Regulations on Fintech in Asia
Vast quantities of quality, appropriately shared data is key to developing more efficient financial services that meets the needs of customers in the digital age. How can regulators ensure proper privacy while still ensuring that Fintech firms can access the information they need? A report from ASIFMA this week taps into the growing recognition that collaborative, homogenous regulation and data harmonisation across borders are essential for modern technologies to be properly utilised.
The ASIFMA report, Implications of Data Privacy for Financial Technology in Asia,argues that the fragmented patchwork of data rules across Asia threaten the development of new technologies and stunt the potential of Fintech. The multitude of potentially conflicting data privacy laws can create uncertainties, costs and complexity that particularly affect Fintech.
Mark Austen, CEO of ASIFMA said; “different interpretations of data privacy rules and definitions can create legal uncertainties which impact confidence to operate across markets, and data localization requirements present significant costs to new firms that keep them from expanding into new jurisdictions.”
As well as recommending that data privacy laws are focused on outcomes not processes, the report highlights the need for laws to be consistent with international best practices, and allow mechanisms for (authorised) cross-border data sharing.
Further to this, the Asia-Pacific Financial Forum, APFF, is currently preparing an APEC Roadmap for expanding the collection and sharing of data in this region – and have been looking at creating APEC privacy template legislation that are interoperable with the EU’s GDPR to ensure not only regional data flow but worldwide collaboration on data security.
The growing recognition for the need for collaboration and data harmonisation in relation to privacy is a good sign, however it merely scratches the surface of this need. Collaboration across borders is a vital element of many, perhaps most areas of regulation. Where regulatory data collection requirements across borders are significantly different, the cost and complexity of operating across borders is similarly impacted. It’s encouraging to hear industry push for consistency in the privacy field. Enhancing regulatory data consistency would be a good next step.