Show Me the (Data About the) Money!

Information about consumers, their money, and what they do with it is the lifeblood of the flourishing financial technology (“FinTech”) sector. Historically, highly regulated banks jealously protected this data. However, consumers themselves now share their data with businesses more than ever before. These businesses monetize and use the data for countless prospects, often without the consumers’ actual consent. Understanding the dimensions of this recent phenomenon, more and more consumer groups, scholars, and lawmakers have started advocating for consumers to have the ability to control their data as a modern imperative. This ability is tightly linked to the concept of open banking—an initiative that allows consumers to control and share their banking data with service providers as they see fit. But in the U.S., banks have threatened to block the servers of tech companies and data aggregators—business entities that serve as the middlemen connecting FinTech companies and banks, enabling consumers to get more financial services—from accessing their customers’ data even if the customers agree to it. With no regulation or accepted standards for the ethical gathering and use of data, banks argue that limiting access helps them protect their clients’ privacy, improve their accounts’ safety, and promote consumer protection principles. Banks claim that FinTech apps collect more data than needed, store it insecurely, and sell it to others. But the motivation of the big banks in advocating for such limitations may not be so pure. Banks do not want to relinquish competitive advantages, lose customers, or be held liable for data or fund losses. Witnessing resistance, tech companies are not sitting idly by waiting for banks to limit their data access. Instead, they are working on ways to outsmart banks’ blocking technology and use data aggregation services as a middleman. They also extended the fight into Washington, where regulators such as the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) are noticing how technology impacts consumer data flows and credit reporting issues. Advocating for consumers’ rights to control data, tech companies lobby for open banking

Financial Inclusion Gone Wrong: Securities and Cryptoassets Trading for Children

According to studies, money is a major source of anxiety for most Americans. In looking for ways to remedy the source of such anxiety, some believe that increasing children’s financial orientation could help lower their money-related anxiety levels as adults. Identifying this market as a business opportunity—and reassured by research that shows that by age six, children are already veteran consumers of mobile apps—financial technology (fintech), decentralized finance (DeFi), and even traditional financial entities have started offering services and products to children. These services and products include a broad array of financial-related products and services, from enabling children to earn money for doing their chores, to trading stocks and cryptoassets, and even to earning digital assets and currencies while playing video games. The potential of this new market’s clientele is valuable for two reasons. First, having more customers is always a good thing. Second, children will eventually mature into adult customers who presumably will continue using the services and products they like and are familiar with. And, although some legal challenges are associated with children—who are minors—entering financial-based online contracts, this business trend will continue to grow as it becomes socially acceptable to offer financial services to children. Society’s newly adopted paradigms for describing, understanding, and shaping children’s rights, domestic relationships, custodial status, and even digital purchasing power are all supportive of this trend. Moreover, fintech and DeFi apps and games can help teach children about the value of money, the importance of investing, and the risks involved in trading. Yet fintech and DeFi apps and games could also have a disruptive effect on children, both developmentally and behaviorally, similar to that of other consumed digital content. This disruptive effect should be a source of concern to anyone focused on investor and consumer protection, including regulatory agencies like the Securities Exchange Commission (SEC) and Financial Industry Regulatory Authority (FINRA), which have already expressed concerns over gamification and digital engagement practices. In light of “the financialization of everything,” this Article looks to both legal and ethical reasoning and behavioral economics tools to call for the search for effective financial literacy education for children to be replaced by a search for policies more conducive to good consumer and investor protection outcomes. These policies should guide lawmakers in regulating fintech and DeFi apps and games offered to children in light of the following considerations: (i) the addictiveness of digital gaming; (ii) how gamifying finance makes it feel less serious; (iii) the connection between gamification and gambling; (iv) how children’s financial choices are more susceptible to the influence of outside parties than are those of adults; (v) fintech and DeFi apps and games’ failure to teach children the importance of concepts such as debt, credit, and financial commitments; and (vi) the unrealistic burden on young parents, who are already struggling to constantly supervise their children’s online activities, to monitor their children’s online financial activities in our digital era

Too-Big-To-Fail 2.0? Digital Service Providers

The Article explains why addressing Too-Big-To-Fail 2.0 has not yet become a political and societal priority. First, digital service providers are technology companies, which, many believe, are shaped by market forces such that they fail and succeed in equal measure without producing negative ripple effects on the economy or society. Second, technology giants are not as carefully regulated as banks becauseunlike banks, they do not take insured deposits backed by the government. Third, even heavily regulated financial institutions have not been required until recently to focus on cybersecurity. Finally, some believe that there is no point in worrying about Too-Big-To-Fail 2.0 as it is difficult to prepare for theoretical unknowns. Despite these arguments, however, the Article contends that given the factors outlined in the Critical Service Provider list of criteria, such as size, business involvement in multiple industry sectors, and impact on technology, the economy, and cyber-social systems, Too-Big-To-Fail 2.0 is a valid concern. Recognizing this problem, the Article then calls for the design of a new systematic approach, resembling to a limited extent that of the Dodd-Frank Act, to understand which entities qualify as Critical Service Providers and why they should have enhanced risk management procedures. The Article proposes certain criteria to ground such an approach. Finally, the Article suggests that the companies designated as Critical Service Providers should be subject to some type of supervisory scrutiny, which would be the product of a collaborative private-public initiative and result in better risk management and internalizing

Regtech, Compliance and Technology Judgement Rule

This Article focuses on the rise of Financial Technology, which revolutionized consumer financial service products, and challenged policymakers with regulating the rapidly evolving financial industry. In particular, it explores Regulatory Technology, also known as RegTech, which is the finance industry’s use of technology, especially information technology, in the context of regulatory monitoring, reporting and compliance. RegTech is designed to solve industry needs for a more effective and efficient way to automate corporate governance and compliance processes. Not only has FinTech proven to be a vital revenue source, especially in connection with lending or money transmission services, but it also helps entities cut costs, promotes good corporate practice in compliance management and enhances desired regulatory compliance outcomes. In particular, RegTech does this by enabling businesses to: automate ordinary compliance tasks, reduce operational risks associated with compliance obligations, enable compliance functions to make informed risk choices based on data provided insight, and create cost-effectives solutions to problems. Those solutions ensure that companies are up to date with the latest regulatory changes, minimize the likelihood of human error, and increase the overall governance process. Additionally, RegTech can prove valuable especially in identity management, risk management, and security, including from a corporate governance perspective, such as in cyber whistleblower or Bug Bounty programs. Nevertheless, this article argues that RegTech is not a panacea for all corporate governance challenges. First, there are certain barriers to the adoption of RegTech. Second, RegTech alone cannot extirpate undesired and unethical business practices, or resolve ethical issues resulting from corporate culture. Moreover, technology can be used by businesses to evade regulations and frustrate regulators, a phenomenon referred to as anti-RegTech. Third, technology can hinder good judgment and human input in the governance and risk management decision processes, which operate based on opaque programmed reasoning that is often biased and reflects altered interpretations of the law. Fourth, given the high stakes, financial institutions must be careful when partnering with third party firms, and include regulators in the conversation before entering into such partnerships, especially given the increasing cyber risks. Lastly, many of the RegTech’s automation and efficiency gains have been offset by the costs of expanded regulatory requirements, such as the increasing number of information requests from regulators

Supersize Them? Large Banks, Taxpayers and the Subsidies that Lay Between

Abstract: In 2013, media reports sent shockwaves across financial markets by estimating that the value of the combined financial advantages and subsidies for the six biggest U.S. banks since the start of 2009 was at least $102 billion. Follow- up reports estimated that the profits of two of America’s largest banks would have been negative if not for implicit and explicit government subsidies. The most significant implicit subsidy stems from market perception that the government will not allow the biggest banks to fail—that they are “too-big-to-fail” (TBTF)—enabling them to borrow at lower interest rates. This article focuses on two main things. First, it explores the TBTF subsidies and their unintended consequences. Specifically, the article examines whether TBTF subsidies exist, and reviews the different estimates of the arguable subsidies. The article describes why it is difficult to measure the subsidies given the lack of any formal or transparent data, and discusses the perverse effects and incentives that result from the subsidies. Second, the article examines the various proposals that have been suggested to address the TBTF problem, and suggests a new user-fee framework that could be useful in addressing the issue and used together with other approaches. The article’s contributions are three-fold. First, it provides a theoretical framework for understanding how government subsidies have worked in the past. Second, the article applies that framework to demonstrate that the current body of work on the issue is incomplete because it under-theorizes the TBTF subsidies’ impact on the economy and politics. Finally, the analysis in this article usefully supplements the existing legal writing on regulation of banks. As a first step, the article explains the problems created by the subsidies, and suggests that policymakers and market participants should be more transparent about the subsidies, especially since taxpayers do not have standing to challenge such subsidies. As a second step, the article reviews the advantages and the shortcomings of the suggested solutions to the TBTF problem and suggests using user-fees to help minimize the impact of future financial, social and political crises

Regulating Culture: Improving Corporate Governance with Anti-Arbitration Provisions for Whistleblowers

A focus on corporate culture, especially at financial institutions, has emerged as a regulatory, public, and media priority in the aftermath of the 2008 financial crisis. With Dodd-Frank, Congress embraced whistleblower statutes as a key instrument to improve corporate culture and governance, and to extirpate undesired and unethical business practices. Despite the clear policy goals, Dodd- Frank’s unclear statutory text has created interpretative controversies. Although Dodd-Frank adds anti-arbitration provisions to preexisting whistleblower statutes, it does not include a dedicated, standalone anti-arbitration provision for Dodd-Frank’s new whistleblower cause of action. This Article argues that courts should not allow employers to use pre-dispute arbitration agreements to compel whistleblowers to arbitrate their Dodd-Frank claims. To make the case, we review policy concerns for whistleblower actions that favor public actions in public courts. We argue for a pragmatic interpretation of the statute that protects whistleblowers and the public’s right to know by exempting Dodd-Frank’s whistleblowers from arbitration. The Article draws on existing literature discussing the importance of developing case law through court decisions, enforcement and responsiveness to reputational risk, and public supervision of corporate governance issues

The Other Side of Health Care Reform: An Analysis of the Missed Opportunity regarding Infertility Treatments.

Recent studies show that one in eight American couples suffered from infertility. Infertility treatments are riddled with accessibility barriers including high costs, marital status, and sexual orientation. Despite President Obama’s promise of universal health care, his health care reform acts missed the opportunity to squarely address this widespread problem. In fact, the recent health care reform did not include any provisions specific to fertility. Despite this glaring oversight, this article argues that regulators interpreting the acts can still provide the desired relief. The minimum coverage requirements beginning in 2014 can be interpreted to include fertility care if infertility is treated as a recognized medical condition (as it should be). Despite various potential ideological objections, mandating coverage for infertility treatment will advance four highly desired policies: (i) the promotion of gender equality; (ii) the promotion of a desired health related policy; (iii) the promotion of social justice; and (iv) the promotion of a desired medical related policy

On Social Credit and the Right To Be Unnetworked

Tell me who your friends are and I will tell you who you are. This ancient social philosophy is at the heart of a new financial technology system—social credit. In recent years, loosely regulated marketplace lenders have increasingly developed methods to rank individuals, including those traditionally considered unscored or credit-less. Specifically, some lenders build their score-generating algorithms around behavioral data gleaned from social media and social networking information, including the quantity and quality of social media presence, the identity and features of the applicant’s contacts, the applicant’s online social ties and interactions, the applicant’s contacts’ financial standing, the applicant’s personality attributes as extracted from her online footprints, and more. This Article studies the potential consequences of social credit systems predicated on a simple transaction: authorized use of highly personal information in return for better interest rates. Following a detailed description of emerging social credit systems, the Article analyzes the inclination of rational and irrational customers to be socially active online and/or disclose all their online social-related information for financial ranking purposes. This examination includes, inter alia, consumers’ preferences as well as mistakes, gamesmanship, and consumers’ self-doxing or lack thereof. The Article then moves to discuss policy challenges triggered by social-based financial ranking that may become the new creditworthiness baseline criteria. It focuses on (i) direct privacy harms to loan seekers, and derivative privacy harm to loan seekers’ online contacts or followers, (ii) online social segregation potentially mirrored by offline social polarization, and (iii) due process violations derived from algorithmic decision-making and unsupervised machine learning. The Article concludes by making a significant normative contribution, introducing a limited “right to be unnetworked,” to accommodate the welcomed aspects of social credit systems while mitigating many of their undesired consequences

Regtech, Compliance and Technology Judgement Rule

This Article focuses on the rise of Financial Technology, which revolutionized consumer financial service products, and challenged policymakers with regulating the rapidly evolving financial industry. In particular, it explores Regulatory Technology, also known as RegTech, which is the finance industry’s use of technology, especially information technology, in the context of regulatory monitoring, reporting and compliance. RegTech is designed to solve industry needs for a more effective and efficient way to automate corporate governance and compliance processes. Not only has FinTech proven to be a vital revenue source, especially in connection with lending or money transmission services, but it also helps entities cut costs, promotes good corporate practice in compliance management and enhances desired regulatory compliance outcomes. In particular, RegTech does this by enabling businesses to: automate ordinary compliance tasks, reduce operational risks associated with compliance obligations, enable compliance functions to make informed risk choices based on data provided insight, and create cost-effectives solutions to problems. Those solutions ensure that companies are up to date with the latest regulatory changes, minimize the likelihood of human error, and increase the overall governance process. Additionally, RegTech can prove valuable especially in identity management, risk management, and security, including from a corporate governance perspective, such as in cyber whistleblower or Bug Bounty programs. Nevertheless, this article argues that RegTech is not a panacea for all corporate governance challenges. First, there are certain barriers to the adoption of RegTech. Second, RegTech alone cannot extirpate undesired and unethical business practices, or resolve ethical issues resulting from corporate culture. Moreover, technology can be used by businesses to evade regulations and frustrate regulators, a phenomenon referred to as anti-RegTech. Third, technology can hinder good judgment and human input in the governance and risk management decision processes, which operate based on opaque programmed reasoning that is often biased and reflects altered interpretations of the law. Fourth, given the high stakes, financial institutions must be careful when partnering with third party firms, and include regulators in the conversation before entering into such partnerships, especially given the increasing cyber risks. Lastly, many of the RegTech’s automation and efficiency gains have been offset by the costs of expanded regulatory requirements, such as the increasing number of information requests from regulators