Primer on Designing Optimal Regulation
By Beni Chugh & Nishanth K, Dvara Research
This post is part of our blog series on the Conference on Designing Regulations for a Rapidly Evolving Financial System hosted by Dvara Research (formerly known as IFMR Finance Foundation).
In the previous blog posts, we discussed what we mean by Modularisation of financial services, and we looked at the strategic evolution of business models in order to efficiently deliver financial services to benefit consumers in a modular world. However, it is necessary to balance this promise of efficiency in a modular financial system with the potential risks that could manifest. In this blog post, we explore the potential concerns for consumer protection regulation that have emerged directly or indirectly as a result of Modularisation. The unbundling of the processes associated with the manufacturing and distribution of financial products may amplify existing consumer risks as well as create new risks and harms to the consumer. In India, the typology of consumer harms in financial sector is informed by the Financial Sector Legislative Reforms Commission[1]. The understanding of harms is founded on the premise that a consumer has some rights and that the infringement of these rights has a negative consequence for the consumer, which we understand as ‘harm’. FSLRC identifies the following consumer harms:
- Unfair conduct
- Unfair contracting terms
- Inadequate disclosure
- Inadequate redress
- Unsuitable advice
The challenge facing regulators and policy makers today is to anticipate and guard against new kinds of consumer harms that could be caused by Modularisation, while also ensuring that existing harms from traditional models are not amplified and are brought under control. In particular, the use of digital technology for delivery of financial services which catalyses the trends of disintermediation in financial services, creates new harms for the consumer. Below, we elucidate these specific harms:.
- Harms due to technology failures: Given the amount of data collected, stored and transmitted digitally in the payments process, there is an increasing threat of security failures which may result in financial or data loss. The absence of hardware checks for mobile phone handsets or universal regulations limiting pre-installed applications on mobile phones opens up the possibility for phones manufactured in other countries becoming hotspots for data theft and spyware.
- Harms due to inadequate redressal: Modularisation increases the number of firms involved in a financial transaction. A modular financial system with several players working together to provide financial products and services would mean that there exists a variety of different consumer touch points for the delivery of the product. It would also be the case that several institutions would play a role in the design and delivery of the product. This would create an ambiguous environment for the consumer to identify which institution he or she must approach for redressal[2].
- Harms due to Obsolescence: With this rapid pace of innovation comes the threat of obsolescence—both of hardware and software technologies—that users require to access services. Obsolescence may create a barrier to service delivery by excluding certain consumers from access. It could also disrupt service delivery to existing customers from incompatibilities that arise following technology upgrades. This creates additional costs for the consumer.
By harvesting data where traditional data is absent, the new ‘modular’ businesses are being able to tap market segments that were previously untapped or underserved. In order to fully understand the implications of data driven models for consumers, it is important to understand the working of these data-based businesses. One particular case indicates how data driven models could harm consumers. In 2015, a study pointed out that the price of The Princeton Review’s Online SAT programs differed according to the ethnicity of the consumer[3]. Asians were being systematically charged twice that of the American consumers, and the customer profiling was based on zip-codes. This presents a new harm of discrimination, raising important public policy concerns. While discrimination is a consequence of the algorithmic ability of businesses to efficiently segment populations, the sheer handling of large sizes of personally identifiable information itself, could be a source of harm. We classify these harms as follows:
- Harms from Market Exclusion: Though alternative data today is enabling financial inclusion where traditional data does not exist, the unanticipated aggregation of person’s data from multiple sources to draw adverse conclusions about the individual poses a real harm. For instance the possibility of financial exclusion due to new data practices can lead to market “segmentation” or “customisation”. This could systematically prefer one segment and unfairly discriminate against the other.
- Harm to individual liberty: Even when the access to big data is authorised, personal and sensitive information like geolocation or political affiliation could be used to the detriment of the individual. This is especially plausible in jurisdictions where data processing laws are not transparent enough or the rule of law is not strong enough.
- Harms due to untested design of algorithms: Decisions based on untested algorithms could well be inaccurate or unfair. Algorithms typically work like black boxes and often result in unknowable conclusions which may lead to bad outcomes for consumers of businesses using such algorithms.
- Privacy Harms: At the level of the individual, the interconnectedness of data sets increases the risk of unauthorised use of personal information like biometrics.
- Harms due to the ability to differentiate: The extreme efficiency of big data to differentiate among individuals can jeopardise important social benefits. For instance the ability to distinguish between individuals based on their susceptibility to health issues and systematically excluding them from insurance products could attack the foundation of risk-pooling itself. This will leave the most vulnerable individuals out of insurance markets, an outcome that societies do not desire.
- Harms due to constant surveillance: Constant surveillance is known to reduce the ability of humans to engage in independent, creative and innovative thoughts.
- Harms due to permeable group privacy: Though some people in a group may seek to maintain their privacy, their privacy could still be breached because individuals similar to them have revealed their preferences. The ability of big data to analyse and infer can lead to weaker privacy for even those individuals who value it more than the rest.
A better understanding of these harms is necessary for us to better inform policy and regulation for consumer protection. While the potential benefits of Modularisation in financial services to the consumer and emerging businesses are widely acknowledged, it is quintessential to balance them against the risks posed to the consumer. In the next post, we shall look at concerns that Modularisation raises for prudential regulation.
—
[1] MoF (2013), “Financial Sector Legislative Reforms Committee (FSLRC) Report”, Ministry of Finance
[2] Modularisation further bolsters the argument for the creation of a cross-sectoral Financial Redress Agency as an exponential growth in complaints is likely to be happen. This agency should be able to overcome inter-regulatory challenges and regulatory blind-spots in harmonising consumer protection rules and rights along with the legal capabilities to enforce punitive sanctions on market participants.
[3] Vafa K, Haigh C, Leung A, Yonack N. Price Discrimination in The Princeton Review’s Online SAT Tutoring Service. Technology Science. 2015090102. September 1, 2015. (https://techscience.org/a/2015090102)