Staying the course through stormy weather: confidence to support innovation

Ladies and gentlemen,

First of all, I would like to start by thanking the France Fintech Association and its President Alain Clot for inviting me to participate again in this major event for the French fintech ecosystem.

The current environment is clearly less conducive to fundraising for start-ups. This turbulence in the fintech ecosystem reflects the recent deterioration in the economic and financial environment. Indeed, the euro area economy has been affected by an unprecedented series of shocks. These shocks, associated in particular with Russia's unjustifiable war in Ukraine and the lockdown in China, have resulted in a slowdown in growth and an acceleration in inflation. 

However, in France, this phenomenon, known as "slow-flation", has not yet turned into "stagflation", or a recession. According to our most recent projections, economic activity in our country should grow at a moderate rate in 2023, before recovering in 2024 and 2025. In other words, the central scenario of our projection is that the French economy will gradually recover from inflation without falling into recession, even though the economic slowdown will be marked. Although times are gloomy, there is every reason to remain confident about the medium-term outlook. 

And I would like to tell you this morning that trust is built day by day, on the one hand by consolidating the foundations to strengthen the resilience of the ecosystem, and on the other hand by anticipating the future to develop an efficient and innovative financial sector based on sound fundamentals.

I/ Consolidating the foundations means preparing as well as possible for the many operational risks that fintechs face, and which will be subject to more stringent regulation in the near future.

1/ Cyber risk is a good example of such risks, and of the need to be prepared. The European financial sector is increasingly being targeted by cyber-attacks, and cyber risk has become the greatest operational risk for financial companies. In this context, the European Digital Operational Resilience Act (DORA - published in December 2022) aims to strengthen the resilience of the sector; it will apply to all financial entities as from January 2025. In addition to the current requirements for good governance of the information system, institutions will have to carry out regular operational resilience tests and report major incidents. 

Despite many new elements, DORA reinforces a principle that is as old as it is fundamental: financial institutions remain responsible for their risks. They therefore need to remain in control of the entire subcontracting chain, regularly audit their IT service providers, and establish exit strategies.

The adaptation period for DORA is short, so we need to work together to prepare ourselves. For institutions, this means reviewing all existing service contracts, renegotiating some of them, and undertaking as quickly as possible the work required to produce the new reports, in order to finalise compliance with DORA before January 2025. For its part, the ACPR will continue to interact with the financial community in order to identify any operational difficulties that may arise. In this respect, I would encourage you to take part in the new public consultation on the DORA implementing texts, which is due to be held before the end of the year.

2/ As regards digital assets, the gradual entry into force between December 2023 and December 2024 of the Markets in Crypto-Assets Regulation (MiCA) will naturally steer the necessary consolidation work. My main message here is that we need to anticipate the entry into force of MiCA.

For players planning to issue stablecoins, anticipating means contacting the ACPR, and I invite them to do so now. You can apply for Electronic Money Institution (EMI) status, which will allow you to start issuing digital assets as soon as MiCA comes into force, within a secure framework. This is especially important as there will be no transitional phase here: as of 30 June 2024, the provisions of the regulation relating to token issuance will apply immediately.

Second, to current crypto-asset service providers (CASPs) and to those planning to provide such services in the future, I say that it is time to apply for authorisation. This would enable most of the MiCA provisions to be met in advance. Above all, in a context recently affected by increased bankruptcies, this is the best way to restore consumer and investor confidence.

3/ Also with regard to crypto-assets, we need to consolidate measures to combat money laundering and the financing of terrorism (AML/CFT), particularly in view of the entry into force of the European Transfer of Funds Regulation (TFR), which will take effect at the same time as MiCA. The traceability of funds and transactions enabled by blockchain technology is compromised by the ease with which new addresses can be created - sometimes without identity checks or verification of the origin of the funds deposited - and by various concealment techniques.

Innovation could play a positive role here. Digital identity solutions, based on advances in cryptographic proof techniques, could facilitate the direct implementation of "know your customer" (KYC) obligations on the blockchain. They could thus make it possible to reconcile the identification of individuals involved in blockchain transactions, for AML/CFT purposes, with privacy protection requirements.

II/ As we can see from this last example, while it is necessary to strengthen operational resilience, this in no way prevents you, fintechs, from designing tomorrow's business models and technological solutions.

A/ In this area and others, the Banque de France and the ACPR stand alongside the fintech ecosystem, first and foremost by contributing to the development of a regulatory framework that fosters innovation while protecting consumers. A good example of this approach is "open finance".

The Financial Data Access (FIDA) proposal, published by the European Commission on 28 June, aims to facilitate access to financial data. This is clearly an opportunity for fintechs to deploy their creativity and agility, in order to offer consumers innovative financial services within a secure framework.

One initial reason for the Banque de France and the ACPR to be satisfied is that lessons have been learned from the mixed results of the implementation of the open banking policy set out in PSD2. Indeed the key aspect of the proposal are the data sharing schemes, which data holders and users will have to develop together, and to which they will then be obliged to adhere. The system seems fair, with, on the one hand, the principle of paying for the use of data - which should encourage the players to work together in a concerted manner - and, on the other, the guarantee that the amounts will be limited and regulated.

At the same time, FIDA establishes a protective framework for customers, which responds to a key concern of the ACPR. Consumers will thus be able to choose whether or not to share their data, and will have access to a dashboard that makes it easier to view and manage the rights granted. Similarly, data sharing will have to take place within a secure framework, which means in particular that data users will have to be authorised, for example under the new Financial Information Service Provider (FISP) status.

B/ Preparing for the future also means exploring the potential benefits of new technologies, such as generative AI. This has the potential to bring about a real revolution.

This is why the Banque de France, via an innovation platform operated by its Lab, launched a call for contributions in May 2023 on the uses and impacts of generative AI on its activities. Aimed at the innovative ecosystem, it seeks on the one hand to refine our understanding of this technology and, on the other, to accelerate its potential use, by proposing concrete use cases and even operational solutions. A generative AI platform, a specialised functional solution and a tool for auditing generative AI: the three French companies selected in this call for contributions will help us to develop solutions tailored to our missions.

For the fintech sector, this new technology should lead to a host of new uses, notably thanks to new ways of interacting with customers and personalising products. I am sure that you will seize this opportunity, and seize it responsibly. 

Of course, this new technology is not without its risks. Some of these will no doubt be governed by the forthcoming EU Artificial Intelligence Act. In all events, the new tools developed by the financial sector will have to respect a certain number of principles. I would like to mention one such principle, which is fundamental for us: algorithms must always be developed in the interests of the customer, which means in particular that they must always enable the customer to make informed choices. 

In this respect, we must be wary of preconceptions. Our research has shown, for example, that the automated explanations provided in chats, as attractive as they may be, do not always enable customers to properly assess the suitability of the products on offer for their personal situation.

It's time for me to wrap up with a simple message: even if times are gloomy, we must remain confident, especially as the future holds many opportunities for the fintech sector. In any case, we are committed to always being there for you, to support you as best we can, in times of calm and in stormy weather.