The Unprecedented Growth of FinTech: Regulatory Compliance Guide 2023

In recent years, FinTech has transformed traditional financial services, harnessing technologies from cloud computing to blockchain and AI. This rapid evolution has led to a flurry of new laws and regulations, both in the UK and globally. The result is an increasingly complex regulatory landscape which businesses must navigate to remain compliant in 2023.

UK FinTech Regulation

Given the current dynamism of the FinTech sector, the FCA is continually revising rules to align with technological advancements and emerging business models.

The FCA’s Regulatory Sandbox remains an important tool for businesses testing innovative financial products or services, allowing companies to test offerings with real consumers while ensuring regulatory compliance. The latest guidance, published in 2023, provides valuable insights for eligible businesses intending to use the Sandbox.

AI, Machine Learning and Data Protection

Love them or hate them, intelligent technologies including AI and machine learning are at the heart of many modern FinTech services – both prompting increased regulatory attention and attracting more than their fair share of controversy. The FCA and the Bank of England (BoE)’s joint report in 2022 outlined expectations for AI usage in financial services, emphasising the need for responsible AI usage, robust governance, transparency, accountability, and data privacy.

FinTech firms generally handle large volumes of personal data, and as such, compliance with the General Data Protection Regulation (GDPR) and the UK’s Data Protection Act 2018 is crucial. The ICO’s guidance on AI and data protection offers practical applications of data protection laws to AI, emphasising the importance of data minimisation and anonymisation.

Cyber-threats and Operational Resilience

Cyber threats continue to escalate, requiring traditional financial institutions, traditionally slower to transform digitally, to keep pace with the latest technologies and regulations. Major institutions such as CitiGroup and HSBC have faced substantial fines for compliance failures, emphasising the necessity for stringent due diligence.

In the face of increasing technological disruptions and cyber threats, the FCA, PRA, and BoE expect firms to fortify their operational resilience. FinTech businesses need to devise robust plans to respond to (and recover from) any operational disruption, safeguarding both their consumers and market integrity.

Cryptocurrency and DeFi Regulatory Changes

With moves being made to regulate cryptocurrency and DeFi, the sector faces the challenging task of maintaining the privacy and autonomy that attracted investors, whilst also accommodating necessary regulations.

The IMF and ECB have underlined the importance of regulatory harmonisation in the crypto space. Upcoming EU-wide laws, expected by the end of 2023, and similar actions in the US will have a significant impact on UK FinTech businesses.

Anti-Fraud Regulations and Open Banking

The rise in fraud rates has led to the consideration of a national fraud strategy in the UK. New regulations from the Payments Systems Regulator (PSR) will require banks to work collaboratively in combating fraud, ensuring enhanced consumer protection and financial integrity.

Meanwhile, the Payment Services Directive 2 (PSD2) and the Open Banking initiative have revolutionised how customers and businesses manage financial data. Firms must comply with rules regarding customer authentication and data privacy.

New Rules for Buy Now Pay Later (BNPL) Sector

With economic uncertainties and increasing consumer reliance on credit, the BNPL sector will face stricter regulations by mid-2023. The FCA will enforce in-depth credit checks on consumers and require lenders to secure FCA approval, aiming to protect consumers from unmanageable debt.

Another point of note is the increasing number of employers are looking to offer early wage access schemes in response to employee demands, and the current cost of living crisis. Depending on how these schemes are structured, they may be considered as consumer credit, and likely to face further FCA scrutiny in 2023.

How Arbor Law can help your FinTech business 

FinTech’s landscape is ever-evolving, and with it, the rules and regulations that govern the sector. Compliance with these new laws is non-negotiable. At Arbor Law, our experienced, senior team of FinTech lawyers work with small businesses and legal teams as outsourced general counsel. Drawing on our team-wide experience as senior in-house lawyers in global businesses and fast growth start-ups in the financial service sector, we offer pragmatic, commercial advice to enable your business to make better decisions, and remain compliant.

If you would like to contact one of our sector experts when it comes to FinTech, contact