Before a Parliamentary Select Committee on 1 March 2021, the head of a UK regulator called for search engines and social media to take responsibility for certain content appearing on their platforms. Yet this appeal did not come from the head of Ofcom, the Information Commissioner’s Office or even the Competition Markets Authority. 

The call to action came from Nikhil Rathi, the Chief Executive of the Financial Conduct Authority, one of the UK’s regulators for the financial sector. His plea for the Government to bring scams and investment fraud within the scope of the Government’s upcoming online safety bill demonstrates the increasing interest the FCA is taking in the tech sector.

The FCA’s interest in tech companies - the regulatory perimeter

But why would a financial regulator be interested in tech companies? There are two trends that are likely to bring more tech companies within the FCA’s crosshairs in the coming years:

- Expanding the perimeter: first, more tech firms are expanding their operations to offer financial services, some of which may be regulated by the FCA. This has ranged from offering payment services to offering alternative currencies. At the same time, the perimeter of regulated activities is expanding to capture more activities. For instance, in February 2021, the Government announced its intention to regulate “buy now, pay later” services. 

- Looking beyond the perimeter: second, stung by criticism over its role in a series of high-profile scandals that occurred just beyond its “regulatory perimeter”, the FCA is now paying more attention to businesses that are unregulated, but which threaten the FCA’s ability to protect consumers or ensure the integrity of financial markets.

Some key examples

An obvious example of this is London Capital & Finance: a firm authorised by the FCA to provide certain financial services but which allegedly used the “halo-effect” of that authorisation to induce a large number of individuals to invest in unregulated – and apparently fraudulent –investments. Many of the individuals saw adverts for London Capital & Finance’s investments on social media and search engines. 

Similarly, though GameStop shares are listed in the U.S., the way in which investors communicated via social media to drive a rapid rise (and subsequent fall) in GameStop’s share price will have rung alarm bells at the FCA around UK’s markets susceptibility to similar incidents.

What are the FCA interested in?

As you might expect, the FCA are interested in the activities of any tech companies that threaten its objectives to protect consumers and ensure the integrity of financial markets. A few particular areas of concern have already emerged.

- Scams and high-risk investments:

As noted above, scams and high-risk investments are high-priority areas of concern for the FCA. In last year’s Regulatory Perimeter report and at several Parliamentary Select Committee hearings in recent months, the FCA has highlighted that social media platforms and search engines are playing an increasingly significant role in promoting financial scams and high-risk investments to consumers. 

The FCA have said that online platforms should not only be doing more but suggested that they should bear “clear legal liability for the financial promotions they pass on ”. This raises the prospect that the FCA may try to test if their current powers are broad enough to cover online platforms, or if they may need to request new powers from the Treasury

The FCA has also lobbied heavily for financial scams to be brought within the remit of the online harms regime.

- Financial crime and crypto:

Another area of concern is the susceptibility of tech companies to being used for financial crime in particular money laundering, terrorist financing and transfers that breach sanctions. Here, the FCA’s focus will be on those within the regulatory perimeter. 

A particular focus is cryptocurrencies. Since January 2020, the FCA supervises cryptoasset exchanges and wallet providers to make sure they comply with anti-money laundering rules. The use of cryptoassets for criminal purposes is well-known – cryptocurrencies are the payment means of choice for ransomware attacks and are commonly used to purchase illicit goods on the dark web. 

Though the FCA’s regulation in this area is in its infancy, having taken such extensive supervisory and enforcement action against the major financial institutions, the FCA will not want the cryptoasset market to represent a weak link in the UK’s armour against financial crime.

Safeguarding:

Finally, the FCA has also shown that, as tech companies move into offering payment services, it needs to be satisfied that they are meeting their obligations under the relevant legislation. In particular, the requirement to safe guard customer funds and keep them separate from the business’ own money. This is to ensure that customers get all of their money back should the worst happen and the company collapse. 

Already, the FCA has required tech companies with payments businesses to conduct skilled persons reviews of their compliance with safeguarding requirements. Last year, the FCA issued new guidance that set out more detailed expectations around how businesses with payments arms would properly safeguard customers’ funds.

What next?

The expansion of tech businesses into financial services combined with the growing reach of the FCA means that the FCA is likely to become an increasingly important authority for many tech companies in the coming years. As with all regulators, it is therefore important that tech companies that cross the FCA’s radar know the boundaries of their powers and how best to engage with them.