Are the watchdogs letting robos run wild?

Despite efforts to close gaps, lack of clarity persists in robo-advisor regulation

Are the watchdogs letting robos run wild?
Sci-fi enthusiasts may know Isaac Asimov’s Three Laws of Robotics, and fans of Robocop might recall his three Prime Directives. The upshot: Robots need to be programmed to do no harm.

Unfortunately, the rules governing Canada’s robo-advisors are more rudimentary.

“The excitement around fintech has been accompanied by concerns that the industry is unregulated or less regulated than the traditional banking and financial services industry,” according to an article recently published on legal intelligence site JD Supra. “Regulatory gaps and risks certainly do exist, but the Fintech industry is not necessarily the Wild West.”

Regulation of Fintech in Canada, written by Andrea C. Johnson and Jawaid Panjwani of leading global law firm Dentons, gives an overview of regulation for various types of fintech firms. These include robo-advisors, which pose a regulatory challenge: while they use a new business model, various aspects of the business overlap with existing laws and rules.

Under provincial securities law, fintechs that facilitate investments should comply with registration, prospectus, and disclosure requirements to let investors make informed decisions. Firms that trade, underwrite, or provide advice in securities should also follow specific registration and licensing requirements.

However, regulators have tended to be flexible toward fintech firms. In particular, the Ontario Securities Commission (OSC) and Quebec’s Autorité des marchées financiers have given innovative fintech businesses certain freedoms, including exempting them from regulations over a limited “test period,” during which they can engage in securities-related activities.

Robo-advisors like to advertise their speed and convenience, which is largely based on doing remote online transactions. “This runs straight into know-your-customer (KYC) requirements imposed on the banking and financial services industry,” the piece said, referring in particular to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act.

But are robo-advisors held to those requirements? The authors had this to say:  “Online money transfer services, robo-advisors, crowdfunding platforms, peer-to-peer lending platforms online lenders and digital currency MSBs [money service businesses] may have to adhere to these KYC requirements.”

Earlier this year, robo-advisor firms WealthSimple and Nest Wealth called on regulators to let them register clients entirely online, without having to speak with an advisor.

One other issue is that of privacy and data security. Fintech firms collect information for various purposes, such as creating credit risk profiles, determining customer preferences, and identifying and measuring financial risk. Under Canada’s Personal Information Protection and Electronic Documents Act, personal information should be collected with clients’ knowledge and consent.

More importantly, companies should have security safeguards to protect sensitive information against loss, theft, and unauthorized access. The Federal government introduced rules and requirements regarding data breaches in mid-2015. Once the rules kick in, organizations must report any breach of safeguards involving personal information, including financial data, under their control; otherwise, they will face monetary penalties.

Fintech and cybersecurity are among the major priority compliance priorities announced by the CSA for this year.

For more of Wealth Professional's latest industry news, click here.

Related stories:

CSA: Communication a key in cybersecurity
Robo-advisors ask for slack on know-your-client conversations