Embedded Finance: How Does Regulation Vary Worldwide?

December 2022

Fintech & Payments

Dominique Tetnowski

Research Analyst

What is Embedded Finance?

The term 'embedded finance' describes any use case where financial services, such as banking, insurance or lending, are integrated into non-financial user experiences.

As we describe in our new embedded finance research, this typically means eCommerce checkouts; where payment options are embedded to avoid having to re-enter details, or where value-added services such as insurance coverage are embedded within the checkout process..

Currently, the biggest concern with regards to embedded finance surrounds the process of data sharing. While there are some regulations in place, there are many developments that must happen to ensure the market grows sustainably. This blog, therefore, will explore the challenges to future growth in several key embedded finance markets, as well as what steps must be taken by stakeholders to mitigate these.
  

US

 
While there are federal organisations in place to oversee general fintech activity, actual regulations differ between states in the US. This lack of standard regulation means that it is up to each individual bank to decide as to whether or not they wish to open up their data.
 
As such, the take-up of open banking and open APIs is entirely market driven. This, in turn, means that the implementation and take up of embedded finance within the banking and finance sector is likely to be slow, as there will be gaps in the data as a result of financial institutions not participating.
 
Outside of banking, the US and Canada are very well set for embedded finance. Embedded payments are commonplace, with one-click payment buttons frequently a part of eCommerce platforms, and with vendors such as Shopify ensuring the payments are easily integrated.
 

Brazil

 
In May 2020, the Central Bank of Brazil and the CMN (National Monetary Council) issued Joint Resolution No.1, which set out a plan for the future implementation of an open banking system in Brazil.
 
By mandating open banking, the Brazilian government hopes to boost innovation in the fintech market and create new business opportunities regulated by the Central Bank.
 
The growth of the embedded finance market is promising in Brazil, specifically relating to embedded insurance. This is as a result of a rapidly growing insurtech market in the country, with businesses focusing on the provision of motor insurance. As such, it is likely that embedded finance will be boosted by embedded insurance, encouraging businesses to expand their offerings when the insurance market becomes oversaturated.
 

The EU

 
In terms of open banking and BaaS, the EU is the most advanced market in the world, significantly boosted by the provisions of PSD2.
 
Under PSD2, open finance was effectively enshrined in the financial systems in the area, with the implementation of open banking and user access seeing its highest rates to date within markets in West Europe. This means that open access and embedding financial data and payments is relatively simple in this area.
 
To combat cyber-related risks that naturally come with an increased use of technology and digital processing, regulatory bodies in the EU have expressed the need for businesses to adhere to data protection safeguards set by the General Data Protection Regulation and the Anti-Money Laundering Directive. Additionally, the implementation of KYC frameworks has encouraged stronger protection against fraudulent activity and bettering protection of data through strong customer authentication processes.
 
In 2018 GDPR (EU General Date Protection Regulation) was introduced with a focus on consent and transparency. The GDPR law ensures that consumers know how their data is being processed and what it is being used for, as well as making transparency of data processing an obligation through contracts.
 
Currently, the most movement is happening withing the embedded lending sector, specifically relating to the changing regulatory environment surrounding BNPL. In June 2022, the EU council announced it was to revise the Customer Credit Directive to better regulate the BNPL more similarly to the credit market. Whilst this does create an uncertain framework for embedded lending providers, it is likely to stabilise quickly, ensuring a necessary framework for sustainable growth.
 

China

 
In terms of digital payments, China is very far ahead the rest of the world, with payments via WeChat Pay or Alipay being the norm.

As such, the market is largely driven by the eCommerce giants, who rule and direct the payments market, encouraging digital payments through QR codes. This means that in terms of embedded payments, it has one of the highest rates in the world.
 
With regards to open banking, it is very limited in China. Although there is a lack of formal data privacy ruleset, there is still a strong emphasis on data privacy where private companies are involved, which is difficult to balance with the need for openness under open banking. In February 2020, the PBOC issued a financial industry standard of APIs, specifying the type and security level of APIs used by commercial banks as well as the security design, deployment, integration and maintenance.
 

India

 
With regards to the fintech market, there is no specific set of legislations for the market and its players. Additionally, India is yet to create and implement data privacy and BaaS regulations, with the market currently being driven by payment distributors and eCommerce giants.
 
In September 2016, the RBI announced it was creating an intermediary, the AA (Account Aggregator), between financial information providers and financial information users. The trade of information operates through APIs and enables entities registered and regulated by any financial sector regulator, access to financial information. The AA is not allowed to store any data or use it for any other purpose than to pass it along to the third-party organisation. The intermediary follows strict data security and customer grievance redressal mechanisms to ensure the customer is adequately protected.
 
The Indian market is advanced in terms of payments, with the UPI being a simple platform that can be embedded in numerous ways. This has enabled significant growth in terms of embedded payments in the Indian market, and is promising for future growth.
 

Australia

 
In July 2020, the CDR (Consumer Data Right) was launched and has had strong interest in open banking adoption since.
 
This allows users to access open banking aggregation and payments imitation, in a similar vein to PSD2. Since November 2020, Australian consumers have been able to give permission to authorised third parties to access mortgages, personal loans and joint bank account data. This allows them to search and compare prices for banking services and products, as well as the ability to keep track of their banking in one place.
 

Nigeria

 
In February 2019, the CBN (Central Bank Nigeria) released operational guidelines for open banking in the country, and in 2021, it released a regulatory framework echoing these earlier guidelines.
 
In March 2018, the OBN (Open Banking Nigeria) was launched as a non-profit organisation with the intention of increasing interest for open APIs and to draft initial standards for open banking in Nigeria. Data held through the use of open banking will be secured by the OBR (Open Banking Registry), which will be overseen by the CBN. Additionally, data can only be used for purposes set out in the regulatory framework and must be in line with the Nigerian Data Protection Regulation.
 
The prospects of open banking are promising within Nigeria. However, financial infrastructure is not entirely stable, which limits the pace in which the appropriate framework can be effectively implemented. It is likely that embedded payments will see the highest take-up with the rise of PaaP (Payments-as-a-Platform) with mobile money platforms.
 

Conclusion

 
Around the world, regulations and take-up of embedded finance is very varied, but it is very promising that generally most markets are at least considering embedded finance initiatives.

It is clear from this analysis, and our market forecasts, that open banking will continue to become more prominent, and the increased requirement and ease of sharing data will of course boost the take-up of embedded finance solutions. As the take-up of embedded finance develops, it is likely that regulation will increase in line with each segment.
 

Related Reading

Our complimentary whitepaper, Revolutionising Fintech with Embedded Finance, examines the state of this rapidly evolving market, and the trends and challenges defining the space.
 
"A new study from Juniper Research has found that revenue from embedded financial services will exceed $183 billion globally in 2027; increasing from just under $65 billion in 2022. Growing by 182% over the period, the report found that this expansion will be largely driven by non-financial businesses incorporating embedded finance options into their product offer. These options will usually be introduced within the checkout process of an eCommerce transaction or incorporated seamlessly within a mobile app; resulting in enhanced financial options for the consumer and potential new revenue streams for vendors."