BaFinTech 2023 Impressions

Germany is the center of consumer protection and market prudence, and innovation follows regulation’s lead in the German finance ecosystem. Nonetheless, the upcoming terms could be a turning point enabling more innovation, according to the BaFinTech Conference that took place in Berlin between the 19th and 20th of September.

BaFinTech started in 2016 and has been an annual event ever since. Although there are many start-up and innovation-focused conferences in Germany, BaFin and the Central Bank’s conference in Berlin is particularly important as it bridges Frankfurt and Berlin, bringing together regulators, regulated entities, and entrepreneurs. I attended the event to keep the regulator’s pulse for Fintech Istanbul readers.

This year’s topics include crypto regulation MiCAR, Decentralized Finance advances in artificial intelligence, the digital euro, and the Digital Operational Resilience Act (DORA).

Here are the key messages of BaFinTech 2023:

• In the opening remarks, BaFin’s President Mark Branson, and Prof. Dr. Joachim Wuermeling (Bundesbank Executive Board Member) emphasized the significance of innovation. Accordingly, BaFin and the Deutsche Bundesbank welcome innovations in the German financial market and aim to have Fintech “Made in Germany” a mark of quality and trust.
• The BigData session by Prof. Dr. Joachim Wuermeling (BBK) highlighted the importance of artificial intelligence for finance. According to Prof. Wuermeling, many banks and financial institutions have already started ChatGPT operations, and regulators are benefiting from artificial intelligence. Financial institutions in Germany are piloting different AI use cases, including AML, credit application processes, and more.

“Unstructured data holds great potential, both for individual institutions and for the entire financial system,” stated Dr. Joachim Wuermeling during his speech. According to Prof. Wuermeling, Bundesbank uses unstructured data to enable market department employees to obtain valuable information about the financial markets with the help of “BUBA” Bots. “With access to valuable market and regulatory data, central banks can take advantage of the AI to better fulfill their mandate to maintain price and financial stability,” he added.

Of course, despite the potential artificial intelligence promises to financial service providers, challenges are expected, especially regarding data quality, algorithms, and resistance. When asked whether the “EU will find the balance with the AI regulation,” Prof. Wuermeling was optimistic about the results of the AI law-making efforts.

• The following session was about DORA (with alternative parallel sessions about digital assets and machine learning), and Dominik Schäfer (BBK) and Dr. Sibel Kocatepe (BaFin) had a deep dive into the much-anticipated regulation in the next hour.
• DORA, a regulation about risk and critical IT provider management, aims to prevent cyber risks as they can turn into systematic risks. According to Dominik Schäfer, “resilience” is one of the critical elements of DORA, and lawmakers want financial service providers to return to normal quickly when there is disturbance.
• Dominik Schäfer kicked off the session with a short assessment about whether attending service providers are impacted by DORA and have started preparing for the regulation.

• Since DORA will be enacted as a “regulation” (i.e., applicable directly), there will be a level playing field in the EU, including uniform reporting duties across member states.
• DORA places risk management responsibility in the hands of the management organs of the organization, requiring active management and sufficient know-how.
• Advanced tests and penetration tests should be expected on the practical side of DORA.
• Financial service providers will be given 14 months for implementation.
• Sibel Kocatepe believes that what is now said about artificial intelligence was said about cloud years ago.
• As per DORA, organizations must understand systematic risks and act according to the notification requirements. Surprisingly, there is no requirement to keep data in the EU.
• In the future, financial service providers will need to have a register of ICT service providers.
• Kocatepe mentioned receiving many requests about the profile of “ICT service providers,” however, there is little information about the topic at the moment.
• DORA requires a lot of fine-tuning, and experts advise subject institutions to start preparing. Dr. Kocatepe advised financial service providers to “start the compliance process by reading the regulation’s text, particularly the RTS/IST Guidelines.” Furthermore, she recommends aligning DORA’s requirements with existing standards and conducting an operational resilience analysis.

DORA is a good step towards risk management and mitigation. However, will it further increase financial institutions’ compliance burdens, decreasing capacity for innovation? Never-ending regulatory cycles block a significant part of the IT and operational capacities, and as a result, some financial institutions struggle with prioritizing anything other than compliance. Experts seem to disagree, but only time will tell.

During the event, I also had the chance to talk to Peter Grosskopf of Unstoppable Finance. Peter is a frequent speaker at FinTech and Web3 events but finds particular value in public sector events such as BaFinTech since “these events are great to bring the innovation and regulators together. Everyone from the Bundesbank and BaFin are very open and interested about the crypto ecosystem and what we do at Unstoppable Finance,” he stated. Working in FinTech and web3 for so long, Peter finds the developments in the crypto industry “disappointing” in the last years, as “many projects were launched disregarding the real-life value and use cases.”

Peter believes these window innovation projects in the crypto industry made the industry and regulators very skeptical about crypto.

Unstoppable Finance is busy building the first DeFi bank to bring the best of both worlds” in traditional finance and web3.

Presentations used in BaFinTech 2023 can now be found online (German only):

• Presentation Digital Operational Resilience Act (DORA) – Was kommt auf den deutschen Finanzsektor zu? (PDF, 1MB, barrierefrei)
• Presentation Aufsichtliche Behandlung von Krypto-Asset-Exposures bei Banken – Aktuelle Entwicklungen auf globaler und europäischer Ebene (PDF, 1MB, barrierefrei)
• Presentation Von Kryptoverwahrern zu Crypto-Asset Service Providern (PDF, 1MB, barrierefrei)
• Presentation Open Finance beyond Payments – Datenzugang zu Finanzdienstleistungen (PDF, 660KB, barrierefrei)
• Presentation Schwerpunkte aufsichtlicher Prüfungen für maschinelles Lernen (PDF, 815KB, barrierefrei)
• Presentation PSD2 – Wohin geht es? Evolution statt Revolution? (PDF, 707KB, barrierefrei)
• Startup Relationship Management – Von der Kontaktaufnahme, über die Beschaffung bis hin zur ZusammenarbeitMartin Pester, Dr. Thomas Schardt (Deutsche Bundesbank)
• Der digitale Euro – Kommt er? Was wird er? Bleibt er?Dirk Schrade (Deutsche Bundesbank)
• Perspektiven für Wholesale CBDC im EuroraumDr. Martin Diehl (Deutsche Bundesbank)
• Geopolitische Aspekte des ZahlungsverkehrsDr. Heike Winter (Deutsche Bundesbank)
• Marktentwicklung und Perspektives von Fintechs 2023 – Aktuelle Entwicklungen und Implikationen Uta Köhler (Deutsche Bundesbank), Andreas Kern (BaFin)

Event pictures can be found here.