ASEAN’s animated fintech sector brings financial services to those excluded by the financial system. But if mismanaged, new technologies pose a threat to citizens’ privacy and democracy.
By Diesel C.
Fintech promises a lot for the future of ASEAN nations. Despite nations’ varying levels of economic development, unique government structures, social customs, cultures, economies, and banking systems, the emergence of a thriving fintech sector holds a wealth of opportunities for every one of ASEAN’s 10 member states.
Fintech promises banking for all
According to KPMG, only 27% of Southeast Asians currently have a bank account. This leaves some 438 million individuals and business owners with no access to traditional lines of credit or financial services.
Fintech is flooding into this space. It is filling the financial gap, offering financial services and loans to those without access to traditional banking services.
Peer to peer (P2P) lending models provide alternative sources of credit and make up a big part of fintech lending for both consumers and small and medium enterprises (SMEs). Rising regional mobile subscription rates and low transaction costs make the P2P sector ripe for growth.
Regulation underpins the fintech advancement of ASEAN nations
The 2019 CCAF ASEAN Fintech Ecosystem Benchmark Study found that 80% of the ASEAN countries have already introduced specific regulatory frameworks for digital payments and 60% of ASEAN regulators have introduced regulatory sandboxes to promote innovation.
However, despite making inroads to nurture fintech innovation and foster a positive relationship between fintech firms and governments, several challenges remain.
A fragmented regulatory sphere is limiting fintech’s cross-border growth. Varying regulations in each country mean fintech players need to establish themselves in each nation individually, stymying the emergence of rapidly scalable business models.
These closed-loop regulatory systems also prevent the establishment of a seamless cross border payment system.
Greater cross-border collaboration between regulators would mitigate fintech firm’s business costs incurred by divergent regional regulatory practices.
Fintech raises new questions about privacy
Fintech’s rise to prominence is raising new questions about privacy and data protection. As private firms gather sensitive information on users’ finances and spending habits, consumers are increasingly wondering how this data is being handled.
67% of global fintech users said they were ‘very concerned’ or ‘extremely concerned’ about their data privacy. In a region like Southeast Asia, where unsecured digital infrastructures are particularly vulnerable to attack, data protection and the handling of sensitive information will become a hot topic as fintech expands across the region.
‘Know Your Customer’ (KYC) requirements will put a dilemma to regional governments and fintech firms as efforts to curb illegal money laundering in the region intensify. Financial providers have a responsibility to verify the identity of their customers. However, they do not want to exclude those that may not have access to traditional forms of identification from banking services.
Biometric data will be the future of identity verification systems
One way companies are meeting their KYC obligations without incurring additional paperwork and longer waiting times is through the adoption of biometrics for consumer verification.
Malaysia’s Hong Leong Bank and Thai mobile bank TMRW are among the companies already using biometric customer authentication. However, with such sensitive information being held by financial outlets, it raises the stakes in the event of a data breach.
Naphongthawat Phothikit, director of the financial technology department at the Bank of Thailand, described the increased cybersecurity challenges posed by the adoption of biometric authentication systems. “Traditionally, security has meant passwords. If there’s a problem, you can always change your password,” but if someone steals your image, “you can’t change your face,” he said.
Governments can also leverage this technology for undemocratic ends
The next phase of identity verification in the fintech sector will pose further risks for ASEAN nationals. To streamline the identity verification process, banks and financial services providers are working with governments to build identity verification platforms with shared access.
These databases will be government-owned and maintained and form part of the national digital ID platforms. Thailand, Malaysia, Indonesia and the Philippines have all had some form of a digital ID bill passed through their legislative bodies. These bills allow the government to collect biometric information on the population for use in identity verification applications. Singapore’s prime minister, Lee Hsien Loong, has also trialled a national digital identity scheme for the creation of a centralised biometric identification system.
While the identification systems could help streamline the identification process for welfare distribution and accessing financial services, for a region marred by a history of power abuses and democratic suppression, handing governments such a powerful political weapon should give cause for concern.
Transparency and highly specified mandates for biometric use will be necessary
To ensure ASEAN’s citizens benefit from the implementation of biometric identification systems, governments should offer transparent answers to several prominent questions.
Firstly, for maximum democratic accountability, the systems’ use must be limited to its original purpose. If the purpose is to verify recipients of welfare, then there should be no legal authorization for applications outside of these ends.
Similarly, if access is granted to the private sector to aid KYC compliance, private companies must not be given free rein to access information for any purposes beyond identity verification.
Secondly, governments must be able to provide assurances that the systems are serving domestic interests. In the high-profile case involving the United States’ Biometric Identification Transnational Migration Alert Program (BITMAP), which provided 14 nations with biometric systems, the organisation was sharing data with US biometric databases.
To ensure the technology is not serving foreign interests and is being employed to benefit ASEAN populations, legislative bodies must be given adequate opportunity to debate and implement the necessary safeguards to protect the system from abuse. If legislative processes are bypassed, and centralised biometric systems are implemented through decree, there will likely be room for abuse and anti-democratic applications.
The capabilities biometric data gathering affords the public and private sectors will be a boon for ASEAN’s fintech users. The private sector’s ability to rapidly verify a user’s identity will streamline borrowing processes and lubricate the SME-driven economy.
But ASEAN’s ability to safeguard its populations and ring-fence biometric data access for the intended purposes will be a major factor in whether the technology becomes a force for good in ASEAN societies. Without careful democratic provisions, this particular avenue of fintech can easily become a disempowering force in an industry which has strived to empower.