Article:

Shifting the regulatory landscape: Too big to fail and too big to regulate - Learning from the past

10 August 2021

Geoff Rooney, Partner, Audit & Assurance |
Stan Gallo, Partner, Forensic Services |
Quin Rijnders, Executive Director, Forensic Services |

Since the Global Financial Crisis (GFC) and until recently, regulatory headlines revolved predominantly around banks. Following the GFC, a core question arose as to whether banks were ‘too big to fail’. When Lehman Brothers collapsed, it changed the financial landscape around the globe.

The ‘too big to fail’ question was scary at that time, because if this were true, the ability to regulate banks as a private industry would have been severely impaired. Banks would have needed a steady stream of government assistance in order to survive, possibly becoming partially state owned once again. A lot has happened since that time, both internationally and locally.

Following the Royal Commission into misconduct in the banking, superannuation and financial services industry, the regulatory landscape and approach to banks has changed. There is a greater understanding between banks and their regulators, especially around conduct in operations, and internal detection and remediation in areas of the business where issues exist.

The banks weren’t too big to fail after all. But, does this same question apply to technology and Big Tech?

Technology corporations under the regulatory microscope

Recently, regulatory focus has begun to shift to the world’s largest technology corporations (Big Tech), which over the last few years have grown phenomenally. In comparison, the growth and dominance of the financial services industry, and banks in particular, took centuries to build. Big Tech growth is a relatively recent phenomenon, not taking centuries, but just decades to build. Coupled with internet infrastructure, now an essential part of everyday life, the exponential growth has evolved to transcendent dominance.

Laws and regulators have not kept up with this incredible pace of growth. The sheer scale of Big Tech compared to even the largest regulators leaves us wondering whether the playing field is level at all, giving rise to the question ‘is Big Tech too big to regulate’?

The first stirrings have already occurred with the Australian Government and Facebook butting heads over payment for news content, seeing the tech giant ‘unfriend’ the country.

Big Tech is cross-border by nature, so regulators in isolation will have a hard time tackling the problem adequately.

The ACCC’s role

In Australia, we are on the front foot of making regulatory inroads. In the last year or so, the Australian Competition and Consumer Commission’s (ACCC) challenge of Big Tech in the space of cannibalising the market for paid news content made global headlines as the first action of its kind.

This kind of regulatory lead role is new for Australia. Generally speaking, after the GFC when regulators were pursuing banks globally, Australia watched, learned and took their leads from other regulators overseas. The pivot to regulatory leadership makes it an exciting place to be, so as to be part of the debate, closer to home.

So, what can we learn from the past?

More recently, the regulatory debate on Big Tech appears to be heading in a very similar direction to that taken regarding the banks - focusing on the customer. This raises questions, such as:

  • Do consumers get value for money when paying for ads?
  • How are Big Tech collecting, storing, securing and using our data?
  • Are customers at the heart of what Big Tech does?
  • Does it matter that the product of Big Tech is, essentially, people?
  • As ‘everyday users’ don’t pay for the service, does this mean they are entitled to less care, or are less important than the traditional ‘customer’ people?

The Road Ahead

It may not be long before we can start to dust off terms like ‘single customer view’ and ‘fees for no service’ when thinking about Big Tech. Other questions will likely arise regarding the broader responsibility and roles of Big Tech surrounding the offering of ‘financial’ products. Particularly in regards to compliance from an anti-money laundering perspective and how this relates to crypto currencies.

The financial services industry is learning from the Royal Commission, implementing ongoing customer remediation programs as a result. While the Financial Services Industry is not perfect, they are moving to understand better product design, target market, disclosures and ongoing governance and monitoring, with Regulatory Guide 274 (RG 274 and Design and Distribution Obligations (DDO) requirements.

The starting principle of DDO is customer-centricity. DDO introduces targeted and principles-based design and distribution obligations of financial products, with RG 274 requiring issues and distributors to implement a suitable and demonstrable product governance framework. This framework is designed to ensure products are targeted at the right people, through appropriate disclosures and communications to clients.

However, the Tech industry is not quite there yet. A solution for regulating Big Tech will, like Financial Services, encompass regulation, competition policy and data privacy. While this will follow at some point, the pathway in the meantime will be bumpy given the complexities of their sheer scale and blurred business entities, as well as gaps in legislation and the regulatory framework. It appears that at the very least, increased global regulatory collaboration will be required to make progress.

There are still many questions that need to be asked with the main being, where do the boundaries of corporate social responsibility of Big Tech lie? The answer feels elusive due to fluid business models and practices. There are a multitude of organisations and individuals who should all be contributing pieces of the puzzle which comprises the answer.

For more insights into data compliance, remediation or other regulatory related projects, reach out to our Remediation and Compliance Team.