FinTech, InsurTech, and the Regulators

Considering the rapid evolution and penetration of technology in the financial sector in general, and in the insurance sector more specifically, FinTech and InsurTech respectively are destined to affect the scope and the implementation of applicable regulation. A number of issues arise: which are the value chain participants that will be ultimately subject to regulation? Who is the competent regulator from a sectoral point of view? How will the geographic scope of each national regulator’s powers be delineated, considering the global character of FinTech services? What should be the appropriate regulatory tools and methods to be applied? These issues are outlined in Sect. 1. A number of international organizations and fora are approaching and examining the FinTech/ InsurTech phenomenon, to assess its possible benefits and implications for the regulated markets. The activities undertaken by the Financial Stability Board (FSB), the Organization for Economic Co-operation and Development (OECD), and the International Association of Insurance Supervisors (IAIS) are briefly presented in Sect. 2. From a European perspective, EU authorities and institutions, including the three European Supervisory Authorities (EIOPA, EBA, and ESMA) also undertake initiatives, targeted at better comprehending the FinTech/ InsurTech phenomenon, as described in Sect. 3. Finally, there are a number of national regulators who are proactive on the national level and undertake measures aiming to foster technological innovation, in the provision of financial and insurance services, as mentioned in Sect. 4.

establishing technology departments with tech experts, or outsourcing competences and powers. 5 In general, the development of FinTech and the increasing "InsurTech" participation in the insurance industry do not only affect insurers, but insurance regulators as well, causing them the need to quickly adapt into the new reality and posing an additional challenge to them to keep-up with the technological developments. Regulators are faced with a difficult balancing exercise between their traditional role to ensure the financial stability and consumer protection, on one hand, and, on the other hand, the need to not stifle innovation to follow the constantly changing needs of the consumers and the market, and to enhance the free competition within the relevant market. It is being argued, in this relevance, that regulators may now undertake a new role, as being proxies between innovation and law, 6 adopting such a regulatory stance to adapt long established laws and provisions into the new, digitalized reality, and legitimizing new products and services.
The disruption caused by FinTech in the operations of the regulators is evident on: international, EU, and national level. International schemes, such as the Financial Stability Board (FSB), the Organisation for Economic Co-operation and Development (OECD), and the International Association of Insurance Supervisors (IAIS) have produced papers to address the FinTech issue, whereas EIOPA and the other European Supervisory Authorities (ESAs) have established working parties and have undertaken initiatives, with the aim to examine and determine the regulatory approach to the phenomenon. At national level, numerous regulatory authorities launching further initiatives such as regulatory sandboxes, have proposed and adopted specific regulation to keep up with the developments.
Evidently, the entire financial sector is alerted regarding FinTech, and there is less focus on insurance when compared to banking and investment entities, which have experienced the FinTech effect somewhat earlier. However, the problematics and the cumulative effect of the solutions and actions taken can be employed by the insurance sector. A relevant short presentation follows in the next sections.

International Regulatory Cooperation
As explained, owing to the value of FinTech as an international phenomenon, regulators are trying to comprehend and address it on an international level. The FSB is one of the international bodies, active in the financial services sector, that has 5 Gary Stern, Can Regulators Keep Up with Fintech?, Published by Yale School of Management, Yale Insights, 13 December 2017, available at https://insights.som.yale.edu/insights/can-regulatorskeep-up-with-fintech. 6 Kevin Petrasic, The Role of Regulation in Financial Innovation: Does FinTech Need Regulation to Flourish?, 20 December 2017, first appeared in Chambers Professional Advisers: Fintech, and available at: https://www.whitecase.com/publications/article/role-regulation-financial-innovationdoes-fintech-need-regulation-flourish. begun monitoring FinTech. OECD has also been monitoring the technological developments, both in the financial sector in general and in the insurance industry in particular. With respect to the insurance industry, the International Association of Insurance Supervisors (IAIS) has also issued a report concerning the FinTech developments in the insurance industry.

The Financial Stability Board's Approach
The Financial Stability Board (FSB), successor to the Financial Stability Forum (FSF), coordinates national financial authorities and international standard-setting bodies, with the mandate and the aim to promote and safeguard financial stability. 7 In this scope of work, the FSB understands FinTech as technologically enabled innovation in financial services that affects many different areas of financial services and may have implications on the financial stability, affecting the resilience of the financial system. 8 In this relevance, the FSB has issued two general reports, one identifying the main issues to the financial stability arising from FinTech developments that merit the regulators' attention, and one concerning the financial stability implications of the growing use of artificial intelligence (AI) and machine learning in financial services. 9 The FSB has also issued a more sector-specific report, along with the Committee on the Global Financial System (CGFS), concerning FinTech platforms engaging in credit provision, which concluded, among others, that such platforms could increase competition and put more pressure to the banks, but that FinTech could also lower lending standards, thus having negative consequences for financial stability. 10 7 Remarks by Svein Andresen,op.cit. 8 See speech given by Mark Carney (Governor of the Bank of England and Chair of the FSB), The Promise of FinTech -Something New Under the Sun?, Deutsche Bundesbank G20 conference on "Digitising finance, financial inclusion and financial literacy", Wiesbaden, 25 January 2017, available at: https://www.bankofengland.co.uk/speech/2017/the-promise-of-fintech-somethingnew-under-the-sun. 9 Financial Stability Board, Artificial Intelligence and machine learning in financial services: Market developments and financial stability implications, 1 November 2017a, available at: http:// www.fsb.org/2017/11/artificial-intelligence-and-machine-learning-in-financial-service/. This second report addresses the more specific issue of Artificial Intelligence (AI) and machine learning applications that are being rapidly adopted in the financial services industry, and the potential benefits and risks arising from them. 10 See FinTech credit: Market structure, business models and financial stability implications, Report prepared by a Working Group established by the Committee on the Global Financial System (CGFS) and the Financial Stability Board (FSB), 22 May 2017, available at: http://www.fsb.org/ 2017/05/fintech-credit-market-structure-business-models-and-financial-stability-implications/.
The first report of the FSB, issued in June 2017, 11 addressed the issues arising from FinTech developments in the financial sector in general, identifying the potential benefits 12 and risks 13 to the financial stability, 14 and reviewing the steps already taken by regulators. 15 It is noted, however, in the report, that the assessments undertaken in it are challenging, mainly because of the lack of the necessary data and information on the FinTech activities; as official data is limited and any information derives from voluntary private disclosures, any conclusions drawn in the report could be subject to revision. Furthermore, considering that most FinTech activities are currently small compared to the overall financial system, the analysis in the report focuses on potential benefits and risks.
The FSB also identified 10 key issues of focus for the authorities, three of which are considered priorities for international cooperation. 16 The priority areas for international cooperation include: • the management of operational risks from third-party service providers and the determination of whether the existing oversight frameworks for important thirdparty service providers to financial institutions are appropriate; • the mitigation of cyber risks; and • the monitoring of macrofinancial risks, although at this stage no compelling signs of any such risks materializing have been noted.
The other issues that merit the authorities' attention include any relevant crossborder legal issues and regulatory arrangements, the governance and disclosure frameworks for big data analytics, the assessment of the regulatory perimeter and its timely updates, shared learning and communication channels with the private sector, further development of open lines of communication across relevant 11 Financial Stability Board, Financial Stability Implications from FinTech: Supervisory and Regulatory Issues that Merit Authorities' Attention, 27 June 2017b, available at: http://www.fsb.org/ 2017/06/financial-stability-implications-from-fintech/. 12 Such noted benefits include, among others, the greater decentralization and diversification caused by FinTech, the possibility of technological innovations to lead to greater efficiencies, better use of data, more transparent services, improved access to financial services, etc. See in this relevance p. 15 et seq of the Financial Stability Implications from FinTech: Supervisory and Regulatory Issues that Merit Authorities' Attention Report. 13 Although no evidence of any adverse systemic impact exists yet, the FSB identified both microand macro-financial potential risks, such as the risk of maturity mismatch (particularly in the field of FinTech lending operations), liquidity mismatch, operational risk arising from information systems, management failure, contagion, procyclicality, etc. 14 The FSB also evaluated the interplay between the potential benefits and risks to the financial stability to better evaluate the potential implications of FinTech applications. 15 According to FSB findings, 20 out of 26 reviewed jurisdictions have enacted or intend to enact policy measures on FinTech (such as publications, proposals, regulatory sand boxes, innovation hubs, etc.), while the others are considering changes and only one has assessed its existing framework as adequate. 16 Page 29 et seq of the Financial Stability Implications from FinTech: Supervisory and Regulatory Issues that Merit Authorities' Attention Report.
FinTech, InsurTech, and the Regulators authorities, ensuring adequate resources for the efficient regulation and supervision of the FinTech phenomenon, and studying alternative configurations of digital currencies. It is also highlighted that, at the current stage, it is crucial for regulators to gain a deeper understanding of the business models of both emerging FinTech companies and incumbents in the financial sector as they evolve.

OECD's Involvement with FinTech and InsurTech
The Organisation for Economic Co-operation and Development (OECD) has also addressed the issue of both the FinTech in general, and the InsurTech phenomenon in particular. According to OECD, the appearance and evolution of FinTech ranks among the structural changes to the trade finance market that occurred during the last decade, as companies active in this sector have become successful in sectors that had been traditionally occupied by credit institutions, while at the same time alternative trade finance solutions, such as supply-chain financing, have appeared. 17 According to the OECD, disruptions at supply level in the finance value chain, such as these caused by the evolution of FinTech, can affect the entire value chain and, consequently, affect the investment and growth in the whole economy. The OECD, as other international institutions, points out the significance to gather and examine more and better data and information on the phenomenon, to monitor and evaluate its evolution, and the evolving dynamics in the global finance market as well. With respect to FinTech companies, offering new and evolved services in the financial sector either on their own or in cooperation with traditional market players, OECD particularly notes that most of them, because of the new and innovative form of the services they provide, have not yet been subjected to the same regulatory constraints unlike traditional providers in the financial sector.
Apart from its work on the FinTech phenomenon in general, OECD has also addressed the issue of the technology penetration in the insurance sector, with its Insurance and Private Pensions Committee issuing in 2017 a report 18 in the context 17 OECD, Directorate for Financial and Enterprise Affairs, Statistics Directorate, Working Party on Financial Statistics, FinTechs and the Financial Side of Global Value Chains -Statistical Implications, 18 October 2017b, available at: https://www.google.com/url?q¼http://www.oecd.org/ officialdocuments/publicdisplaydocumentpdf/%3Fcote%3DCOM/STD/DAF(2017)1% 26docLanguage%3DEn&sa¼U& ved¼0ahUKEwi415veqfndAhVSzKQKHdH4BwgQFggFMAA&client¼internal-uds-cse& cx¼012432601748511391518:xzeadub0b0a&usg¼AOvVaw2lHVjrXz5XPSN4oYW5EtK4. 18 OECD (2017a), Technology and innovation in the insurance sector, available at: https://www. google.com/url?q¼https://www.oecd.org/pensions/Technology-and-innovation-in-the-insurancesector.pdf&sa¼U&ved¼0ahUKEwiWj9f039PdAhUCgVwKHaXHAykQFggEMAA& client¼internal-uds-cse&cx¼012432601748511391518:xzeadub0b0a&usg¼AOvVaw35pEXGS_ a-RTBghdnkCRvf. of its Going Digital project, 19 recording the InsurTech technologies having the potential to bring innovation to the insurance sector and affect the regulatory practices of insurance marks, examining how InsurTech is being funded and how insurers are engaging with start-ups entering the market. Further to reviewing the current situation in the InsurTech sector, OECD attempted to highlight the role of regulators in the further evolution of InsurTech. It started by stating that the entry of InsurTech, from a competition law point of view, could be viewed as having the potential to increase the competition in the relevant market, improve the efficiency in production and supply, and ultimately result in lower prices and wider choice.
From an insurance regulatory aspect, OECD notes that the currently applicable provisions on prudential capital and/or fit and proper requirements may be the cause that most InsurTech providers do not obtain insurance and/or insurance mediation licenses. Thus, the prudential requirements provisions, although important for financial stability purposes, may at the same time act as obstacles for the entry into the relevant market of new and innovative players and, as such, as a hindrance to free and greater competition. In this context, OECD documented the different approaches that national regulatory authorities begin to take to address InsurTech, ranging from regulatory sandboxes to the enactment of new regulation, with a particular focus on privacy and data protection issues that emerge from the new InsurTech applications.
The paper also pinpointed some wider policy considerations arising from the appearance of InsurTech and its entry in the relevant market. It is, for example, noted that ampler digital policies can assist in the development of technological solutions in the insurance markets. 20 In the same relevance, the efforts undertaken to improve cyber security could also assist in raising awareness to the public for the risks associated with internet-based transactions, as well as ensuring sufficient development of cyber security measures. With respect, particularly, to insurance regulation and supervision, as insurers are subject to direct audits, among others, on their IT systems, the competent authorities should examine ways in which such supervision could be carried out, to appropriately monitor the risks to insurers caused by the use of technological advances. 19 Considering the ongoing digital transformation of economies and societies, OECD launched the "Going Digital" project, with the aim to construe a coherent and comprehensive policy approach, so that the digital evolution may result in stronger and more inclusive financial growth. Detailed information on the project and its preliminary findings are available at: http://www.oecd.org/goingdigital/project/. 20 The Estonia's ID card and digital signature services that resulted in the seamless incorporation of digital insurance solutions, as ID authentication can be easily facilitated, were mentioned as an example.

The View of the International Association of Insurance Supervisors
The International Association of Insurance Supervisors (IAIS) in the context of its mission as an international standard setting body to promote effective and globally consistent supervision of the insurance industry, aiming at fair, safe, and stable insurance markets, has addressed the FinTech evolution issue, with a focus particularly on its implications for the insurance industry. 21 In its report, IAIS proceeds with a description of the innovative technologies and business models that have the potential to transform the insurance business, their drivers, and their potential impacts. The analysis considered the main types of innovations that are currently affecting the insurance business, including, among other, digital platforms (internet, smartphones), Internet of Things (IoT), telematics/telemetry, Big Data and Data Analytics, Machine Learning and Artificial Intelligence, etc. The report noted as well that at this stage there are many uncertainties that prevent IAIS from reaching the most likely outcome and, hence, the impact on insurance regulation and supervision, which is anticipated to result from the combination of technology and the disruption it may cause to the insurance industry in the long term (supply side disruption), and societal changes, in the sense of consumer reactions from or influence to the insurance value chain (demand side disruption).
To reach some conclusions concerning the supervisory implications from InsurTech, the IAIS examined three different scenarios: one where insurers effectively maintain the overall customer relationship and use technology firms for their advantage, one where the insurance value chain is increasingly disaggregated and insurers rely on their business cooperation with technology firms or service providers for premium income, and one where big technology firms use their technology and analytical advantage to squeeze out of the market the traditional insurers. Following the above analysis and with respect to all three scenarios, the IAIS resulted in some core themes and supervisory considerations that (will) need to be addressed, including the following: • Competitiveness: According to IAIS, it is expected to reduce longer-term. As such, IAIS enquires whether supervisors should take actions to encourage competition and new entrants in the relevant market. • Consumer choice: It is also expected to reduce, because: technology is expected to lead to more customized products, thus possibly to less comparability between product providers, and existing insurers will benefit from increasing policyholder data. In this relevance, according to IAIS, supervisors will have to consider how to safeguard the ability to compare products from different providers, and whether to legislate on data portability between providers. 22 • Interconnectedness: The development of InsurTech, in combination with a limited number of technology platforms that support big data and increased data analytics, may pose an increased risk of interconnectedness. 23 In this relevance, supervisors will have to examine whether current reporting standards may need to be amended to capture additional information. • Regulatory oversight: New players are expected to be added in the insurance value chain because of new technologies and business models, thus limiting the potential for effective regulatory oversight. Supervisors and policymakers may need to reassess the scope of the regulation to ensure adequate consumer protection and the ability of regulators to monitor the market trends. • Business model viability and prudential capital requirements: In the end, there is a possibility that business models will become less resilient. As the riskprofile changes, regulators and policymakers will have to ensure the efficiency and adequacy of the applicable prudential capital frameworks. • Conduct of business: Insurers and/or technology providers are anticipated to provide more on-demand products, which, however may result in the provided insurance products to reflect more the insurers' objectives and less the customers'. 24 IAIS enquired in this relevance, whether a minimum level of transparency for consumers should be required for any potential conflicts of interest to be highlighted. • Data ownership: Personal data collected from customers and processed is expected to increase, particularly considering the use of internet-connected devices (IoT applications). On this aspect, the IAIS examined whether regulation concerning data protection and, particularly, Big Data technologies will have to be re-evaluated and amended, to address any new risks to the customers.
The IAIS concluded that the evolution in the FinTech sector is expected to pose new challenges to the competent insurance supervisors, who will, first, need to understand the functioning of the technological innovations, so that they can adequately assess the new product and business models. Any risks deriving from said innovations will have to be duly balanced against the benefits to the customers and the insurance sector as a whole; thus, technological innovation will have to be supported by the insurance supervisors. IAIS also pointed out that supervisors and policymakers will have to evaluate and, where needed, adapt the applicable regulatory framework, for any new risk and business models to be adequately addressed. As also highlighted by the FSB, supervisors will have to ensure adequate resources, knowledge and skills, to have the capacity to effectively deal with the new InsurTech evolutions.

Activities on the EU Level
Apart from the initiatives on the international level, the European Union has also endorsed the importance of the FinTech (r)evolution both in general and in particular for the financial services sector. In this relevance, the competent EU institutions 25 and the ESAs (and other organs) are addressing the different issues arising from the penetration of FinTech in the relevant markets in various ways, including by settingup expert working groups and fora, by issuing communications, announcements and guidelines, and in general, by proposing new policies for the EU Single Market to reap the benefit from the technological boost, and at the same time to be appropriately prepared against the ensuing potential risks.
In the same context, the European Economic and Social Committee (EESC) addressed the issue of the IoT emergence from a more general standpoint, particularly considering the issues arising from its use with respect to consumer and business safety and privacy. In its Opinion "Trust, privacy and security for consumers and businesses in the Internet of Things", 26 the EESC referred to the notion of the IoT and its economic and social benefits as part of a globalized world, as well as to the problems deriving from its use, such as the difficulties that may arise in identifying liability in case of law violation or third-party damage, and the security issues that are inherent to the IoT use. In this context, the EESC proposed a series of actions to be taken by the competent authorities, with the aim of minimizing any potential adverse affects of the IoT, such as the creation and promotion of regulatory sandboxes, the appointment of independent institutes and agencies as caretakers of IoT projects, encouraging European and international standardization, ensuring affordable, high-quality access to all IoT users, guaranteeing the effective operation of alternative and online dispute resolution mechanisms, and establishing an appropriate collective redress system. 25 The European Commission's actions related to FinTech may be found at: https://ec.europa.eu/ info/business-economy-euro/banking-and-finance/fintech_en. 26 European Economic and Social Committee, Opinion "Trust, privacy and security for consumers and businesses in the Internet of Things (IoT)" [own-initiative report], INT/846, 19 September 2018, available at: https://www.eesc.europa.eu/en/our-work/opinions-information-reports/opin ions/trust-privacy-and-consumer-security-internet-things-iot-own-initiative-opinion.

The European Commission's Approach
The European Commission has taken numerous steps to fully comprehend and evaluate the FinTech phenomenon and its implications for the financial services sector. In its relevant Communication describing an EU FinTech Action Plan, 27 the Commission views FinTech as a domain where the themes of financial services and digital single market meet. According to the Commission, FinTech applications have the ability to provide better access to finance and improve financial inclusion, assist in the deepening and broadening of the EU capital markets, facilitate the achievement of compliance obligations for regulated entities, but at the same time create new challenges both to such regulated entities, and to regulatory authorities, and the markets at large as well.
One of the primary issues examined by the Commission in its FinTech Action Plan is the issue of the licensing requirements that may apply to FinTech providers and applications under the EU or respective national sector specific laws, which aim to allow effective supervision, consumer protection, and uniform operating conditions. Considering the fact that national regulators do not always adopt uniform approaches on the implementation of these requirements, and that new financial services may not always fall into the scope of the applicable EU law provisions, the Commission invited the ESAs to map the current authorizing and licensing approaches for innovative FinTech business models, and issue, where appropriate, guidelines on such approaches and procedures. As far as the national regulators are concerned, the practices of innovation hubs 28 and regulatory sandboxes 29 are also addressed. In this context, it was proposed that the ESAs continue mapping such FinTech facilitators, identify best practices, and even issue guidelines on these facilitators, whereas the Commission mentioned that it will issue within 2019 a report on best practices for regulatory sandboxes. What is important with respect to FinTech facilitators is that the Commission is seen to encourage their adoption by all the competent national regulators, despite the fact that not all of them accept these practices as falling within their scope of work and competences.
The Commission's Action Plan refers to other issues to be further addressed for FinTech solutions to be able to enhance the quality of the financial products and 27 Communication from the Commission to the European Parliament, the Council, the European Central Bank, the European Economic and Social Committee and the Committee of the Regions, FinTech Action Plan: For a more competitive and innovative European financial sector, COM (2018) 109/2, 08.03.2018, available at: https://ec.europa.eu/info/publications/180308-action-plan-fintech_en. 28 In the sense of institutional arrangements where interested entities (either regulated or not) may discuss FinTech-related issues with the competent supervisory authorities, and seek the latters' opinion on whether a contemplated new business model would be compliant with the applicable regulatory requirements, or clarifications on such applicable requirements. 29 Regulatory sandboxes constitute a controlled space/environment created by the competent supervisory authorities, within which regulated firms and FinTech providers may test their FinTech applications for a limited time to validate and test their contemplated business models. services provided in the EU Single Market, and for any potential risks, such as cyberrelated risks, data, consumer and investor protection, and market integrity issues to be effectively tackled. Such points include, among others, the development of common EU standards for FinTech solutions, the need to enhance interoperability, removing obstacles to the use of cloud computing services by means of EU guidelines, cross-sectoral self-regulatory codes of conduct or standard contractual clauses, strengthening the cyber-resilience of the financial sector, etc. The issue of technology neutrality of the applicable EU rules is also brought up, as it is mentioned that the enactment of the applicable EU rules precedes the technological innovations and, consequently, does not always encapsulate subsequent developments. 30 Further to its FinTech Action Plan, the Commission also launched in February 2018 the EU Blockchain Observatory and Forum, with the aim to accelerate blockchain innovation and development within the EU to establish the EU as a global leading blockchain forum. In the context of its general mandate, the EU Blockchain Observatory and Forum monitors blockchain initiatives in Europe, gathers knowledge on blockchain solutions, constitutes an attractive and transparent forum for sharing information and opinions, and recommends actions to be taken at EU level. 31 In the context of its mission, the EU Blockchain Observatory and Forum has already issued a series of thematic reports on blockchain-related themes, including a report on Blockchain Innovation in Europe 32 and a report on Blockchain and the GDPR. 33 The Commission has organized relevant workshops on blockchainrelated issues, such as its "Blockchain in Europe" Workshop hosted in Vienna on May 22, 2018, in which the current state of blockchain innovation in Europe is examined and proposals for future priorities are made. 34 The Commission also noted in its FinTech Action Plan 35 that one of the important issues to be tackled is the fact that the competent national regulatory authorities do not have deep knowledge and understanding of the FinTech solutions, their operation, and their applications in the financial sector. In this relevance, the Commission established the EU FinTech Lab, with the aim to raise the level of 30 The EU insurance law provisions on the disclosure of precontractual information are a characteristic example in this relevance, namely the relevant provisions of the Insurance Distribution Directive (IDD), according to which insurance distributors, as a rule, shall provide to their clients the necessary precontractual information in paper form, whereas another stable means or electronic provision of the information is permitted as an exemption and under specific conditions. 31 More information on the EU Blockchain Observatory and Forum and its mission is available at https://www.eublockchainforum.eu/. 32  capacity and knowledge on FinTech innovations and, in general the new technologies, of the national regulators, in the context of which the competent officers will be directly informed and trained by market participants, while relevant regulatory and supervisory issues will be discussed. The EU FinTech Lab met for the first time on 20 June 2018 and discussed the issue of cloud outsourcing in banking and insurance sectors. 36

The European Supervisory Authorities' Actions
In combination with the actions taken at a general EU level, the European Supervisory Authorities (ESAs) also address the issue of the FinTech developments and their implications in the financial sector, from a more specific-oriented point of view.

EIOPA's Take on InsurTech
Particularly concerning the insurance market and FinTech's/InsurTech's impact thereon, the European Insurance and Occupational Pensions Authority (EIOPA) acknowledges that InsurTech's effects span across the value chain of the insurance market from the stage of product design and development, across pricing and underwriting, and until claims management. Considering this, according to EIOPA, InsurTech solutions create new opportunities for consumers, in the sense that they may result in more personalized products and services, better customer experience, enhanced transparency and competition; and for the insurance industry, as InsurTech developments can be more cost efficient, enhance the companies' risk assessment process, create direct access to customers, including targeted, individualized advertisements, and assist in the companies' compliance procedures ("RegTech") and their efforts against insurance fraud. At the same time, EIOPA's view is that InsurTech may also cause new risks to both consumers (such as, risks concerning the fair pricing treatment of consumers, privacy and data ownership issues, exclusion of non-digital customers, etc.) and to the industry (e.g. cyber-risk, IT flaws, entry of new competitive market players, etc.). 37 In view of the importance of InsurTech according to EIOPA's view, EIOPA organized on 28 April 2017 its first InsurTech Roundtable, with representatives from supervisory authorities, consumers, incumbents, start-ups, consultancy firms, and IT experts to discuss the benefits and risks of the digitalization of the insurance market, and any potential obstacles to effective financial innovation. The Roundtable addressed a number of issues, 38 such as the impact of digital technologies in the insurance value chain, the advent of new players, blockchain and smart contracts, peer-to-peer insurance, artificial intelligence, etc., most of which referred to the specific issue of Big Data and their importance for the insurance sector. 39 The significance of data and data processing for the insurance industry was directly linked to the emergence of IoT applications and their use in insurance, in particular in motor insurance, and in household and health insurance, which allows for more accurate prediction of risks and events, more personalized pricing, products and services, and may even have broader results, such as assist in the reduction of motor accidents by providing incentives for more safe driving habits. The participants also pinpointed potential downfalls from the use of IoT applications in insurance, such as the fact that personalized products may not permit comparison between the different products, or that high-risk consumers may face access issues. On 9 November 2017, EIOPA conducted a 2nd InsurTech Roundtable that addressed numerous issues, including the impact of InsurTech on underwriting, the relation between Big Data and risk management, and the relation between Big Data and pricing. 40 Apart from the Roundtables, EIOPA established a multi-disciplinary InsurTech Task Force (ITF), 41 with the mandate to lead EIOPA's work in connection with the issues arising from the development of InsurTech, expected to complete its work by the end of 2020. According to the prioritization made by EIOPA, the ITF will, primarily, proceed with a thematic review on Big Data by insurers and intermediaries, map the innovation facilitators established by national insurance regulators, examine the current authorizing and licensing requirements and the application of the proportionality principle in the area of financial innovation in particular, and assess whether guidelines on the outsourcing to cloud service providers must be issued by EIOPA. It is noted in the ITF's Mandate that at a later stage it could also undertake other works, including further assessment of the design and use of algorithms to determine how such complex IT tools and processes may be best 38 A summary of the discussions in EIOPA's first InsurTech Roundtable is made in EIOPA-BoS/ 17-165, EIOPA InsurTech Roundtable: How technology and data are reshaping the insurance landscape, 05 July 2017a, available at: https://eiopa.europa.eu/Publications/Reports/08.0_EIOPA-BoS17-165_EIOPA_InsurTech_Roundtable_summary.pdf#search¼InsurTech. 39 The role of Big Data for the financial services sector in general has been acknowledged by all three ESAs, the Joint Committee of which issued a Discussion Paper on the Use of Big Data by Financial Institutions, available, along with the responses to it, at: https://www.esma.europa.eu/ press-news/consultations/joint-committee-discussion-paper-use-big-data-financial-institutions. 40 A preliminary agenda of EIOPA's 2nd InsurTech Roundtable and further information may be found at: https://eiopa.europa.eu/Pages/Events/2nd-InsurTech-Roundtable.aspx. 41 The Mandate of EIOPA's InsurTech Task Force, as published on 13 April 2018, EIOPA-BoS-17/ 258, may be found at: https://eiopa.europa.eu/Publications/Administrative/InsuTech%20Task% 20Force%20Mandate%20-%20BoS.pdf#search¼EIOPA%2DBoS%2D17%2F258. supervised, examine and propose remedies to the supervisory challenges arising from new business models, and maybe even establish a European Insurance Innovation Hub.

ESMA's Input on the FinTech Problematic
The European Securities and Markets Authority (ESMA), acknowledging the importance and the effects of FinTech in the relevant markets, participated actively in the public consultation launched by the European Commission for the issuance of its FinTech Action Plan by submitting its responses and thoughts on a number of topics 42 , such as crowdfunding, outsourcing and cloud computing, distributed ledger technology, the role of regulation and supervisors, etc. Furthermore, ESMA's third Financial Innovation Day on 10 February 2017 was dedicated to FinTech and its impact on regulation, the market, and the consumers. 43 ESMA's findings and actions may provide the insurance market with complementary insight to those of EIOPA in the FinTech area.

EBA's Activity in Relation to the FinTech Phenomenon
The European Banking Authority (EBA) has established a FinTech Knowledge Hub, 44 with the aim to enhance the cooperation between the competent authorities, and with FinTech firms, technology providers and regulated entities, the monitoring of financial innovation, knowledge sharing, and to ensure that any regulatory and supervisory approaches are consistent with the principle of technological neutrality. The FinTech Knowledge Hub was established by the FinTech Roadmap published by EBA following a public consultation, 45 which also sets out EBA's priorities for 2018-2019. Said priorities include the evaluation of licensing and authorization approaches towards FinTech companies and analyses the existing national FinTech facilitators (innovations hubs, regulatory sandboxes) to identify a set of best practices and assist in achieving consistent and coordinated supervisory practices, monitoring innovation and assessing the possible risks and opportunities arising from new business models, promoting best supervisory practices concerning the assessment of cybersecurity issues, examining consumer issues arising from FinTech applications, etc. Based on its FinTech Roadmap, EBA issued on 3 July 2018 two reports concerning the prudential risks and opportunities arising from FinTech, 46 and the impact of FinTech on the business models of credit institutions. 47

Activities on National Level
The FinTech phenomenon and its impact in the financial services sector have been in the focus of national regulatory authorities as well, both within Europe and across the globe. A number of national authorities have established innovation facilitators, either innovation hubs or regulatory sandboxes, whereas other states have opted in favor of enacting new regulatory provisions to address specific issues arising from the rapid technological evolution (e.g. from the appearance and use of autonomous vehicles). There are also national authorities that operate a contact point to which FinTech companies may address their questions on licensing requirements, disclosure obligations, compliance obligations, etc. As it is beyond the scope of this paper to describe and refer to each one of the national initiatives, some indicative examples are presented below.

The United Kingdom example
On 7 August 2018 the Financial Conduct Authority (FCA) in cooperation with 11 more financial regulators and related organizations announced the creation of the "Global Financial Innovation Network" (GFIN), 48 aiming at promoting communication and interaction between FinTech companies and regulators, and cooperation between national regulators on innovation-related topics. A consultation was launched (until 14 October 2018) concerning the functions of the GFIN. Among the proposed main functions, there is the idea of the establishment of a "global sandbox" which will provide FinTech firms with an environment in which they will be able to test the solutions they intend to provide on a cross-border basis and receive respective feedback from the competent authorities. 46 EBA Report on the prudential risks and opportunities arising for institutions from FinTech, published on 3 July 2018b, and available at: https://eba.europa.eu/documents/10180/2270909/ Report+on+prudential+risks+and+opportunities+arising+for+institutions+from+FinTech.pdf. 47 EBA Report on the impact of FinTech on incumbent credit institutions' business models, published on 3 July 2018c, and available at: https://eba.europa.eu/documents/10180/2270909/ Report+on+the+impact+of+Fintech+on+incumbent+credit+institutions%27%20business+models. pdf. 48 More detailed information is available at: https://www.fca.org.uk/news/press-releases/fca-collab orates-new-consultation-explore-opportunities-global-financial-innovation-network.
Other than engaging in the above initiative, UK authorities have also decided to address technological innovation issues by reviewing existing legislation and assessing whether changes need to be made. Namely on the introduction of autonomous vehicles, the UK Government has instructed a review of the existing driving laws to examine any legal obstacles thereto and identify any needs for regulatory reforms. 49 According to the publicly available information, the competent Law Commission of England and Wales and the Scottish Law Commission will examine crucial questions, including who is the "driver" or the responsible person, how to allocate civil and criminal responsibility in the event that there is some human control, the role of automated vehicles in public transport networks, whether there is a need for new criminal offenses, etc.

The Swedish example
Sweden is one of the largest hubs for FinTech innovation, with approximately 1/5 of the European FinTech investments. In this context, and for these statistics to remain, the Swedish Government gave a mandate in May 2017 to the Swedish Financial Supervisory Authority, which in turn established a FinTech Regulatory Sandbox, in which FinTech providers may submit their ideas and contemplated projects and request for regulatory guidance directly from the authority. The FinTech Regulatory Sandbox is expected to assist primarily the FinTech companies in obtaining the necessary information and guidance from the regulator and in ensuring that their proposed solutions are in line with any applicable regulatory requirements, as well as the Financial Supervisory Authority, which in this way will be in a better position to monitor the developments in the financial market.
The Swedish government is actively engaged in promoting innovation in Sweden, having established the Swedish National Innovation Council, presided by the Prime Minister.

The Hong Kong example
The Insurance Authority (IA) of Hong Kong has launched various initiatives to promote innovation and its application in the business models of authorized insurers. 50 In September 2017, an InsurTech Sandbox was launched, where 49 "Government to review driving laws in preparation for self-driving vehicles", 6 March 2018, available at: https://www.gov.uk/government/news/government-to-review-driving-laws-in-prepara tion-for-self-driving-vehicles. 50 Detailed information on the Insurance Authority's InsurTech initiatives may be found at: https:// www.ia.org.hk/en/aboutus/insurtech_corner.html. authorized insurers and technology companies cooperating with authorized insurers may test the innovative technological solutions they intend to apply in their business models, under the principles of the Sandbox's operation, 51 and collect market information, as well as user feedback, before launching their new products and services into the market. Also in September 2017, the IA launched a fast track procedure concerning exclusively applications for authorizations of new insurers using solely digital distribution channels. Considering that insurers authorized under the Fast Track procedure will not be permitted to accept business from non-digital channels, the IA also adopted general principles applicable on this special authorization procedure to safeguard the policyholders' interests. 52 The IA has also established an "InsurTech Facilitation Team" to promote communication with InsurTech companies active in the field of developing and implementing InsurTech solutions. The Team's objective is to assist InsurTech providers in gaining a better understanding of the applicable insurance regulatory requirements, to act as a platform for the exchange of ideas, and to provide advice in InsurTech-related topics. Furthermore, the Future Task Force of the Insurance Industry 53 has been established and cooperates with the IA, with the aim to explore the future of the insurance industry in Hong Kong. One of its working groups is the Financial Technology-FinTech group, with a focus on promoting the application of FinTech in the insurance industry.

The Singapore example
One of the countries known as "homes" of innovation is Singapore. Singapore and its competent Monetary Authority (Monetary Authority of Singapore-MAS) is considered a progressive regulator, closely following up on technological innovation and even encouraging it. In this context MAS established, as early as August 2015, its Financial Technology and Innovation Group (FTIG), 54 as competent to form 51 According to these principles, every trial must have a clearly defined scope (e.g. timing, duration, size and type of insurance business, target market, technology involved, etc.), adequate control procedures must be in place for the supervisory requirements to be met, adequate consumer protection safeguards must be also adopted, the insurer must have adequate resources and be able to demonstrate the InsurTech initiative is ready for testing, as well as have an exit strategy in place in the event that the trial has to be terminated, among others. 52 Such principles include that all solvency, capital, and local asset requirements must be met, whereas any other requirements may be modified or non-applicable in the event that IA decides so, all policyholder protection measures apply, the IA may impose restrictions on the insurance products to be sold by Fast Track insurers, etc. 53 Further details are available at: https://www.ia.org.hk/en/aboutus/task_force/introduction_of_ future_task_force.html. 54 FTIG comprises three divisions: (a) Payments & Technology Solutions Office, which engages with regulatory policies and strategies for simple, swift, and secure payments, (b) Technology Infrastructure Office, which is responsible for promoting safe and efficient technology enabled regulatory policies and strategies to facilitate the use of technology and innovation to the benefit of the financial sector. MAS, furthermore, acknowledged the need for close cooperation between different competent authorities and established in May 2016 a FinTech office, the members of which include MAS, the Economic Development Board of Singapore, Infocomm Investments Pte Ltd, Info-communications Media Development Authority, the National Research Foundation, and SPRING Singapore. 55 Moreover, MAS has adopted the regulatory sandbox practice, with the aim to prevent companies from not implementing their innovative solutions if they are not sure of such solutions' compliance with the applicable legal and regulatory regime. MAS's FinTech sandbox aims to enable financial institutions and FinTech companies to experiment with innovative financial products and services in a secure and controlled environment. The regulatory support provided by MAS 56 to innovations entering the sandbox consists in relaxing, for the duration of the experiment, specific legal and regulatory requirements, which would be otherwise applicable. MAS undertakes further initiatives and has become a hub in showcasing innovation in areas such as the future of banking, InsurTech, Blockchain and distributed ledger technology, RegTech,et al. 57,58

Summary and Conclusions
The rapid developments in the InsurTech and, more generally, in the FinTech universe affect not only the operation of the insurance industry, but also the activities of the regulatory authorities that are competent for the supervision of the financial sector. Regulators face the challenge of adapting to the new market conditions, while it seems they will be required to exercise their powers and competences in a way that will balance between their mission to safeguard financial stability and consumer infrastructure for the financial sector in areas such as cloud computing, big data and distributed ledgers, and (c) Technology Innovation Lab the object of which is to search for innovative technologies with potential application in the financial industry and to cooperate with the industry and relevant parties to test-bed innovative new solutions. 55 See in this relevance: http://www.mas.gov.sg/Singapore-Financial-Centre/Smart-Financial-Cen tre/MAS-Role.aspx. 56 More details on the conditions and operation of MAS's FinTech Regulatory Sandbox may be found at: http://www.mas.gov.sg/Singapore-Financial-Centre/Smart-Financial-Centre/FinTech-Regulatory-Sandbox.aspx. 57 The also featured Global FinTech Hackcelerator is a competition for innovative start-ups looking to address problems from the financial industry. Detailed information is available at: https:// fintechfestival.sg/. 58 More information on the Global FinTech Hackcelerator 2018 can be found at: https:// fintechfestival.sg/festival-line-up/hackcelerator/. protection on the one hand, and, on the other, the need to foster innovation and free competition in the relevant markets.
In this regard, a number of fundamental questions arise. The scope of regulation in connection with the new FinTech/InsurTech services and providers, considering the relationship between said providers and financial services incumbents, will have to be defined. As various FinTech services may be made available across the financial sector, the question will arise as to who will be the competent regulator. In the same context, as the new FinTech/InsurTech services address the global market, the geographical scope of the regulators' competence will have to be addressed. Various other questions are of relevance, concerning the appropriateness and sufficiency of the available supervisory tools, methods, and resources.
International and EU organizations, authorities and fora, including FSB, OECD, IAIS, EIOPA, and the European Commission, as well as national regulatory authorities, are shifting their focus on the regulatory issues arising from the penetration and rapid evolution of technology, and on the potential benefits and risks it may cause. In this context, they have undertaken initiatives with the aim to better understand the FinTech/InsurTech phenomenon and to determine the appropriate regulatory approach to it.
To mention some significant actions, the FSB has identified a number of key issues for the national regulators, including three points that are considered priorities for international cooperation: (a) the management of operational risks from thirdparty service providers and the assessment of the adequacy of the existing regulatory frameworks, (b) the mitigation of cyber-risks, and (c) the monitoring of macrofinancial risks. The OECD has also specifically focused on examining the penetration and the impact of technology in the insurance sector. From an insurance point of view, the IAIS has examined the InsurTech impact on the insurance market and has defined some core themes and supervisory considerations that will need to be addressed.
On an EU level, the European Commission has assessed the impact of FinTech and has issued a relevant Action Plan, while also establishing the EU Blockchain Observatory and Forum. The European Supervisory Authorities are taking actions to determine their approach towards the FinTech phenomenon going forward. From a purely insurance point of view, EIOPA has established a multi-disciplinary InsurTech Task Force (ITF), with the aim to address the issues arising from the development of InsurTech.
A number of national regulatory authorities, such as the UK, Sweden, Hong Kong, and Singapore have taken specific initiatives, including the formation of innovation facilitators and dedicated working groups that aim to increase the communication and interaction between regulators and market players.
In the challenge of the rapidly evolving scenery, legislators, and regulatory bodies are called to invest on human talent and technology resources, while the inherently trans-border nature of the phenomenon calls for active international cooperation in the field of legislation and supervision.