All Posts By

Chirag Bhatia

Chirag Bhatia is a senior analyst at Everest Group, located in our Gurgaon, India office.

FinTech Sandboxes: Good for Business Growth, Good for Countries’ Economies | Blog

By | Banking, Financial Services & Insurance, Blog

Since the early part of this decade, when technology-backed disruptions started knocking on businesses’ doors, FinTech – or financial technology – transformation has been one of biggest opportunities for BFSI companies. But while they’ve consistently accelerated their transformation journeys, BFSI firms and the FinTech providers themselves have been impeded by multiple complex challenges. These include stringent regulatory requirements, exposure to cyberattacks, lack of customer trust, limited government support, and, most importantly, limited opportunities to refine and train their analytics engines in real environment.

The good news, however, is that now, even government bodies are starting to take up agendas to facilitate and foster FinTech innovation. Over the past two years, multiple countries, including Denmark and the Netherlands, have come up with their own versions of regulatory sandboxes to promote activity in the FinTech space. In addition to attracting a multitude of players looking to innovate and deliver FinTech services, these sandboxes have also contributed significantly to the overall business growth in the countries in which they’re located.

Lithuania’s FinTech Sandbox

Against this backdrop, let’s take a look at Lithuania’s newly-established FinTech sandbox through multiple lenses: what it means for the participants, how it will impact the country’s global services industry, and factors that BFSI and FinTech firms need to focus on to leverage innovation opportunities from these types of initiatives.

On October 15, 2018, Bank of Lithuania kickstarted a regulatory sandbox for FinTech start-ups and BFSI firms. The goal is to enable the companies to test their new products/solutions in a live environment with real customers, while Bank of Lithuania provides consultations, simplified regulations, and relaxations on supervisory requirements. After successfully testing their new products, the companies can implement them in a standard operating environment.

Key Highlights of the Lithuania FinTech Sandbox

Key highlights of the Lithuania FinTech sandbox

Impact on Lithuania’s Service Delivery Market

While the Lithuanian FinTech market experienced 35 percent CAGR growth between 2015 and 2017, we expect it to grow by an additional 35-45 percent in 2019-2020. The FinTech sandbox will contribute significantly to this growth. Other drivers will include:

  • A large, tech-savvy, and growing workforce with relevant skills and educational qualifications (e.g., advanced degrees in science, mathematics, and computing)
  • Unified license providing access to a large EU market across 28 countries
  • Favorable regulatory policies, including expeditious licensing procedures and regulatory sanctions exemptions (e.g., remote KYC allows firms based outside Lithuania to open an account in the country without having a physical presence there)
  • Proactive government policies, including creation of funding sources (e.g., MITA), and streamlining laws and tax relief programs for start-ups
  • A state-of-the-art product testing environment for blockchain, through the country’s LBChain sandbox, which is set to open in 2019

Here are several aspects of Lithuania’s service delivery growth story that we expect to see in the next couple of years.

  • Delivery region: While service delivery demand will continue to be strongest from Lithuania and the Nordic countries, we expect strong growth in delivery to other European and SEPA (Single Euro Payments Area) markets. This will be driven by players looking to hedge their post-Brexit risks of buying/delivering services from only London
  • Segments/use cases: Most of the growth will come from lending and payments platforms, with relatively lower growth in capital markets and insurance
  • Business model: While B2B will remain the dominant model, we expect a significant uptick in in “B2C & B2B,” due to increasing demand for a better customer/institutional experience
  • Collaboration between startups and financial institutions (FI): Startups will continue to leverage FIs as distribution partners, but we expect significant growth in models where FIs partner with start-ups as customers or sources of funding

How Should BFSI and FinTech Players Strengthen their Own Growth Stories?

As BFSI and FinTech continue to walk the transformation tightrope in the everchanging regulatory space (e.g., PSD2 and GDPR), they need to focus on the following factors to successfully grow:

  • Understand the need: Look across your existing and aspirational ecosystem of FinTech delivery, and zero in on key priorities (e.g., solutions, target markets, need for regulatory sandboxes) if any, to enable a future-ready delivery portfolio
  • Establish your approach: Tune your delivery strategy to progressive principles such as availability of talent and innovation potential, not just operating cost. This includes prioritizing geographies with high innovation potential and next generation skills (e.g., Denmark, Israel, and Lithuania) over low cost but low innovation potential alternatives
  • Brainstorm your scope: Build relationships with leading BFSI players and start-ups to share/learn best practices around efficient operating models and promising use-cases. This specifically includes liasing with incumbents operating in sandboxes to prioritize select use cases with transformative potential before testing in a real environment
  • Get ready: Selectively rehash your technology model to simplify legacy systems, become more intelligent about consumer needs, and reduce exposure to cyberthreats
  • Keep an eye out: Look for opportunities (e.g., sources of funding, sandboxes, and partnerships) to help you innovate, develop, test, or successfully implement solutions

The good news is that the push (or pull) towards FinTech transformation is in same direction for all leading stakeholder groups – service providers, buyers, collaborators, customers, and government bodies. But, because the least informed is often the most vulnerable, BFSI, FinTech firms, and companies seeking their services must stay informed and keep looking for opportunities and solutions.

To learn more about other key emerging trends in the FinTech space, please read our recently released report, FinTech Service Delivery: Traditional Locations Strategies Are Not Fit For Purpose.

Regulatory Forces Re-scripting Service Delivery Location Portfolios | Sherpas in Blue Shirts

By | Blog

Nearshoring and reshoring are becoming increasingly prevalent in the service delivery landscape. While this is primarily due to digital technology advancements and changing business requirements, “the high entropy regulatory space” is accelerating this trend.

Over the last two years, the global services market has witnessed introduction of new laws, revisions to incumbent laws, and national leaders checking their stance on cross-border trade of services. These changes are cutting across multiple themes including delivery locations, data protection mechanisms, location of data subjects, and legality of employee data collection. And the end-result is that they are fueling a shift of delivery portfolios towards nearshore and onshore locations.

Key Regulatory Changes

A snapshot of key regulatory changes

Beyond the regulations and reforms introduced in onshore and nearshore regions, multiple regulatory shifts in offshore locations are creating additional concerns.

Key Regulatory Changes in Offshore Regions

  1. A new cybersecurity law in China requires network operators to store specific categories of data in China, and allows Chinese authorities to conduct spot checks on the stored data. With its ambiguous requirements and broadly defined terminology, the law raises concerns around data protection and intellectual property theft among foreign players.
  1. The Philippines’ Tax Reform for Acceleration and Inclusion (TRAIN) bill, which proposes to discontinue the preferential tax rates for setting up regional headquarters in the Philippines, will likely impact the value proposition of the country’s IT/BPS sector.

Given the advent of these regulatory changes, we expect significant service delivery market activity growth in onshore and nearshore Europe locations. However, the regulation-led disruption forces multiple changes.

While it is evident that these regions will reach new levels of delivery maturity in the future, the players in these regions must work now on optimizing both their people and non-people costs. This is especially critical for offshore-based companies that have heavily leveraged their offshore centers and resources. They must ensure that their delivery pyramid is optimal, and that they efficiently deploy their delivery assets and capabilities. Additionally, they need to focus on improving productivity by nurturing innovation and ensuring better sharing of best practices across their delivery centers.

To learn more about other key emerging trends in the global services industry, please read our recently released Global Locations Annual Report 2018: Service Delivery Portfolios in a Disrupted World.

The Equifax Data Theft: What if GDPR were in Force? | Sherpas in Blue Shirts

By | Blog, Outsourcing

The high entropy data protection space has once again gained headlines after Equifax, the U.S- based consumer credit reporting agency, revealed that a July 2017 theft compromised more than 143 million American, British, and Canadian consumers’ personal data. The data breach incident, one of the worst cyber-attacks in history, was conducted by hackers who exploited a vulnerability in the company’s U.S. website and stole information such as social security numbers, birth dates, addresses, and driver’s license numbers. (Equifax maintains and develops its database by purchasing data records from banks, credit unions, credit card companies, retailers, mortgage lenders, and public record providers.)

Much about the situation would have been considerably different had this breach happened after May 2018, at which time the General Data Protection Regulation (GDPR) – a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU) – goes into effect. Even though it is not headquartered in the EU region, Equifax would have come under the purview of GDPR, because it maintains and reports the data of British citizens. And the stringency of requirements and degree of implications would have been significantly higher for the credit rating agency.

GDPR and Equifax

Although not directly related to GDPR, another significant business impact is the sudden “retirement” of Equifax’s CEO less than three weeks after the breach was announced.

This massive cyber-attack is a wake-up call for the services industry. Starting today, operations and businesses must regard data protection regulations with the utmost importance. Non-compliance will not only harm firms financially, but also expose them to brand dilution and business continuity risks.

Some of the key imperatives for enterprises operating in the ever-so-stringent data protection space include:

  • Know and understand the data security laws under which your enterprise falls, especially those such as GDPR that have far reaching impacts
  • Redesign your business processes to incorporate privacy impact assessments to identify high risk processes
  • Implement necessary changes in the contracts with third parties to incorporate the stricter requirements of consent
  • Achieve process transformation to inculcate privacy by design; this includes risk exposure reduction by technological changes such as data minimization
  • Appoint a Data Protection Officer to align the business goals with data protection requirements
  • Make suitable changes in contracting and governance practices to ensure adequate emphasis on data protection

To learn more about the strategic impact of the EU GDPR on the global services industry, please read our recently released viewpoint on GDPR: “EU GDPR: Is There a Silver Lining to the Disruption.”