Simon Taylor, Fintech expert: "We lost a generation of fintech growth"
A decade ago, startups, regulators and government came together to make the UK the ‘fintech capital of the world’. London, in particular, incubated a new generation of globally-leading companies that went on to inspire other ecosystems around the world.
But somewhere along the way we lost this spirit. Now, the Chancellor is urging the Financial Conduct Authority to take more risk once again to support growth, as innovation in financial services has slowed. This call came alongside a suite of other interventions, including the long-anticipated National Payments Vision and wider Mansion House capital reforms.
Given the laudable ambitions, we caught up with fintech expert Simon Taylor (Founder of FintechBrainFood and Head of Strategy at Sardine.ai) to unpack what it means for startups and the future of fintech, dig deeper into spiralling issues like APP fraud, and discuss how startups can plot a way through regulatory complexity.
Simon’s take on the future of UK fintech:
UK fintech is still coasting on pre-2016 momentum. We now have a few companies hitting their stride, but we’ve lost the next generation of potential growth because of risk aversion and slow regulatory action.
We need to get away from the idea that everybody has to upgrade at once for our market structure to be upgraded. That way nothing gets done. If you want arthritis as an industry, do nothing. If you want to move forward, take more baby steps and iterate.
The National Payments Vision says all the right things, but we need much faster delivery than we’ve seen so far. We’ve done little to make open banking fulfil its potential, and we’re in the middle of a scamdemic that requires a different approach going forward.
On fraud, the UK gets an A for effort, but a D for implementation. New APP fraud rules lack nuance and disadvantage smaller institutions, and we need both improved data and liability between banks, consumers and tech companies.
People think that building a startup is a drag race, i.e. ‘just go really fast in a straight line’. But really it’s like F1. There's a reason a lot of companies never make it round the corner. The world of financial services is complex. You can learn that lesson late or you can bake it in early.
Full interview with Simon Taylor, FintechBrainFood Founder and Sardine.ai Head of Strategy:
FORM: What led you to get so deep into fintech?
ST: I've spent about the last 20 years in payments and software engineering. I was one of the founders of 11FS, the UK fintech consultancy, was Head of Crypto R&D at Barclays, and now I write the FintechBrainFood.com weekly newsletter and podcast, host the Tokenized podcast, and by day work at Sardine.
I started my career in software and got into payments around 2009. As an early adopter of technology, I would email people internally about emerging trends and companies like Square, Stripe, and Bitcoin. And I also can’t shut up, so I blog a lot. By pushing your thoughts out on a regular basis, you find other people resonate with them. I've always been curious about tech, and ended up working in finance, and those two things just happened to come together while I was working at the coalface.
For years you’ve been tracking the UK’s fintech startup and regulatory landscape. Now, the National Payments Vision has just been launched. What’s your take?
So it says all the right things, and reading between the lines, there's a couple of important critiques.
First, the Treasury not only wants the FCA and the PSR to be more coordinated — and frankly, I'm not surprised, this is something I hear from industry a lot — but they've made the FCA the leader in any work where both of them are combining. That's helpful because now there's one voice that does the speaking.
Second, payment infrastructure upgrades are too slow. I'm sorry, but it's just painful to watch how slow the technology upgrade is. It seems to be taking longer and going slower with each passing year. But now the regulators have had to step in and say “we're going to reform PayUK, we're going to take your bat and ball away from you and we're just going to go and make this happen ourselves.”
Then the two big priority initiatives are open banking and fraud. As far as open banking is concerned, we’ve done nothing since 2016 except Variable Recurring Payments, and even that’s not widely implemented. We don't have open banking, we've got open current accounts and, again, even then most people don't know how to use it. We promoted the current account switching service, which nobody uses, way more than we promoted open banking. And banks barely support any of the optional stuff.
Then there’s fraud. And oh my, we are in a scamdemic.
But what I really worry about is the new delivery committee. IBM, Oracle, the consultants, the big banks, they're going to crawl all over this. How are you going to ensure that the innovator has a voice at the table? Fintech companies have got their policy teams in place and they'll try to be in the room, but they very rarely have a voice.
We need to get away from the idea that everybody has to upgrade at once for our market structure to be upgraded. It's just daft to me. If the big pushback from banks is “we don't think our systems will be ready in time because we're terrible at change, so we're going to claim it’s not secure and push for delay after delay”, then frankly, the solution to something not being secure is not to do nothing, it's to test it! You've learned so much more if you test it in pilots and move forward than if you do nothing.
Too often, people try to reduce the probability of failure rather than the impact of failure. I did an interview with Tom Blomfeld in 2017 and he said ‘most banks don't know what graceful degradation is’, and I think most policymakers also don't know what it is: it means if one little thing fails, the whole system doesn't have to come down. That little thing inside your mobile app can be like, “Hi, I'll be back soon”, but everything else still works.
So if you want arthritis as an industry, do nothing. If you want to move forward, take more baby steps and iterate.
Let’s focus on fraud — regulators are intervening, and there’s a new generation of companies responding too. How do you think the UK is doing?
On fraud, I’d give the UK an A for effort, but a D for implementation.
The 50/50 liability split announced as part of new rules into APP fraud disproportionately affects smaller institutions. The big banks actually end up doing quite well out of it. And it lacks nuance. If, as a digital bank, I am a second account for a customer, not the primary bank account, I might not see their salary, their mortgage payment or anything like that. I might only ever see a couple of cross border transactions or some spending abroad occasionally. So that doesn't necessarily look dodgy to me because that's what most of my customers do. The big banks will say “that little company gets all of the fraud”, but the little company will say “I can't see as much as you guys can see and you won't share any data with me.”
It is shockingly poor how little thought was given to data sharing. Most of the big banks have just stuck with the fraud tools they already have, while most of the smaller companies have actually really moved the ball forward on prevention and done some really fascinating things that should be best practices. And we haven't brought in telcos or the tech companies into the data sharing regime or the conversation at all — the fact that we don't have the tech sector involved is a scar on the whole country.
And then there's no point at which liability shifts back to the user. In Singapore, if as a bank you have bent over backwards to make that customer aware that you think this is a scam, made them wait for three hours, made them watch a training video, held the payment for a day, etc., and they still want to do it, then they can say ‘I'm sorry, customer, now you're liable because we really, really, really think this is a scam’. Singapore's done that and it goes live in December.
Looking forward, we need to detect the signs of a scam about to happen. We need more signals and detection up front and more data sharing on the back. I'm passionate about creating a standard that is certified on an annual basis that fundamentally moves the ball forward on how we detect fraud, that makes detection techniques upgradable on a regular basis. We need to continue to push the boundaries of R&D on detection and data sharing consistently. This is the metaphor behind the name ‘Sardine’ — as the threat comes, react faster. We talk about moving at "sardine speed": ship, deliver, test, and iterate rapidly.
Can you reconcile that hope against the change in the UK’s growth and regulatory culture over the last few years? There was a time when London was branded the ‘fintech capital of the world’. Have we lost that?
Yes. I would have once, hand on heart, shouted it from the rooftops that I am so proud of the UK fintech policy agenda, and the culture, energy and momentum that we had. We have coasted on the pre-2016 momentum. We're getting a little bit of it back because there are lots of companies that are now hitting their stride at growth pre-IPO, but where's the next generation?
We lost a generation of potential growth because we didn't like the consequences of creating competition. What happened was smaller companies didn't do some things right, and for whatever reason, we decided that was far worse than the things that big banks had done after the financial crisis. Smaller companies should have done better, but let’s stay proportionate.
There’s this false dichotomy between being risk-averse and being productive. The biggest risk is doing nothing because if you do nothing, you won't improve competition, you'll damage growth, equality, living standards, and, in turn, public services. The cost of doing nothing is massive.
We need to find the most effective way to do something faster. In a world where the Draghi report is proposing that the EU needs to get faster, I am shocked that that message has not landed yet in the UK. We are extremely capable, yet culturally we seem to be stuck in this miserable, drizzly "we've got to slow it down" mindset.
We were once a world leader. We’re not anymore. I look at Singapore, the UAE, the United States, some parts of France, Spain, Latin America, Brazil, Mexico - there are so many countries I would put ahead of the UK now.
It's not surprising that all of the AI companies have their second office in London, because we have all of the talent, but they're not homegrown because we have no IPO market, no exit route, no sources of capital. We don't have an entrepreneurial mindset as a nation, as a City of London, but we could. We really could.
How do you see the best startups navigate all this complexity?
Frankly, if you have any exposure to the United Kingdom whatsoever, it is in your interest, fundamentally, not only to understand regulation but also to be able to actively shape it. The reason the UK had a fintech sector in the first place was policy innovation. Policy innovation came from people who realised that if we have infrastructure, we can build competitive businesses over the top of that infrastructure. And the infrastructure doesn't need to be heavy, it just needs to be thoughtful.
You will create an unfair advantage as a company by being able to shape this stuff. People think that building a startup is a drag race, ‘just go really fast in a straight line’. But really it’s like F1. There's a reason a lot of companies never make it round the corner. The world of financial services is complex. You can learn that lesson late or you can bake it in early. At least being policy literate is very, very powerful.
Check out more of Simon’s analysis at FintechBrainFood.com:
Hit reply with follow up questions, suggestions of technology or policy leaders we should interview, or get in touch if you’re building at the frontier of tech and regulation.