GLOBAL GOVERNMENT FINTECH LAB 2025: PANEL SESSION THREE
The Global Government Fintech Lab 2025’s third panel session discussed the evolving structures and solutions used by financial supervisors, Ian Hall reports
Financial regulators are duty-bound to keep up with innovation in the private sector in order to effectively supervise it. But they also have an eye on emerging technologies in order to themselves make use of them to help them do their job.
Global Government Fintech Lab 2025’s third panel session – ‘Super supervisors? How well are financial regulators engaging with innovative technology?’ – explored how authorities in Ireland, Portugal, the Isle of Man and Latvia are approaching both these challenges.
The discussion, held on 11 June and which included a private-sector perspective from event knowledge partner TSO, spanned both structures – for example, innovation hubs and regulatory sandboxes – and solutions, for example the use of artificial intelligence (AI).
It also took in implementation of fintech-relevant laws. With three of the panel being from European Union (EU) member states, most significantly this was the Markets in Crypto-Assets Regulation (MiCAR) – a comprehensive framework aimed at harmonising the regulation of crypto-assets and related services across the 27-member bloc.
SANDBOXES: EXPLAINED Sandboxes are (virtual) spaces for projects to test and experiment with new technology, overseen by regulators, and/or for authorities to themselves hone regulation. Sandboxes are becoming increasingly common worldwide.
Ireland’s ‘more purposeful’ evolution
Central Bank of Ireland (CBI) head of innovation strategy and policy Miriam Dunne began by setting out the authority’s evolving approach.
The CBI ran a consultation on ‘innovation engagement’ 18 months ago as it looked to enhance an existing Innovation Hub, which launched in 2018, and launch an ‘innovation sandbox programme’.
“Given the pace of digitisation and the ever-changing landscape, we needed to do more and really engage very deeply with the ecosystem [private sector] to better understand innovation [and] to better equip innovative firms to understand our expectations,” Dunne explained.
The CBI now has a “more purposeful” innovation engagement strategy, providing “much more structured supports to the ecosystem,” she said.
The CBI’s first sandbox cohort comprised seven projects focused on tackling financial crime and concluded via a ‘showcase’ event on 9 June (a couple of days before the Lab). The second sandbox cohort theme will be payments innovation.
Portugal’s innovation ‘check-in’
Banco de Portugal payment systems department head Maria Tereza Cavaco was the next speaker.
She described her own department as “not purely a supervisory department nor purely an IT department” but “in the middle.”
“We ‘fill the gap’ whenever a new player, a new business model or new technology is applied in the payments field,” she explained. “That’s why, in recent years, we have become a kind of gateway or check-in for new projects in Portugal.”
Portuguese central bank initiatives of direct interest to fintech innovation include ‘Portugal FinLab’, an innovation hub established in 2018 by Portugal’s three financial supervisory authorities; and the central bank’s development of an artificial intelligence (AI) tool platform called ALYA.
Cavaco herself has also been involved in payments-related developments at a European level, including migration towards the Single Euro Payments Area (SEPA – an EU initiative to facilitate the standardisation of euro-denominated payments); and more recently, the digital euro (central bank digital currency) initiative.
IoM: ‘easy to collaborate’
Ros Lynch, head of supervisory practices, innovation and IT at the Isle of Man Financial Services Authority (IoM FSA), was the session’s third speaker. While the IoM FSA is relatively small (with about 102 staff at present), it has “a lot of innovation” on its agenda, she said.
Lynch described her own role as involving both “internal” and “external” innovation: for example, in the former case, “building out our technology stack”; and, in the latter, “engaging with firms and helping them navigate our regulatory landscape.”
Among current priorities, the IoM FSA is working in collaboration with government departments to create a fintech strategy.
“Because we’re small, it’s easy for us to collaborate quite easily without a lot of red tape,” Lynch said.
The authority is also continuing extensive preparations for the IoM’s next international anti-money laundering (AML) assessment: specifically, a visit – expected in about one year’s time – from MONEYVAL, the Financial Action Task Force (FATF)-style monitoring body of the Council of Europe that assesses compliance with the principal international standards on AML and countering the financing of terrorism (CFT).
RELATED ARTICLE Manx united for fintech: an interview with the Isle of Man’s Ros Lynch and Kurt Roosen (published 26 June 2024) – the IoM’s planned fintech strategy was among many initiatives discussed
Latvia ‘actively adapting’
Latvijas Banka’s fintech supervision department head Marine Krasovska – speaking at her fourth successive Global Government Fintech Lab – took up her current role two-and-a-half years ago after Latvia’s Financial and Capital Market Commission (FCMC) was integrated with the central bank.
Her responsibilities include supervising companies’ IT security and related risks; and implementing EU regulations such as MiCAR and the Digital Operational Resilience Act (DORA), which she described as two “critical” frameworks.
The central bank itself was “actively adapting” its supervision processes to meet the demands of digitalisation, she said.
It operates both an Innovation Hub and sandbox to foster growth and collaboration in the fintech ecosystem.
She highlighted that, since the 2024 Lab, non-bank payment service providers now have the possibility to join its Electronic Clearing System (EKS) – a move allowing them to directly process payments in euro across SEPA.
She said this development would directly help many fintech companies and was proof of the authority’s commitment to building an “open, secure and innovative” ecosystem. She added that this progress was possible through strong cooperation with other state institutions such as the Ministry of Economics, industry associations, academia and educational partners.
‘RegTech for regulators’
Alan Blanchard, business development director at UK-headquartered company TSO – a publishing company working for organisations that create regulation, standards and guidance – was the session’s fifth speaker. His focus is helping regulators to use technology to help their regulatory activities: ‘RegTech for regulators,’ he said.
He formerly worked for almost five years at the UK’s Financial Conduct Authority (FCA), where he engaged TSO to help overhaul the digital version of the FCA’s Handbook (which contains rules, guidance and other provisions for financial firms operating in the UK) and make it a “much more user-friendly experience.”
He referenced the current UK context of the government’s ‘regulating for growth’ agenda (an HM Treasury policy paper published in March stated that ‘regulators must be attuned to the challenges facing businesses and be able to adapt to new industries, the challenges posed by new technologies and avoid disproportionate risk-averse behaviour’). In his opinion, the objective here is not, in many instances, about “simplifying” regulation but instead about “making regulation easy to find, define and understand” – something that TSO directly helps with.
Blanchard was asked by moderator Siobhan Benita – a former senior civil servant in the UK – for his view on the typical appetite for, and quality of, public-private collaborations using technology.
He responded that, in his experience, progressive thinkers working for financial services regulators are mostly relatively well disposed to using technology (“because of fintech and all the technology that surrounds it”) compared to many other regulated areas.
RELATED ARTICLE Public sector fintech moves up a gear as Dublin hosts fourth ‘Lab’ – our on-the-day wrap-up article
‘Open heart and cold mind’
The panel was asked to highlight further examples of public-private engagement related to fintech.
Krasovska highlighted the Latvian government’s development of a fintech strategy, published in 2023 (a second edition is expected to be published later this year). “This process brings together key stakeholders – industry associations, major market players and relevant institutions – to identify gaps and define actionable priorities,” she said. “As a result, we now have more than 60 specific tasks distributed across various government institutions, with active support and input from the private sector.”
One consequence has been an improvement in Latvia’s financial licensing process (regulatory authority to operate), she said. “Based on industry feedback – ‘design thinking’ – we introduced a pre-licensing phase to make the process more transparent and efficient,” she explained. “To ensure real value, we interviewed more than 20 market participants [companies] who have gone through the licensing journey with us. Close dialogue allows companies to approach us during the pre-licensing stage to clarify requirements and get guidelines on what needs to be improved. This cooperation helps us refine our processes in line with market needs.”
She referred again to the EKS change. “The first company has already been granted direct access, with several more in the pipeline,” she said. “This is a clear example of how collaboration and commitment from private-sector associations and the industry drive practical progress in strengthening Europe’s payments infrastructure.”
“As a regulator, our approach is always to come with a mindset of ‘open heart and cold mind’,” she said. “We aim to help market participants fully understand regulatory expectations, objectives and build a trustworthy environment where innovation and compliance may grow.”
Considering ‘risk-reward’
Lynch mentioned the IoM’s regulatory sandbox and Financial Innovation Hub.
She described the latter, which was set up in 2023, as “effectively a one stop-shop [that] helps people come in, meet the regulator, understand the grants available, understand the relocation [to the IoM] process [etc].”
The IoM is “very selective” as to which companies it allows to operate, she said. “You’ve got to think about ‘risk-reward’ from a jurisdictional perspective,” she explained. “While [encouraging economic] ‘growth’ isn’t in our mandate, we obviously have a lion’s eye on it,” she continued. “We’ve got some really interesting success stories coming through.”
Given the IoM FSA’s size, the authority has to strive to “work smarter” in terms of its own resources and IT spending.
Global Government Fintech interviewed Lynch last year about the authority’s data modernisation journey (including its creation of a ‘back office’ data system called ‘Atlas’ to house its supervisory activity). “We’ve been building our tech stack for the past five to seven years,” Lynch told the Lab audience. “We’ve now got really structured data. Our data strategy is, I feel, really robust.” Like any authority, however, it needs to be “very cognisant” of data security, particularly in the context of moving to ‘cloud’ storage.
The authority values collaborations with private providers, referencing its partnership with a Luxembourg-based company, Regsearch, to use AI for compliance-related interactions with companies. “We’ve learned a lot through these collaborations,” she said. “The end-game would be that we make our very content-heavy website more accessible to anybody looking for information.”
Keeping up with tech trends
Cavaco described the launch of Portugal FinLab as marking the start of the central bank’s “active engagement” with fintech-related innovative projects.
Portugal FinLab is now in its sixth edition, with the related ‘call for projects’ attracting more than 140 applications. After a ‘pitch presentations’ (over one or two days in total), a maximum of five of those projects each time are selected for participation (the sixth edition’s selected projects were announced on 15 April).
The central bank provides a “very detailed” report to all applicants where it flags what it sees as regulatory obstacles alongside advice (“if you want to proceed with the project, maybe it’s better if you go this way or that way…”). “We provide these reports to the applicants and discuss with them if it really fits their needs and if it really answers their good questions,” Cavaco explained.
She highlighted a “distinctive feature” as being the involvement of three supervisory authorities and Portugal FinLab’s ability, therefore, to handle “cross-sectoral” projects: for example, those that have (say) both insurance and payments elements.
Applicants benefit from having input from all relevant authorities in a single report. “Our reports are very well received by the applicants,” she said (adding that most projects submitted to Portugal FinLab are typically ‘business-to-business’ initiatives rather than ‘business-to-consumer’).
She also wanted to highlight “something that is very important to us regulators” – that the central bank sees the Portugal FinLab as a “privileged channel” to keep its “knowledge updated regarding new business models [and] new technologies”. This was crucial to its efficacy as a regulator, she said.
‘Buy-in’ from ‘ecosystem’ essential
Dunne described how the Irish sandbox had been created after “extensive” consultation and required “buy-in” from the fintech “ecosystem”. It was important, she said, that the theme of each cohort related to a public policy priority and contributed to the public good.
She highlighted that a hackathon-style event with university students to develop innovative solutions to combat financial crime in May was organised in co-operation with London-based company NayaOne. “It really opened up the possibilities as to what we could do through the sandbox,” she reflected, saying that the partnership enabled the central bank to offer up about 300 datasets (for example, related to financial crime and bank transactions) for use by sandbox participants.
Two-way interaction with sandbox participants has been crucial, Dunne said. “We ask the participants: ‘What do you want to get from the programme?’,” she explained. “Unless you understand their needs, and then they understand our needs, we can’t work together.”
The sandbox involves staff from across the central bank presenting to the companies: for example, central bank’s ‘financial integrity’, anti-money laundering (AML), policy and consumer protection specialists.
She made two further points about collaboration. First, that two of the seven projects in the sandbox’s first cohort were multi-company initiatives, illustrating the importance to the CBI of encouraging successful partnerships; second, that the CBI had learned a great deal from “peer” financial regulators, particularly the UK FCA, in developing its sandbox.
Helping ‘real-time’ decision-making
Blanchard spoke of the advantages to supervisory authorities of transforming static regulatory content into structured, machine-readable digital-ready data.
“Imagine us all a few years forward and we [have] managed to convert all rules, regulations, policy documents and guidance into structured data – managed by the regulator,” he said.
“Then, when you’re [as a regulator] drafting a policy and writing a change to a rule, you can effectively execute that change in real time against your rules and understand what it’s going to ‘break’, or what policy ends it’s going to support, and regulators can react more quickly to policy issues,” he explained.
In parallel – and “from the other side of the fence”, as he put it – this more “accurate” way of working enables regulated entities to better access and apply regulations.
Ultimately, the use of technology helps to foster compliance and innovation, leading to better outcomes for consumers, Blanchard said.
On MiCAR and CASPs
With cryptoassets’ profile on the rise, the supervisory authority representatives were asked how national implementation of MiCAR was progressing.
Portugal has “unfortunately” yet to pass legislation to assign a specific national authority to supervise and license cryptoasset service providers (CASPs), with factors such as parliamentary elections having got in the way, Cavaco responded.
However, this was “expected soon” and likely to see a “mix” of competent authorities (the central bank and Portuguese Securities Market Commission – CMVM).
In Latvia a Crypto-Asset Services Act is already in effect, with Latvijas Banka designated as supervisory authority for CASPs. The authority’s priority now is assessing applications under the new framework “to ensure a consistent licensing process for market participants.”
“Crucially, our preparation for MiCAR did not start overnight,” Krasovska said. “About two years ago, we began strengthening our capacity to ensure our supervision process and staff would be forward-looking. We launched a training programme aimed at building the right mix of skills: from attracting the best talent to upskilling our existing teams in understanding blockchain technologies.”
“To make this hands-on, we started with simple experimentation,” she continued. “For example, we created NFTs [non-fungible tokens] ourselves to understand the technology from the inside out. We also conducted an in-depth analysis of blockchain analytics tools available on the market, testing different solutions to identify the most advanced and suitable for supervisory purposes. We carefully studied how providers differentiate their methodologies, and we selected the appropriate tools to support our work.”
“Our supervision department is now well prepared with the tools, processes, knowledge and mindset needed to implement MiCAR effectively,” she added.
NFTs: EXPLAINED NFTs are ‘one-of-a-kind’ digital assets whose uniqueness is guaranteed by blockchain technology.
Ireland’s MiCAR transition
Ireland is in the midst of a 12-month MiCAR ‘transition period’ that will end on 29 December 2025.
The central bank has “quite an experienced team” handling CASP authorisations, Dunne said.
She also highlighted the importance of ongoing multi-country co-ordination through the European Securities & Markets Authority (ESMA)’s digital finance standing committee (DFSC) to “drive supervisory convergence and authorisation convergence across CASPs in Europe, particularly the top players.”
The Isle of Man is not part of the EU and therefore is not subject to MiCAR. But the IoM FSA, naturally, already needs to be fully alert to crypto from an AML (and MONEYVAL) perspective.
The IoM FSA ran a consultation on crypto regulation in early 2024. Lynch said the authority had “discussed internally about whether or not we would move and try and adopt an Isle of Man-type of MiCAR legislation.”
“Our current stance is that we’ll see what everyone else is doing and we might cherry-pick what works,” she added.
Protecting consumers
The session drew to a close with the panel asked how supervisors could ensure that end-consumer perspectives always remained front-of-mind.
“One of our regulatory objectives is to protect consumers – I would imagine it’s in all of our objectives,” Lynch responded, adding two specific points.
First, that “accessibility” to supervisors’ websites can often be challenging. “We have so much information – it’s very hard to find out how things operate, which is among the areas that we’re trying to work on,” she said.
Second, the importance of only allowing companies to graduate from a sandbox “into the real market” after they have successfully completed “extensive testing” and the authority is satisfied that they would “provide a good service” (in the context of consumer protection).
Dunne highlighted that “the consumer [angle] will be so important” during the CBI’s next sandbox programme on payments innovation, including in how projects are selected to participate.
On the related topic of financial accessibility and literary, she said the central bank was “trying to do more outreach” through its Innovation Hub, noting that groups such as Safeguarding Ireland were among the respondents to a consultation on its ‘innovation engagement’.
Capitalising on technology
Overall the session showed how the jurisdictions represented in the discussion are on similar journeys in respect of the structures they have created to curate fintech-related innovation in the private sector.
The Central Bank of Ireland’s work with NayaOne, Banco de Portugal’s development of ALYA, the IoM FSA’s partnership with Regsearch and Latvijas Banka’s learning-by-doing creation of its own NFT can all be added to a growing list of examples of financial authorities partnering, developing or experimenting themselves with the latest technology.
The challenge – as always – for the supervisors is finding the resource and time, not to mention market awareness, to continue to capitalise on the possibilities that technology provides.
link