An ECON draft report on digital finance recommends legislative action in relation to cryptoassets and cyber resilience and a framework for digital onboarding.

By Stuart Davis, Sam Maxson, and Anna Lewis-Martinez

On 4 June 2020, the European Parliament’s Economic and Monetary Affairs Committee (ECON) published a draft report setting out its recommendations to the European Commission on digital finance, including emerging risks in cryptoassets and regulatory and supervisory challenges in the area of financial services, institutions, and markets.

The aim of the draft report is to address the main areas that demand a pan-European regulatory response to digital finance. Three priority areas are highlighted for consideration for legislative action: cryptoassets, cyber resilience, and data. These areas are noted as key to the future development of digital finance in the EU.

ECON emphasises that law and supervision in the area of fintech should be based on the following principles:

  • The same services and their associated similar risks should be subject to the same rules
  • Technology neutrality
  • A risk-based approach

The draft report states that European financial entities, and in particular fintechs, require a comprehensive and stable regulatory framework to expand their activities and operate with legal certainty. It also highlights the need for the Commission to work closely with international organisations and regulatory bodies to develop international standards, given the cross-jurisdictional nature of digital finance.

ECON’s proposals for the three priority areas set out in the draft report are summarised below.


ECON recommends that the Commission put forward a legislative proposal for cryptoassets, to provide legal certainty for the treatment of cryptoassets while ensuring consumer and investor protection. It also suggests that the Commission develop a taxonomy concerning cryptoassets, starting with a common definition. Any pan-European taxonomy for cryptoassets should be open-ended, since cryptoassets are likely to significantly evolve over the coming years. This likely evolution also means that regulators need to develop a flexible regulatory approach to cryptoassets while still providing regulatory certainty as soon as cryptoassets are issued.

With regards to scope, the draft report notes that “applying existing regulations to previously unregulated crypto-assets will be necessary, as will creating bespoke regulatory regimes for evolving crypto-asset activities, such as initial coin offerings”.

Cyber resilience

ECON calls on the Commission to make a legislative proposal in the area of ICT and cybersecurity requirements for the EU financial sector in order “to address any inconsistencies, gaps and loopholes that are found to exist in relevant law”.

These legislative changes should focus on the following four key areas:

  1. Modernisation
  2. Alignment of reporting rules as regards ICT incidents
  3. A common framework for penetration and operational resilience testing across all financial sectors
  4. Oversight of critical ICT third-party providers

The draft report also emphasises the need for greater information sharing, in particular on incidents, and enhanced coordination between relevant regulatory and supervisory authorities.


ECON asks the Commission to examine how to ensure that digital finance entities can access relevant and useful data to enable fintech businesses to grow. ECON also requests that the Commission consider a framework for digital onboarding and the use of digital identities, with the aim of harmonising these measures across the EU. In addition, the draft report highlights the increasing use of customer data (or Big Data) and calls for enhanced oversight in this area.

Next steps

Whether the Commission will take on board all or any of ECON’s recommendations remains to be seen. Still, the Commission has committed to finalise the FinTech Action Plan by Q3 2020, and ECON’s draft report encourages the Commission to adhere to that timeframe.