Does GDPR Give FinTech a Competitive Advantage?


Finance Insights for ProfessionalsThe latest thought leadership for Finance pros

Thursday, February 6, 2020

GDPR has led to a range of complicated changes that companies have had to abide by. But in the world of FinTech, has this actually proven advantageous?

Article 3 Minutes
Does GDPR Give FinTech a Competitive Advantage?

GDPR has caused a major shift in the way the business world works. Although the legislation comes from the EU, it has affected data protection worldwide; large companies in the US spent $7.8 billion preparing for the regulations, compared to just $1.1 billion spent by big UK businesses.

This took a lot of work, and few businesses felt they were prepared for it; fewer than 15% said they were ready for GDPR just months before it came into effect. However, while it has undoubtedly caused issues in some cases, it may well have been a boon for FinTech firms, who are enjoying a competitive advantage at the moment.

If you work in a FinTech business, you might disagree; after all, complying with GDPR doesn’t feel particularly advantageous. However, there are a number of factors that put smaller companies in this sector in a much better position compared to other industries. Here’s how GDPR could be giving you a competitive advantage:

It’s cheaper for FinTech firms to adapt

One thing we have seen with some certainty is that it’s significantly cheaper for smaller businesses to comply with GDPR. This is beneficial for FinTech firms, which tend to be smaller than in other industries. Globally, 95% of companies in this industry have less than 150 employees, with 33% consisting of just one employee.

This makes it much easier for FinTech businesses to afford the cost of compliance. In addition, FinTech as a sector has less compliance work to complete on average. One survey found financial services to have the third-cheapest average compliance cost of any industry, beaten only by media, and industrial goods and services.

Data security is baked into FinTech

The nature of FinTech means data security has to be front and center for firms; after all, the data they collect is mainly financial in nature, so any breach could be disastrous. The industry as a whole is much more aware of security issues.

“On the whole, most financial institutions are not complacent about the risk.” - Megan Butler, Executive Director at Supervision


Even before GDPR came into effect, UK financial firms employed more than 11,500 staff to tackle financial crime. This isn’t to say that the FinTech industry is immune to data breaches, but the sector is, as a whole, more informed about the risks and therefore further along in the process of keeping data secure.

Banks have been hit

Despite working in similar sectors, banks are some of the biggest competition for FinTech firms. However, the banking industry has been one of the worst hit by the need to comply with GDPR, the cost of which is an eye-watering average of £66 million (around $88 million) per organization.

In turn, data breaches have led to an erosion of trust in open banking, with 49% of professionals believing consumer relations have been damaged as a result. While banks are suffering, FinTech firms are much more able to absorb the (lower) costs of GDPR compliance and benefit from the dip in competition.

Finance Insights for Professionals

Insights for Professionals provide free access to the latest thought leadership from global brands. We deliver subscriber value by creating and gathering specialist content for senior professionals.


Join the conversation...