ICM320-FinTech Regulation and Data Protection

Module Provider: ICMA Centre
Number of credits: 10 [5 ECTS credits]
Terms in which taught: Spring term module
Non-modular pre-requisites:
Modules excluded:
Current from: 2021/2

Module Convenor: Dr Antony Moore
Email: t.moore@icmacentre.ac.uk

Type of module:

Summary module description:

Regulation is often seen as an obstacle to innovation, or innovation as a way of avoiding regulations. However, successful Fintech products and services must comply with the letter and spirit of financial regulations, and effective regulation of Fintech is essential to protect wider public interests. This module will place the relationship between financial innovation and regulation at the centre of students' understanding of Fintech 


This module starts by introducing how financial regulation seeks to protect consumers and markets, looking at the rationales for regulation, national and international organisational structures, and approaches to regulation. Each of these will be linked to the impact that it may have on new financial technologies, recognising that Fintech is a broad term that covers a wide variety of products and services, each of which may be subject to regulation by different regulators and in different ways. Fintech innovations are often seen as a form of regulatory arbitrage. But the relationship between regulators and innovators need not be adversarial, and this module will also explore how regulators are engaging pro-actively with Fintech developers to encourage innovation and provide advice on compliance with regulation. It will also investigate the emerging potential of 'RegTech', namely the use of new technologies to facilitate the delivery of regulatory requirements. The module will then consider how financial and Fintech firms collect and manage data, the role of data monetisation in Fintech business models, and the challenges presented by the General Data Protection Regulation and by cyber-crime. Cyber-security is a key concern today and the module will examine the sources of cyber-vulnerability and the importance of instilling a strong cyber-security culture within an organisation. 

It should be stressed that this module does not provide detailed instructions on how to comply with current regulatory standards for FinTech in the UK or other jurisdiction. Indeed, this space is developing so rapidly that any such coverage would soon be out-dated. Rather it aims to provide students with a fundamental appreciation of the general rationales for, organisational structures of, and approaches to regulation and how they may interact with new financial technologies. 

Assessable learning outcomes:

After completing the course, students should: 

  1. Demonstrate their understanding of the fundamental rationales for regulation, regulatory structures and approaches by explaining how and why these apply to different financial technologies 

  2. Discuss the interaction between regulation and innovation in finance, including the potential for regulation to encourage or discourage new technologies, or how new Fintech products can support complia nce with regulation ('RegTech') 

  3. Evaluate the issues with the collection and management of user data, both in terms of monetisation, the GDPR and cyber-security 

  4. Discuss the significance of culture in promoting good conduct and cyber-security 

  5. Demonstrate command of the above by applying them to a practical case study 

Additional outcomes:

Students are expected to keep up to date with new developments in regulation, politics and finance by reading news and practitioner sources. They are encouraged to be forward-looking in developing their own opinions on how these may affect Fintech and financial regulation. Students will improve their oral communication skills by participating in the seminars and by presenting on a case study. 

Outline content:

1. Rationales for financial regulation - how do these apply to Fintech? Recent scandals and crises  

2. Structure of financial regulation - where does Fintech fit? Regulatory arbitrage or RegTech  

3. Encouraging innovation: case study of the FCA sandbox  

4. Monetising data and the General Data Protection Regulation 

5. Cyber-security - scale of the problem. Sources of vulnerability. Fostering a cyber-security culture 

Global context:

This module will consider international dimensions of regulation, especially where Fintech products operate across multiple jurisdictions. Case studies may be drawn from different countries. 


Brief description of teaching and learning methods:

The core theory and concepts will be presented during lectures. Case studies and practical examples will be discussed in the seminars. 

Contact hours:
  Autumn Spring Summer
Lectures 10
Seminars 5
Guided independent study:      
    Wider reading (independent) 30
    Wider reading (directed) 10
    Preparation for seminars 10
    Essay preparation 25
    Reflection 10
Total hours by term 0 100 0
Total hours for module 100

Summative Assessment Methods:
Method Percentage
Written assignment including essay 100

Summative assessment- Examinations:

Summative assessment- Coursework and in-class tests:

Students will be asked to complete a written assignment of 2,500 words (100%) to be submitted in the first week of the summer term. 

Formative assessment methods:

Seminar questions are assigned for each class. The seminar leader will facilitate discussion and offer feedback. 

Penalties for late submission:

Penalties for late submission on this module are in accordance with the University policy.

Please refer to page 5 of the Postgraduate Guide to Assessment for further information:


Assessment requirements for a pass:

50% weighted average mark

Reassessment arrangements:

By resubmission of report in August/September, as part of the overall examination arrangements for the MSc programme 

Additional Costs (specified where applicable):

Last updated: 8 April 2021


Things to do now