Fintechs have reshaped financial services globally, delivering new ways to move money, extend credit, and include those previously excluded. Their growth raises a fundamental question: should supervisors tighten rules to protect the system, or loosen them to accelerate innovation?

“Regulating Fintechs: Defense vs. Offense” argues this framing misses a deeper reality: 50-year-old outdated supervisory tools keep regulators reactive, not proactive.

Why Read This Paper?

This paper reveals why the defensive/offensive debate is a false trade-off, highlights key findings from supervisory practice, and explores how regulators can move beyond yesterday’s methods to manage tomorrow’s fintech ecosystem.

Early Observations on the Regulatory Dilemma

Decades of groundwork via PSD1, PSD2, and PSD3 created fertile ground for fintech growth. Yet recent policies like ECB Decision (EU) 2025/222 provoke tough questions: is fintech regulation a defensive fortress shielding stability, or an offensive weapon nurturing competition?

The reality is complex. Over-regulation stifles innovation and burdens fintech competitiveness, ultimately hurting consumers. Under-regulation invites systemic risks fintechs are not always equipped to manage. The critical task is finding a calibrated path empowering fintechs to thrive while safeguarding trust.

Purpose-built technology offers tools for real-time oversight, meaning old arguments for heavy controls lack nuance in 2025 and beyond.

Some Findings

  • Regulatory frameworks remain focused on defensive measures -restrictions, barriers, and risk containment.

  • Supervisory processes are still highly manual, involving spreadsheets, PDFs, and fragmented communication.

  • Central banks and supervisors lack purpose-built digital tools to manage fintech relationships at scale.

  • Innovation is constrained as fintechs struggle to access essential services like accounts, safeguarding, and payment networks.

  • Regulators often play catch-up, intervening only after risks materialize.

Defense vs. Offense: A False Choice

While defensive regulation shields the system, it risks choking innovation, limiting competition, and pushing activity outside supervision. Offensive regulation encourages experimentation but, without effective tools, creates blind spots and systemic vulnerability.

Both fall short because the supervisory model itself has not evolved.

The Way Forward

Regulating fintechs means modernizing supervision so regulators can:

  • Manage risk at scale

  • Maintain visibility into fast-growing fintech ecosystems

  • Enable safe innovation benefiting citizens and economies

Rather than react, supervisors must engage earlier, see further, and intervene with confidence. The future will be decided not by defensive or offensive aims - but by regulators adapting to innovation’s pace.

The real question isn’t to defend or attack; it’s whether regulators are ready to lead. This shapes the future of financial services: will fintechs be relegated to red tape or steered onto open highways of inclusion?

Download our comprehensive whitepaper to join the debate on fintech regulation: explore the evolving landscape and learn how smart regulation balances protection with progress. The future of finance depends on it.