Everything is connected: Digital regulatory developments and the impact on financial services strategy

At a glance:

• New regulation is being implemented in the UK and EU designed to increase competition across the digital markets and services ecosystem. These developments may create strategic opportunities for financial services (FS) firms, specifically in relation to digital wallets, data-driven innovation, and cloud.
• Digital wallets: Ongoing EU/UK regulatory action – and potential further interventions in the coming months – could present opportunities for FS firms to launch wallet offerings. Firms looking to capitalise should develop digital wallet strategies to address key considerations such as payment methods supported, wallet development approach, value proposition, and launch timings and locations.
• Data: Access to customer data held by large internet platforms could drive FS innovation. The EU Digital Markets Act data portability and access provisions may offer immediate opportunities for firms to leverage this data, with customer consent. Integrating this and other longer-term data-sharing initiatives, including business to business data sharing under the EU Data Act, open finance and broader open datasets, into digital strategies, along with investment in data analytics capabilities, will be crucial.
• Cloud: Emerging EU/UK regulatory initiatives aimed at enhancing competition in cloud markets could support FS firms’ cloud strategies, especially regarding switching providers and multi-cloud adoption. In the EU, the Data Act will grant firms a "right to switch" cloud providers from September 2025.

The interdependency between digital competition regulation and financial services

The rise of large technology players has prompted regulatory responses in both the UK and EU to promote competition.

In the UK, this activity is being progressed by the Competition and Markets Authority (‘CMA’) under the Digital Markets Competition & Consumers Act (‘DMCCA’), which went live in January 2025. In the EU, it is being overseen by the European Commission under the Digital Markets Act (‘DMA’), applicable since 2023 and now being enforced.

This activity has significant implications for FS firms whose business models depend on the services and infrastructure (e.g. operating systems, app stores and search services) of large technology companies that are typically within scope of these regulations.

This blog explores the emerging strategic implications for FS firms, focusing on three key areas - digital wallets, data, and cloud.

Digital wallets

Digital wallets are apps, software or online services enabling (amongst other things) mobile payments. EU/UK regulatory and enforcement activity could create opportunities for FS firms to create new digital wallets for in-person and online payments and challenge established offerings

The UK’s CMA is investigating mobile ecosystems under the DMCCA, with results expected by October 2025. UK FS regulators have highlighted competition concerns regarding digital wallets, and suggested that the CMA could consider:

• Barriers to accessing the underlying technology on phones required for contactless payments (near-field communication (NFC)), affecting rival digital wallets. While third-party access to NFC is now available in both the UK and EU, the UK FS regulators note concerns around conditions for access (e.g. fees).
• The ability of large digital platforms to ‘steer’ customers towards their own digital wallets, including through pre-installation of certain wallets and selective access to required mobile features like push notifications.

The CMA, as part of its mobile ecosystem investigation, has signalled that potential interventions may focus on ensuring that interoperability is not restricted. Alternative digital wallets need to interoperate with the operating systems and hardware of large platforms. Specific areas being considered include rules and policies governing third-party wallets and other systems, and online choice architecture (e.g. challenges in changing default platform settings).

The CMA will also consider interventions relating to the use of alternative payment systems for in-app content, which may include alternative wallets. This could affect the fees associated with in-app payments. Platforms have already made a number of relevant changes in the EU based on requirements under the DMA, which the Commission has been considering, including through non-compliance investigations.

Banks and other FS firms looking to capitalise on the evolving digital wallet landscape should use the lead time before the investigations conclude to address some key strategic decisions, revisiting these as regulatory details become clearer. Firms should evaluate these decisions against a range of potential regulatory outcomes.

• Payment methods: Determine whether to focus solely on card payments or expand to include options such as open banking-enabled account-to-account payments and stablecoins. Consider how other EU/UK regulatory initiatives, including stablecoin regulation and open banking reforms (including on commercial models) influence the feasibility and timeline for expanding into these innovative payment methods.
• Development approach: Evaluate the costs/benefits of building a wallet in-house, perhaps leveraging the existing banking app or creating a new brand, versus partnering with others, e.g. an industry consortium or an innovative start-up.
• Wallet launch strategy: Determine the target customer segments, optimal timing and geographical jurisdictions for launch.
• Value proposition: Develop a compelling value proposition that goes beyond cost, encompassing security, user experience, and rewards (amongst others).
• Regulator-enabled testing: Evaluate the business case for testing a digital wallet solution within regulatory sandboxes.

Data

Access to customer data held by large internet platforms, which could include search history, location, browsing habits and subscriptions, could also drive innovation in FS.

FS regulators, including the FCA, recognise the potential value of this data for FS firms. Potential use cases include better insights for risk profiling (e.g., for loan applications) and personalised marketing of financial products like motor finance or pensions advice.

The EU’s DMA may offer some near-term opportunities for EU FS firms. The DMA already mandates data portability and access, requiring large internet platforms to allow users and businesses (or third parties authorised to act on their behalf, such as FS firms) to access and port data generated on certain regulated services. In response, some large platforms have introduced data portability APIs, with tools and approaches continuing to evolve.

FS firms should assess the potential value of customer data held by large internet platforms (consistent with applicable data protection regulation). FS firms should explore if EU data portability and access offerings could deliver value now.

The UK’s FCA announced it would pilot use cases to assess how data from large internet platforms could boost innovation and competition in retail financial services. Participating in these pilots could help FS firms identify potential use cases.

Depending on the results, the FCA may recommend that the CMA considers this issue under its DMCCA powers. However, this is unlikely in the short term given the CMA resources already committed to other topics. Possible future interventions could include requiring large internet platforms to share data with FS firms on fair and reasonable terms (subject to user consent).

These developments are part of a broader trend towards unlocking the economic benefits of data. Both the EU and UK are establishing open finance regimes, through the EU Financial Data Access Regulation and the UK Data (Use and Access) Act, respectively. These measures, alongside other UK Smart Data schemes, the EU Data Act and the EU’s new Data Union Strategy, will expand open datasets across other economic sectors.

Integrating all these data-sharing initiatives into digital strategies will be crucial for identifying high impact use cases. Effective horizon-scanning will be key to ensuring timely strategic and operational responses, enabling FS firms to capitalise on emerging opportunities. Investments in capabilities to mine the data such as advanced data analytics, AI and machine learning capabilities to offer tailored products – as well as Cloud adoption – may also be necessary.

Cloud

Emerging EU and UK regulatory initiatives may enhance competition in cloud markets and address barriers to switching and multi-cloud, including for FS firms.

In the EU, under the Data Act, FS firms will soon have de-facto ‘right to switch’ cloud providers, removing a range of obstacles to switching. These new rules apply from September 2025, with the removal of switching charges entirely (including data egress charges) due by January 2027.

In the UK, in January 2025 the CMA’s independent inquiry group provisionally recommended that the CMA prioritises investigations into the two largest providers in the cloud services market. If this ongoing process results in intervention, not expected before 2026 at the earliest, measures could include:

• Requirements on cloud service providers to trade on fair and reasonable terms, e.g., regarding licensing practices and pricing.
• Measures relating to interoperability and switching. For example, to reduce technical barriers and to control the level of fees associated with switching and data transfers between cloud services.

FS firms should review their cloud strategies in light of this activity. This includes considering the potential benefits associated with switching, re-negotiating, or moving towards a ‘multi-cloud’ strategy. This is especially relevant for FS firms active in the EU, given the opportunities presented by the upcoming Data Act.

Measures to facilitate switching and multi-cloud could help FS firms meet operational resilience and third-party risk management regulatory expectations. For example, the ECB suggested that resilience measures for critical functions outsourced to the cloud could include multiple cloud providers or back-up providers.

Looking forward, further potential interventions in digital markets, such as those related to AI, could also affect FS firms. For example, the CMA has been considering the risks to competition posed by AI. This includes examining the interrelationship between cloud and AI, given the criticality of access to compute for AI development and deployment.

Conclusion

The regulatory activity described above is complex and has evolved over a number of years. Distilling individual company insights across, on the face of things, potentially unconnected proceedings will likely take time. 

Firms should monitor and respond to the strategic implications of these developments in the round, incorporating digital markets competition into their existing regulatory priorities. For FS firms that can chart the key interdependencies relevant to their activities, opportunities could result.

Deloitte’s EMEA Centre for Regulatory has been considering the strategic implications of FS regulation for well over a decade and has experience of how these markets have evolved over time. Given the increasing convergence of financial services and digital regulation, we’d be delighted to discuss the issues raised in this blog and more. Please do get in touch to discuss further.