Glossary of Terms & Acronyms – FinTech and RegTech

AI Artificial Intelligence (see below)
API Application Programming Interface (see below)
Application Programming Interface (API) A set of rules and specifications followed by software programmes to communicate with each other, and an interface between different software programmes which facilitates their interaction.
Artificial Intelligence (AI)



IT systems that perform functions requiring human capabilities. AI can ask questions, discover and test hypotheses, and make decisions automatically based on advanced analytics operating on extensive data sets. Machine learning (see below) is one subcategory of AI.
AWS Amazon Web Services
BaaS Banking as a Service
BAT Baidu, Alibaba and Tencent (also known as “Chinese BigTech” companies)
Big data



A generic term which refers to the large volume of data the massive volume of data that is generated by the increasing use of digital tools and information systems.



Large, globally active technology firms with a relative advantage in digital technology. The GAFA acronym refers specifically to a set of world’s largest technology companies – namely Google, Amazon, Facebook and Apple. (The GAFAA acronym is also used to include Alibaba, China’s largest technology company.)
Bitcoin A type of digital currency in which a record of transactions is maintained and new units of currency are generated by the computational solution of mathematical problems, and which operates independently of a central bank.
Blockchain A particular type of data structure, used in some distributed ledgers, which stores and transmits data in packages called “blocks” that are connected together in a digital “chain”. Blockchains employ cryptographic and algorithmic methods to secure and synchronise data across a network in an immutable manner.
Bootstrapping The process of funding a business with an entrepreneur’s personal resources or the company’s own revenue – without any investment by outside parties.
B2B Business-to-Business
B2B2C Business-to-Bank-to-Consumer (e.g. merchant- bank-retail customer)
B2C Business-to-Consumer
CBDCs Central Bank Digital Currencies
CDD Customer Due Diligence
CJEU Court of Justice of the European Union
Cloud computing



The use of an online network (“cloud”) of hosting processors to increase the scale and flexibility of computing capacity. This model enables convenient on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage facilities, applications and services) that can be rapidly released with minimal management effort or service provider interaction.
Copy trading


[Also known as “mirror investing”.]


Trading strategies on platforms that allow users to automatically copy positions taken by a selected investor. Copy trading links a portion of the copying trader’s funds to the account of the copied investor. These strategies evolved from “mirror trading,” and both are categories of a broader phenomenon known as “social trading” (see below), i.e. the use of social network platforms to compare trading strategies.
Crowdfunding The practice of funding a project or venture by raising monetary contributions from a large number of people. It is often performed today via internet-mediated registries that facilitate money collection for the borrower (lending) or issuer (equity).
Cryptocurrency A subset of digital currencies (see below).
Cyber Relating to, within, or through the medium of the interconnected information infrastructure of interactions among persons, processes, data, and information systems.
Cyber Crime Is committed when a computer system or component is:

· the object of the crime (e.g. hacking, phishing, spamming); or

· the facilitator of a crime (such as theft of information or money).

Cyber Event Any observable occurrence in an information system. Cyber events sometimes provide indication that a cyber incident is occurring.
Cyber Incident A cyber event that:

i. jeopardises the cyber security of an information system or the information the system processes, stores or transmits; or

ii. ii. violates the security policies, security procedures or acceptable use policies,

whether resulting from malicious activity or not.

Cyber Risk The combination of the probability of cyber incidents occurring and their impact.
CX Customer Experience in FinTech
C2C Citizen-to-Citizen
DFAs Digital Financial Assistants (see below)
Digital asset Any text or media which is formatted into a binary source and includes the right to use it.
Digital currencies


[Also known as “Virtual currencies”.]



These include private currencies, such as Bitcoin, Ethererum, Ripple and Litecoin, and digital versions of national bank currencies. Because of the use of cryptography techniques, a large subset of digital currencies are referred to as cryptocurrencies.

Digital currencies are often underpinned by distributed ledger technology to record and verify transactions.

Digital ID verification A range of technologies used to confirm the identity of actors in financial transactions or other applications, e.g. to prevent fraud and to ensure the security of clients and counterparties.
Digital immigrant An individual who acquired familiarity with digital systems as an adult. [Note: Contrast with digital native (see below)].
Digital native An individual who has been interacting with technology from childhood.
Distributed ledger technology (DLT)


[Also known as “shared ledger technology”.]

A means of recording information through a distributed ledger, i.e. a repeated digital copy of data at multiple locations.


One form of DLT is the blockchain system, which can be either public or private.

DLT Distributed ledger technology (see above)


[Also known as “price comparison websites” or “comparison aggregators”.]

Internet-based venues for retail customers to compare the prices and features of a range of financial products (such as standardised insurance, mortgages, and deposit account products).


E-Aggregators also provide an easy way for customers to switch between providers.

ECNs Electronic Communication Networks
E-Trading A broad category of financial market trading methods on electronic trading platforms and virtual market places. This can include:

· algorithmic and high-frequency trading among professional investors; and

· online investment, “social trading” and “copy trading” among retail investors.

Ether A cryptocurrency whose blockchain is generated by the Ethereum platform. Ether can be transferred between accounts and used to compensate participant mining nodes for computations performed.
EU European Union
EU Directives EU-level laws that must be transposed into local legislation by the Member States within a given time period, filling in the gaps where needed. [Contrast with: EU Regulations (see below)].
EU Regulations EU-level laws that are automatically considered local law of any Member State as soon as they become active, with the CJEU (see above) being the ultimate arbiter in case of dispute.
Fiat currency Legal tender whose value is backed by the government which issued it.


[FSB definition]

Technologically enabled financial innovation that could result in new business models, applications, processes or products with an associated material effect on financial markets and institutions and the provision of financial services.
FinTech accelerator See “Innovation accelerator” below.
FinTech credit



Credit activity facilitated by electronic platforms whereby borrowers are matched directly with lenders. These entities are commonly referred to as “loan-based crowdfunders”, “peer-to-peer (P2P) lenders” or “marketplace lenders”. Such electronic platforms can facilitate a range of credit obligations – including: secured and unsecured lending; and non-loan debt funding (such as invoice financing).
FinTech hub See “Innovation hub” below.
FSTI “Financial Sector Technology and Innovation” scheme (a Monetary Authority of Singapore initiative aimed at boosting innovation).
GAFA A set of the world’s largest BigTech companies – namely Google, Amazon, Facebook and Apple.
GAFAA GAFA plus Alibaba, China’s largest technology company.
Generation X The demographic segment born approximately between 1966 and 1980.
Generation Y The demographic segment born between approximately 1980 and 2000.

Also known as millennials.

Generation Z The demographic segment born after millennials, i.e. between approximately 2000 and the present.
G2C2G Government-to-Citizen
Home regulator


The supervisory or equivalent authority in which the controlling parent of a regulated financial institution is located.
Host regulator


The supervisory or equivalent authority in which a branch, subsidiary or joint venture of the regulated financial institution is incorporated.
IaaS Infrastructure as a Service (see below)
Infrastructure as a Service (IaaS) A form of cloud computing which provides computer infrastructure on an outsourced basis, via the internet, to support enterprise operations. In an IaaS model, a cloud provider hosts the infrastructure components traditionally present in an on-premises data center (e.g. hardware, storage, servers, data centre space etc).


IaaS is one of the three main categories of cloud computing services, alongside Software as a Service (SaaS) and Platform as a Service (PaaS).

Initial Coin Offering (ICO)


[Also known as “Initial Currency Offering” and “Token Sales”.]

A type of funding using cryptocurrencies. The process is mostly commonly conducted via crowdfunding but private ICO’s are becoming more common. In an ICO, a quantity of cryptocurrency is sold in the form of “tokens” (“or coins”) to speculators or investors, in exchange for legal tender or other cryptocurrencies . The tokens sold are promoted as future functional units of currency if or when the ICO’s funding goal is met and the project launches.
ICO Initial Coin Offering (see above)
ICT Information and Communication Technologies
Internet of Things (IoT) Software, sensors and network connectivity embedded in physical devices, buildings, and other items that enable those objects to:

(i) collect and exchange data; and

(ii) send, receive and execute commands.

Innovation accelerator


A partnership arrangement between fintech providers and central banks/supervisory agencies to develop use cases that may involve funding support and/or authorities’ endorsement/approval for future use in central banking operations or in the conduct of supervisory tasks.
Innovation facilitator Public sector initiatives to engage with the FinTech sector, such as regulatory sandboxes, innovation hubs and innovation accelerators.
Innovation hub



An innovation facilitator set up by supervisory agencies that provides support, advice or guidance to regulated or unregulated firms in navigating the regulatory framework or identifying supervisory policy or legal issues and concerns.


Technology innovations which focus on the insurance sector. Can also refer to the firms which offer such innovations.
KYD Know Your Data
Machine learning A method of designing problem-solving rules that improve automatically through experience. Machine-learning algorithms give computers the ability to learn without specifying all the knowledge a computer would need to perform the desired task, as well as study and build algorithms that can learn from and make predictions based on data and experience.
MAYA Technologies Most Advanced, Yet Adaptable Technologies
Millennials The demographic segment born between approximately 1977 and 2000.

Also known as Generation Y.

MMS Mobile Money Services
MNOs Mobile Network Operators
Mobile and web-based payments Applications that allow consumers to conduct transactions through their mobile phone or tablets, improving efficiency and the customer experience.
Mobile wallets A subset of mobile payments. Mobile wallets are electronic wallets which replicate a physical wallet via a digital interface on a mobile phone. Customers can add credit and debit cards, as well as prepaid cards, gift cards and rewards cards to be stored and carried. This use case not only replaces physical plastic cards, but also allows those cards to be enhanced by additional services.
mPOS Mobile Point-of-Sale
NBFCs Non-Bank Financial Companies


[BCBS definition]

Banks which make extensive use of technology (e.g. API, big data, artificial intelligence, blockchain) in order to offer retail banking services, predominantly through smartphone apps and internet-based platforms. Neo-banks target individuals, entrepreneurs and small to medium-sized enterprises.
NFC Near Field Communications (also known as “contactless” communications)
Nodes Network participants in a distributed ledger network.
OLAP (Real-time) Online Analytical Processing
Online lending platforms Platforms which intermediate loans online and may be operated by banks or non-banks. Some online lenders keep all or some of the loans they originate, while others sell or securitise them. Funding for loans may come from traditional sources, such as deposits, if the lender is a bank, securitisations, private investors and capital raisings, and loans from banks. Additionally, funding may come from “peer-to-peer” arrangements that directly match lenders with borrowers via online platforms. Together with non-loan forms of finance such as invoice trading, these models make up the “FinTech credit” category.
Open banking


[Also known as “open bank data”.]


In the FinTech context, refers to a system which provides users with a network of financial institutions’ data through the use of APIs. By relying on networks instead of centralisation, open banking helps financial services customers to securely share their financial data with other financial institutions. Benefits for bank customers include being able to aggregate information, shift banks and transfer funds more easily.


Note: Open Banking will formally commence in Australia in July 2019.

Open source software A type of computer software in which source code is released under a license in which the copyright holder grants users the rights to study, change, and distribute the software to anyone and for any purpose.
O2C Order-to-Cash
PaaS Platform as a Service (see below)
Payment Services Directive I


EU Directive 2007/64/EC. Directive which aims to make cross-border payments as easy, efficient and secure as “national” payments within the EU’s Member States. Legislation also seeks to improve competition by opening up payments market to new entrants.
Payment Services Directive II


EU Directive 2015/2366. PSD II is the 2015 revision of PSD I, taking into account the recent developments in the payments space, especially with respect to FinTech companies. Among other features, PSD II requires incumbent banks to open up their systems and provide new players non-discriminatory access to their APIs, thereby encouraging innovation in the payments space.
PFM Personal Financial Management
Platform as a Service (PaaS) A cloud computing model in which a third-party provider delivers hardware and software tools — usually those needed for application development — to users over the internet.


PaaS is one of the three main categories of cloud computing services, alongside Software as a Service (SaaS) and Infrastructure as a Service (IaaS).

PSD I Payment Services Directive I (see above)
PSD II Payment Services Directive II (see above)
PSPs Payment Service Providers (see above)
P2P Person-to-Person or Peer-to-Peer



Any range of fintech applications for regulatory reporting and compliance purposes by regulated financial institutions. This can also refer to firms that offer such applications.

Note: There is a close link with SupTech (see below), i.e. the use of FinTech by supervisory authorities.

Regulatory equivalence Arises where the rules in two jurisdictions are sufficiently similar, such that the regulators of both jurisdictions can permit the firms covered by them to operate in each other’s markets with a reduced level of oversight.


[Note: Contrast with “regulatory passporting” below.]

Regulatory passporting Arises where the rules in two jurisdictions are so close that only very limited local regulatory oversight is needed. Under passporting, the regulator of the company’s home jurisdiction is responsible for the looking after the company’s entire business.


[Note: Under passporting, most decisions are up to home regulator, i.e. there is usually only one regulator that a company has to deal with. Under equivalence, the role of the host regulator is more important.]

Regulatory sandbox


A controlled testing environment, sometimes featuring regulatory forbearance and alleviation through the use of legally provided discretions by the supervisory agency. The testing environment may involve limits or parameters within which the firms must operate (e.g. restrictions on the time a firm may operate in the sandbox).
RFID Radio-Frequency Identification Devices
Robo-advisors Applications that combine digital interfaces and algorithms, and can also include machine learning, in order to provide services ranging from automated financial recommendations to contract brokering to portfolio management to their clients, with limited human intervention or none. Such advisors may be standalone firms and platforms, or can be the in-house applications of incumbent financial institutions.
SaaS Software as a Service (see below)
Screen scraping


[Also known as “terminal emulation”.]

The process of collecting screen display data from one application and translating it so that another application can display it. This is normally done to capture data from a legacy application in order to display it using a more modern user interface.
Security biometric services Services which provide a security mechanism used to identify, authenticate and provide access to a facility or system based on the automatic and instant verification of an individual’s physical characteristics, such as fingerprints, retina patterns etc.
Security tokens


[Also known as “asset-backed tokens”.]

A security token is a digital asset which derives its value from an external, tradeable asset.


Security tokens are created primarily to be an investment.

Software as a Service (Saas) A software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet.


SaaS is one of three main categories of cloud computing, alongside Infrastructure as a Service (IaaS) and Platform as a Service (PaaS).

Smart contracts A computer protocol intended to digitally facilitate, verify, or enforce the negotiation or performance of a contract. Smart contracts allow the performance of credible transactions without third parties. These transactions are trackable and irreversible.
Social trading A range of trading platforms that allow users to compare trading strategies or copy the trading strategy of other investors. The latter is often referred to as “copy trading” or “mirror investing.”
Smart contracts Programmable applications which, in financial transactions, can trigger financial flows or changes of ownership if specific events occur. Some smart contracts are able to self-verify their own conditions and self-execute by releasing payments and/or carrying out others’ instructions.


Science, Engineering, Technology and Maths.

FinTech providers typically need professionals with expertise in these disciplines.

SWIFT Society of Worldwide Interbank Financial Telecommunications
SupTech The use of technology-enabled innovation by supervisory authorities.
Token A rep resentation of a digital asset. Tokens typically do not have intrinsic value but are linked to an underlying asset, which could be anything of value.


Tokens can either be utility or security (see below).

Utility tokens


[Also known as “user tokens” or “app coins”.]


Tokens which enable future access to the products or services offered by a company.

Unlike security tokens (see above), utility tokens are not created to be an investment. Utility token holders are given dividends in the form of additional coins every time the company issuing the tokens earns a profit in the market.

UX User Experience in FinTech



Technological innovations which focus on enhancing wealth management and the retail investment process. Can also refer to the firms which offer such innovations.

Sources: APRA (2017), Gen Advisory research (2019)

Glossary of terms applicable to the Australian banking sector


ADI refers to an authorised deposit-taking institution, meaning a body corporate authorised under section 9 of the Act, to carry on banking business in Australia (e.g. a bank, building society or credit union).

AIFRS refers to the Australian equivalents of International Financial Reporting Standards.

AIRB refers to an advanced internal-ratings based approach to credit risk, as defined in Prudential Standard APS 113 Capital Adequacy: Internal Ratings- based Approach to Credit Risk (APS 113).

AMA refers to an advanced approach used to measure an ADI’s regulatory capital for operational risk.

Australian-owned ADI refers to an ADI that is not a foreign-owned ADI.

Authorised NOHC has the same meaning as in the Banking Act 1959.

Banking Act refers to the Banking Act 1959.

Board refers to the Board of directors of an institution.

Common Equity Tier 1 Capital is as defined in APS 111.

Conglomerate group is a group of companies that are related to each other within the meaning of section 50 of the Corporations Act 2001 where the group includes one or more ADIs that have been incorporated within Australia.

Corporate finance activities includes underwriting and any holdings of equity or debt arising from underwriting, arranging, facilitation, and management activities such as those associated with securitisation, mergers and acquisitions or privatisations and syndication activities that are undertaken, predominantly, with the intention of earning a fee. Corporate finance activities also includes longer term positions in equities that are held for strategic reasons and holdings in equity instruments, or in instruments that exhibit characteristics that are more like equity than debt, that arise as a consequence of loan restructurings.

Corporations Act refers to the Corporations Act 2001.

Credit rating grades means grades of credit ratings to which ECAI ratings are mapped, and that correspond to relevant asset risk weights.

External Credit Assessment Institution (ECAI) means an entity that assigns credit ratings designed to measure the creditworthiness of a counterparty or certain types of debt obligations of a counterparty.

Financial institution includes any institution engaged substantively in one or more of the following activities – banking; leasing; issuing credit cards; portfolio management (including asset management and funds management); management of securitisation schemes; equity and/or debt securities, futures and commodity trading and broking; custodial and safekeeping services; insurance (both general and life) and similar activities that are ancillary to the conduct of these activities. A financial institution includes any authorised NOHC or overseas equivalent.

Foreign ADI has the meaning in section 5 of the Act.

Foreign-owned ADI means an ADI in relation to which an approval has been given, under section 14 of the Financial Sector (Shareholdings) Act 1998, for a bank that is not locally incorporated to hold a stake of more than 15 per cent in the ADI.

FSCODA refers to the Financial Sector (Collection of Data) Act 2001.

General market risk means the risk of loss owing to changes in the general level of market prices or interest rates. It arises from positions in interest rate, equities, foreign exchange and commodities.

Gross income means total operating income from continuing operations.

Group refers to a corporate group that comprises more than one company that are related bodies corporate within the meaning of section 50 of the Corporations Act.

Internal Capital Adequacy Assessment Process (ICAAP) is as defined in Prudential Standard APS 110 Capital Adequacy (APS 110).

Internal ratings-based (IRB) approach to credit risk refers to the approach to credit risk, as defined in APS 113.

IRB approval refers to the written approval from APRA for an ADI to adopt the IRB approach.

IRRBB means interest rate risk in the banking book: the risk of loss in earnings or in the economic value on banking book items as a consequence of movements in interest rates.

Legal risk includes, but is not limited to, exposure to fines, penalties or punitive damages resulting from supervisory actions as well as ordinary damages in civil litigation, related legal costs and private settlements.

Listed refers to an institution admitted to, and not removed from, a stock exchange.

LMI refers to lenders mortgage insurer or lenders mortgage insurance.

Locally-incorporated ADI refers to an ADI that is incorporated in Australia or in a State or Territory of Australia, by or under Commonwealth, State or Territory legislation.

Mark-to-model refers to any valuation that has to be benchmarked, extrapolated or otherwise calculated from a market input.

Material currency means a currency for which the total book value of an ADI’s banking book items in that currency is more than five per cent of the total book value of all banking book items. In determining whether a currency is material, the effect of currency hedges that reduce foreign currency exposure may be taken into account, provided those hedges are effective.

Model approval refers to the written approval from APRA to an ADI to adopt an internal model approach to a particular risk.

Net credit balance has the meaning in section 5 of the Act.

Netting refers to the process under a netting agreement of combining all relevant outstanding transactions between two counterparties and reducing them to a single net sum for a party to either pay or receive.

Non-Operating Holding Company (NOHC) has the meaning in section 5 of the Act.

Normal settlement period means a contractual settlement period that is equal to or less than the market standard for the instrument underlying the transaction and, in any case, less than five business days.

Offshoring means the outsourcing by an ADI of a material business activity associated with its Australian business to a service provider (including a related body corporate) where the outsourced activity is to be conducted outside Australia.

Operational risk means the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. This definition includes legal risk1 but excludes strategic and reputational risks.

Ordinary shares for Regulatory Capital purposes must meet the criteria in Attachment B to APS 111.

Prudential Capital Requirement (PCR) means the minimum amount of Regulatory Capital that an ADI or NOHC must hold.

PPF provider or purchased payment facility provider refers to an ADI with authority to provide purchased payment facilities.

Privacy Act refers to the Privacy Act 1988.

Prudential disclosures means the minimum requirements relating to the disclosure by an ADI of information about its capital adequacy under Prudential Standard APS 330 Capital Adequacy: Public Disclosure of Prudential Information.

Prudential requirements includes requirements imposed by the Act, prudential standards made under the Act, reporting standards made under FSCODA, conditions on the ADI’s authorisation and any other requirements imposed by APRA in writing.

Regulatory Capital is as defined in APS 111.

Related body corporate, or related company, has the meaning in section 50 of the Corporations Act.

Relevant group of bodies corporate has the meaning in section 5 of the Act.

Risk management declaration is as defined in Prudential Standard CPS 220 Risk Management (CPS 220).

Securitisation is a financing structure where the cash flow from a pool is used to make payments on obligations to at least two tranches or classes of creditors (typically holders of debt securities), with each tranche or class entitled to receive payments from the pool before or after another class of creditors, thereby reflecting different levels of credit risk.

Senior manager has the meaning in section 5 of the Act.

Senior officer outside Australia is the senior nominated officer of a foreign ADI (whether a director or senior executive) outside Australia with delegated authority from the Board to be responsible for overseeing the Australian branch operation.

Standardised Approach to credit risk refers to the approach to credit risk outlined in Prudential Standard APS 112 Capital Adequacy: Standardised Approach to Credit Risk (APS 112).

Subsidiary has the meaning in the Corporations Act.

Tier 1 Capital is as defined in APS 111.

Tier 2 Capital is as defined in APS 111.

Third party means an entity that is not the ADI or a related body corporate of the ADI.

Total Capital is as defined in APS 111.

“Contributing towards a resilient and sustainable Australian banking sector."

+61-2-8088 0744


Sydney: 08:30 to 17:30 (GMT +10) - Washington DC: 08:30 to 17:00 (GMT -5)