The Brazilian Financial System, Cyber Security Policy and Personal Data Protection

A Polycentric Regulation Approach

Authors

DOI:

https://doi.org/10.26512/lstr.v12i2.34716

Keywords:

Financial System. Cyber Security Policy. Data Protection. Polycentric Regulation.

Abstract

Purpose ”“ This work intends to map and analyze, through the polycentric regulation proposal introduced by Julia Black, the contribution of the actors involved in the creation of the data protection regulatory legal regime in financial system, after the introduction of the cyber security policy by the Central Bank of Brazil, the approval of the General Data Protection State and new financial business models.

Methodology ”“ It first analyses the regulatory and statutory norms associated with data protection in the financial system, combined with the cyber security policies published by financial institutions. After this, it identifies the actors who contribute to the regulatory environment and their respective regulatory role. The final step is the creation of a table to categorize each actor’s functions in the regulatory regime.

Findings ”“ The research concludes that the contracts between financial institutions and technology play a major role on creating and hybrid regulatory environment for data protection.

Originality ”“ The work is an original analysis of the data protection regulatory legal regime in financial system, using polycentric regulation not only as a theoretical reference, but also as a methodological framework.

Downloads

Download data is not yet available.

Author Biography

Carlos Goettenauer, Bank of Brazil

Master of Law at the University of Brasilia. Researcher at Banco do Brasil Corporate University and Legal Counsel at Banco do Brasil, with focus on cyberspace legal regulation and financial system legal regulation. E-mail: goette@gmail.com.

References

ARANHA, M. I. Manual de Direito Regulatório. Coleford: Laccademia Publishing, 2014.

AYRES, I.; BRAITHWAITE, J. Responsive Regulation: Transcending the Deregulation Debate. Oxford: Oxford University Press, 1992. 205 p.

BANCO CENTRAL DO BRASIL. Edital de Consulta Pública nº 57/2017, 2017. Disponivel em: <https://bit.ly/33tKSSb>.

BANCO DO BRASIL. Políticas de Segurança da Informação. Banco do Brasil, 2018. Disponivel em: < https://bit.ly/3hyaW3y>.

BARBERIS, J. N.; BUCKLEY, R. P.; ARNER, D. W. The Evolution of Fintech: A New Post-Crisis Paradigm? University of Hong Kong Faculty of Law Research Paper No. 2015/047, 20 out. 2015. Disponivel em: <https://bit.ly/2E16zjU>.

______. FinTech, RegTech, and the Reconceptualization of Financial Regulation. Northwestern Journal of International Law & Business, v. 37, n. 3, 2017.

BLACK, J. Decentring Regulation: Understading the Role of Regulation and Self-Regulation in a 'Post-Regulatory' World. Current Legal Problems, v. 54, n. 1, p. 103-146, 2001.

______. Critical Reflections on Regulation. Australian Journal of Legal Philosophy, v. 27, p. 1-35, 2002.

______. Proceduralisation and Polycentric Regulation. Revista Direito GV, v. 1.5, n. Especial 1, p. 99-130, 2005.

______. Constructing and Contesting Legitimacy and Accountability in Polycentric Regulatory Regimes. Regulation & Governance, v. 2, n. 2, p. 137-164, 2008.

BRADESCO. Política Corporativa de Segurança da Informação. Bradesco, 2018. Disponivel em: <https://bit.ly/3bXxABr>.

BRAITHWAITE, J. The Regulatory State. In: GOODIN, R. E. The Oxford Handbook of Political Science. Oxford: Oxford University Press, 2009.

______. The Essence of Responsive Regulation. U.B.C. Law Review, v. 44, 2011.

BRUNNERMEIER, M. et al. The Fundamental Principles of Financial Regulation. Geneva: International Center for Monetary and Banking Studies (ICMB), 2009.

CAIXA ECONÔMICA FEDERAL. Política de Segurança da Informação da Caixa. Caixa Econômica Federal, 2018. Disponivel em: <https://bit.ly/3hx1JJ5>.

CMA. Retail Banking Market Investigation: Final Report. Competition & Markets Authority. Londres, p. 708. 2016.

EBA. Understanding the Business Relevance of Open APIs and Open Banking for Banks. Euro Banking Association. Paris, p. 35. 2016.

FERGUSON, N. A Ascensão do Dinheiro: a Historia Financeira do Mundo. Tradução de Cordelia Magalhães. São Paulo: Planeta do Brasil, 2009.

GOETTENAUER, C. Open Banking e a Teorias de Regulação da Internet. Revista de Direito Bancário e Mercado de Capitais, v. 82, 2018.

GRABOSKY, P. Beyond Responsive Regulation: The Expanding Role of Non-State Actors in the Regulatory Process. Regulation & Governance, v. 7, p. 114-123, 2013.

GRAU, E. R. O Direito Posto e o Direito Pressuposto. 3ª ed. ed. São Paulo: Malheiros, 2000.

HOOD, C.; ROTHSTEIN, H.; BALDWIN, R. The Government of Risk: Understanding Risk Regulation Regimes. Oxford: Oxford Press, 2001.

ITAU. Política Corporativa de Segurança da Informação e Cyber Security. Itaú, 2018. Disponivel em: <https://bit.ly/35JctS2>.

MURRAY, A. The Regulation of Cyberspace: Control in the Online Enrironment. Abingdon: Routledge-Cavendish, 2007.

PARANA, E. A Finança Digitalizada: Capitalismo Financeiro e a Revolução Informacional. Londrina: Editora Insular, 2016.

SANTANDER. Política de Segurança da Informação e Segurança Cibernética. Santander, 2018. Disponivel em: <https://bit.ly/3c0WjVC>.

SCOTT, C. Regulation in the Age of Governance: the Rise of the Post-Regulatory State. In: JORDANA, J.; LEVI-FAUR, D. The Politics of Regulation - Institutions and Regulatory Reforms for the Age of Governance. Cheltenham: Edward Elgar, 2004. p. 145-174.

TEUBNER, G. Law as an Autopoietic System. Oxford: Blackwell, 1993.

VALOR ECONÔMICO. Os 100 Maiores Bancos. Valor Econômico, 2017. Disponivel em: <https://bit.ly/33vfYck>.

Published

2020-10-12

How to Cite

GOETTENAUER, Carlos. The Brazilian Financial System, Cyber Security Policy and Personal Data Protection: A Polycentric Regulation Approach. Law, State and Telecommunications Review, [S. l.], v. 12, n. 2, p. 172–186, 2020. DOI: 10.26512/lstr.v12i2.34716. Disponível em: https://periodicos.unb.br/index.php/RDET/article/view/34716. Acesso em: 13 dec. 2024.