TPP Financial Services Data Flows

Financial services firms and some members of Congress have raised specific concerns regarding the proposed Trans-Pacific Partnership (TPP) agreement, such as provisions on data localization for financial services firms. Treasury Secretary Jack Lew recently issued a proposal to address the data localization concerns, but it remains unclear if the current proposal will resolve the matter given that it would not change the current proposed TPP text.

For the first time in a U.S. FTA, the proposed TPP (1) would guarantee the cross-border data flows so that companies can transfer information in and out of countries, and (2) would prohibit computing facility localization requirements for all sectors. The e-commerce chapter excludes the financial services sector and government procurement.

Instead, the e-commerce provisions for the financial services sector are addressed in the separate financial services chapter. Similar to the financial services chapter in the U.S. FTA with South Korea, the proposed TPP does allow for cross-border data flows, but does not include provisions on localization requirements.

Despite arguments from the business community to prohibit localization requirements, the U.S. Treasury Department, with the Federal Reserve and the Federal Securities and Exchange Commission, advocated for the current language during the TPP negotiations. Treasury sought to maintain policy space for U.S. regulators to be able to implement such restrictions in the future, citing instances during the 2008-2009 financial crisis when U.S. regulators could not get needed data.

What Is the Concern? Cross border data flows enable a broad spectrum of transactions and business practices; for example, a multinational company consolidating its payroll functions in its headquarters, or a global delivery company tracking a package from Boston to Bangkok. U.S. financial services firms, like many other industries, rely on cross-border data flows to ensure data security, create efficiencies and cost savings through economies of scale, and use cloud computing.

According to some stakeholders, localization regulations (e.g., requiring that data be stored within a country or that firms use local hardware, software, or services) could limit the benefits of cross-border data flows as they could increase costs, open additional cybersecurity risks, or serve as a deterrent for firms seeking to enter new markets. The exclusion of financial services sector from the localization prohibition could also affect companies in other industries that depend on transmitting financial data across borders, such as U.S. companies that offer customer financing.

Other stakeholders, including regulators (U.S. and foreign), privacy and consumer advocates may view local data storage as a potentially necessary defense to maintain safety, security, or privacy. Critics of the exclusion of financial services from the TPP e-commerce chapter argued that the prudential exception included in the financial services chapter provides regulators with sufficient safeguards and flexibility. The 2015 Trade Promotion Authority legislation (P.L. 114-26) passed by Congress included in the negotiating objectives that trade agreements prohibit forced localization requirements and restrictions to digital trade and data flows for all sectors. Bipartisan letters from the Senate and House to the Administration expressed concern on the TPP cross-border data flows issue, and Members also questioned the Treasury Secretary during hearings.

The U.S. Chamber of Commerce and other TPP stakeholders identified the financial services data flow provision as one of the three issues needing to be resolved before a potential Congressional vote on TPP implementing legislation, along with specific concerns on tobacco and biologics provisions.

What Is the Proposed Solution? On May 25, 2016, the U.S. Treasury Secretary Jack Lew announced a proposal to resolve the issue in future trade agreements (but not in TPP). The proposal includes a four-part plan that

  • 1. prohibits data localization requirements when financial regulators are able to access information stored abroad;
  • 2. prohibits restrictions on cross-border data transfer for business that is within the scope of a company's financial services license;
  • 3. requires regulators to engage with companies before imposing data localization requirements to provide companies an opportunity to comment and/or address regulatory concerns; and
  • 4. enforces these obligations through state-to-state dispute settlement.

In drafting the proposal, Treasury and the U.S. Trade Representative (USTR) reportedly met with Members of Congress and industry representatives, including JPMorgan, Citigroup, Liberty Mutual, MetLife, and trade associations.

What Has Been the Reaction? For the most part, while stakeholders are waiting for Treasury to release specific language for ongoing and future negotiations, as well as a plan to engage current TPP partners on the matter, the initial reaction has been cautiously supportive. Coalition of Services Industries president and former Assistant USTR Christine Bliss stated that "[t]he initial reaction is that it's a positive development and an encouraging one and represents a significant change in U.S. policy." American Insurance Association's director of international affairs stated that "[w]hen incorporated into binding international agreements, I believe this new approach will provide relief from data protectionism while giving governments the access to data they need for legitimate regulatory and supervisory functions."

House Financial Services Committee Member Ed Royce stated, "[t]his proposal is a positive step, but further action is necessary.... We must push forward with a strong Trade in Services Agreement and side deals with the four TPP countries not in those talks." House Ways and Means Committee Chair also reportedly voiced the need for an enforceable solution with all TPP partners.

What Are the Issues for Congress? As Congress considers the TPP digital trade provisions, it may consider if the proposal from the U.S. Treasury sufficiently address congressional concerns on financial services data localization. Does the proposal achieve the necessary balance to eliminate protectionist trade barriers while ensuring regulators have access to the information they need to fulfill their responsibilities and protecting consumer privacy? Given that the proposal would only be for future trade agreements, such as the Trade in Services Agreement (TiSA), the Transatlantic Trade and Investment Partnership with the EU (T-TIP), and the U.S.-China Bilateral Investment Treaty (BIT), how should Treasury work with TPP partners on implementation of the proposal, especially Malaysia and Vietnam, which are not involved in TiSA negotiations and are considering imposing localization regulations?