1 Introduction: A Consumer Issue of Significant Proportions

In the aftermath of the 2008 financial crisis, three strands in the related research and policy discussions could be discerned. One focused on understanding the causes and the path that led to the crisis. The second focused on prevention and methods to preclude such a crisis from reoccurring. The third focused on mechanisms to deal with the effects of the crisis and offer relief to parties involved. However, the solutions mainly addressed the financial sector and the restoration of stability and solvency of banks, without appropriate tools for aiding consumer debtors in distress.

By 2009, around one hundred legal proposals were already generated by the financial crisis.2 More than forty financial reform measures were implemented by the European Commission.3 However, not only that the situation of consumer debtors in distress was not addressed, but the proposed insolvency regimes for banks and companies showed extensive bias in their favor. Instead of risk sharing and stronger regulation of financial products, the measures adopted focused on more disclosure, transparency, financial education and assessment of consumer creditworthiness in order to make financial services more sustainable.4 However, as the article shows, these measures were generally not backed by sanctions, thus leaving prospective borrowers at the whim of the financial institutions. In addition, legislators and supervisory bodies are still unable to keep up with products of financial innovation, such as ICOs.

1.1 The Article’s Aim

The article argues that while regulators and enforcers expect consumers to protect themselves with the data provided by disclosure requirements, consumers are still vulnerable to the craftiness of professionals offering financial services despite obvious risks posed. Things are even more complicated today when financial and technical innovation flood the market with complex products whose effects not even professionals are able to fully predict or understand.

Nevertheless, the current legal framework is more lenient on financial institutions and places the hardest burdens on consumers – burden of proof, burden of understanding and comparing characteristics of complex financial products and bearing the entirety of the negative consequences that might derive from the deals they entered into – disregarding their weaker status, and without questioning their capacity to comprehend the information.

The article claims that the increasing emphasis on mandatory disclosure increases the responsibility of consumers, not their protection. As apparent from practice, if the disclosed information proves accurate, the consumer is deemed responsible for his own acts.5 In addition, in cases where self-protection is not possible due to the complexity of the financial product, the weaker position of the ‘average’ consumer is blamed on his lack of financial education (translating also into a lack of information).6 The remedy offered is education itself. Thus, there is more to this phenomenon than ‘a shift of responsibility risk’7 as identified by Micklitz, Stuyck and Terrin. It is a shift of concepts.

The ‘average’ consumer shifts into a ‘responsible’ consumer. Consumers are now expected to help themselves by pursuing financial education, raising their knowledge and awareness levels, seeking advice, keeping updated with technological or financial innovations and making rational decisions, even though the complexity of the products and services offered is only increasing. This position of the EU policy makers and judiciary raises the question whether consumer protection did not turn into a self-help mechanism for most of the consumers, from vulnerable groups upwards. How informed should consumers be in the digital age? How informed can they be? The article answers these questions and proves that the classic information paradigm, the average consumer benchmark and the policies focusing on financial education are insufficient to protect consumers, unless coupled with regulation of financial products.

1.2 The Information Paradigm

At its core, the EU aims to achieve a high level of consumer protection8 and to increase the smooth functioning of the internal market.9 These two aims are at times incompatible, which is reflected in the policy choices of Member States. For instance, in the UK, the consumer policy is aimed at ‘making competition more effective’, which means ‘the rationale for consumer protection becomes in part the health of the economy, rather than merely the protection of the consumer’.10 This policy orientation influenced and inspired by the assertiveness of US consumers, is deemed an appropriate model in the UK.11 One should notice, however, that consumer protection by consumer action and assertiveness, means that the authorities recognize their limitations in ensuring adequate protection and not only empower, but also incentivize consumers to take action into their own hands. The incentivizing factor is unfortunately lacking in the EU.

Instead of incentives for action and empowerment of consumers, the EU deems it enough to provide mandatory information. The underlying idea behind what is known as the information paradigm, is that if consumers are provided with sufficient and adequate disclosure, then they will be capable to protect themselves, with minimum intervention from state authorities on the market.12

Under the information paradigm, the consumer is expected to be ‘reasonably well-informed’, ‘reasonably observant’, and ‘circumspect’ about the information he receives and thus able to protect himself from wrong decisions. Each of the three characteristics has its own implications: being informed relates to the level of knowledge the consumer is assumed to have, being observant refers to the intensity and absorption of information, while being circumspect tackles the degree of critical attitude the consumer should have when processing information. These are the traits of a concept in abstracto, that of an ‘average’ consumer.

1.3 The Limits of the Information Paradigm

In concreto, however, the ‘average consumer’ standard ignores the bulk of consumer behavior studies revealing that people often make mistakes, in a predictable manner, and do not always engage in a conscious decision-making process by weighing advantages and disadvantages.13 The lack of overlap between the abstract and the concrete concepts should be worrying when it comes to financial services, given their catastrophic consequences in the life of consumers.14

The solution of protecting consumers solely by providing (standardized) information is inadequate for two main reasons. Firstly, not all consumers deemed ‘average’ are able to properly understand the information given and to protect themselves. The fact that a consumer meets the requirements of being reasonably circumspect does not mean that he fully understands the information or that he is able to make the right decision, especially when he needs to choose between the product and no product, or when the information relied upon is manipulated by the provider.15 This raises the question of how adequate is the application of the average consumer standard in consumer financial protection.

Secondly, the complexity of financial products and the uncertainty of their usage has many times eluded even professionals, as seen in the case of subprime mortgages that caused the 2008 financial crisis. There, both corporate greed and consumer over-confidence led to a financial crash. However, although the guilt was shared, the risks were left entirely on the consumers. One would have expected that in the aftermath a reallocation of risks will occur, but that was not the case, especially in the EU where the focus is on financial literacy and advice. Beside the issue of fairness, this raises the question whether financial education can be the panacea envisioned by the EU institutions, or whether information and education should be coupled with financial product regulation and sharing risks,16 in case of business misconduct, to avoid unfair distributional outcomes.

1.4 Structure and Methodology

The article is structured in two main sections. The first analyzes the fitness of the average consumer benchmark and finds it unsuitable for the purpose of consumer financial protection. The second argues that by placing more burden on the consumer, the ‘average’ consumer became a ‘responsible’ one and that the self-help approach behind the ‘responsible’ consumer not only exposes him to significant risk but deprives him of protection.

In terms of methodology the article employs black letter and case law analyses, as well as, examples and anecdotal evidence. The article uses the Mortgage Directive and the example of Initial Coin Offerings (ICOs) to prove the inadequacy of the information paradigm in consumer financial protection. The discussion on the Mortgage Directive’s emphasis on financial education and responsible lending shows that although the responsibility for a mortgage loan is shared, it is not joint. In case of default, the risk of non-payment lies solely with the consumer, even if the bank granted the credit after conducting a wrong assessment or by choosing to ignore it.

The example of ICOs proves, on the one hand, that the usage of technical slang (tokens, distributed ledger or blockchain) is not comprehensible, and many consumers – whether financially literate or not – would have problems understanding it, even if the information provided would be entirely accurate. On the other hand, the lack of regulatory response to the risks posed by ICOs emphasizes the inadequacy of the minimalist attitude adopted by the supervisory body at Union level in ensuring adequate consumer financial protection.

The article concludes with recommendations for restoring the high level of consumer protection that was promised in the Treaty.

2 Unfit for Purpose: The Average Consumer

To discuss consumer financial protection and the details of such protection, one must first establish who is worthy of protection and how to determine the benchmark. That is because once provided with the regulated tools – minimum disclosure of relevant information regarding the risks involved by accessing the product or service – consumers may find themselves above the threshold that would entitle them to the additional protection granted to vulnerable categories.

Legislators expect consumers not only to read and take notice of the disclosures, but also to understand and observe them, or suffer the consequences. Consumers should be capable of comprehending both the information received, and the risks involved and withstand the potential ‘temptation’ of financial products or services that can have detrimental effects to their well-being. If there are no obstacles – either physical, or intellectual – to their understanding, consumers are expected to be reasonably observant and circumspect. A certain level of credulity or naivety would not allow them to escape the consequences of the contracts they enter, unless the terms were unfair or failed to observe the validity conditions. The recent CJEU case law regarding consumer credit contracts granted in Swiss francs provides a very clear evidence of the matter.17

2.1 A Procrustean Size: The Average Consumer

The current perception on consumers and the effects of the information paradigm were not established from the outset. They are the result of a continuous change.18 However, as complexity of financial products increases together with the expansion of e-commerce, technical innovation, or digitization, the lowering standards are not fit to offer the adequate protection promised.

At the beginning of consumer legislation, the consumer was perceived as the ‘weaker party’,19 in need of protection. This weakness stemmed from the lower bargaining and financial power as well as from an asymmetry of information vis-a-vis the professionals providing services and products.20 Nevertheless, by 1998, the consumer case law of the CJEU, prior to the implementation of the Directive addressing unfair business-to-consumer commercial practices (UCPD),21 had already reached a level where the expectations placed on the consumer were relatively high. The reason was that the trend, which enabled Member States to provide enhanced consumer protection, shifted towards fostering the internal market and avoiding having traders blocked or affected by either consumers’ claims or national paternalistic and interventionist approaches from state agencies entrusted with consumer welfare.22 As David Byrne, the European Commissioner for Health and Consumer Protection observed in 2003, ‘the perception of the place and role of the consumer has changed. He is no longer just a person to be protected. He is also a major actor on the market’, who must ‘play [his] part to maximize the smooth functioning of the market.23

In the Gut Springenheide case,24 the CJEU established the concept of an ‘average consumer’ by reference to a triad of factors. The consumer was expected to be ‘reasonably well-informed’, ‘reasonably observant’, and ‘circumspect’. Each of the three characteristics has its own implications: being informed relates to the level of knowledge the consumer is assumed to have, being observant refers to the intensity and absorption of information, while being circumspect tackles the degree of critical attitude the consumer should have when processing information.

The concept embraced by the CJEU reflects the concept homo economicus developed by classical economics: ‘an ideal and perfect consumer, who knows what is best for him, acts thoughtfully and consistently, weighs carefully all options available and makes the best decision to serve his interests’.25 Without adequately considering the background of the consumers and targeting a ‘one size fits all’ type of solution, the CJEU expects consumers to be careful and rational decision makers.26 In abstracto, there is no problem with the CJEU’s standpoint, as consumers should bear some of the burden of their own protection. However, in concreto, it ignores all the bulk of consumer behavior studies revealing that people often make mistakes, in a predictable manner, and do not always engage in a conscious decision-making process by weighing advantages and disadvantages.27

What most of the studies have in common is pointing out that availability of information does not automatically mean that consumers will perceive and comprehend information in an accurate manner.28 When it comes to the financial sector,29 considering the complexity of financial products and services as well as the multitude of choices there are simply too many additional influential factors in place that the concept of ‘average consumer’ (as developed by the Court) fails to consider. These include information overload, cognitive biases, decision making flaws, cultural and linguistic differences.30 Only recently did the CJEU realize that the language in which the information is provided must also be ‘intelligible’ both at ‘a formal and grammatical level’ and that ‘the particular expertise and knowledge of a financial product seller or supplier’ are circumstances that need to be taken into consideration when assessing the fairness of a financial contract.31

At the same time, CJEU’s case law reveals a tendency to prefer consumer’s access to information over general prohibitions of certain types of trade practices.32 In other words, a certain degree of trickery might be tolerated, as the average consumer is not expected to be misled easily.33 In the Court’s view an average consumer is not naïve and does not draw conclusions lightly on the basis of advertising slogans.34 On the contrary, it is a self-reliant consumer, who is able to process and act on proffered information, or face the consequences.35 A standard model of consumer behavior was created by the CJEU’s case law, based on the idea of a ‘rational’ man, free from the shackles of paternalism or state protectionism.36 Nevertheless, despite its name, the ‘average consumer’ is not at all average, but a super-consumer,37 as its traits are obviously superior to those of a real-life one, portrayed by behavioral economics or psychology.38

This concept was embraced by the legislators and became the main benchmark in the UCPD,39 although some claim the concept is implicitly used in other normative acts as well.40 The ‘average consumer’ became the cornerstone of consumer protection, as the UCPD sought full harmonization41 and had an over-encompassing scope, covering both pre- and post-sale practices and financial services.42 The general adoption of the concept of ‘average consumer’, however, equates with a decrease of the actual level of consumer protection. This is directly proportional with the emphasis being put on the trader to refrain from unfair acts, rather than the consumer’s ability to avoid being affected by the trader’s potentially unfairness.43

The UCPD complemented the concept and added two alternative benchmarks that are supposed to prevent exploitation of ‘vulnerable consumers’, by stating that commercial practices are banned only to the extent they would ‘materially distort the economic behavior of the average consumer’ and that ‘harm must be foreseeable to the trader’.44 The UCPD legislated the divide already apparent in CJEU’s case law, by distinguishing between consumers able to protect their own interest – average consumers – and those in need of special protection – the vulnerable consumers. The exclusive use of the information paradigm is limited only when vulnerable target groups are involved.45

Notwithstanding its stated concern with vulnerable groups, the UCPD has failed to protect less well-informed or less well-educated consumers,46 unless these latter proved that their lack of information or education was due to some form of impairment. At the same time, it failed to establish rules to differentiate between types of services and information, adopting a position according to which average consumers are presumed to be encyclopedias of general knowledge. This position assumes that average consumers would be able to collect, read and understand any information about any product, compare financial products, make proper assessments and predictions, despite ample evidence that this is not the case.47 The information paradigm proves to be not only insufficient, but also unfit in the case of complex financial services, as it is today in the wake of digital financial products, where disclosure is a liability-management tool for product providers.48

Summing up, the average consumer became the rule, while the vulnerable one the exception. The largest ‘chunk’ of consumers has been excluded from protection, which was replaced with standard information about everything and then left to take care of its own interests.

2.2 Overstretching the Average: Just How Informed Should a Consumer Be?

Based on the above, the EU standard for consumer protection addresses more the responsibility of consumers themselves to either keep or become informed, whilst protection is available only if the consumer was unable to make an informed decision. If consumers prove unable to take sufficient care in their decision-making, they bear all the consequences. The consumer is free to ignore all information and make a bad decision, if his capability to make an informed decision was not appreciably impaired.49 Nevertheless, when it comes to financial, complex agreements, the average consumer needs more than technical standard terms to discern their meaning and consequences.50

Some authors noticed ‘the ECJ’s tendency to impose an obligation on the consumer to take responsibility for protecting his own interests.’51 They further pointed out that, ‘The consumer, who has a right to information […] must also take note of this information and consider it.’52 This position of the Court raises the question whether consumer protection turned into a self-help mechanism for the majority of consumers, from vulnerable groups upwards. Additionally, one may legitimately ask whether an average consumer can properly protect their economic interests and make adequate decisions when it comes to financial services or digital financial products.53 It is certain that by assuming consumers are rational in their decision making process and responsible for their own actions, the liability of traders is greatly reduced.54 Thus, while the ‘average consumer’ standard might boost consumers’ ego as self-determined beings,55 free from paternalistic protection, in reality, it increases their responsibility, while decreasing that of the traders and allows the resources of authorities to be diverted towards other areas.

In a consumer financial protection setting, the authority appears to tolerate certain practices, which consumers are expected to read through, the emphasis being on the authority’s expectation and not as much on the actual result of the practice employed by traders.

Thus, the ‘average consumer’ concept is nothing but ‘a normative abstraction, derived from an economic fiction that has little in common with the behavior of the real average consumer.’56 Or, as the Advocate General Geelhoed put it in his Opinion rendered in Douwe Egberts v Westrom Pharma, the average consumer benchmark is not meant to reflect actual consumer behavior, but rather it is a reflection of a desired behavior.57 His position is also confirmed by the fact that the UCPD did not require Member States to provide individual remedies to consumers and appeared to focus more on protection of presumed collective interests of consumers.58 Only by rejecting any potential differences between individuals, which might have justified case by case solutions, was the UCPD able to create and promote its ‘one size fits all’ standard of average consumer.

Nevertheless, there are no factors to indicate whether the desired behavior is realistic or how it could be achieved. As Poncibo and Incardona noticed, while the average consumer ‘reflects the economists’ idealistic paradigm of a rational consumer in an efficient marketplace […] [it] departs from the unpredictable realities of individual human behavior and is hardly an appropriate standard for legislative or judicial sanctions.’59

Conclusively, in the history of EU consumer law, the consumer benchmark has been constantly shifting as the expectation that the consumer should take responsibility for protecting his own interests has increased. From a generally weaker party in need of protection, the threshold was raised to a distinction between the average and a vulnerable consumer (where only the latter is deemed in need of additional protection)60 and appears to head into the direction of a ‘responsible consumer’,61 obliged, not just expected, to take care of himself. Micklitz calls this phenomenon ‘the move […] from consumer protection law (which sees the consumer as the weaker party) to consumer law without protection (which considers the consumer an active market participant).’62

In parallel with the expansion of expectations and burdens placed on the consumer, the instruments of protection appear to be constantly limited to providing the consumer with information, without adequately considering his capacity to comprehend it.63 The shortcomings of the information paradigm are even more apparent in the case of financial products or digital financial services, involving a high level of complexity.

3 The Responsible Consumer: A Janus-Faced Concept

By 2012, the European Parliament noted that ‘the notion of ‘average consumer’ lacked the flexibility to adapt to specific cases and that it did not correspond to real-life situations.’64 A reconsideration of the concept and new policies are needed, although so far, no such measures have been adopted. On the contrary, when it comes to financial services, the information paradigm was not only maintained, but expanded. Recent normative acts, such as the Mortgage Directive, and policy documents place additional emphasis on education of consumers in general,65 and on financial education, in particular.66

3.1 From an Average to a Responsible Consumer

At first glance, education would help strengthen the consumer’s capability to discern through the complex information coming from service providers. A closer look would reveal that it is just an additional burden for consumers who need to keep up to date with relevant information. For instance, in the aftermath of the financial crisis, the European Parliament noted ‘the crucial role of financial education,’67 while the new Mortgage Directive68 speaks of the consumer as ‘a responsible borrower’, in charge not only of fully understanding the standard terms and conditions, but also for (his own) financial education.69

The European Parliament’s view is contradicted by recent studies, which show that if the consumer is not sufficiently financially literate,70 he will receive even less relevant information from advisors or financial institutions, in comparison to most knowledgeable investors.71 While this might serve as an argument for raising the levels of financial literacy, it also proves that information provided does not offer protection, because it is both insufficient and incomprehensible, which reduces to rubbles the entire fundament of the information paradigm. This issue led authors across the Atlantic to suggest that where consumers have limited financial literacy it would make sense from a policy perspective ‘to encourage contractual terms for mortgages that are less likely to cause later regret.’72 In other words, consumer financial protection needs to supplement regulated standard information with regulation of standard contracts.73 So far, this view is not shared on this side of the Atlantic.

The Mortgage Directive assumes the financial crisis was caused by more than the irresponsible behavior of market participants (consumers, financial institutions and investors).74 At its core was the irresponsible usage of financial innovation and newly designed instruments75 – such as subprime mortgages76 – whose long-term effects were either hardly comprehensible to professionals, or over-used and abused by them for immediate financial gain.77 Based on the above, the European Commission found that ‘many consumers have lost confidence in the financial sector’ and proposed a set of measures to restore it.78 It further noted that ‘some problems concerned credits denominated in foreign currency which consumers had taken out in that currency, […] but without having adequate information about or understanding of the exchange rate risk involved.’79

However, the main issues identified do not mention the professionals who offered the products knowing what kind of risks they pose.80 Instead they focus on market and regulatory failures, the general economic climate and the low level of financial literacy of the consumer (emphasis added).81 The blame does not fall on the financiers who knowingly granted bad mortgage loans for immediate gains (this matter is left to self-regulation), but on the consumer-debtor, who did not understand the reasons that determined the bank to grant the loan and allowed himself to become over-indebted. The solution proposed by the Commission is ‘to provide for measures to ensure that consumers are aware of the risk they are taking on and that the consumers have the possibility to limit their exposure to exchange rate risk during the lifetime of the credit’ (emphasis added).82

This perception, which clearly states that more information would have alleviated all risks, is staggering in its narrow-mindedness. One cannot honestly believe that the financial crisis would have been avoided if consumers would have had more understanding of the currency exchange risk or securitization. Nor can one assume that a new crisis can be prevented by printing flyers and organizing seminars or TV-ads campaigns to educate consumers about credit and finance.

The explanation resides in the fact that regulatory reaction to financial innovation (hence also the concomitant financial education) occurs solely ex post as legislators try to keep up with it. It also fails to consider the interconnectivities of the global market, of which the EU internal market is just a part, unable to insulate itself of tidal shocks, such as the one coming from across the Atlantic in 2008.

If financial literacy is the key, then EU consumers should become experts in global financial markets, not just the EU one, to be able to discern between risks and adverse effects of their informed decisions. Yet, such expectation is unrealistic. Not only that the financial products and services are increasingly complex, but the large array of choice makes comparison extremely difficult because many of them have their own specific features. In addition, most of the financial products are one-off purchases83 and the majority of the consumers are not ‘repeat actors’, able to learn from their own or from others’ experience. In fact, for many of them, a failed experience caused by a bad decision would have catastrophic consequences, resulting in loss of home, deficiency payments, decrease in life-style and income, which would deter or preclude them from trying again. Last, but not least, financial education might generate effects, but only after education has been obtained and with results that are difficult to foresee, given the said complexity and multitude of financial products.84 Thus, it offers no respite to those that already acquired a mortgage or are on the verge of acquiring one.

In conclusion, the Mortgage Directive is increasing the threshold for protecting consumers, from average, to ‘responsible’ ones. However, the Directive is not fully clear whether ‘responsible borrowing’ should be perceived as awareness or liability in case of default. Both meanings deserve additional attention.

3.1.1 Responsible as in Aware? – The Mortgage Directive and Financial Education

The Mortgage Directive appears to understand ‘responsible borrowing’ as consumer awareness of the risks and obligations involved in credit agreements, particularly, mortgages. This reading derives straight from the ‘information paradigm’ and the ‘average consumer’ standard, as it assumes85 that responsible decisions stem from consumers’ ability to make informed decisions. The Directive states that it is this ability that needs to be increased by ‘education’ and by enhancing ‘financial awareness.’86

The second chapter of the Directive is more detailed on what education and financial literacy imply: information. The panacea for consumers’ lack of adequate understanding of financial products consists of three elements combined: 1) ‘clear and general information on the credit granting process […] to guide consumers’; 2) ‘information regarding the guidance that consumer organizations and national authorities may provide’ and; 3) Commission’s ‘best practices’.87

In its ‘Briefing on improving the financial literacy of European consumers’, the European Parliament further defined the meaning of financial literacy as ‘a combination of awareness, knowledge, skill, attitude and behavior necessary to make sound financial decisions and achieve financial well-being.’88 It relied significantly on an OECD Policy Paper on Financial Education and the Crisis89 to state that the policy aim should be to restore the information imbalance between households and financial institutions by regulating the information to be provided to consumers and not the product. In other words, by standardizing information to be provided to consumers, instead of implementing also standard contracts regulated by law. Since in the Commission’s view consumers and financial institutions shared the blame for the financial crisis, it would have made sense to share also some of the risks among them.

On the positive side, the Mortgage Directive places more emphasis on information provided in clear language,90 thus acknowledging the fact that information does not suffice, if it is incomprehensible or inadequate for being used by the consumer. It is a signal that compliance with information requirements for the sake of compliance is not acceptable as a matter of policy.

That signal was endorsed by the CJEU in Ruxandra Paula Andriciuc and Others v. Banca Romaneasca SA (Andriciuc)91 and OTP Bank Nyrt., OTP Facktoring Koveteleskezelo Zrt v. Terez Ilyes and Emil Kiss (OTP),92 but also world-wide by a number of jurisdictions.93 In Andriciuc and OTP the Court held that ‘a contractual term […] drafted in plain intelligible language requires, in the case of loan agreements, financial institutions to provide borrowers with sufficient information to enable them to take prudent and well-informed decisions’ and:

‘must be understood by the consumer both at the formal and grammatical level, and also in terms of its actual effects, so that the average consumer, who is reasonably well informed and reasonably observant and circumspect, would be aware […] and […] able to assess the potentially significant economic consequences of such a term with regard to his financial obligations.’94

However, presenting information in a clear language must now be paired with a pro-active approach on the consumers’ side. As the OECD paper pointed out and the European Parliament re-stated, the financial crisis provided ‘a teachable moment’, a hard lesson that should make households more willing to learn about the long-term complex risks and financial issues than they would have been in normal circumstances.95 Put bluntly, although the main losers of the financial crisis generated by professionals, consumers must now improve their expertise in financial products. In fact, they are expected to become active players on stock markets, become well versed in the activity of private pension funds or with the mechanism behind credit cards, because empirical studies associate failure to do so with a low level of financial literacy.96 The pro-active stance is further underlined by the European Parliament’s call for ‘building up financially literate consumer organizations able to counterbalance the role of business in the process of preparing regulations.’97

The idea of using education in connection to consumer protection is not new and is featured in the TFEU. The text speaks of the Union’s obligation to ensure a high level of consumer protection as well as to promote their right to information and education (emphasis added).98 It must be noticed that the TFEU uses the collocation as well as, not by, which means that in the view of the TFEU’s drafters, consumer protection and the rights to information and education are complementary, not means to an end. Nevertheless, the current policy trend of the EU Parliament seems to be that consumer protection is to be achieved through information and education, not together with them. This is a clear deviation from the drafters’ intention and constitutes another evidence of the shift towards a responsible consumer.

In this article’s view, consumer education does not amount to high level of consumer protection. One cannot promise protection and replace it with classes on financial education. For instance, in a 2003 Speech titled ‘Principles of Consumer Protection in the European Union’, David Byrne, the Commissioner for Health and Consumer Protection at the time, stated that of all five consumer rights,99 ‘the right to education has […] been somewhat overlooked.’100 His solution was to ‘develop interactive teaching modules on European consumer issues […][that] can be used in adult education’ and to ‘seek to develop similar consumer-related teaching modules for schools and higher education’.101 In 2003, consumer protection was still not conditioned on education and literacy, but that changed after the financial crisis.102

That consumers are in fact expected to protect themselves by ‘going back to school’ and getting a ‘financial education’ is also apparent from the European Commission’s initiatives or from the European Economic and Social Committee’s call for mandatory financial education.103 Among them is the Dolceta online education tool, currently integrated in the Consumer Classroom education website, which provided a module on financial services to consumers willing to learn.104 On its own end, the European Parliament takes pride in inserting in the prospectus offered in connection to investment products a warning notice making the consumer aware that the product to be purchased is neither simple, nor easy to understand.105

However, the bulk of methods employed to increase consumer awareness and financial literacy is by ‘organization of national and regional conferences, seminars, media and awareness campaigns or cross-border educational programs’,106 websites, games and apps.107 What none of these measures seems to adequately consider is that all of them require tools, time, money and effort from the side of the consumer and that, despite their best efforts to learn, they will still be solely responsible for potential negative results. Whilst educating future generations of consumers might prove beneficial in a decade or two, for the consumers who suffered the consequences of the financial crisis the emphasis on (self) education provides no solution and no relief.

3.1.2 Responsible as in Liable? – The Mortgage Directive

It may also be that when talking about responsible borrowing, the drafters of the Mortgage Directive had in mind the issue of liability. Thus, whether informed, educated, financially literate or not, the consumer must understand he will be bound by the credit agreement entered, if he was provided with information.

A first indication of understanding the term as liability is that the Mortgage Directive speaks of various ratios – such as loan-to-value, loan-to-income, debt-to-income – as well as of minimum levels below which no credits should be granted.108 These should not be read to mean that lenders will be solely responsible when the aforementioned ratios or levels are not observed. Among the causes of the financial crisis, the Commission mentioned not only irresponsible lending, but also irresponsible borrowing, placing consumers in the same pool of irresponsible market participants.109 Hence, as part of the problem, consumers are deemed to be also part of the solution. They need to observe the ratios and avoid over-indebtedness.

The responsibility might be shared, but it is not joint. In case of default, the risk of non-payment lies solely with the consumer,110 even if the bank granted the credit after conducting a wrong assessment or by choosing to ignore it. The Directive expressly states that ‘[t]he assessment of creditworthiness should not imply the transfer of responsibility to the creditor for any subsequent non-compliance by the consumer with his obligations under the credit agreement’ (emphasis added),111 thus removing any possibility of risk-sharing or normative sanction of creditor’s misconduct. This important aspect affecting the effectiveness and enforcement of the Directive’s provisions is overlooked by lengthier assessments of the meaning of ‘responsible borrowing’,112 with the notable exception of Domurath.113

The second indication stems from the nature of the information to be provided on a mandatory basis, mainly the one related to ‘advertising materials, personalized pre-contractual information consisting in specific risk warnings, the nature and implication of taking out a security.’114 Lack of understanding of what a secured transaction entails may be solved by obtaining a financial education, but once warned, the consumer is bound to suffer all the consequences, notwithstanding what he was able to comprehend from the information received.115

The third argument supporting the idea of liability, stems from one of the final Recitals of the Mortgage Directive, which states that ‘Member States may decide to transpose certain aspect covered by this Directive in national law by prudential law, for example the creditworthiness assessment of the consumer, while others are transposed by civil or criminal law, for example the obligations relating to responsible borrowers.’116 One may legitimately ask which of the obligations relating to responsible borrowers might be criminalized. A potential answer is drawn from corroborating Recital 83 with Recital 58 calling for sanctions where consumers ‘knowingly provide incomplete or incorrect information in order to obtain a positive creditworthiness.’117

This implies a per a contrario legal obligation from the side of responsible consumers to provide clear and correct data that can ease the assessment of their creditworthiness. One must notice that leading consumers to believe they could afford a credit and, thus, exposing them to the risk of default would not subject lenders to the same type or level of sanctions, which raises the question, who is the Mortgage Directive really trying to protect?

3.2 Responsible and Financially Literate in the Digital Age: Initial Coin Offerings Related Risks

So far, the article has shown that in the aftermath of the 2008 financial crisis – a crisis caused by financial innovation and usage of complex financial instruments not fully understood by professionals themselves, combined with corporate interests – and of its catastrophic effects for consumers, the answer of the Commission was to provide consumers with more information and to try to convince them to undertake a financial education.

Hence, if financial products are complex, it is the duty of the consumers to elevate themselves to the level of understanding required.118 One needs to underline here the word ‘aftermath’, which means these measures were implemented in full hindsight, looking back, and not as much into the future. The Commission’s position is short-sighted, for whatever financial education or protection can be provided to consumers via flyers and T.V. commercials cannot insulate them from the risks posed not only by financial innovation, but also by digitization or a combination of the two.

An example is that of ICOs, which are currently one of the most important and innovative ways of raising capital.119 Their forms vary, the simplest being a scheme employed by creators of new cryptocurrencies to raise money from the public. In this case, in exchange for the money provided in traditional currencies,120 investors receive the new cryptocurrency in return and may make profit of it if its market value increases over the price they have initially paid. Nevertheless, more complex ICOs exist, the difference stemming from the additional rights received by investors.121

It is beyond the purpose of this article to investigate ICOs.122 What the article is trying to show by referring to this financial digital product, is the range of consumer protection issues stemming from their usage and accessibility to virtually any Internet user. In the EU, these financial instruments are almost completely unregulated, as the relevant bodies cannot yet determine the legal classification of the products/tokens created by ICOs, which would then enable them to establish a legal regime. EU institutions do not have a pro-active approach and lag behind their counterparts in the U.S. Although there is no definition of investment contracts in the Securities Act123 or in the Securities Exchange Commission Act,124 US courts and the SEC widely rely on the test established by the US Supreme Court in SEC v Howey Co.125 In the absence of a similar test to aid courts in their judicial assessment, EU consumers are exposed to potential abuses and lack adequate protection.126 This is best emphasized by the weak response from the European Securities and Markets Authority (ESMA), a counterpart (yet not entirely an equivalent) of the SEC, to the kind of threats posed to consumers by ICOs. For a better understanding, this section will first investigate ESMA’s role and powers, after which it will analyze the ESMA’s reaction to the threats posed by ICO’s.

3.2.1 ESMA and Its Role in Consumer Financial Protection

ESMA was established127 after the financial crisis exposed the shortcomings of financial supervision at Union level128 as part of the efforts to improve the protection of citizens and rebuilding trust in the financial system by reforming the structure of supervision of the financial sector.129 ESMA should ensure a high, effective and consistent level of regulation and supervision taking into account, among other factors, ‘the different nature of financial market participants’, it should protect ‘the transparency of markets and financial products’ and the ‘investors’ for the benefit of the economy in general and of the financial institutions and consumers in particular.130

Of importance are ESMA’s responsibilities regarding new financial activities. For instance, ‘the Authority should be able to temporarily prohibit or restrict certain financial activities that threaten the orderly functioning and the integrity of financial markets or the stability of the whole or part of the financial system in the Union.’131 Prima facie, this appears sufficiently broad to enable ESMA to tackle any new financial product generated by the digital age (such as ICOs). However, ESMA’s powers in this regard are curbed by the requirement that the financial activities in question represent a systemic risk at Union level.132 Moreover, the authority is to consider the impact of its activities on both ‘competition and innovation within the market [and] the Union’s global competitiveness’ every time it makes a decision, which ultimately implies that ESMA is more restrained by business considerations, than it is concerned with the welfare of consumers. As it will be seen, this is reflected in the minimalistic approach of ESMA towards financial innovation.

This does not mean that consumers could not benefit from ESMA’s activity, as protection of the financial market and adoption and implementation of technical standards,133 guidelines or recommendations134 indirectly protect consumers as well. For example, ‘in areas not covered by regulatory or implementing standards, ESMA has the power to issue guidelines and recommendations on the application of Union law’,135 the latter aspect lying at the ‘core [of] the integrity, transparency, efficiency and orderly functioning of financial markets, the stability of the financial system and for the neutral conditions of competition for financial market participants in the Union.’136

In addition, there are also normative tasks specifically related to consumer protection and financial activities.137 These are mainly based on the information paradigm and the general wisdom that financial education is the key to consumer protection. Thus, they are focused on ensuring transparency, simplicity and fairness in the market for financial products or services in the EU: ‘collecting, analyzing and reporting on consumer trends; reviewing and coordinating financial literacy and education initiatives; developing training standards in the industry; aiding in developing common disclosure rules.’138 However, as it will be shown139 the information paradigm is unfit for the ICOs market, because ICO white papers use a technical slang that even professional investors might not be able to understand.

In regard to novel financial activities, ESMA’s activity comprises of monitoring, issuing guidelines, recommendations or warnings, provided a financial activity poses a serious threat to the objectives the Authority is set to protect.140 To tackle financial innovation, ESMA was enabled to establish a Committee on financial innovation, bringing together experts from national supervisory authorities.141 Ultimately,142 beside the temporary bans or restrictions of certain financial activities, ESMA may also asses the need to permanently prohibit or restrict them in cooperation with the EU Commission.143

Summarizing, ESMA has at its disposal a wide range of powers concerning risks posed by financial innovation. However, these powers are curbed both by the Regulation’s provisions regarding the existence of systemic risk, the principle of complementarity and the bureaucratic hurdles at EU level. In regard to consumer financial protection, ESMA fits perfectly into the general view that consumers are better protected from dangers posed by financial innovation when provided with transparent information regarding risks and financial education to better comprehend such risks than by direct intervention on the market, which is reserved as a remedy of last resort.

The minimalist approach of ESMA towards such new and dangerous financial instruments is best exemplified by its attitude towards ICOs, deeply contrasting with that of its counterpart in the US, the SEC. After several years from their emergence the specialized Committee on financial innovation settled for a two pages warning on the risks of ICO’s.144 This is addressed in the following subsection.

3.2.2 Consumer Financial Protection by Warning

As already said, ESMA’s position towards ICOs is limited to a warning published in November 2017, alerting investors of ‘the high risk of losing all of their invested capital.’145 The statement is addressed to those who ‘[…] are considering investing in ICOs or have already done so […],’146 which means that for at least one category of consumers, ESMA’s reaction is tardive and useless for it offers no remedy.

In this instance, the inadequacy of the information paradigm is underlined by two facts. The first is that in the case of ICOs (as well as other digital financial products) the main piece of information provided to the consumer is that … there is no protection, because the legislators and regulators have failed to address these financial instruments.147 ESMA’s statement repeats it on several occasions: ‘In particular, be aware that you will have no protection in the case where the ICO is unregulated’, ‘ICOs, depending on how they are structured may fall outside of the regulated space, in which case investors do not benefit from the protection that comes with regulated investments,’ and ‘[d]epending on how they are structured, ICOs may not be captured by the existing rules and may fall outside the regulated space […] In the case where an ICO does not fall under the scope of EU laws and regulations, investors cannot benefit from the protection […].’148 Given its regulatory powers, ESMA should have done more about it, than to issue a warning.

The second stems from the fact that given the failure of the legislators to address and respond quickly to the problems posed to consumer protection by new financial instruments in a digital era,149 even the information received by the consumers may not protect them. As ESMA puts it:

‘The information that is made available to investors, e.g. in so-called white papers, is in most cases unaudited, incomplete, unbalanced or even misleading. It typically puts the emphasis on the potential benefits, but not the risks. It is technical and not easily comprehensible. Investors may therefore not understand the risks that they are taking and make investments that are not appropriate to their needs.’150

The issue of misleading information has been raised by empirical studies as well. After analyzing more than 50 ICO’s, Cohney et al found discrepancies between promises made in white papers and the concomitant smart contracts’ coding.151 Yet, scholars cannot substitute law makers and regulatory bodies, which is why the two pages warning of ESMA cannot constitute an adequate response.

How the problem of making technical information comprehensible for consumers may be addressed remains a mystery, as one may dispute even ESMA’s capability of explaining ICOs in a clear simple language. ESMA’s statement defines an ICO as ‘an innovative way of raising money from the public, using coins or tokens. […] The coins or tokens are typically created and disseminated using distributed ledger or blockchain technology (DLT).’152 The usage of technical slang – tokens, distributed ledger or blockchain – cannot be deemed comprehensible, and many consumers – whether financially literate or not – would have problems understanding it, even if the information provided would be entirely accurate.

This is just the beginning. ESMA warns also of additional risks associated with ICO investments, such as vulnerability to fraud and illicit activities, high risk of losing all the invested capital, lack of exit options and extreme price volatility, or flaws in the technology used. Nevertheless, the two pages written in plain language, in a concise and clear manner, not only come too late given that ICOs were already offered to EU consumers, but also their ‘consumer beware’ approach does not seem to function. By 2017 blockchain projects raised no less than 1,6 billion dollars via ICOs,153 which makes them a dangerous, yet very desirable and frequently consumed forbidden fruit, for both consumers and businesses. Conspicuously, just because consumers chose to invest in ICOs or other unregulated financial products, it does not mean they are automatically harmed by them. However, one cannot overlook the fact that in cases where problems would arise, the EU consumers would be left to suffer the consequences.

As shown before, a potential explanation for the appeal of risky financial products to consumers, lies in the trader’s ability to either alleviate consumers’ concerns or to shift consumers’ attention towards certain aspects of the product or service. In other words, beside the skill of the trader in gaining the trust of the consumers or misusing their blind faith in the protection from the authority, the additional benefits stemming from the information are sufficient to change their perspective with regard to the risks involved. Nevertheless, real life examples prove things are much more complicated.

One should take, for instance, the EOS Token Purchase Agreement154 where it is clearly stated, with capital letters, that ‘Purchase of EOS tokens are non-refundable, and purchases may not be cancelled. Buyer may lose all amounts paid’; ‘EOS tokens may have no value’, ‘Company reserves the right to refuse or cancel EOS token purchase requests at any time in its sole discretion’.155 The EOS Token Purchase Agreement, neither hides nor minimizes the risks involved by the transaction. It insists on consumer awareness, just like EU institutions.156

The company restates the fact that tokens may have no value and buyer may lose all amounts paid, and provides a non-exhaustive list of concomitant risks related to the functionality of features of the tokens, the stability of the EOS Platform, the token price and its tradability, the timing of the block-chain production, periodic congestions of the blockchain, the token’s security, third-party reliance, changes in software, project completion, or the uncertainty of the regulatory framework or of governmental action.157 This long list of risks and investor concerns158 did not preclude EOS from becoming one of the most successful ICOs. After just one year-long token sale, it managed to raise almost 4 billion dollars,159 even if the product’s release was significantly delayed and affected by technical issues.160 Although one cannot exclude the possibility that consumers consciously accepted to assume the risks, consumers’ aversion towards risky investments suggests this likelihood is rather low and the explanation must be sought elsewhere.

Where does the money come from? According to the EOS Token Purchase Agreement, not from US or China, as ‘EOS Tokens are not being offered or distributed to US persons […] or Chinese persons […].’161 The explanation for the exclusion of these categories of consumers comes from the regulatory framework applicable in the two jurisdictions, which the offer is trying to avoid. That means the target will be consumers from other parts of the globe, EU included.

Where would financial literacy fit in case of a financial digital product? The EOS Tokens Purchase Agreement seems to indicate that its product is addressed solely to experienced and knowledgeable consumers, well versed not only in business and finance, but also in digitization and technology. In its Representations and Warranties of Buyer section, the Purchase Agreement states that:

‘Buyer has sufficient knowledge and experience in business and financial matters, including sufficient understanding of blockchain or cryptographic tokens and other digital assets, smart contracts, storage mechanisms (such as digital or token wallets), blockchain-based software systems and blockchain technology, to be able to evaluate the risks and merits of Buyer’s purchase […]’ (emphasis added).162

Just how many consumers understand all the above, is difficult to evaluate. What is certain in this article’s view, is that a two-page warning from ESMA can hardly be considered adequate protection, unless combined with product regulation or clear guidelines, as suggested by Gikay.163

Such staggering amounts of money raised by EOS via Token sales brings back the old question: why do consumers ignore the risks? Why does the information provided to them not have a deterrent effect? Since there is no apparent logic behind it, and there is no hard evidence to support the idea that the consumers overnight, became so literate in digital financial products that they can see beyond the concerns of the regulators, the explanation must come from other areas, beyond legal science, such as behavioral studies. The EU regulators cannot just sit on the side, issue warnings, and call it the ‘high level of consumer protection’ promised in the Treaty. They need to act and regulate or ban potentially harmful products.

4 Conclusion: The Road To Hell…

The future does not appear to be any different. A 2018 behavioral study on the Transparency on Online Platform produced under the EU Consumer Program 2014–2020,164 noticed that ‘if there are problems, these do not concern transparency or informational asymmetries related to information searches or purchases’ rather, ‘a generalized characterization of many online uses is that they rely on blind trust.’165 This stems from consumers’ expectation that legislators will intervene and protect them from any unlawful behavior, although such trust might be misplaced.166

The study revealed that consumers are unaware and unlikely to understand the risks to which they are exposed due to unfair practices, misleading information or other ways in which traders might exploit them.167 Moreover, it emphasized that real life consumers (not the super-consumer envisioned by the CJEU case law and adopted by the EU legislators), even when informed about online manipulations, accept it as a ‘commercial reality.’168 It also drew attention to the fact that ‘it is important for regulators to understand that consumers are unlikely to spend significant amounts of time going through voluminous search results, even if they are made aware of search manipulations by online platforms.’169 Last, but not least, the study restated that ‘much individual decision making occurs subconsciously, passively and unreflectively rather than through active and conscious deliberation.’170

Therefore, one of the study’s major findings is that ‘when people are unaware and unconcerned, the asymmetry between platforms and consumers calls for regulatory attention.171 Nevertheless, the proposed solution falls short. After proving that people ignore information, the authors of the study suggest providing consumers with even more data, this time regarding search results, contractual identity and user reviews or ratings.172 In other words, to alleviate the risk posed by the fact that consumers tend to ignore information, more information is being given to them to ignore, while traders can go on about their usual business. The proposals for amending consumer legislation do not address or solve the issues posed by innovative and sophisticated financial products either.173 It is safe to assume that the information paradigm and the self-help type of consumer protection, as unfit as they appear, are here to stay.

The article revealed the inefficiency of protection by way of information and showed that instead of adequate product regulation and effective consumer protection, legislators provide consumers with data or mandatory disclaimers, shifting the task of protection from the EU authorities, to the consumers themselves.

In the aftermath of the financial crisis caused by unregulated and misconstrued innovative financial products and in the wake of digital financial revolution, the burden of protection has been placed on the consumers who now must be ‘responsible’. This concept entails that given the passivity of EU regulators in addressing digital and financial challenges the consumer must take a pro-active approach, become financially and digitally literate, evaluate all the risks, make the right assessments, or suffer the consequences. However, there are risks that cannot be removed by simply informing consumers of their existence and such full delegation of responsibility would be extremely unfair. Controls on or bans of unsafe products and services is expected174 and regulators’ intervention must go beyond educational campaigns and ads.

While the desire of the EU to preserve innovation on the (digital) internal market is legitimate, the treaty promise of high level of consumer protection in the digital age should not be turned into an empty slogan and handled only with ‘increased transparency’ or by shifting all burdens on the consumer. On the contrary, given that consumers face increasing sophistication and complexity of financial (digital) products, the regulators should also increase the level and effectiveness of consumer protection measures by becoming pro-active themselves and resorting to a functional approach of regulatory measures or bans, where product regulation is needed. This way, by catching financial and digital innovation within legal requirements and regulatory safeguards, the EU would provide adequate, efficient and harmonized protection to its consumers without hindering the functioning of the market.