Fintech start-ups and regulators are playing together in sandboxes around the world seeking to balance the benefits of innovation for financial inclusion and economic growth, with potential financial stability risks.  As noted recently by Mark Carney, Governor of the Bank of England, in a recent G20 conference on “The Promise of FinTech – Something New Under the Sun?:”: “To help realise FinTech’s promise, we should refresh our supervisory approaches in a few ways… First, regulatory sandboxes can allow businesses to test innovative products, services, business models and delivery mechanisms in a live environment and with proportionate regulatory requirements. This supports innovation and learning by developers and regulators…The G20 might consider the extent to which such approaches should be adopted more widely”.

It seems timely to consider global developments in regulatory sandboxes and the issues which may need to be considered in their establishment.

The 2016  G20 High-Level Principles for Digital Financial Inclusion  already refer to the need to allow pilots of Fintech related innovations. Principle 3 Provide An Enabling and Proportionate Legal and Regulatory Framework for Digital Financial Inclusion suggested that the framework should “allow for piloting innovative new delivery channels, products and services, and business models, without having to immediately comply with all regulatory requirements. At the same time, such a framework should ensure fair and balanced oversight, maintaining obligations to meet AML/CFT requirements consistently with international standards, while ensuring that no participant in the pilot obtains an undue advantage. And the framework should balance the risks of digital financial inclusion with the costs of supervision and compliance”.

But what is a regulatory sandbox? Put simply, a regulatory sandbox is usually a “safe house” where pilots of specified types of innovative financial products and services can take place, with the support of financial sector regulators. In this space, there may be relief from regulatory requirements which would otherwise prevent the pilot taking place. Many countries have established such sandboxes, with 2016 being an especially busy year.

Where is all this activity taking place? Consider the following examples:

  • Abu Dhabi: On 2 November 2016, the Abu Dhabi Global Market launched the first regulatory sandbox in the MENA Region. It is understood that the arrangement will give selected fintech applicants up to 2 years to launch develop, test and launch their products under a light touch regulatory framework. However, only applicants that “promote significant growth, efficiency or competition” are eligible. Details of the rules of participation are set out in the FinTech Regulatory Laboratory Guidance.
  • Australia: Australia’s Innovation Hub is designed to help fintech start-ups navigate the Australian regulatory system and to benefit from a streamlined licensing process under a sandbox – type approach. The Australian Securities & Investments Commission (ASIC) has power to grant waivers from regulatory requirements for the purposes of the sandbox (and more generally). However, ASIC is committed to maintaining, and not compromising, on key regulatory principles, including consumer and investor protection.Significantly, ASIC issued on 15 December 2016 a class order providing a world-first licensing exemption for fintechs. The exemption is subject to strict conditions. In particular, it is limited to entities who provide advice or deal in, or distribute, certain financial products, have no more than 100 retail clients and a total customer exposure of no more than A$5 million; test their products for no more than 12 months; have adequate compensation and dispute resolution arrangements and meet conduct and disclosure requirements.Australia also has fintech – related cooperation arrangements with the Monetary Authority of Singapore (MAS), the UK Financial Conduct Authority (FCA) and the Ontario Securities Commission. These arrangements provide for information sharing and support for cross – jurisdictional fintech start-ups.
  • Indonesia: The Bank Indonesia FinTech Office was inaugurated in November, 2016. The Office has broad objectives relating to the development of a competitive, technology – based ecosystem in Indonesia and of assisting BI to follow fintech developments. It includes a regulatory sandbox to support fintech actors and to provide a means of collaboration between industry participants and regulators. BI may authorise fintech activities, subject to conditions.Indonesia’s Financial Services Authority (OJK) also has a regulatory sandbox (as well as a Fintech Innovation Hub) in which fintech businesses can pilot consumer services under the supervision of OJK (which covers most financial services but not payments, which are regulated by BI). Regulations covering the sandbox and the development of the fintech industry were not available at the time of writing.Interestingly OJK has recently released the Marketplace Lending (Peer-to-Peer Lending) Regulation No. 77/ 2016. This Regulation contains requirements for previously unregulated P2P lenders in relation to licences, capital requirements, foreign ownership, loan limits and the content of agreements.
  • Malaysia: Bank Negara Malaysia released its Financial Technology Regulatory Sandbox Framework on 16 October 2016. The Framework contains detailed guidance on eligibility criteria; the need to provide for potential risks and safeguards (especially for consumers); application requirements; reporting requirements during the pilot; the maximum testing period (12 months) and the circumstances in which an approval can be revoked. It is also makes clear that the Bank may provide regulatory flexibility for the purposes of a pilot.
  • Singapore: The MAS issued its Fintech Regulatory Sandbox Guidelines on 16 November 2016 following a public consultation process. The Guidelines make it clear that legal and regulatory requirements may be relaxed by MAS and also set out guidelines on the evaluation criteria they will use for entry into the sandbox and participation requirements. Examples are given of regulatory requirements that may be relaxed (e.g. as to capital and liquidity) and of those that are likely to be maintained (e.g. as to confidentiality of customer information).
  • Thailand: The Bank of Thailand (BOT) issued a consultation paper in October 2016 on FinTech Regulatory Guidelines. It is understood the aim is to allow eligible business operators to test their innovative financial products and services in a live environment, without being subject to all the usual regulatory requirements. Key requirements proposed for participation include appropriate consumer protection; anti-money laundering measures and risk management systems.
  • United States of America: The USA does not as yet have a formal regulatory sandbox of the type described above. However, the Consumer Financial Protection Bureau encourages innovators to pitch pilots for consumer – friendly innovations to the Bureau under the terms of Project Catalyst. This may include waivers and a partnership with the CFPB. Further, the Financial Services Innovation Bill introduced in September 2016 proposed the establishment of a “no -action relief mechanism for financial innovators”. The status of this Bill was not known at the time of writing.

These examples suggest there are some common issues to consider in setting up a regulatory sandbox. They include:

  • Regulatory mandate and resources: The most fundamental question is whether the regulator has the mandate to provide the sandbox, and waive regulatory requirements, as well as the capacity and expertise to maintain the sandbox and understand related fintech developments.
  • “Rules of play” for the sandbox: Ideally these rules will be the subject of a consultation process before being finalized, and well publicised afterwards.
  • Regulatory standards: It will be important for the regulator to identify the principles they will apply in assessing proposals. For example, most regulators in the above examples stress the importance of ensuring consumer / investor protection during a pilot and the need to comply with anti-money laundering rules.
  • Eligibility: What types of fintech business should be eligible for the sandbox? Only institutions which are clearly under the supervision of the regulator? What about e.g. technology firms? Does the business need to be a start-up? Is local or foreign ownership relevant? What about the need for competition in the relevant part of the financial sector? Also, can a business participate if it is clearly covered by the current regulatory regime?
  • Products and services: What are the types of products and services that should be covered by the proposed pilot? Should there be a requirement for innovative products and services, and the potential to support financial inclusion goals?
  • Application process: What is the information that an applicant must provide in support of the application?
  • Pilot: What are the terms of the pilot? What should be the maximum length? Are there to be any limits on the number of consumers who can be involved? Or the maximum customer exposure?
  • Risk assessment: Is the applicant to be required to identify possible risks and related safeguards arising from the proposed pilot?
  • Reporting: What are the interim and final reporting requirements for a participant?
  • Revocation of approval: What are the circumstances in which an approval to participate in the sandbox might be withdrawn?

In conclusion: there is clearly an international trend for countries to establish rules – based “regulatory sandboxes” to support fintech innovations. It will be interesting to see the impact of these new developments over time, whilst acknowledging that assessing impact is always hard.  In the meantime, one can only applaud the regulatory flexibility supporting fintech innovations and ultimately financial inclusion and economic growth.

Share this article -
Share on LinkedInTweet about this on TwitterShare on FacebookShare on Google+