The Australian Government has announced a 'regulatory sandbox' for FinTech startups, as part of its 2016/2017 Budget announcements made today. The move was foreshadowed in the Government's March policy framework to make the Australian FinTech sector transformative for the economy and internationally competitive.
A sandbox is intended to provide a safe space for testing innovative financial products and services without triggering the otherwise applicable full set of regulatory consequences. Under Australia's financial services licensing regime these can be draconian: criminal offences for unlicensed conduct as well as fines and civil penalties for firms and their directors & officers.
Australia's Innovation goal
The goal of the sandbox is to foster innovation by lowering administrative barriers and costs for testing innovative products and services, while ensuring that risks from testing do not transfer to consumers.
“Fintech offers real opportunities to boost our financial services exports, taking advantage of the growing middle class in Asia and increasing digitisation of commerce” according to the budget papers.
“We believe that Australia’s financial system laws and regulations should enable innovation,” confirmed the budget papers.
The Treasurer announced that the Australian Securities and Investments Commission (ASIC) will shortly release a consultation paper on a regulatory sandbox exemption "to enable entrepreneurs to test ideas for up to six months with a limited number of retail clients and up to prescribed investment thresholds".
ASIC has already begun moves to consult and work with the FinTech community, establishing its own "Innovation Hub", releasing a high level FAQ and nominating a senior staff member to lead consultation.
Consumer protection measures
Without much further elaboration, the budget papers also confirmed that "certain consumer protections will be maintained."
The UK's Financial Conduct Authority (FCA) considered a number of safety measures ranging from informed consent through to the businesses in the sandbox providing a meaningful indemnity for losses (the FCA will launch its own 'regulatory sandbox' on 9 May 2016).
Consumer protection is a high priority for ASIC, and so it can be assumed that this will feature prominently in its consultation process. Firm may have to provide undertakings to ASIC and comply with various rules on marketing, privacy and disclosure. Presumably businesses in the sandbox would also need to compensate losses (e.g. investment loss) and perhaps demonstrate their indemnity is backed by capital resources.
Potential scope for licensing relief
The ASIC consultation period should provide insight into the extent to which it is willing to relax the strictness embodied in the Australian financial services licensing regime.
Options might include:
- ASIC agreeing to provide direct, individual guidance to firms by setting out how it will interpret relevant rules, such that those firms which adhere to the guidance being deemed to have complied with the rules to which the guidance applies.
- ASIC could also grant waivers to breaches of rules if they are considered to be unduly burdensome or not achieving their purpose in that particular context and where a waiver or modification would not adversely affect the advancement of any of ASIC's objectives.
- ASIC could consider issuing no enforcement action letters in certain circumstances.
In the UK, there are a number of eligibility criteria for firms to meet before being granted entry into the sandbox.
• The firm must be in scope: The firm's intended activity must be regulated by the FCA or intended for firms regulated by the FCA. The goal of this criterion is that the intended activity will benefit the UK financial services market.
• The product or service must be a genuine innovation: The product or service must be ground-breaking or be significantly different from existing offerings in the marketplace. If there are similar offerings in the market already, or if the FCA deems any differentiation from existing offerings to be artificial, a product or service is unlikely to fulfil this criterion.
• There must be a consumer benefit: The product or service must offer a good prospect of identifiable benefit to consumers, such as higher quality services or lower price. A firm will be more likely to meet this standard if it identifies any possible consumer risks and proposes mitigation.
• There must be a need for a sandbox: The firm must have a genuine need to test its product or service on real customers and in the FCA sandbox (e.g., where the firm has no alternative means of engaging with the FCA or of achieving the testing objective, or where the full authorisation process would be too costly or burdensome for a short viability test).
• The firm must be ready for testing: The product or service to be tested must be ready for testing in a live environment (has the firm conducted any previous testing and was the testing plan and the testing objectives adequately developed?).
The FCA has also developed and published default standards for testing parameters. These provide some guidance on what the FCA will be expecting as part of an agreement on testing parameters. These default standards cover the following areas:
• Duration: Sandbox testing is intended for a limited duration (the Australian Government signalled today six months to be an appropriate duration).
• Number of customers: The size of the test and the number of participating customers will be strictly limited (but big enough to obtain statistically relevant data).
• Customer selection: The firm must find the customers for testing. The type of customers must be appropriate for the product or service to be tested, the intended market and the risk involved.
• Customer safeguards: The firms must have appropriate customer safeguards in place, agreed with the FCA on a case-by-case basis.
• Disclosure: Firms should disclose information about the test and the available compensation (including in the event of firm failure) to customers who are engaging in the sandbox under informed consent.
• Data: The FCA states that it is not responsible for the provision of data to firms testing in the sandbox.
• Testing plans: Testing plans should clearly set out the timeline, key milestones, measures for success, testing parameters, customer safeguards, a risk assessment and an exit strategy for customers that participate in the test to avoid negative consequences for these customers.
Who might benefit from the sandbox?
It will be interesting to see how the sandbox approach develops for firms such as those with a blockchain platform and their own cryptocurrency.
Although the focus is usually on cash strapped startups when talk turns to the need for a regulatory sandbox, established firms, accelerators and proven businesses from other industries will likely also have the ability to use the sandbox to learn through play.
3 May 2016
Dominique Hogan-Doran SC is a financial services regulation expert counsel. She is also a non-executive director of an AFS licensee/APRA regulated industry super fund (with $2.2bn FUM) and co-founder of a Stone & Chalk resident FinTech startup.