FUTURE OF THE FINANCIAL REGULATION – PART II: PRINCIPLE-BASED APPROACH AND THE ROLE OF REGULATORY SANDBOXES (EN) | Gençoğlu Partners (2024)

Emir BAYRAMOĞLU, LL.M.

PRINCIPLE-BASED APPROACH UTILIZING DATA:

Principle-based approach suggests reliance on well-defined principles rather than detailed, prescriptive codification. The backbone of these principles will be flexible, evaluative and qualitative terms and conditions, as opposed to quantitative bright line rules. To illustratre that, this means that provisions such as “three business days” will be replaced by “reasonable time”, which was defined by the guidelines. In this sense, this regulation method concentrates on the spirit of regulation[1]. Guidelines have paramount importance, since they develop supervision roadmaps which are sufficiently flexible to respond to new technology developments, dynamic risks and data points; whilst reducing the level of uncertainty about what is really expected from the companies in terms of legal compliance. In other words, this approach should be fit for both today’s and the future’s innovations; meanwhile, reducing the legal compliance costs -which constitute an entry barrier for start-ups- without creating a serious legal certainy problem.

There are some important bullet points to imply a successful principle based regulation in FinTech:

• The regulation should be more activity-based;

Similar rules should apply to similar activities, regardless of the entity. This is essential to provide equal opportunity and fair competition for every enterprise, whether they are FinTech or TechFin companies, or start-ups, or even large mature financial institutions.

• The regulation should be technology-neutral;

Regulations should not inadvertently or unnecessarily pose barriers based on the type of technology or methods used. In other words, the law should neither require or assume the use of a particular technology while regulating financial activities.

• The regulation should be proportionate and purposive;

Any regulatory step in the FinTech sphere must reflect the followings:

1)necessary, 2)reasonable and 3) suitable, to achieve a legitimate aim[2]. Moreover, in a purposive manner, rules should express the reasons behind themselves. This would help companies to adapt their actions for particular circ*mstances according to these purposes.

• The regulation should be harmonized across member states;

Differences in regulation can be justified but should not lead to regulatory arbitrage. Furthermore, harmonization should not introduce new sets of high regulatory thresholds, which will unnecessarily hinder the development of FinTech. In the EU level, this is also an essential necessity for the single market aim. Creating cross-border regulatory sandboxes across the EU might also be beneficial. Sandboxes create a safe testing environment but financial authorities should be careful not to jeopardize consumer protection by easing regulatory requirements.

• The regulation should be industry inclusive;

Both regulators and supervisors should apply regulations with an accommodating mindset: when applying legislation, supervisors should interact with FinTech companies and focus on the underlying principles and purposes of legislation. Establishing special teams (such as hubs and sandboxes) in support of FinTech, and sharing experiences, best practices and outcomes between national initiatives taken by national authorities is strongly supported[3].

• The regulation should include adequate remedies for breaches, which will be sanctioned through public enforcement action[4];

These arrangements motivate the market participants to invest in the robustness of their products and to develop certifications for software and related services; thereby, providing additional safeguards for clients and end-users.

• The regulation should be fed by data;

Data constitutes the backbone of the regulation technology (“RegTecht”). RegTech offers solutions (mostly automated) for challenges in the financial sector arisen from the innovative technology. RegTech purports to disrupt risk analysis, reporting and legal compliance. Developments in big data and machine learning solutions are vital in that sense. In order to contemplate and measure the efficiency of standards and principles, the combined use of “technology and data with a collaborative and iterative process to measure performance of covered entities [may] creat[e] a better informed regulatory development process”[5].

In the last few decades, the financial sector is being disrupted by monetization of data and digitization of money. In this regard, data is not only a power for FinTech and TechFin companies, but also an important oversight tool for financial authorities. Data might be used as an index or as a proxy in order to understand whether regulation is needed for a particular topic. According to global and national invesment data, regulators can detect which technology is attracting attention from investors (and customer demand may also be checked in this regard) and therefore, regulators can predict what the next “big thing” is, and act according to that. Moreover, data is useful to understand if a technology is about ready for commercial exploitation or if there is still a long way for its maturity. Neverthless, data privacy is a sensitive issue and every stakeholder should respect relavant restrictions while using a data for legitimate purposes.

These principles will provide strike the right balance between facilitating technological innovation and will enhance the integrity of these technologies for investors, consumers and the financial system. Nonetheless, one should not overlook that if these principles are not implemented correctly, the principle-based approach may cause severe problems. Principles may raise uncertainty and unpredictability, and concern about fairness/bias in application; and if not well designed, might remain incapable of being deterrent for specific problematic behaviors or activities.

REGULATORY SANDBOXES:

Regulatory Sandboxes aim to provide a safe and secure environment to Fintech firms to try their ideas and test their innovations. New entrants to the financial services market, can use the sandbox to test products, services, business models and delivery without first needing to meet all of the normal regulatory requirements and incurring the considerable costs of putting in place the complex structures and processes to successfully apply for regulatory authorisation[6]. Thus, it is a tool that allows firms to operate in a live but controlled environment where some of the regulations have been relaxed. Moreover, it has benefits in terms of macroeconomics, because the sandbox environment has suitable safe-guards to ensure that the effect of the failure of companies is limited and does not affect the stability of the overall financial system. Regarding to that, the following chart[7] shows the process overview:

Although the general process is in compliance with the aforementioned scheme, nevertheless it is needed to keep in mind that there is no single “sandbox” system. Policy makers should select a system that is more suitable for their countries realities. For example, the sandboxes in the UK and Singapore have been designed on per case basis. On the other hand, Australia has created an open sandbox which is applicable to all, with an option to customize for special cases.

Even though there is no single approach on regulatory sandboxes, there are some “must haves” in order to provide a successful environment. We embrace the criteria of MAS (Monetary Authority of Singapore). Regulations should ensure confidentiality of customer information, prevention of money laundering, countering of terrorism financing and should also provide a fit and proper criteria particularly on honesty and integrity. We strongly support sharing experiences and interpretation results between national ‘regulatory sandboxes’ as a way of harmonizing interpretations. A special role should be given to bodies like the IOSCO and the G-20 Financial Stability Board. Conversely, we do not see merits in establishing an EU sandbox due to the fact that national authorities are best equipped to deal with differences in markets and national legislation, and they can interact with companies more easily. Furthermore, acting swiftly is very important in Fintech and the EU Sandbox would have the risk of adding another layer of bureaucracy.

Let’s Look Closer to The Sandboxes and Examine Their Advantages and Disadvantages for A Legislative System:

Pros of Regulatory Sandboxes:

• Reduced time to market:

Uncertainty and delays –due to the regulatory landscape- significantly affects the first-movers and discourages innovators to release and experiment their products.

• Easier access to finance:

With regulatory sandbox in place, innovators can get easier access to finance as both the products viability and the regulator comfort are confirmed[8].

• Sends a positive, pro-innovative signal to the market:

Some innovators abandon their products or offerings at an early stage of its development due to an uncertain regulation. This signal incentives start-ups to continue. In the same vein, sandboxes incentivize licensed market players to accelerate their digital transformation. Sandboxes are also a great concept particularly for developing economies which still don’t have the necessary ecosystems required to support and promote innovation. Therefore, sandboxes may act as a catalyst.

• Transparency:

Pre-defined and standardized enter and exit standards ensure transparency in comparison to existing approaches such as case-by-case analysis, by using restricted licenses, special charters and exemptions, or just by adopting a laissez-faire conduct.

• Minimizing costs in a test environment:

Legal compliance is a deterrent aspect in finance. Compliance costs in the financial industry can be huge. Furthermore, large financial institutions are being fined for financial misconduct. Thus, sandboxes can be served as launch pads for safe testing within legal barriers but free from burden and investments.

• Industry inclusivity:

An industry inclusive approach enables innovators and regulators to discuss outcomes of sandbox environments and possible regulatory changes.

• Limited failure consequences and safety:

Whilst entrepreneurs can express their concerns related to licensing regimes, regulators get an opportunity to test major hazards before a wide-spread usage. Therefore, the impact of a service/product failure is minimal on the financial system and stakeholders. Furthermore, sandboxes ensure safety not just of the average Joe customer who chooses to use it but of the entire financial system[9].

• Enables governments to conduct a FinTech Policy:

Sandboxes provide a regulatory leeway; and owing to time, size, scope and target customer limits, it also enables states to prioritize focus areas and steer investments.

• External competition effect:

There is also an external competition effect, by augmenting competition among different states’ financial centers to be a pioneer FinTech hub in the world and pushing to disclose dispensation policies of other reluctant systems without regulatory sandboxes. This makes possible to review their policies and increase the invested amount.

• Easy to copy:

Furthermore, unlike case-by-case exemptions, it is an easy concept to copy and one can observe that by observing more than 15 existing sandboxes all around the world.

Cons of Regulatory Sandboxes:

• Implementation is not easy:

Sandboxes are easy to copy and adapt. However, implementation is not always easy. Inexperienced regulators have little insight into the risks they enable by adopting a sandbox, and despite making promises of liberal treatment, they can renegade upon latter. This is why even experienced regulators hesitate to use sandboxes and look for other alternatives. Moreover, a key principle of FinTech development is to give the customer exactly what they want. At the inspection of the regulatory oversight, skews can be seen in certain ways; for example, what if the FinTech innovation adversely affects revenues of state owned banks?

• Not a positive signal for the customers:

Risks could lead customers to refrain from entering into business with firms playing in the sandbox, and this would slow the FinTech’s growth.

• First mover advantage:

The FinTech world is a competitive space where the first mover advantage can make difference. Filing with the regulator etc. increases the chance of the technology to becoming commonplace or even worse, superseded.

• Hard to benefit from economies of scale:

Due to the lack of standardization among countries, sandbox activities are unsuitable for cross-border activity and it makes it hard to benefit from economies of scale.

• Regulators are under a disclosure burden in order to provide transparency:

A regulator should use its website for periodic disclosures; otherwise, transparency cannot be guaranteed.

• Finding the equilibrium between regulated and unregulated entities is not easy:

In designing a regulatory sandbox, maintaining a level playing field between regulated and unregulated entities is a core issue. Regulators have to find the equilibrium between encouraging innovation and protecting clients and the financial system.

In overall, despite being an important addition for regulatory frameworks, the regulatory sandboxes are not always the best toolkit. Testing, piloting, case-by-case forbearance, drafting entirely new regulations are some examples of the other alternatives.

Blockchain and Regulatory Sandboxes:

Blockchain directly affects the core businesses of large law firms’ corporate and financial clients. Due to the fact that law and money is always evolved together, we are at a major change point in business law. Many of the start-ups are using the tech to automate data transmission, financial asset transaction, and cross-border payments, among other applications. According to a report on an ILTACON blockchain program, “the panel all agreed that blockchain might be the most important addition the legal infrastructure since William the Conqueror gave rise to common law[10]”.

When it comes to blockchain and regulatory sandbox applications, there is a rising trend around the world for the creation of regulatory sandboxes for distributed ledger technology. The UK[11], UAE, Hong Kong, Singapore, Australia and Mauritius and the Netherlands[12] are examples of the countries which has extended their sandboxes into ledger technologies.

Regulators should take into account different examples and try to grant the best environment to those companies which belong to their jurisdictions. Our suggestions to the policy makers for the implementation of regulatory sandboxes is as follows:

Policy makers should release a consultation paper and the scope and duration of the sandboxes should be well-defined. If a company wants to benefit from sandboxes, it should meet some criteria such as demonstrating a genuine innovation, delivering a consumer benefit and most importantly, demonstrating a need to sandbox. Moreover, co-operation between industry players and monetary authorities -during the application of sandboxes- is very important for success. With brainstorming and a testing period, they can find new FinTech solutions and gain an early understanding of the general applicability of creative solutions for banking and payment services.

[1] United Kingdom is a prominent example of an implementation of this approach, due to the fact that the Financial Services Authority (FSA) embraces it since 1990. The principles enable supervisors and enforcers to police the spirit of the rules and eliminate a need to designate rules to anticipate every possible situation. Black, J., Hooper, M., Band, C. (2007), Making a Success of Principles-based regulation, Law and Financial Markets Review, 191-206, p. 192.

[2] Response of the Netherlands – Consultation document – FinTech: A More Competitive and Innovative European Financial Sector.

[3] Id.

[4] Black, J., Hooper, M., Band, C., p. 192.

[5] Brummer, C., Gorfine, D. (2014). FinTech: Building a 21st-Century Regulator’s Toolkit, p.8, available at: https://assets1b.milkeninstitute.org/assets/Publication/Viewpoint/PDF/3.14-FinTech-Reg-Toolkit-NEW.pdf (last visited: 12.05.2018).

[6] https://www.finextra.com/blogposting/13055/blockchain-playing-in-the-regulatory-sandbox (last visited: 12.05.2018).

[7] https://www2.deloitte.com/content/dam/Deloitte/in/Documents/technology-media-telecommunications/in-tmt-fintech-regulatory-sandbox-web.pdf (last visited: 12.05.2018).

[8] Deloitte Regulatory Sandbox Making India a Global Finch Hub (2017).

https://www2.deloitte.com/content/dam/Deloitte/in/Documents/technology-media-telecommunications/in-tmt-fintech-regulatory-sandbox-web.pdf (last visited: 12.05.2018).

[9] Fintech sandbox – a regulatory safeguard or a bottleneck. Fintech Enthusiast, https://fintechenthusiast.wordpress.com/2016/09/06/fintech-sandbox-a-regulatory-safeguard-or-a-bottleneck (last visited: 12.05.2018).

[10] https://abovethelaw.com/2017/08/in-legal-blockchain-is-the-new-black/?rf=1 (last visited: 12.05.2018).

[11] See more: UK Finance Watchdog Adds More Blockchain Startups to Regulatory Sandbox, https://www.coindesk.com/uk-finance-watchdog-adds-blockchain-startups-regulatory-sandbox (last visited: 12.05.2018).

[12] In addition to regulatory sandboxes, Dutch Financial Supervisor AFM (Authority for the Financial Market) introduced “InnovationHub”, which provides that companies can take advantage of partial authorisation; an authorisation with requirements or restrictions, or an opt-in authorisation. Figures show that it is a successful step; in the first six months of 2016, the InnovationHub received 114 requests for information about innovative initiatives in finance, from market operators.