On 7 January 2019, the Joint Committee of European Supervisory Authorities (ESAs) published a report on the different types of innovation facilitators: innovation hubs and regulatory sandboxes.
The report, based on the responses to a questionnaire sent to the National Competent Authorities (NCAs), sets out a comparative analysis of innovation facilitators established to date in the European Union (EU), identifies a set of best practices to promote convergence in the design and operation of innovation facilitators and transparency in their results and, finally, sets out proposals to promote coordination and cooperation between NCAs, including data protection and consumer protection authorities. The best practices will support NCAs when establishing or reviewing innovation facilitators and will help to maintain a level playing field throughout the EU.
The number of innovation facilitators in the EU has grown quickly over recent years. As of the report date, 21 Member States and three European Economic Area (EEA) States have established innovation hubs, while five Member States (United Kingdom, Denmark, the Netherlands, Lithuania and Poland) have operational regulatory sandboxes and another three (Spain, Norway and Hungary) are working on establishing one soon.
The Joint Committee of ESAs has published this report on the basis of Article 9(4) of the founding regulation for each Authority and to comply with the mandate specified in the European Commission’s (EC) March 2018 FinTech Action Plan.
Innovation hubs
Innovation hubs provide a dedicated point of contact for regulated and unregulated entities to raise enquiries on FinTech-related issues and to seek non-binding guidance on regulatory and supervisory expectations with regard to innovative financial products and business models, including whether or not administrative authorisation is required.
In general, all innovation hubs are very similar in terms of overall objectives and scope.
With regard to the operating model, some NCAs have established dedicated FinTech teams that partially rely on experts throughout the Authority, while others have a dedicated coordinator drawing on additional expertise throughout the Authority.
With regard to the procedure, there are some differences in the mode of interaction between NCAs and the enquiring firms (emails, physical meetings), the nature of the advice and assistance provided (binding or non-binding, support or not with any necessary process for authorisation) and record keeping and transparency of outcomes (publication or not of statistical data, reports, criteria, Questions&Answers, etc.). Some NCAs conduct specific reviews of the enquiries raised and the responses provided in order to assess the need for changes to regulatory and supervisory requirements to ensure financial innovation and technological neutrality.
With regard to the relationship between NCAs within the same Member State, in two jurisdictions that follow the “Twin Peaks” model, joint innovation hubs between the central bank and the financial markets authority have been established. This is not the case in other jurisdictions, but there are joint inter-sectoral initiatives. Joint initiatives allow automatic sharing of information and a more consistent approach to the issues raised in the different sectors. In order to facilitate the relationship with other NCAs, such as data protection or consumer protection authorities, some Member States have established Memoranda of Understanding (MoUs) or are working on them.
With third country competent authorities, many NCAs have used the existing general supervisory MoU to facilitate cooperation on FinTech-related issues, although some NCAs have put in place, or are at least considering, bespoke FinTech cooperation arrangements.
The three main categories of participants using innovation hubs are, in order of importance, start-ups, regulated entities (such as investment firms, management companies and trading venues) and technology providers.
Although they have only existed for a short time, the experience of the use of innovation hubs has been positive. NCAs respond to enquiries mainly about whether or not a certain activity needs authorisation, whether or not it is subject to anti-money laundering and/or investor protection legislation, on proportionality issues in the application of regulatory requirements and about the use of technologies (customer digital identification tools, distributed ledger technology (DLT), online platforms, robo-advice, electronic personal financial management tools, big data analytics, smart contracts and cloud technology).
Regulatory sandboxes
Regulatory sandboxes allow regulated and unregulated entities to test, pursuant to a specific testing plan agreed and monitored by the NCA, innovative financial products, financial services and business models in order to obtain a better understanding of the opportunities and risks presented by innovations and their regulatory treatment.
The common objectives for all NCAs are, on the one hand, to improve understanding about the applicability of the regulatory framework to the innovative proposition and, on the other hand, to increase the knowledge of NCAs about innovative initiatives in the financial sector and in their respective jurisdictions and, thanks to this knowledge, speed up their response capacity by adopting regulatory and/or supervisory initiatives. In addition, the United Kingdom identified as objectives: reducing the cost and time to enter the market for innovative business models and to promoting competition.
With regard to the legal basis, it is not permitted to provide financial services without authorisation, although in these environments the principle of proportionality is usually applied both for authorisation and for supervision. In addition, more resources are allocated to supervision during the testing phase.
With regard to entry requirements (assessment of eligibility), entities must comply with the relevant regulations and specific testing parameters, such as limitations, restrictions and/or other safeguards aimed at mitigating potential risks, may be set prior to the admission to the testing phase on a case-by-case basis. All sandboxes are open to traditional market participants (incumbents) and new participants (new entrants and start-ups) and to other entities, including technology providers that have arrangements with regulated entities to facilitate the provision of financial services or compliance with regulations (generally, blockchain or regtech) or to launch new products and services that are relevant for customer protection or financial stability reasons.
The procedure has several phases: application, preparation, testing and evaluation of the test.
Applications for testing may either be made at any time or in designated periods (cohorts). Competent authorities must assess whether the entry criteria for the sandbox are met. These include genuine innovation, customer benefits, need for testing in a live environment and the readiness of the firm to test the proposition (business plan, identification of potential customers, software licenses, etc.).
In the preparation phase, the testing parameters are determined (e.g. limitations on the volumes, number of clients, suitability or restriction on serving specific clients) and also a sandbox exit plan and agreements for restoring consumers if they suffer any detriment as a result of the test.
The testing phase allows firms to analyse the advantages and risks of the innovation in a live environment, while NCAs maintain their full supervisory powers, with adequate protection for consumers being essential.
The evaluation analyses the level of success of the test (which does not always mean that the tested business is legally viable) and the controlled exit from the sandbox, whether to continue or discontinue the activity.
Observed best practices and next steps
Annex B of the report contains a set of observed practices or operational principles that might be considered as best practices for addressing the operating challenges and risks of innovation facilitators.
Prior to the establishment of innovation facilitators, rigorous analysis should be carried out to identify the appropriate expertise, powers, processes and structures required in light of local market conditions, the resources available to the NCA and the structure of the financial sector.
All innovation facilitators should operate on the basis of the following general operating principles: i) they should be visible to market participants through the ANC’s website, press releases or industry roadshows; ii) they should provide points of contact; iii) they should have clearly defined objectives, functions and tools that are made public; iv) they should have public eligibility criteria that include incumbent institutions, new entrants and other firms (such as, technology providers partnering with financial institutions); v) the nature of communications with the firms should be defined; vi) appropriate internal records (e.g. on enquiries) should be maintained; vii) learnings should be disseminated to relevant functions of the NCAs and communicated to the market (e.g. in the form of published frequently asked questions) and viii) the operational functioning and resourcing should be reviewed and, where appropriate, revised from time to time.
Innovation hubs should function in line with the following specific operating principles: i) the key information required from firms submitting enquiries should be clearly defined, whilst making clear that additional information may be required; ii) a response should be provided within a reasonable timeframe and iii) where enquiries fall outside its scope, a referral should be made to other relevant NCAs.
Sandboxes should operate according to the following specific operating principles: i) entry conditions should be specified and made publicly available; ii) the information required to support entry applications should be defined and made publicly available; iii) all applications should be acknowledged in writing and the decision on participation in the sandbox should be taken within a reasonable timeframe; iv) testing parameters, determined on a case-by-case basis, may be imposed to mitigate any potential risks; v) firms should disclose to any consumers the fact the services are being provided in the sandbox, and the implications thereof; (vi) participating firms should be required to develop exit plans and an appropriate degree of protection for consumers and (vii) the principle of proportionality should be applied in the same way as to firms outside the sandbox.
The ESAs will take appropriate measures to promote a common approach to FinTech in the EU, e.g. by issuing guidance or creating networks. They will also analyse the different options available for improving coordination and cooperation among national innovation facilitators, in the context of the overall EU work programme on FinTech.
Link of interest: