Winning the AML Intelligence War with Public Private Partnerships
Key considerations for banks engaging with governments and peer institutions to improve financial crime compliance systems
Key considerations for banks engaging with governments and peer institutions to improve financial crime compliance systems
Challenges and opportunities in the US, UK and Europe
It has been a period rife with notable shifts on the global stage; a new administration in the US, the end of the Brexit transition period and the reaching of key milestones in the discontinuation of LIBOR, to name but a few. This section provides an overview of recent developments in some key regulatory hot topics
Challenges and opportunities in the US, UK and Europe
The digital revolution was well underway long before most of us had ever heard of COVID-19. Yet, as a consequence of the pandemic, life went online in a way that we had never before experienced, and the whole world was suddenly focused on the importance of digital services and solutions. This digital acceleration and increase in demand for fintech solutions presents challenges and opportunities for the financial services sector. In this article, our teams in the US and Europe consider recent trends and developments in the fintech space.
Throughout 2020 and into 2021, previously non-bank financial technology companies of many business models (for purposes of this article, Fintechs) have made significant movement to obtain some form of banking license.
Many of these entities are licensed to engage in lending or money transmission on a state-by-state basis. While many Fintechs previously actively avoided "bank-like" regulation in the US, for various reasons, those same Fintechs are now actively seeking such status, notwithstanding the additional regulatory obligations. (For definitional purposes, a bank charter refers to a non-bank entity seeking a charter to engage in banking services at either the state or federal level, and a bank license refers to a non-US bank being licensed to open a branch or agency office to engage in wholesale banking services in the US at either the state or federal level).
There are almost as many types of bank charters/licenses as there are types of Fintechs seeking them. So they have publicly stated all sorts of reasons for doing so. However, certain themes predominate for Fintechs:
Many types of bank charters and licenses may apply to Fintechs in the US. Some of the most popular options for Fintechs, beyond a full bank charter, include:
The answer to this question will vary based on the business model and plans of each Fintech:
There is currently no separate regulatory structure or specific framework for Fintechs in the UK. Therefore, Fintechs must be authorized by the Financial Conduct Authority (FCA) or the Prudential Regulatory Authority (PRA) if they carry out any regulated activities within the scope of the Financial Services and Markets Act 2000. This means that Fintechs will be subject to the same rules and requirements as any other firm carrying out those activities.
The licenses for which a Fintech may need to apply include: permission to carry out claims management activities, consumer credit activities, benchmark-related regulated activities, designated investment business, issuance of e-money, insurance business and insurance distribution. Certain consumer credit activities only require "limited permission," although the required permissions are specific to each Fintech. The FCA's rules and its regulatory philosophy are intended to be technologically neutral, meaning that it is not committed to one technology or approach as the only way of working.
An application to the FCA (and to the PRA, if necessary) can take up to six months to complete (or 12 months if the application is deemed incomplete, or additional information is required). Although a limited permission is generally a short application process, with a lower application fee than a full permission application, the FCA will assess whether the applicant is "ready, willing and organized."1
Nevertheless, certain policies and initiatives have been implemented by both regulators to encourage innovation and fintech development. A recent HM Treasury Report ("The Kalifa Review of UK Fintech" published on April 16, 2021) confirmed that both regulators need to ensure the regulatory approach to Fintechs "continues to not only protect consumers but also creates an enabling environment that encourages growth and competition."2 Certain initiatives and policies to do so are considered below, and importantly, the FCA has committed (in a speech on April 20, 2021) to "better advertise the support we already offer those firms looking to build out their innovative offering."3
Since 2016, the FCA's regulatory sandbox has allowed businesses to test innovative propositions in the market, with real consumers. The sandbox allows businesses of all sizes to pilot the commercial and regulatory viability of innovative products and services in a live, but supervised, environment. Importantly, the regulatory sandbox is open to all types of financial services propositions, and successful applicants are submitted in "cohorts." The FCA will publish a description of the cohort for prospective applicants. For example, for the next cohort (cohort 7), the FCA has stated that they are particularly interested in products and services intended to detect and prevent fraud/scams to support the financial resilience of vulnerable consumers and to improve access to finance for small- and medium-sized enterprises.
Applications to the regulatory sandbox are submitted via an application form, and for the last cohort, 22 businesses were accepted out of 68 applications. These included propositions that "make finance work for everyone" and "support the UK in the move to a greener economy."4 For example, Mintago put forward an application for a "financial wellbeing platform provided by employers that gives their employees the education and tools to plan their financial future."5
The Kalifa Review of UK Fintech suggested a number of enhancements to the regulatory sandbox. These include being available on a rolling basis (rather than through time-limited windows), offering support even where the proposal is not the first of a kind but is still providing or delivering an innovative proposition to the market, and creating a dedicated space in the regulatory sandbox for priority fintech areas.
Importantly, Nikhil Rathi (the FCA's CEO), on April 20, 2021, confirmed that the FCA will soon begin allowing year-round applications for the regulatory sandbox.
The Kalifa Review of UK Fintech recommended that a permanent digital sandbox be created, in addition to the UK regulatory sandbox discussed above, to give participants access to a range of development tools (such as synthetic data assets for testing and developing proofs of concepts, an API marketplace, a coding environment, as well as access to expert mentors and observers). The digital sandbox is intended to allow innovative firms to test and develop concepts in a digital testing environment. Ninety-four organizations applied for the pilot, which ended in February 2021, and 28 businesses were selected to take part. The evaluation report confirmed that this greatly accelerated development times for most participants and benefited the product design and refining of early-stage business models. The FCA intends to launch a second phase of the digital sandbox later in the year.
In addition to the digital sandbox, the Kalifa Review of UK Fintech recommended building upon the regulatory sandbox by implementing a "scale box" that would introduce certain measures to support partnering between incumbents and Fintechs and to provide additional support for regulated firms in their growth phase. In April 2021, Nikhil Rathi confirmed that the FCA would take steps to create this scale box and commented that the plans were to "create a regulatory "nursery," which would create a period of enhanced oversight for newly authorized firms to develop their businesses. This will ensure that the FCA remains in close contact with Fintechs immediately post-authorization so that they can provide necessary support and, if required to intervene earlier, to steer firms in the right direction. Precise details of this scale box are still to be confirmed, but the underlying intention is that Fintechs will not be treated in exactly the same way as firms with a long regulatory track record.
Fintechs carrying out only certain regulated activities may choose to become "appointed representatives" rather than applying to the FCA to become fully authorized. This means that a principal (who must be FCA-authorized), rather than the Fintech, takes full responsibility for the carrying out of those regulatory activities. This is only permissible provided there is a contract between the Fintech and the authorized person that satisfies certain requirements. Fintechs that choose this path therefore do not need to become authorized in their own right, as they benefit from the authorized status of their principal. Whereas applying to the FCA or PRA for authorization can be costly and take up to six months, becoming an appointed representative is typically a more straightforward process that can be completed in a matter of weeks, greatly speeding up the ability to commence operations. Although Fintechs that become appointed representatives need to comply with certain FCA rules, they do not need to comply with regulatory capital requirements, and the overall compliance costs are considerably less than if they were fully authorized by the FCA.
Importantly, however, an appointed representative can only carry out certain activities without requiring FCA authorization (such as safeguarding, arranging deals in investments and advising on investments). There are some regulated activities which will require Fintechs to become FCA-authorized in their own right.
This is not an FCA initiative intended specifically to encourage Fintechs, but rather a mechanism that can help Fintechs operate in the UK without needing to obtain full authorization.
The FCA also tries to reduce the effects of the regulatory framework being a "barrier to entry" for Fintechs in the UK, through its "Direct Support" program. This provides a dedicated contact for innovative businesses that are considering applying for authorization that "need support when doing so, or do not need to be authorized but could benefit from our support."6
Fintechs wishing to apply for Direct Support must submit an information form to the FCA and provide basic information about their product or service and about their business generally. The FCA will then determine whether Fintechs are suitable for Direct Support. If so, they will assess the most appropriate level of support for the Fintech. Such support could include an explanation of the relevant parts of the UK regulatory regime, providing an "information steer" on potential regulatory implications at an early stage of business or product development, and giving informal individual guidance on specific issues.
The FCA may even provide specific assistance with submitting a license application, and Fintechs may receive ongoing support for up to one year after obtaining a license.
To build on the FCA's regulatory sandbox, the Global Financial Innovation Network (GFIN) launched in January 2019 to help Fintechs (or innovative firms generally) interact in a more efficient way with regulators as they look to create new ideas.7 This network of more than 60 organizations (including the FCA, the Central Bank of the UAE, the Federal Reserve Board and more) aims to help Fintechs navigate between countries as they look to scale new ideas. In the first round of applications under its Cross Border Testing (CBT) program, which closed in December 2020, applications could be submitted to 23 regulators in the US, the UK, the EU, Canada, the Middle East and Asia-Pacific using a single application form, which was then submitted to the desired regulators. It is likely too early to assess the tangible results of this program, but it could encourage Fintech development globally.
Fintechs are by far the most successful startups in the EU in 2021 in terms of money invested in them.8 The acceptance of Fintechs has increased across Europe, as they have grown in size, scale and complexity. Some European digital banks have gained significant traction in regional and global markets and now attract millions of customers.9
Many Fintechs require a financial regulatory license under PSD2, MiFID2, CRD IV or Solvency II or specific member state laws to distribute their business models. In this context, the ECB issues various licenses for different banking activities. These include:10
However, if a Fintech does not wish to apply for a license, it must limit itself to banking activities that do not require a license or outsource these activities to a company with a license.
The process of acquiring a license can take three months to a year and is resource-intensive. However, having your own license has significant advantages. The biggest advantage is the European passport, which allows Fintechs to offer their services throughout the EU, with some exceptions. This enables Fintechs to participate in a common market consisting of 27 states with 500 million customers and 21 million businesses. A banking license can also lead to Fintechs gaining wider recognition and legitimacy. Above all, this can help break down barriers and mistrust and increase a Fintech's reputation in the broad financial landscape. In addition, a banking license can open up a new range of banking products. This can be a big step, especially in terms of marketing or brand perception. In summary, a banking license can provide the following benefits:
At the same time, disadvantages associated with a license include the need to comply with regulatory requirements such as specific organizational design, risk management, staffing, capital and reporting requirements, AML and others.
Currently, a uniform European regulation and licensing requirement for the commercial handling of cryptocurrencies is not clearly regulated by law,11 although a proposal exists for the Markets in Crypto Assets Regulation (MiCAR). It would classify some cryptocurrencies as "significant," thus requiring supervision and approval by the ECB, while others would only have to submit to the national supervisory authority. In some of these EU member states, regulations have already been issued.
In Germany, for example, the Federal Financial Supervisory Authority (BaFin) is responsible for supervising crypto custody businesses. This primarily includes companies entrusted with the safekeeping of crypto assets for their customers who are thus required to have a license. Furthermore, cryptocurrencies are also generally considered "financial instruments," which means their commercial use is subject to licensing under fiat standards.
Other countries that have enacted regulations include Lithuania, which distinguishes between cryptocurrency exchanges and cryptocurrency wallet management in its licenses, and Malta, which distributes its licenses according to four classes, each of which provides stronger regulations for broader uses of cryptocurrencies.
Instead of having its own license, a Fintech can also "borrow" the required license by using the banking license of an authorized service provider (a "white label bank"). This service provider then provides services under the name of the Fintech company. With the support of the white label bank, the Fintech can concentrate on its core business and, above all, save itself capital-binding investments. Further advantages include developing a brand, a short time-to-market phase and benefiting from the service provider's knowledge. However, white label banking also creates some disadvantages. A brand's credibility brand can be lost, and it makes the Fintech highly dependent on the financial services institution.12
1 Authorisation: what's involved
2 Kalifa Review of UK Fintech - Executive Summary
3 Levelling the playing field – innovation in the service of consumers and the market
4 Regulatory sandbox - cohort 6
5 Regulatory sandbox - cohort 6
6 Request Innovation Hub support
7 The Global Financial Innovation Network (GFIN)
8 The European fintechs to watch in 2021
9 Wie FinTech die Zukunft von Ökosystemen in Europa vorantreibt
10 Finance Institution and FinTech Licensing in Single European market
11 Financial services – EU regulatory framework for crypto-assets
12 FinTechs und die Herausforderungen der Regulatorik; Vor- und Nachteile des White Label Banking
Harriet Baldwin (White & Case, Associate, London) contributed to the development of this publication.
White & Case means the international legal practice comprising White & Case LLP, a New York State registered limited liability partnership, White & Case LLP, a limited liability partnership incorporated under English law and all other affiliated partnerships, companies and entities.
This article is prepared for the general information of interested persons. It is not, and does not attempt to be, comprehensive in nature. Due to the general nature of its content, it should not be regarded as legal advice.
© 2021 White & Case LLP