FCA’s Regulatory Sandbox – Lessons Learnt

The Financial Conduct Authority (FCA), the UK financial services regulator, has recently reported on lessons learned from the first year of its regulatory sandbox. Although the FCA indicates that it’s too early to draw conclusions on the overall impact of the sandbox, it is happy with progress to date. Indeed, the FCA’s progressive sandbox concept, the first of its kind in the world, has attracted such a positive reaction, it’s now being copied by regulators around the world (including Australia, Hong Kong and Singapore).

The purpose of the sandbox, which was launched in June 2016, is to provide financial services companies and, in particular, FinTech start-ups, with a live but “safe” environment in which to test innovative products and services, before widely launching them on the market. The sandbox has proved very popular, particularly to FinTech start-ups and those not yet authorised by the FCA and each cohort has been oversubscribed. Successful applicants have come from a variety of sectors and, reflecting the increasingly global nature of FinTech, the sandbox has attracted participants from companies founded overseas (e.g., Canada, Singapore and the US) as well as the UK.

Participants have used the sandbox to test a range of business models involving different technologies including online platforms, biometrics and APIs. However, distributed ledger technology (otherwise known as blockchain) has been the most popular technology (some 17 different propositions). This isn’t particularly surprising, given the innovative nature of DLT and the legal and regulatory uncertainties associated with it.

In terms of the sandbox’s successes, the FCA reports that it has helped reduce the time and cost of getting new, innovative, ideas to market – around 90% of firms in the first cohort progressed to a wider market launch. In addition, the sandbox has helped FinTech firms gain access to finance – according to the FCA, at least 40% of firms in the first cohort received investment either during or following sandbox testing. “Feedback from sandbox firms indicates that taking part in the sandbox programme provides a degree of reassurance to investors through the oversight the FCA has of the firms’ tests and the increased regulatory certainty participation provides.”

Nevertheless, the FCA also identifies in its report challenges encountered by some sandbox participants. In particular, the FCA is concerned by the difficulties faced by a number of participants in obtaining key banking services in the UK, particularly firms wishing to leverage DLT, become payment institutions, or electronic money institutions. The FCA is concerned by what appears to be “blanket refusals for certain kinds of applicant firms” and criticises this “de-risking” by larger financial institutions as creating barriers to market entry and reducing competition.

It’s not surprising that banks are cautious.

The Fourth Money Laundering Directive flags up as potentially higher risk activities “new products and new business practices, including new delivery mechanisms and the use of new or developing technologies for both new and pre-existing products.”  The FCA accepts that reluctance “is, at least in part, driven by banks’ perception of greater money laundering and terrorist financing risks“. However, the FCA reports that this reticence “also appears to come from other factors including strategic business decisions, the profitability of certain relationships, credit risk assessments, and overall compliance costs.

If the UK wants to be the global centre of FinTech, this is an issue that needs fixing – not just for sandbox participants, but for the FinTech sector as a whole, particularly those in the DLT and crypto field, who are currently facing the biggest challenges. As the FCA has indicated, each FinTech should be judged on its merits – and you would like to think that a FinTech’s participation in the FCA’s sandbox programme should help provide additional validation.

FinTechs are also calling out for more action in this area.

Gabrielle Patrick, The Blockchain Lawyer & Co-founder of Epiphyte which participated in the first cohort of the sandbox shared with us her views on the sandbox: “The sandbox is a helpful programme for FinTechs to launch innovative offerings in the market and the FCA team is very supportive of innovation. However, the FCA need to do more, especially to lessen the extremely damaging effects of de-risking, without constraining banks’ commercial freedom, since this takes away from the positives of innovation. I hope that the FCA will do more work with FinTechs to achieve this goal, particularly in light of many uncertainties that currently face the UK“.

The FCA report also identifies other challenges facing sandbox participants. First, acquiring customers can be an issue for smaller firms that enter testing without a well-established customer base. The FCA points to partnerships between large firms and start-ups in the sandbox which have proven to be successful. In addition, with PSD2 implementation looming on 13 January 2018, and the debate still very much alive over secure communication between the new payment services and customer accounts, it’s noteworthy that the FCA points out that “smooth integration” with APIs is taking longer than expected, even among firms with experience of using new technologies. This echoes some of the practical concerns that are arising as the era of Open Banking approaches. Lastly, the FCA points out that satisfying the threshold conditions for authorisation is often more complex for new FinTechs than for traditional firms as their operations are structured differently from those which the FCA are accustomed to approving. Perhaps something for the regulator to address going forward?

In conclusion, the FCA’s report card for its sandbox seems to be –
“Good, but more to do”.

Making the UK the best place for FinTechs to launch and grow continues to be a key ambition of the Government. However, the FCA report demonstrates that we still need to address some of the basics. It’s all very well having flagship sandboxes and innovation hubs, but if innovative new entrants to the market can’t get a bank account in the UK, the risk is that some of them will re-locate to a more welcoming location.

Read more about sandboxes around the world.

Sue McLean
Sue McLean is a Partner in Baker Mckenzie's IT/Com practice in London. Sue advises clients on a wide range of technology matters, including outsourcing, cloud computing, technology procurement, licensing and distribution, digital and disruptive technologies including AI and blockchain. Sue has significant experience in advising clients in the financial services sector and is a member of the firm's FinTech group.