Across ASEAN, regulatory sandboxes are managing risk in fintech innovation

The region is gearing up towards a more integrated and regulated fintech innovation landscape.

By

Across ASEAN, regulatory sandboxes are managing risk in fintech innovation

The ASEAN region, with high internet adoption but relatively low availability of traditional banking services, is a fertile ground for innovators in financial technology. Global consulting firm Bain and Company expects the fintech sector to expand rapidly in the region, betting that two or three fintech unicorns will emerge by 2024.

As the region turns into a hotbed for fintech startups, developing regulatory frameworks that welcome innovation while at the same time manage risk, becomes the decisive factor.

Several countries across ASEAN have responded to the challenge by creating “fintech regulatory sandboxes” that allow experimentation in a safe environment, without having to comply with the strict regulations that apply to the financial sector.

The way these sandboxes are designed and what conclusions regulators draw from experiments running in them have a deep impact on both startups and the traditional financial services businesses. With collaboration between sandboxes on the rise, incumbents will also face the potential threat of startups that are able to scale across the region.

Regulators need sandboxes too

Predictably, most fintech businesses are in favor of a “free-rein” approach to regulation, while traditional financial services companies advocate for a more consistent, technology-neutral regulation environment.

“The fintech industry, rather than the regulators, is in a better position to shape the form and substance of the financial industry’s regulatory needs,” says Ridzuan Aziz, the Malaysia country director and head of ASEAN business for WorldRemit, an online money transfer company.

Regulators won’t simply scoot over to let companies make the rules, but the emergence of AI and technologies such as blockchain has required them to adopt a more dynamic and responsive approach to regulation than before.

One of the key challenges with new technologies and their use cases is that they don’t fit neatly into the traditional regulatory categories and that they evolve rapidly. It’s difficult, if not impossible, to regulate the use of specific technologies because rules will inevitably lag behind innovation.

Rather, regulators need to develop a better understanding of the underlying technology trends and collaborate with the businesses that develop and use them so that laws can be framed appropriately.

That’s where “sandboxes” come in. They bring regulators and businesses together within the safety and limits of a framework that gives startups the freedom to innovate and regulators the chance to learn about the impact and potential of different fintech business models.

One typical measure adopted in regulatory sandboxes is an industry licensing exemption for startups. Where banks and other financial institutions have to go through protracted licensing and certification processes, startups in the sandbox can get to work without having to obtain these licenses first.

This can create an uneven playing field where startups are at an unfair advantage over existing businesses.

Sandboxes also must have safeguards to protect consumers. This is usually done by ensuring there is sufficient regulatory oversight during the testing stage and that appropriate testing limits are implemented.

For example, a business may wish to test an innovative digital advice business that provides advice to wholesale clients, or a business may want to test an innovative marketplace, such as a peer-to-peer lending platform. If these two businesses participate in a sandbox, they would be able to provide these innovative services but within a certain threshold for a defined period of time. These limitations could be defined as the maximum number of clients or maximum exposure and they would be agreed upon on by the regulator and the business in advance.

Convergence across the region

ASEAN regulators have until now generally sought to define rules for the fintech sector in their country based on their existing regulatory framework for banking and financial services. Aziz, who’s also president of Fintech Association of Malaysia, argues that “regulators are indirectly competing with each other and quite unlikely to collaborate to form an integrated regulatory landscape”.

However, the pressure for more regional convergence is likely to increase as more jurisdictions establish sandboxes and these begin to collaborate with each other, according Andrew Godwin, a leading expert on fintech regulation in the region and the associate director of the Asian Law Centre at the University of Melbourne.

So far, regulatory cooperation agreements have been effective in harmonizing standards and principles, such as disclosure and consumer redress.

They have been less effective in harmonising regulation itself as a result of divergence in domestic laws and regulations. An often-quoted example of this are  Initial Coin Offerings and cryptocurrencies where there has been a broad range of regulatory responses across ASEAN member states.

“The next steps in the development of sandboxes are likely to involve passporting arrangements, where countries agree on common standards for the regulation of certain financial products and services and where entities licensed in one jurisdiction are permitted to operate in another jurisdiction,” Godwin says.

Among the ASEAN countries that have already set up well-established fintech regulatory standards, Singapore stands as a benchmark and a successful example. The city-state is not only the region’s most competitive fintech hub; its authorities have been at the center of an international effort to regulate the industry.

The Singaporean government implementing several initiatives to keep the industry ahead of the curve. The Monetary Authority of Singapore (MAS) first released its regulatory sandbox guidelines in November 2016, including MAS Guidelines such as technology risk management guidelines and outsourcing guidelines, while it established a Financial Technology and Innovation Group and a Fintech Office, one-stop entities that handle all fintech-related matters.

Some of the criteria that need to be satisfied by applicants to the sandbox are that they make use of new or emerging technology, or use existing technology in an innovative way; that the applicant has the intention and ability to deploy the proposed financial service in Singapore on a broader scale after exiting the sandbox; that the experimentation test scenarios and expected outcomes are clearly defined, and that the entity reports to MAS on the test progress based on an agreed schedule; among other things.

Singapore, in addition to its sandbox, has the Infocomm Media Development Authority (IMDA) and Spring Singapore, both well-established government agencies with a broad scope, that also advise financial firms on various fintech-related issues and provide assistance with government grants and regulatory issues.

Authorities have even been working with research institutions to develop a better understanding of the technology itself and conduct research on the policy, legal, regulatory, ethics and other related issues. As part of this plan, the Singapore Management University has set up a five-year research program on fintech and received a SGD 4.5 million (USD 3.3 million) grant from the IMDA and the National Research Foundation.

Surprisingly innovative: Thailand

Singapore, already a global financial hub and with an efficient government that has resources to support the fintech sector, is an outlier in the region.

Countries like Indonesia face a whole different set of challenges, but they’re taking cues from Singapore, forming similar entities to manage and monitor fintech startups in the country, but without the high degree of government financial support and R&D.

Thailand is a noteworthy case. The Bank of Thailand launched a regulatory sandbox in early 2017, with some of the most advanced criteria to encourage fresh and innovative companies to grow services and products that will benefit the people of Thailand.

The BoT allows companies to build networks and partnerships in Thailand and across ASEAN to enhance the country’s broader financial ecosystem and role in the region.

In the Thai model, a startup’s innovations stay in the sandbox for a fixed period of 6 to 12 months after which successful businesses can apply for operating licenses But the sandbox isn’t just for startups, it’s also used as a testing ground for technologies that could find wide application in the traditional banking sector.

For example, the BoT plans to permit financial institutions to use biometric technology for electronic “Know Your Customer” (e-KYC) processes. Banks are required to verify the identity or their customers and this would traditionally have to happen face-to-face.

The e-KYC technology is now being tested in Thailand’s regulatory sandbox, and is expected to leave the confines of the test environment to enter the real world in the third quarter of this year. Twelve financial institutions, including Siam Commercial Bank, Kasikornbank and Bank of Ayudhya, and non-bank firms participated in the test.

The sandboxes in Thailand and Singapore operate along similar lines. Thus, like Singapore, the Thai model is intended to support innovation by all firms. Companies that wish to enter the sandboxes in Thailand and Singapore must apply to the relevant regulator. That’s not the case everywhere in the world, Godwin explains.

Australia, for example, has adopted an industry licensing exemption where financial services innovators are not required to apply and are able to commence testing without engaging with the regulator.

A major distinction between Thailand and Singapore is that Singapore’s sandbox is a comprehensive sandbox and covers a broad range of products across the banking and securities markets, Godwin says. That’s because Singapore has an integrated regulator – the Monetary Authority of Singapore – which regulates most of the financial sector.

Thailand, on the other hand, has a regulatory system that is sectoral in nature where the Bank of Thailand (BoT) supervises financial institutions and the Securities and Exchange Commission (SEC) regulates securities firms. Each regulator has its own sandbox. The SEC’s regulatory sandbox, for example, would cover innovative products such as robo-advisors and algorithm-based trading and investment.

Thailand’s SEC also recently introduced guidelines for cryptocurrency startups and Initial Coin Offerings (ICOs), making Thailand one of the first countries worldwide to provide a regulatory framework for fundraising via ICO.