Go to our Contact page for our office details.
The Department of Home Affairs has issued its draft guidance “Modern Slavery Act 2018: Draft Guidance for Reporting Entities” (Draft Guidance) for the new Modern Slavery Act 2018 (Cth) (the Act).
In the final update for 2017, we examine recent legislative and regulatory developments across the fintech landscape. In Australia, significant developments including the Australian Government passing new laws which will bring cryptocurrency exchanges within the scope of anti-money laundering and counter-terrorism financing (AML/CTF) legislation, the Governor of the Reserve Bank of Australia (RBA) providing clarity on whether it will introduce an electronic Australian dollar and the Australian Securities and Investments Commission (ASIC) consulting on its regulatory sandbox, as well as reporting on marketplace lending and cyber resilience. Overseas, the primary developments have been in relation to Initial Coin Offers (ICOs) with regulators in the US, Europe and across Asia taking enforcement action and releasing statements.
Fintech Fact: According to the Reserve Bank of Australia, the use of cash payments has nearly halved since 2007 as consumers increasingly use contactless ‘tap and go’ cards.
Following the introduction of a bill earlier this year to extend access to crowd-sourced equity funding (CSF) to proprietary companies, the Treasury has opened consultation on an exposure draft of the Corporations Amendment (Crowd-sourced Funding) Regulations 2018. The draft regulations outline additional requirements for proprietary companies to access the CSF regime:
Consultation on the draft regulations closes on 2 February 2018.
At the 2017 Australian Payment Summit, the Governor of the RBA, Philip Lowe, delivered a speech addressing whether the RBA intends to issue a digital form of the Australian dollar. Terming it an eAUD, the Governor asserted that the RBA had no immediate plans to issue an eAUD, but indicated that the RBA would continue research into the area. Notably, the Governor highlighted ongoing examination of the use of a central-bank issued digital dollar in relation to settlement arrangements. Key insights included:
The possibility was left open to the RBA issuing a new form of digital money through a variation on the exchange settlement account. This could be implemented on distributed ledger technology and be used within specific settlement systems.
ASIC has recently released Report 555 Cyber resilience of firms in Australia’s financial markets. The report outlines the findings from the self-assessment survey of over 100 Australian financial firms in the past two years. ASIC’s report identifies the trends of small-medium enterprises (SMEs) and large firms distinctively, with findings set out in the table below. The report found that while firms are getting better at managing cyber risks, there is still some progress to be made.
In producing the report, ASIC used certain survey terms to test the probity of cyber security policies. These terms included ‘partial’ (when policies are non-existent or not formalised), ‘risk-informed’ (when policies are rarely updated and are not consistently followed), ‘repeatable’ (when policies are regularly updated and with compliance measures in place) and ‘adaptive’ (when policies are consistently evolving with the market).
ASIC noted that while the report showed greater engagement by firms on cyber resilience, there was both a disparity between firms and insufficient investment in cyber resilience measures. The report follows ASIC’s earlier Report 429: Cyber Resilience – Health Check, which outlined suggested ‘health check prompts’ for companies.
ASIC has released its recent review of its regulatory sandbox. The sandbox was established in December 2016 to encourage investment in the fintech sector by providing flexibility in the regulatory framework through a number of licensing exemptions. The consultation paper proposes to retain the fintech licensing exemption, with no changes to the sandbox’s current structure.
ASIC’s fintech licensing exemption allows eligible fintech businesses to test certain specified services without needing to hold an Australian financial services licence or credit licence. Eligible businesses may take advantage of the exemption for up to twelve months with up to one hundred retail clients, as long as certain consumer protection conditions are met and a notification is made to ASIC of the intention to conduct business. The regulator stated that the rationale for making no changes to the exemption is to maintain a consistent framework until such time as Parliament implements its proposed legislation for an enhanced regulatory sandbox exemption. This new exemption would likely supersede the fintech licensing exemption.
Although various members of the fintech sector have criticised the sandbox for a lack of uptake, ASIC said that four fintech businesses have accessed the licensing exemption. One business is testing its financial services in providing advice and dealing in listed securities, two businesses are testing advisory and dealing services in deposit products, and one business is acting as an intermediary and providing credit assistance. Over a dozen fintech businesses have contacted ASIC in relation to using the fintech licensing exemption.
Consultation on ASIC's proposal to leave the regulatory sandbox unchanged closes 27 February 2018.
The Australian Parliament has recently passed the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2017, discussed earlier here. The amendments will bring digital currency exchange providers under the remit of the Australian Transaction Reports and Analysis Centre (AUSTRAC), which will require exchanges to register with the agency and be placed on the new Digital Currency Exchange Register. If a person provides a registrable digital currency exchange service without registering with AUSTRAC, this will be an offence carrying a penalty of up to two years imprisonment or a fine of up to $105,000, or both.
Registered exchanges will be required to implement Know-Your-Customer (KYC) processes in order to verify the identity of their customers. AUSTRAC will expect exchanges to monitor and report suspicious and large transactions, as well as keep certain records relating to customer identification and transactions for seven years.
In Parliament, the Attorney-General said, “most businesses in the digital currency exchange sector welcome the introduction of AML/CTF regulation, as they are already mindful of the risks posed by the service they provide.” These amendments will likely commence in early June 2018 unless another date is fixed.
ASIC has released its second survey on the marketplace lending industry, which indicates steady growth in both borrowing and lending activity in the market since the last report. Marketplace lending allows investment in loans to consumers and SMEs, which can provide an alternative source of funds to traditional channels. Marketplace lending does not have a stand-alone regulatory regime in Australia, rather the regulations depend on how the business is structured and the types of financial services and products being offered.
ASIC undertook the survey to determine emerging trends and changes in the level of risk within the industry, as new technology platforms facilitate significant growth in marketplace lending. The report is based on survey responses from the providers of twelve marketplace lending platforms, representing a limited cross-section of the industry. Key findings from the report are outlined below:
The report highlights instances of non-compliance with laws and regulations in relation to advertising and promotional material and disclosure documents for marketplace lending products. As the activity levels in marketplace lending continue to grow, ASIC intends to undertake further surveys in order to determine the stability of this industry.
ASIC has announced a Cooperation Agreement with a number of Canadian regulators on fintech cooperation. An agreement had previously been entered into with the Ontario Securities Commission (OSC), however this new agreement expands the existing information sharing framework to other provincial securities regulators. The agreement will also allow for the referral of innovative fintech businesses to and from Canada.
The provincial regulators that are signatories to the agreement include those in Quebec, British Columbia, Alberta, Saskatchewan, Manitoba, New Brunswick and Nova Scotia. These regulators are responsible for the regulation of securities within their respective provinces and territories. They have joined to form the Canadian Securities Administrators (CSA), a council that coordinates and harmonises regulation for the Canadian capital markets. Notably, Quebec’s AMF has accepted a token sale into its regulatory sandbox with consideration on extending the relief after two years. With the Canadian approach to ICOs broadly reflective of ASIC’s views, this agreement could provide ASIC with valuable insight as its own regulatory sandbox is reviewed.
There have been significant developments across Asia and in the United States in relation to ICOs. In particular, the latest developments reinforce that token offerors must not only consider the application of securities laws but also other requirements including consumer protection obligations and anti-money laundering and counter-terrorism financing regimes. In the US, various class actions have focused on both securities law analysis and misrepresentations to investors suggesting that the application of consumer protection must be a significant consideration for token offerors during an ICO.
Beyond this, engagement with DLT continues to grow. As well as the ASX adopting DLT in Australia, the House of Lords in the UK has issued a report highlighting the opportunities offered by DLT and calling on the UK Government to lead “practical application and testing” of DLT. In particular, the House of Lords identified sectors ripe for DLT implementation as being trade and immigration, national security and public safety, taxation, healthcare, food traceability and accountability, cybersecurity and counter-fraud, and payments and asset traceability.
As well as this, British overseas territory Gibraltar has passed a bill extending investor protection to businesses “carrying on controlled activities which are not investment services”. The bill is in line with Gibraltar’s proposed regulatory framework for DLT businesses, which is planned to take effect in January next year. Under the framework, businesses providing DLT services will be required to apply for a licence from the Gibraltar Financial Services Commission.