Go to our Contact page for our office details.
The Department of Home Affairs has issued its draft guidance “Modern Slavery Act 2018: Draft Guidance for Reporting Entities” (Draft Guidance) for the new Modern Slavery Act 2018 (Cth) (the Act).
In this update we navigate the varied and significant cryptocurrency and fintech developments in Australia and international jurisdictions.
In relation to cryptocurrencies, the Reserve Bank of Australia (RBA) has discussed its risk assessment of digital currencies, there has been further regulation of initial coin offers (ICOs) and cryptocurrencies in many jurisdictions and a class action has been filed in the United States (US) against Tezos in relation to its recent ICO.
Developments in fintech include the United Kingdom’s (UK) Financial Conduct Authority (FCA) reporting on the first year of operation of its regulatory sandbox, the Australian Securities and Investments Commission (ASIC) entering into fintech related agreements with regulators in Switzerland, Dubai and China and establishing a fintech bridge with the UK, and the introduction of mandatory consumer credit reporting in Australia. There have also been setbacks for fintechs with the Productivity Commission (PC) endorsing a vendor collection model for low value GST collection, rather than adopting technology based solutions.
Finally, while not discussed in this update, the announcement of a Royal Commission into banks and financial services in Australia may have a significant impact for fintechs into the future. The potential impact of this Royal Commission for innovative and disruptive financial services providers is at this stage uncertain but we will provide updates on this going forward.
Fintech fact: over 26,000 blockchain-related projects were created on code repository, GitHub, in 2016.
Tony Richards, the department head, and David Emery, a senior manager, from the RBA’s payment policy department recently appeared before a parliamentary committee to present an overview of Australia’s evolving payment system. They noted that the key trend in the retail payments system has been the move from paper-based payment methods to electronic methods. The adoption of e-payment methods is likely to increase as consumers use contactless cards and mobile devices to make more payments. This move will be accelerated with the introduction of the New Payments Platform (NPP). The NPP will facilitate the inclusion of far more data with each payment, enhancing functionality for government agencies and improving e-invoicing and straight-through-processing. The NPP is also targeted for use by non-traditional members of the financial system such as fintechs.
Notably, Tony Richards stated that cryptocurrencies did not currently pose “pressing regulatory issues” for the RBA’s payments policy mandate. While cryptocurrencies have been used as both a legal and illicit payment method, the RBA considers regulation of the core protocols of these systems “unlikely to be effective” due to their cross-border nature. In contrast, the RBA has been exploring the potential for distributed ledger and blockchain technology in the financial sector (previously discussed here). Tony Richards observed that the greatest areas of use for this technology are “sectors where workflows involve lots of different parties with no trusted central entity, and where current practices are quite inefficient”, such as correspondent banking and remittances, and trade financing.
ASIC has signed a cooperation agreement with the Swiss Financial Markets Authority (FINMA) and with the Dubai Financial Services Authority (DFSA) and an information sharing agreement with the China Securities Regulatory Commission (CSRC).
Under its agreement with FINMA, ASIC is able to refer innovative businesses for support and vice versa. Switzerland has long been regarded as a hub for fintechs in areas like wealth management, comparative consulting, crypto finance, data management, payment services and lending.
The cooperation agreement with DFSA enables both parties to refer innovative fintech businesses to each other for support through their respective fintech functions, creating a pathway for businesses to operate in the Dubai International Financial Centre, engaging with DFSA, and vice versa. The agreement facilitates information sharing between the two regulators and also specifically recognises the importance of regulatory technology, providing that ASIC and the DFSA intend to deepen their partnership by sharing information on regtech trials.
The information sharing cooperation agreement with the CSRC strengthens the Australia-China trade and investment relationship by allowing the two regulators to exchange information on market trends and developments regarding financial services and innovation. This particular agreement also specifies certain forms of collaboration by sharing information on regulatory technology trials. China is a global leader in relation to fintech investment and is Australia’s largest two-way trading partner.
These agreements follow similar agreements (discussed here and here) between ASIC and the Hong Kong Securities and Futures Commission, the Monetary Authority of Singapore, the UK’s Financial Conduct Authority, Canada’s Ontario Securities Commission, the Abu Dhabi Global Market Financial Services Regulatory Authority, the Capital Markets Authority of Kenya, and Indonesia’s Otoritas Jasa Keuangan.
In addition, Treasurer Scott Morrison has announced a FinTech Bridge collaboration agreement with the UK. Extending beyond the power of ASIC’s current collaboration agreements, the Bridge will enable collaboration at the industry, regulator and government levels to “identify emerging trends, share policy developments and better position firms for the challenges of entering a foreign market.” The Bridge will also allow Australian fintechs to expand into the UK or pursue partnerships with companies in the UK.
The Treasury has recently released draft changes (Exposure Draft - Treasury Laws Amendment (Measures for a later sitting) Bill 2017: Fintech and Venture Capital Amendments and accompanying Exposure Draft Explanatory Material) to the venture capital and early stage tax concession provisions in the Income Tax Assessment Act 1997 (ITAA) to ensure that start-up fintech businesses are eligible for venture capital investment tax concessions, in addition to making some other minor technical amendments to confirm the provisions of the ITAA are operating consistently with policy intent.
Under the current ITAA, venture capital tax concessions are not available for investments into companies whose activities predominantly consist of finance or insurance activities (which includes banking, providing capital to others, leasing, factoring and securitisation). This has limited the extent to which venture capital investments are made in start-up fintech firms. The proposed changes will remove such limitations by enabling early stage venture capital limited partnerships and venture capital limited partnerships to invest in early stage companies that have finance or insurance activities as their predominant activities. Investments in unit trusts that have finance activities as the predominant activity will remain excluded from the venture capital tax concession.
The Treasury has announced that a new mandatory comprehensive credit reporting regime will be in place on 1 July 2018. These new credit reporting rules are aimed at improving the ability of lenders to meet responsible lending obligations, as well as improving access for new and smaller entrants, such as newly established fintech companies, to data. These changes come after the Government had committed to implementing them if credit providers did not meet a 40% threshold for data reporting by the end of 2017, with the figure currently being less than 1%.
The Treasury has described these proposed changes as a ‘game changer’ for both consumers and lenders as it will increase lending competition and provide greater access to finance for households and small businesses. Although no draft legislation has been issued, Treasury has indicated how these changes will affect the big four banks. For instance, the big four banks will be the first to face mandated reporting and be required to have 50% of credit data ready for reporting by 1 July 2018, with this figure increasing to 100% by 1 July 2019. The new reporting system will require banks to provide a customer’s full repayment history instead of simply relying on loan applications and loan defaults being used to assess an individual’s credit rating.
Although these changes have been generally welcomed, they create some questions which remain to be answered, such as how customer data will be protected from a privacy perspective and the specifics regarding to whom the mandate will be applied.
The PC has released a report regarding the feasibility of incorporating a legislated model for extending GST to low value imported goods (less than $1,000). Domestic retailers have historically claimed that exempting foreign goods from GST creates an unbalanced market, with concerns amplified by the growth of online commerce. The Government has recently legislated to apply GST to low value imported goods from July 2018 by using a streamlined collection model which places responsibility for tax assessment, collection and remittance on foreign suppliers.
The current legislated model is based on a vendor collection model, which requires major businesses generally based overseas to register for and collect GST on low value goods sent from overseas to consumers in Australia. Offshore supplies of low value imported goods (outside of alcohol and tobacco products) will be deemed a domestic supply and subject to the GST. Some suppliers can also opt for ‘limited registration’ rather than ‘full registration’, especially if their supplies are only connected to Australia because of the legislated model.
Throughout the report, the PC also considered the viability of alternate models using technological solutions. For example, the report discussed the feasibility of using ‘purchaser’ and ‘financial intermediary’ collection models. Specifically, new technology-based purchaser models could enhance traceability of purchasers by using image scanning and data storage technology to enable tax authorities to identify when GST is due. Other potential advantages include avoiding delays in delivery associated with border collection and addressing the issue of fraud in undervaluing imported goods.
Despite these potential advantages, the PC considered that the lack of evidence on operational risks provided by these models means it is too early to judge their viability. However, the PC stated that upon review of the current legislated model in 5 years’ time, they would assess the experience of other jurisdictions in adopting a technology-based purchaser model. There may, therefore, be scope for fintech solutions in GST collection in the future.
The UK’s FCA has released a report assessing the effectiveness of its regulatory sandbox following its first year of operation, in which two cohorts of firms have conducted testing in the sandbox. The sandbox provides entities the opportunity to test financial services without being licensed. The report provides an overview of the first year of operation, describes key outcomes of the sandbox, the impact on the market and limitations on testing in the sandbox. The report considers that the sandbox has been generally successful but notes that there are limitations to the testing environment.
Structure of the FCA’s regulatory sandbox
There are some key differences between the FCA’s regulatory sandbox and those of other regulators, including ASIC’s sandbox. The FCA’s regulatory sandbox accepts two cohorts per year, with each cohort receiving a six month testing period. Firms that successfully apply to be included in a cohort receive a case officer to liaise with and submit a final report summarising outcomes of testing.
Importantly, the FCA’s sandbox is open to any firm (including large firms already holding financial services authorisations) to carry out testing or to support another firm that is carrying out testing in relation to regulated financial services activities. The FCA implements bespoke safeguards for each firm that tests within its sandbox, tailoring capital requirements, systems penetration testing and, in relation to robo-advice, adopting a secondary review of robo-advice by a financial adviser.
It’s worth noting that this structure is significantly different to ASIC’s regulatory sandbox which does not permit licensees to access the sandbox licensing exemption and imposes the same requirements in relation to insurance, external dispute resolution and other consumer protection obligations on all sandbox applicants regardless of the nature of the business. ASIC’s regulatory sandbox is currently subject to legislative reform, which will address some of these differences.
The FCA’s report details the composition of firms accessing the regulatory sandbox. Fifty firms were selected for testing across two cohorts and 41 of those firms proceeded to testing. The majority of testing firms across the two cohorts tested products to be used in the retail banking sector. Some testing firms were large, authorised firms, however the majority were startups that would otherwise be unauthorised and ineligible to test their products. The most popular technology employed by participants in the sandbox was distributed ledger technology (DLT), with 17 firms using DLT in some way.
The report provides several key insights, identified by both participants and the FCA, into the reasons for the success of the FCA’s regulatory sandbox, including:
The report also discusses the market impact of the firms which are testing in the sandbox. The report makes various findings in relation to the market impact of different technologies, such as the use of biometrics and application program interfaces (APIs) by testing firms, while also discussing the products that firms have tested in particular fields such as insurance mediation and mortgage businesses. Particular technologies and products discussed at length include:
Despite the generally successful outcomes delivered by the regulatory sandbox, the report notes that there are certain limitations on what the sandbox can facilitate.
Key limitations facing firms in the sandbox
In relation to the limitations of testing in the regulatory sandbox, the report particularly notes that:
The FCA noted that after testing in the sandbox, testing firms are to meet relevant conditions for authorisation (ie, licensing) for activities which they seek to conduct. This requires that testing firms meet certain regulatory requirements, such as competence and financial viability. The FCA noted that it can be more complex to assess testing firms against existing authorisation conditions but that, generally, testing firms have been able to clearly demonstrate their capacity to meet the FCA’s conditions. Some types of businesses (ie, testing firms proposing to be insurers and operate multilateral trading facilities) have had greater difficulty meeting regulatory requirements due to higher levels of regulatory capital being required and more onerous controls needing to be implemented. Businesses faced with such conditions to authorisation have generally pivoted their business models so that lower regulatory requirements apply.
The FCA’s report highlights how key features of the FCA’s regulatory sandbox have facilitated access and use of its testing environment. Key features such as the bespoke approach to authorisation conditions imposed on testing firms, the engagement of a dedicated case officer and the encouragement of partnerships between large firms and testing firms have contributed to the success of the FCA’s regulatory sandbox. The success of the FCA’s regulatory sandbox is reflected in 41 of 50 firms proceeding to test and 40% of those testing firms obtaining finance during or following tests. There are undoubtedly lessons to be learned from the FCA’s approach to its regulatory sandbox.
Unfortunately, the report also highlights the particular challenges which innovative businesses face, particularly in relation to the barriers to accessing banking services. This is particularly problematic as such an issue could stymie innovative businesses from ever testing their products, let alone launching. It suggests that regulators and fintech industry bodies may need to educate banks and other account providers on the risks posed by start-ups to ensure that these businesses can access banking services.
Since our last update, regulators in more jurisdictions around the globe have released guidance or warnings in relation to ICOs.
Despite warnings from some Asian, European and North American regulators, the continued development of regulatory guidance in different regions and even an open government-led consultation suggests that ICOs are being increasingly legitimised.
Token offerors should seek legal advice before their seed funding round or ICO to consider not just whether securities laws apply but other obligations including consumer protection obligations and anti-money laundering and counter-terrorism financing (AML/CTF) regimes.
The latest developments are set out below:
While the regulation of ICOs and cryptocurrencies continues to evolve in many jurisdictions, the enthusiasm for widespread application and use of blockchain technology continues to grow. The European Commission has put out a call for tenders for a study assessing the opportunity and feasibility of using blockchain technologies across the European Union. The overall objective is to create “conducive environments for implementing more effective public policies, easing private sector engagement with the authorities, developing innovative ecosystems and applications, showing leadership and reinforcing the competitive edge of Europe and its blockchain innovators at a global level”. The use of blockchain technology across many different applications appears likely to continue.
Two class actions have been initiated in the US against blockchain startup, Tezos, in relation to its US$232 million ICO earlier this year. Filed in California and South Florida, both actions focus on allegations that Tezos violated US securities law by offering tokens that represented securities, despite failing to register with the SEC. Additionally, there are allegations that Tezos made misleading statements to token purchasers regarding the internal operations of the company, misrepresenting the development of the project and falsely marketing Tezzies as charitable contributions.
Both suits cite the SEC’s report on the DAO, indicating that many tokens offered in ICOs are securities and are subject to applicable law. The inherent nature of the Tezzie token is such that it derives its value from the usefulness and popularity of Tezos’ underlying technology. It is alleged that the recent disclosure of the delay in development of the technology caused the value of the Tezzie token to be reduced by half, to the detriment of purchasers. The plaintiff and class members of both suits argue that Tezos is not protected by the ‘safe harbour’ defence, which is usually granted for forward-looking statements.
The plaintiffs are seeking a remedy which will allow purchasers to rescind their token purchases, in addition to damages. The reaction to ICOs has varied significantly around the world, with some financial regulators adopting starkly different positions. As one of the first suits to be initiated in relation to ICOs, the outcome of this action will hopefully provide some clarification as to the legal status of ICOs within the US.