There are no two ways about it – the regulatory landscape in the financial services sector is evolving and the news in recent months has been awash with stories of regulatory changes that are likely to have a significant impact on FinTech and Alternative Finance businesses.

 

Senior managers and certification regime

 

On 15 October 2015, HM Treasury published a on extending the senior managers and certification regime (“SM&CR”) to all persons who are authorised under the Financial Services and Markets Act 2000 (“FSMA”), replacing the Approved Persons Regime. Insurers, investment firms, asset managers, insurance and mortgage brokers and consumer credit firms will all be subject to the new regime.

 

It is hoped that extending the SM&CR with a duty of responsibility across the whole financial services industry will create a fairer, more consistent and rigorous regime for all financial services firms. The regulators have said that they will ensure that the extended regime appropriately reflects the diverse business models operating in the UK market and is proportionate to the size and complexity of firms but the minutiae of the extended regime are yet to be revealed.

 

One thing for certain (which has been borne out from our work with our bank clients) is that a regulated firm’s costs will increase as a result of this new regime , and we may see some board-level salaries move northwards as greater responsibilities are placed on certain members of senior management.

 

The SM&CR will come into operation for banks, building societies, credit unions and Prudential Regulation Authority (“PRA”) regulated investment firms on 7 March 2016. Banking sector firms have until 7 March 2017 to complete the certification of existing staff and the government intends that implementation of the newly extended regime should come into operation during 2018.

 

Regulatory Sandbox

 

At the same time as increasing regulation in the financial services sector, the FCA is working with HM Treasury and the PRA to investigate the feasibility of developing a regulatory "sandbox" for financial services innovators. Essentially, this is a “safe space” where innovators can experiment with new ideas at an early stage, without the time and expense of becoming fully authorised, but with the informed consent of consumers, and appropriate risk management.

 

A key challenge for FinTech startups is navigating the complexities of financial services regulation. The law requires FinTech businesses to be authorised or exempt before they can properly develop and test their ideas, and prove their business models. The cost of compliance is significant, as are the potential consequences of non-compliance, often hindering innovation.

 

The FCA are currently exploring the feasibility of such a scheme and are due to report back imminently (autumn 2015) on how this could work in practice.

 

This may put an end to the regulatory barriers to entry that many incumbents in the financial services sector hide behind. It will also be interesting to see how the sandbox will work from a legal standpoint, as of course regulation is but one barrier to market entry … Watch this space!

 

US-EU Safe Harbor

 

On 6 October 2015, the Court of Justice of the European Union (the “CJEU”) ruled that the US Safe Harbor scheme is invalid.

 

For the past 15 years, many businesses have been able to rely on Safe Harbor as a means to comply with EU data protection law when transferring personal data from the EEA to Safe Harbor compliant businesses in the US. Businesses that transfer personal data from the EEA to the US and US based service providers providing data services or SaaS solutions to EU based clients will now need to find alternative ways to ensure that they continue to comply with EU law, for example by incorporating the European Commission-approved “Model Clauses” for transferring personal data into the agreement between the parties or adopting binding corporate rules (essentially an internal code of conduct for businesses which have been approved by the relevant EEA data protection authorities). For more information on the alternative options available, please see Fox Williams’ update on the Safe Harbor ruling and guidance on .

 

This decision comes at a time of major reforms to the European data protection regime. The European Commission is expected to issue guidance on the consequences of the CJEU’s decision shortly but, in the meantime, all companies which transfer or receive personal data from the EEA to the US should review exactly what data flows take place within their businesses to enable them to make an informed decision on what alternative compliance routes could be implemented.

 

MiFID II

 

And finally…

 

The MiFID II Directive (2014/65/EU) (“MiFID II”) and the Markets in Financial Instruments Regulation (Regulation 600/2014) (“MiFIR”) will come into effect on 3 January 2017 and will repeal and recast the Markets in Financial Instruments Directive (2004/39/EC) (“MiFID”), which created consistent regulation for investment services across the 31 states of the European Economic Area (the “EEA” - the EU member states plus Iceland, Norway and Liechtenstein).

 

Together, the new regulations will form the legal framework governing the requirements applicable to investment firms, trading venues, data reporting service providers and third-country firms providing investment services or activities in the EU. MiFID II is widely viewed as significant legislation which will fundamentally reshape European financial markets, the products and services that market participants provide and the relationship between market participants and their customers.

 

What does this mean for FinTech? One of the biggest effects of MiFID II is within technology, where MiFID II implementation calls for carefully-considered technology solutions. The requirements of MiFID II and MiFIR will create considerable cost and development issues for operators of any type of investment firm or trading venue. The imminent regulatory changes due to be implemented have opened up and will continue to open up gaps in the market for financial technology firms to offer new, innovative products to help financial institutions ensure compliance with MiFID II.

 

 

__________

 

Jonathan Segal, Partner at Fox Williams LLP

 

Jonathan is a partner in the FinTech and Alternative Finance team at Fox Williams, a City-based Law Firm. He advises clients across the FinTech and Alternative Finance spectrum, from start-ups disrupting existing markets with innovative technology to financial institutions looking to invest in new technology.

 

He has particular expertise in peer-to-peer and crowdfunding platforms, drawing on his extensive experience in the banking and finance sector gained both in-house at major financial institutions and in private practice. His experience spans a variety of financial products, including loans (both corporate and consumer), real estate and development finance, asset-based lending, receivables financing, asset finance, trade finance, capital markets, derivatives and repos. A regular speaker at industry events both at home and abroad, Jonathan is also heavily involved in next generation disruptive financial products such as virtual currencies (including Bitcoin), blockchain technology and the use of Big Data in financial predictive analytics and disruptive insurance models.

 

Fox Williams LLP are experts at advising entrepreneurs and FinTech businesses. For more information as to how Fox Williams can help you (including arranging a free consultation) or for further information on the issues discussed in this article, please liaise with either  or .