FinTech Monthly Bulletin: December 2019

1. General

1.1 The Council of the European Union (Council) have agreed on amendments to the regulation on the European Institute of Innovation and Technology (EIT). The EIT supports the collaboration of education, research and business in the European innovation sector. The amendments to the EIT regulation relate to: the financial sustainability and transparency of Knowledge and Innovation Communities (KICs); better principles for monitoring and evaluation; and the role of the Member States in the governance of the EIT. (29 November 2019)

1.2 Ursula von der Leyen, President of the European Commission (Commission), has spoken in the European Parliament Plenary on the presentation of her College of Commissioners and their programme. As part of her speech, von der Leyen discussed the impact digitalisation will have on society, the economy and work. Von der Leyen emphasised that Europe must: have mastery and ownership of key technologies; retain strong scientific and industrial capabilities; build infrastructure fit for the future; handle data responsibly; promote innovation, and keep cybersecurity as a top priority. (27 November 2019)

1.3 The Monetary Authority of Singapore (MAS) and the Bank for International Settlements (BIS) have launched the BIS Innovation Hub Centre in Singapore. This BIS Innovation Hub will work with the Hub Centres recently established in Hong Kong SAR and Switzerland to: identify and develop detailed insight on important technological trends affecting central banking; develop public goods in the technology sector for improving the functioning of the global financial system; and create a network of central bank experts on innovation. (13 November 2019)

1.4 Ravi Menon, Managing Director of the MAS, has spoken at the BIS World Bank Roundtable on the impact of technology on financial inclusion and financial stability. In his speech, Menon discussed MAS’s move to a new financial inclusion initiative aimed at increasing collaboration among financial institutions and FinTechs in order to promote integrated solutions. To function well, these solutions must reach customers effectively and be embedded in people’s lives. (13 November 2019)

1.5 The Government of the Hong Kong SAR has published a press release about Hong Kong’s fourth annual FinTech Week. During the FinTech week, Eddie Yu, the Chief Executive of the Hong Kong Monetary Authority (HKMA), announced the signing of a Memorandum of Understanding for blockchain collaboration between the subsidiaries of Hong Kong Interbank Clearing Limited and the Institute of Digital Currency of the People’s Bank of China (PBoC). Additionally, Ashley Alder, the Chief Executive Officer of Hong Kong’s Securities and Futures Commission (SFC), announced new rules allowing virtual asset trading platforms to receive operating licences. (12 November 2019)

1.6 The MAS and eight members of the Canadian Securities Administrators (CSA) have signed a cooperation agreement aimed at increasing collaboration between Singapore and CSA’s member regions. Among other things, this agreement includes a framework allowing FinTech firms to access the Singaporean and Canadian markets and a commitment by MAS and CSA to share best practices and information on FinTech development. (12 November 2019)

1.7 The MAS, Deloitte and S&P Global Market Intelligence have together developed a prototype industry-wide FinTech Research Platform intended to connect investors and financial institutions with FinTech start-ups to partner with or invest in. The FinTech Research Platform has been created to: encourage investor confidence; increase the transparency of FinTech companies; and speed up decision-making by allowing users to easily compare FinTech companies. (12 November 2019)

1.8 The Board of Directors of the BIS have appointed Benoît Cœuré as the head of the BIS Innovation Hub, which has been created to promote international collaboration among central banks on innovative financial technology. Since 2013, Cœuré has chaired the Committee on Payments and Market Infrastructures. He also led the Group of Seven working group on global stablecoins and co-chairs a related FSB working group. Cœuré will commence the new role on 15 January 2020 and serve for a five-year term. (11 November 2019)

1.9 The Emirates Securities and Commodities Authority (SCA) has been announced as a member of the Global Financial Innovation Network (GFIN), which includes 50 leading international regulatory institutions in the innovation and financial sector. In joining GFIN, the SCA aims to encourage the use of innovation and creative methods for promoting the securities sector in the Emirates in order for it to increase its competitiveness, take part in innovative initiatives and learn best practices from other GFIN members. (7 November 2019)

1.10 The FSB has published a press release following its plenary meeting, which sets out the key topics discussed. Amongst other things, members of the FSB spoke about FinTech and expressed support for a stronger framework of monitoring the potential financial stability risks presented by cryptoassets and the growth of stablecoins. The FSB announced that they will publish a consultation on regulatory issues with stablecoins in April 2020 and initial reports on market developments and the potential financial stability implications of BigTech firms and third-party reliance on cloud services over the next few weeks. (7 November 2019)

1.11 Paul Chan, the Financial Secretary of Hong Kong, has spoken at the opening of the Hong Kong FinTech Week 2019 about Hong Kong’s potential as a FinTech regional hub. In his speech, Chan emphasised Hong Kong’s position as a leading financial centre and its commitment to FinTech innovation. He stated that this was evident, for example, in the HKMA awarding licences to Hong Kong’s first eight virtual banks and the launch of the Faster Payment System, which connects banks with stored-value facilities. (6 November 2019)

1.12 Nick Cook, Director of Innovation at the UK’s Financial Conduct Authority (FCA), has spoken at the Chief Data Officer Exchange Financial Services conference about the FCA’s need to continually adapt to meet the pace of technology-led change. In his speech, Cook discussed the development of FCA innovative services, such as the Sandbox, and methods for making these initiatives suitable to a wider set of consumers. He also spoke about the FCA’s role in supporting the growth of RegTech, for example through holding TechSprints that allow RegTech firms to explore and test new technology solutions. (6 November 2019)

1.13 The Basel Committee on Banking Supervision has met to discuss a variety of policy and supervisory issues, and to approve its members’ implementation reports. At the meeting, among other things, the Committee agreed to publish a discussion paper on the prudential treatment of cryptoassets. The Committee will seek stakeholder views on a broad range of issues relating to this topic due to the broad range of existing initiatives in cryptoasset markets. (31 October 2019)

1.14 The PBoC have introduced new measures aimed at promoting FinTech development in Shanghai and the Yangtze River Delta region. The new measures for the Shanghai region will look to fulfil eight principal goals including, among other things, building an international influential ecosystem, strengthening FinTech applications and increasing research and development. These measures align with China’s three-year FinTech development plan, which was issued in August 2019. (30 October 2019)

1.15 The PBoC and China’s State Administration for Market Regulation (SAMR) have jointly announced that they will incorporate FinTech products into the unified national certification system. This system aims to put standards in place for: improving the safety and management of FinTech; preventing the transmission of risks created by quality deficiencies of FinTech products; and enabling the balance between encouraging FinTech to be innovative and promoting good governance and comprehensive management. (29 October 2019)

2. AI and Automation

2.1 The MAS has announced that it is partnering with financial industry players to create a framework for financial institutions to promote the responsible use of Artificial Intelligence and Data Analytics (AIDA). This framework, which has been named Veritas, will assist financial institutions to analyse their AIDA-driven solutions against the principles of fairness, ethics, accountability and transparency created by MAS and the financial industry last year. (13 November 2019)

2.2 The Centre for the Study of Financial Innovation has published a report focusing on the risks the use of artificial intelligence (AI) can have on financial services and the impact these risks could have on consumers, institutions and the greater stability of the financial system. The report aims to set out such risks, explain why they are important and provide a framework for considering these risks. (November 2019)

3. Cryptoassets

3.1 The European Central Bank (ECB) has published a paper on stablecoins. This paper sets out a classification of current stablecoin initiatives and discusses their potential. Although the paper acknowledges the benefits of stablecoins, it also outlines the challenges created by the uncertainty around governance and regulation of stablecoin initiatives. (28 November 2019)

3.2 The MAS has issued a consultation paper proposing changes that would allow payment token derivatives to be traded on Approved Exchanges and for this to be regulated under the Singapore Securities and Futures Act. Placing payments tokens (such as Bitcoin and Ether) under regulatory oversight will allow interested institutional investors manage their exposure in these products. The MAS has asked interested parties to submit their comments on the consultation paper by 20 December 2019. (20 November 2019)

3.3 The UK Jurisdiction Taskforce of the Lawtech Delivery Panel has published a legal statement on the status of cryptoassets and smart contracts under English law. The legal statement aims to provide market confidence, legal certainty and predictability in areas of great importance to the technological and legal communities and to the global financial services industry. The legal statement has been prepared by legal experts following several rounds of public and private consultation. Those experts state, among other things, that in principle cryptoassets are to be treated as property and smart contracts are capable of having contractual force. (18 November 2019)

3.4 The Financial Stability Board (FSB) Regional Consultative Group (RCG) for the Middle East and North Africa (MENA) has met to discuss regional financial stability, stablecoins, cyber incidents and the implementation of financial reforms. The RCG discussed the impact stablecoins have on financial stability and the potential issues they raise in areas such as consumer and investor protection and cybersecurity. The RCG also spoke about the increasing risk of cyber incidents and the FSB’s work in creating effective methods for cyber incident response and recovery, a toolkit of which will be released for public consultation in early 2020. (17 November 2019)

3.5 The FSB RCG for Europe has met to discuss regional financial vulnerabilities, stablecoins, reform to interest rate benchmarks and crisis simulations. In relation to stablecoins, members spoke about the regulatory and supervisory issues arising from global stablecoins and how the current deficiencies in cross-border payment systems could be improved. (12 November 2019)

3.6 The Council and the Commission have published a draft joint statement on stablecoins. While acknowledging the opportunities presented by the growth of stablecoins, the statement focuses on the challenges stablecoin initiatives create and expresses the need for legal clarity on their status. In light of the challenges, the Council and the Commission state that no international stablecoin initiative should commence operation in the EU until the legal, regulatory and oversight challenges and risks have been appropriately identified and dealt with. (6 November 2019)

3.7 The SFC has published a warning to investors about the potential risks connected with buying virtual asset futures contracts in Hong Kong. These risks include, among other things: the price volatility of virtual assets; the challenge presented in valuing underlying virtual assets; and the potential for some platforms not to have clear and fair trading rules. The warning sets out the way in which trading platforms and virtual asset futures contracts may be operating in contravention of Hong Kong law and the risks of investing in virtual assets. (6 November 2019)

3.8 The SFC has issued a position paper outlining a new regulatory framework for virtual asset platforms. This framework allows platforms that operate in Hong Kong and offer trading of at least one security token to apply to be licenced by the SFC. The position paper highlights that such licences will only be offered to platform operators that can meet the vigorous regulatory standards set by the SFC. (6 November 2019)

3.9 The Board of the International Organisation of Securities Commission (IOSCO) has published a statement on the IOSCO study of emerging global stablecoin proposals. In their statement, the IOSCO Board states that it recognises the benefits of stablecoins and is aware of the potential risks they give rise to in areas such as consumer protection, market integrity and financial crime. The statement also referred to an assessment produced by the IOSCO FinTech Network, which concludes that case-by-case analysis is needed to decide which IOSCO Principles and Standards and national regulatory regimes are applicable to stablecoins. (4 November 2019)

3.10 In the UK, Her Majesty’s Revenue & Customs (HMRC) has published guidance on the appropriate tax treatment for cryptoassets, based on the law in place at the date of publication. This includes guidance for: (1) individuals holding cryptoassets, which explains what taxes they may need to pay and records they must keep; and (2) businesses and companies on the tax treatment of cryptoasset transactions. For further information please read our publication on this guidance here. (1 November 2019)

3.11 See also paragraphs 1.5 and 1.13.

4. Cybersecurity

4.1 The European Union Agency for Cybersecurity (ENISA) has launched a new tool that maps security measures for Operators of Essential Services (OES) to international standards. This tool is intended to improve the search of security measures and their associated security controls in international standards for OES and regulatory authorities of the Member States. The tool is available as an online platform for operators in areas such as energy, banking, financial markets infrastructures and digital infrastructures. (28 November 2019)

4.2 The European Banking Authority (EBA) has published guidelines on information and communication technology (ICT) and security risk management. These guidelines set out requirements for credit institutions, investment firms and payment service providers on the mitigation and management of their external ICT and managing potential security risks. The Guidelines will come into force on 30 June 2020. (28 November 2019)

4.3 The ENISA has hosted the first meeting of the ENISA ad-hoc working group to prepare a candidate for the first cybersecurity certification scheme in line with the Cybersecurity Act. The scheme analyses common information technology security evaluation criteria, which has the potential to improve the internal market conditions of technology products, services and processes. (27 November 2019)

4.4 The ENISA has published a report that emphasises the importance of cybersecurity for connected cars. The ENISA notes that the development of new features in smart cars may, if not properly secured, be leveraged by hackers and lead to cyber attacks resulting in road accidents and financial losses. The ENISA’s report aims to identify: relevant assets; rising threats impacting smart cars; and security measures and good practices to be used to prevent such risks. (25 November 2019)

4.5 The MAS and the Association of Banks in Singapore (ABS) have jointly conducted a cyber-themed exercise aimed at improving the financial sector’s ability to tackle cyber attacks. The exercise saw financial institutions respond to cyber attack scenarios and operational disruptions through their business continuity and crisis management plans, allowing them to practice public communications and coordination in these instances. (22 November 2019)

4.6 The ENISA has published a detailed report on threats posed by the fifth generation of mobile telecommunications networks (5G). This report builds on the Coordinated Risk Assessment report by providing a more technical and in-depth view on the 5G architecture, the assets and the cyber risks of 5G. (21 November 2019)

4.7 Gabriel Bernadino, Chairman of the European Insurance and Occupational Pensions Authority (EIOPA), has spoken about the way in which insurance and pensions can lead future trends. In his speech, Bernadino briefly discussed the risk posed by cyber-attacks and the need to develop a strong standardised cyber resilience framework with a European approach. (19 November 2019)

4.8 The ENISA has published a report on good practices for implementing security by design for the Internet of Things (IoT). The ENISA notes that the rise of IoT devices has led to IoT attacks and increased concern around the security of IoT devices. The ENISA report concentrates on software development guidelines and details how to securely collect requirements, design, develop, maintain and dispose of IoT systems and services. (19 November 2019)

4.9 Gabriel Bernadino, Chairman of EIOPA, has spoken at the hearing of the Economic and Monetary Affairs Committee of the European Parliament about EIOPA’s work improving supervisory convergence, the impact of the current financial and economic environment on the sectors, cyber risk and the completion of the Capital Markets Union. In his introductory statement, Bernadino said that EIOPA’s thematic review of big data analytics in motor and health insurance emphasised issues relating to fairness and ethics, which encouraged EIOPA to create a consultative expert group to help with developing principles of digital responsibility in insurance. Bernadino also highlighted the need to develop a standardised cyber risk reporting framework in Europe in order to create a resilient cyber insurance market. (4 November 2019)

4.10 See also paragraph 3.4.

5. Data

5.1 Chinese authorities have issued a regulation for online audio and video content management. According to the Cyberspace Administration of China, regulation is required to prevent the dissemination of illegal and malicious information and the abuse of people’s rights and interests. The new regulation will come into force on 1 January 2020. (30 November 2019)

5.2 The EEA Data Protection Authorities and the European Data Protection Supervisor have met for the fifteenth plenary session. In this plenary, they discussed a variety of topics that included, among other things, the third Annual Joint Review of the EU-US Privacy Shield of the European Data Protection Board (EDPB); the adoption of the EDPB’s Guidelines on Territorial Scope in the GDPR following public consultation; the EDPB’s Guidelines on Data Protection by Design & Default; and the EDPB’s contribution to the draft second additional protocol to the Council of Europe Convention on Cybercrime. (14 November 2019)

5.3 David Lipton, the IMF First Deputy Managing Director, has spoken about measuring the informal economy. In his speech, Lipton briefly discussed the importance of capturing informal activities and the role of Big Data. (14 November 2019)

5.4 Gill Bull, the Director of Freedom of Information Complaints and Compliance at the UK Information Commissioner Office (ICO), has spoken about access to information in turbulent times. In her speech Bull discussed, among other things, the ICO’s role as an access to information regulator; the impact the outsourcing of services has on transparency and accountability through the Freedom of Information Act; and the benefits of a data driven approach to public policy. (13 November 2019)

5.5 The European Data Protection Supervisor (EDPS) has published guidelines on the concepts of controller, processor and joint controllership under Regulation (EU) 2018/1725 (the Regulation). By way of background, the Regulation is analogous to the GDPR but for EU institutions and bodies. The guidelines are intended to provide an explanation and practical advice to EU institutions and bodies about complying with the Regulation by creating greater clarity on the controller, processor and joint controllership roles and the obligations and responsibilities required by each. (7 November 2019)

5.6 The UK Parliament’s Joint Committee on Human Rights has published a report on the right to privacy and the digital revolution. In the report, the Committee expressed serious grounds for concern about the large amounts of data individuals provide about themselves to private companies when they consent to share their information. The Committee found that this data has been used to discriminate against certain groups and individuals, for example by targeting job roles or housing advertisements towards a particular age or race. The Committee called for the UK Government to ensure that there is vigorous regulation on how data is collected, asking for this regulation to be better enforced. (3 November 2019)

5.7 See also paragraph 2.1.

6. Distributed Ledger Technology, Blockchain and Smart Contracts

6.1 The MAS, in collaboration with J.P. Morgan and Temasek, has developed a blockchain-based prototype enabling multi-currency payments. This prototype has the potential to create cost efficiencies for businesses by allowing them to make payments in different currencies on the same network. The prototype is currently in an industry testing phase to determine if it can integrate with commercial blockchain applications. Accenture will publish the project report on this prototype in early 2020. (11 November 2019)

6.2 See also paragraph 3.3 for the legal statement by the UK Jurisdiction Taskforce on the status of smart contracts under English law.

7. Payments and Open Banking

7.1 Benoît Cœuré, member of the Executive Board of the ECB, has spoken at the Joint Conference of the ECB and the National Bank of Belgium about the future of the European retail payments market. In his speech, Cœuré noted that although the developments have been made in the European retail payments market, more attention from policymakers is needed in this area. He also stated national providers have not yet acted together to come up with a European solution to issues relating to, for example, point-of-sale and online payments. Cœuré encouraged European stakeholders to collaborate to find payment solutions that deal with the demand of consumers for efficient cross-border payments. (26 November 2019)

7.2 The Basel Committee on Banking Supervision has published a report on Open Banking and application programming interfaces (APIs). The report tracks the developing trend of Open Banking seen in Basel Committee member jurisdictions and the use of APIs. The report recognises the opportunities created by Open Banking and the associated risks, and recommends that banks and bank supervisors should concentrate on the challenges linked to greater sharing of customer-permissioned data and the increased connectivity of multiple entities assisting with the provision of financial services. (19 November 2019)

7.3 Sheldon Mills, Director of Competition at the FCA, has spoken about the opportunities Open Finance presents to the financial services industry. In his speech, Mills highlighted the benefits of Open Finance and the challenges it poses, such as ensuring data is used in an ethical manner and the heightened risk of scams and fraud. Mills also discussed the lessons learnt from Open Banking, the incentives for Open Finance and the role the FCA plays in regulating the environment Open Finance creates for financial services participants. (18 November 2019)

7.4 The Commission has agreed new rules with Member States to combat fraud in the e-commerce sector and help small businesses grow. This agreement will for the first time allow anti-fraud authorities to access relevant data on online purchases in order to allow them to tackle VAT fraud in the sector. In practice, payment service providers will have to share specified payment data from cross-border sales with Member State authorities, which anti-fraud specialists will then be able to access and analyse. The new rules will need to be confirmed by the European Parliament before entering into force in January 2024. (8 November 2019)

About Simmons & Simmons' FinTech Team

The FinTech Monthly Bulletin is prepared by the FinTech team of Simmons & Simmons.

Since its emergence into the mainstream, the FinTech sector has captured the interest and imagination of entrepreneurs, investors, governments and regulators, not to mention financial institutions and asset managers. We understand the opportunities and challenges that lie at the heart of the FinTech revolution and advise clients navigating the novel legal and regulatory issues that frequently arise.

Our market-leading FinTech team combines specialist expertise across practices and offices with insights resulting from a focus on the TMT, Financial Institutions, and Asset Management and Investment Funds sectors.
Our clients range from early-stage start-ups to some of the world’s largest financial institutions and technology providers. We also advise clients partnering with or investing in FinTech firms as well as financial institutions and asset managers developing their own FinTech solutions.

We support clients across a broad range of FinTech matters including crowdfunding, payments, cryptoassets, distributed ledger technology, InsurTech and RegTech, and we are interested in all areas of financial technology innovation.
If you would like to find out more about our FinTech team or require advice on a FinTech matter, please contact one of our lawyers at this link or your usual Simmons & Simmons contact.