Assignment - Fintech Regulations

I live in the US:

Coinbase, Robinhood, Chime, Plaid, and Ripple are all examples of US based FinTech. Coinbase is a cryptocurrency exchange, Robinhood is for stocks and equities mostly, Chime was a hybrid challenger bank, and we all know about Ripple. The SEC is having its way with Ripple currently over securities regulations and classification. Coinbase is currently going through the motions to have an initial IPO launch later this quarter, they are buddy buddy with SEC and super chum with the OCC, toeing the veritable line of regulation; Coinbase also has its own SEC sanctioned stablecoin USDC.

As far as RegTech in the US is concerend:
“…there have only been a handful of new federal banking licenses issued by the Office of the Comptroller of the Currency (OCC) in the U.S. (across all States) between 2008 and 2017. That figure in the United Kingdom will be 14 and an unbelievable 21 and 38 in India and China respectively. Message is simple, the Financial Sector in the U.S. which has been the backbone of its economic and political leadership in the modern world, have been somehow stagnant since 2008.” - Dr. Subas Roy, Chairman, International RegTech Association

My Answers:

1. https://www.lexology.com/research/hubs/fintech

2. https://www.fairobserver.com/business/technology/sonia-katyal-fintech-regulation-digital-currency-finance-innovation-poverty-reduction-news-15261/

See [The top 10 UK RegTech companies - Information Age (information-age.com)](https://www.information-age.com/top-10-uk-regtech-companies-123488668/), It is a very informative page of the current RegTech UK market.

@Mroman, I think you will find that Spain is regulated by the EU directives. Please correct me if I am wrong. I hop this helps.

Research and find out local fintech regulations in your region.

The Federal Financial Supervisory Authority (BaFin) is the regulatory body which covers Fintech in Germany. On their website they state:
“The provision of payment services, financial services, and conducting of banking or insurance business without authorisation is a criminal offence.
Authoritative evaluations can only be made based on the individual circumstances pertaining to a specific case. To find out if the authorisation requirement applies to you, please fill out our contact form.”

Meaning that there is no broadly defined final legal assessment for Fintech in Germany. Rather, it is very specific to each case.

Make a screening of RegTech fintechs in your region.

DHC VISION - Smart Validation Services, Information Security Management System (ISMS), etc

ACTICO - Credit Risk Management, Credit Decisioning, Compliance & Financial Crime Management

DataGuard - Data Compliance

Alyne - Cyber Security, Risk Management and Compliance

Cleversoft - OTC Compliance, Financial Data Distribution, etc

• Last Updated March 02, 2020
  Fintech 2020, Philippines
  https://practiceguides.chambers.com/practice-guides/fintech-2020/philippines

• Unawa, a pioneering startup in regulatory tech (“regtech”) aims to make regulatory compliance as pain-free as possible for enterprises and SMEs so they can focus on their core businesses and become real engines of economic growth. https://unawa.asia/

Breakdown of Fintech Companies by Sector — KYC / REGTECH, 2%

image675×868 81.1 KB

image711×952 202 KB

https://www.cube.global/wp-content/uploads/2020/07/RegTech-for-Regulatory-Change.pdf
Here’s an article on reg tech and the changes over time. In the US, in 2018 and 2019 congress has formed afintech task force to combat terrorist use of digital currencies and a fintech counsel to designate a single primary regulator of eligible FinTech startups, to create the Offices of Financial Innovation.

UK Fintech regulations
There are no specific FinTech regulations in the UK, the extent of their regulation depends on the kind of activities they conduct. In the UK, the FCA and PRA are the regulatory bodies.
The rapid increase in the number of FinTech companies in the UK has prompted the FCA to provide further clarity on regulation for cryptoassets and AML.
There is likely to be new regulation in this area over the next 12 months and will be impacted by Brexit.

https://www.globallegalinsights.com/practice-areas/fintech-laws-and-regulations/united-kingdom#chaptercontent5

Crypto assets have been categorised as follows:

1. Security tokens (Regulated)
2. E-Money (Regulated)
3. Exchange tokens (Unregulated)
4. Utility tokens (Unregulated)

If tokens are used to facilitate payments then they will likely have to be authorised under the payment services regulation.

RegTech fintechs in UK

• Quantexa
• SteelEye
• Clausematch
• ComplyAdvantage
• Onfido

In Colombia, there are no specific Fintech regulations. However, fintech plays in the same regulatory sandbox with traditional financial services. There is work to be done as there is a perception specific regulatory framework could help attract more capital to the industry.

Local RegTech companies include:

• ADDI
• Contratomarco
• Datascoring
• Shareppy

1.Special Purpose Depository Institutions SPDI’s
SPDIs may resemble custody banks in that these institutions will likely focus on fiduciary activities, safekeeping, asset management and servicing. The role of a custody bank is focused on storing assets, fiduciary management, conducting a variety of transactions with assets and providing an ‘on/off’ ramp to securities markets, commodities markets and customer bank accounts.
For Immediate Release: Contact: Chris Slaby
October 16, 2020 [email protected]
IDFPR To Host FinTech Roundtable on Digital Currency Institutions
CHICAGO – The Illinois Department of Financial and Professional Regulation will host a
roundtable discussion on the impact Special Purpose Depository Institutions (SPDIs) have on
digital currency businesses and the financial technology market. The Division of Banking and
several experts in the field will discuss the Wyoming SPDI legislation and how it would apply if
instituted in Illinois. Custodial possession of digital currencies is a new idea and as digital
currencies and FinTech continues to grow, the Department is committed to bringing innovative
and practical ideas to Illinois.

2. RegTech fintechs usa midwest ACENT,PEGA pegasystems, CSI solutions

In the UK there is no single regulatory framework which governs FinTech. FinTech forms which carry on certain regulated activities will fall within the regulatory perimeter, unless an exemption applies and will need to be autorised and regulated by one of the following bodies:
-the FCA is focused on risks posed by the conduct of financial services firms and the individuals which work for them to its three statutory objectives: protecting consumers, ensuring market integrity, and promoting effective competition.
-the Bank of England through the PRA (Prudential Regulation Authority) aims to ensure the financial soundness of firms and seeks to remove or reduce systematic risks that may threaten market stability.
RegTech companies in the UK

1. Quantexa
   It is a big data and analytics provider. RegTech business includes AML, KYC.
2. SteelEye
   SteelEye’s compehensive RegTech suits consists of record keeping, MIFID II and EMIR reporting, trade and communications surveillance, trade reconstruction.
3. ComplyAdvantage
   It is a database that collect AML data from around 10000 data sources, including Interpol’s watch list and international sanctions.
4. DueDil
   DueDil platform consists of database sourced from thousands of sources such as company websites and registry data, which allows compliance teams to carry out reports.

In Brazil, resolution 4656 (launched in 2018) was the first framework that regulated Fintechs specifically (already envisioned on a 2010 law).
More recently in 2020:

• May/June: resolution defining open banking

• June: A regulatory sandbox is created to boost innovation and test new business models on the sector, with a temporary permission for the companies to test their ideas within a flexible regulatory environment for a specific period of time.

Some Brazilian Regtech examples:

• Idwall (OCR background checks and face match among other services)

• LegaBot (regulatory compliance with ML)

Ireland

Contact responded are not required to be regulated by the central bank of Ireland

regulatory bodies: there is not a regulator Gingrich in ireland, but
the central bank of Ireland is in charge of authorizing and supervising consumer protection in the financial service

Regulatory and insistence technology
The government of Ireland is well aware of regtech and the efficiency and cheaper compliance solutions

• Research and find out local fintech regulations in your region.
  In Thailand, my country, the FinTech market is a growing market on many fronts—Crypto CCY Exchange, P2P Lending, Payment, etc. Initially only the Bank of Thailand took charge but as the business expands to other than simple lending, the SEC has become more of the regulator. At the moment with the fast dynamic of FinTech, regulators are playing catch up and soon we should see a more complete or shall I say advance regulations. According to Silk Legal, Thai regulators are also paying a close attention to Data Privacy.

• Make a screening of RegTech fintechs in your region.
  From my research and talk with my friends in the field, there is no one to really support them as in the role of RegTech in Thailand. Hence the great potential for someone to launch the service.

https://www.globallegalinsights.com/practice-areas/fintech-laws-and-regulations/united-kingdom#:~:text=In%20the%20UK%2C%20there%20is,regulatory%20framework%20which%20governs%20FinTech.&text=Any%20firm%20which%20carries%20on,regulated%20by%20the%20FCA%3B%20and

Great summary of all Fintech-related regulations and processes in the UK.

Europe is home to about 140 regtech startups- 30% of those startups specialize in compliance management, 27% focus on know your customer (KYC) and anti-money laundering (AML) automation, and 26% leverage technology and data to provide risk management tools, according to a data provided by XAnge, a Franco-German venture capital firm.

Here are the top RegTech firms in the UK market –

1. Onfido

Onfido powers over 1,500 fintech, banking and marketplace clients globally, including Revolut, Remitly, and Bitstamp.

2. ComplyAdvantage

Founded in 2014 ComplyAdvantage works with over 500 enterprise clients across 75 countries, including Earthport, a publicly-listed payments company, Azimo, an international money transfer services provider, and Lemon Way, a pan-European payments institution. The company is backed by notable investors including Index Ventures and Balderton Capital, and has four global hubs in London, New York, Cluj-Napoca and Singapore.

3. TruNarrative

UK-headquartered TruNarrative facilitates multi-jurisdiction customer onboarding, financial crime detection, risk & regulatory compliance. It provides unified decisioning across; Identity Verification, Fraud, eKYC, AML & Account Monitoring via a single API.

4. Clausematch

UK-based ClauseMatch is a regulatory technology company with a SaaS offering, that enables financial institutions to streamline regulatory change management through effective organisation of internal policies, standards, procedures and controls.

5. Quantexa

Founded in 2016 in London, Quantexa aims to enable organisations to make better decisions by connecting their internal and external data. Its platform provides a relationship view of internal and external data, including transactions, from multiple data sources at a global scale, to provide a 360-degree view of relationship networks. The company has raised $23.3 million in funding since March 2017.

image1015×1024 374 KB

• Research and find out local fintech regulations in your region.
  Because of Federalism in the United States, there is a constitutional division of power between a state government and the federal government. This makes regulation in the US very complex. There is no standardized regulatory framework when dealing specifically with the FinTech industry as of today–yet it is inevitable that FinTech business’ activities will come under the jurisdiction of several regulatory regimes, and FinTech businesses will have to comply with regulations if they strive to bring a product (or services) to the market. This effectively means that a FinTech business will be subject to both state and federal regulations, and the business will have to comply to the regulator’s requirements. There are several regulatory regimes in the US that may govern FinTech business’s seeking to operate in the US, and there is a spectrum of jurisdiction that may be either very broad, or extremely narrow (i.e. focusing on specific activities).
  That being said, here is a list of key US regulatory regimes which a FinTech may have to register or comply with:

1. Consumer Financial Protection Bureau (CFPB)–regulates financial services offered to consumers and carries out general enforcement against what are deemed to be deceptive or unfair practices.
2. Federal Trade Commission (FTC)–tackles anti-competitive, unfair, or deceptive business practices that offer services to consumers, and have obligations for businesses regarding the privacy and data protection of the businesses’ customers.
3. Securities and Exchange Commission (SEC)–They regulate the US securities market. They have a jurisdiction over security exchanges, brokers, and dealers which includes investment advisors and mutual funds.
4. Commodity Futures Trading Commissions (CFTC)–they regulate the US commodities markets, and jurisdiction over trading organisations and intermediaries.
5. Office of the Comptroller of the Currency (OCC)–National bank regulators that also accept applications for “special purpose charters from FinTechs.” FinTechs that receive the charter must comply with the same regulations imposed on national banks.

There are more regulators, but this list is sufficiently exhaustive when exploring regulators at the federal level in the US. The following is a short list of key regulators at the state level:

1. Fair Credit Reporting Act (FCRA)–They determine how financial institutions may harvest consumer credit information.
2. Gramm-Leach Bliley Act (GLBA)–They require transparency from the financial institutions to their customers about how the customer’s data is being shared. Financial institutions are obligated to protect their customer’s data as well.
3. US AML–two of the main AML acts in the US are the Bank Secrecy Act (BSA) and the USA Patriot Act. Between these two regulatory acts, FinTechs are required to abide by certain obligations regarding AML risk-management programmes, customer due diligence (CCD), and task pertaining to auditability.

There are several more regulatory acts, but I will link the article from where I’ve gathered my information, which includes a more exhaustive list:
https://dashdevs.com/blog/the-ultimate-guide-to-us-fintech-regulations/#:~:text=There%20is%20no%20’fintech-specific,more%20likely)%20several%20regulatory%20bodies.

• Make a screening of RegTech fintechs in your region.

Here is a list of the 12 Key RegTech companies in the US:

• Trunomi
• Ayasdi
• IdentiyMind
• Sift Science
• Elliptic
• BehavioSec
• Chainalysis
• ComplyAdvantage
• Ascent Regtech
• Forter
• Hummingbird
• Continuity

out of this list, I want to highlight a few of these RegTech companies that particularly stood out to me:

1. BehavioSec – this is a company that uses behavioral biometrics software that watches how customers interact with their desktop, web browser, and mobile app, and monitors the customers’ behavior to ensure that it is consistent with how they’ve behaved in the past. Basically, it’s a way of verifying a customer’s identity based on how they act. BehavioSec re-establishes online trust by providing continuous and zero friction authentication that allows an organisation to verify that people truly are who they “claim to be.” BehavioSec’s key benefits to their clients are that it allows for a better customer experience by helping eliminate friction points in authentication flows, reducing analyst case load via unique signals inherent to each individual person (user), and reduces the manual verification cost by positively identifying users up front. BehavioSec cuts fraud outbound verification calls by up to 90%, and significantly reduces fraud false alarms.

2. ComplyAdvantage–AI-driven risk management database for companies that are at risk of being hurt by financial crime. It is live financial crime insight with tailored search and monitor tools that updates in minutes. The company’s AML database can analyze 5 million new articles across 200 countries and update 30,000 KYC profiles within a day. The AI can be configured to integrate seamlessly into a given ecosystem making compliance easy and almost entirely automatable.

3. IdentityMind–Trusted digital identities software as a service (SaaS) platform that builds and maintains regulatory technologies for ICOs, crypto trading platforms, and fintech companies. IdentityMind’s eDNA (electronic DNA) links and correlates a set a parameters to establish and verify trusted digital identities. The concept of eDNA is the most intriguing part of this project because it collects attributes such as e-mails, geolocation, phone, passport, devices that defines an individual or a business when they transact online. eDNA consistently updates and evolves as the user transacts. Its primary use case is for screening customers and monitoring their transactions, and digitally analyze each transaction to pinpoint any fraudulent outliers.

Ultimately, US regulators want to implement a standardized framework at the federal level, which would allow the US to work with global markets, and they do not want to stifle innovation by bombarding FinTech start-ups in the US with regulations. US regulators are aware about of competing globally in the FinTech space because the regulators fear that if we do not innovate fast enough, then we will not get to “make up the rules for the road,” so to speak–or so the reasoning goes.

Cheers!

Link to resources:
https://builtin.com/fintech/regtech-companies
BehavioSec: https://www.youtube.com/watch?v=-nj5avEMp6Y
ComplyAdvantage: https://www.youtube.com/watch?v=MyO_tg_Gh3I
IndentityMind: https://www.youtube.com/watch?v=KcR62szhwBI

Fintech businesses in the US are not subject to any Fintech regulatory framework by any single federal or state regulator. They are instead regulated on their specific activities requiring possible licensing or registration from federal or state governments. Most of the regulations are frameworks from traditional banking rules and regulations.

CFPB - Consumer financial Protection Bureau

SEC - Securites and Exchange Commission

CFTC - Commodity Futures Trading Commission

OCC - Office of the Comptroller

These Traditional Regulatory Entities Govern US crypto currencies.

Regulations in Mexico are mainly only for Electronic Payment Institutions and Crowdfunding Institutions. It allows these institutions to use cryptocurrencies approved by the Bank of Mexico.

Some RegTech companies are: Bayonet-ecommerce fraud, Biin Solutions-cloud and local info analysis, Electronic Identification-Digital Identification Solutions, Honey-Electronic Signature Services and much more

1.) In germany any fintech must obtain the licens and falls under the regulations of the german banking act, insurance act, investment act and payment service supervision act.

2.) -deloitte