Widely used in the IT universe, the term “sandbox” refers to an isolated and safe environment conducive to testing an application, so that the test does not cause damage to other applications that are already running normally in the system or to system itself.
As an example, we can think of a software developer who uses a sandbox to test new code, or a security professional who uses the sandbox to test potential risks and vulnerabilities in a system.
In the regulatory world, the term has been used a lot since the expansion of the so-called Fintechs (Finance and Technology) which are startups providing technology-based financial services, constituted, generally, with the aim of reducing bureaucracy and improving certain financial services to the greatest possible number of people.
Fintechs provide services to both individuals and companies offering services similar to traditional banks with the difference that they are originally digital.
According to the report The Pulse of Fintech, Prepared by the consultancy KPGM, in the middle of 2019, investments in the sector reached US $ 37.9 billion, with Brazil being the leader in investments in Latin America.
For platforms, the uncertainties that guide the rules and requirements applicable to their activities become barriers to their development. Thus, from the complexity inherent in the regulation of financial services, there arises the need to create a simpler form of regulation enabling the market growth for Fintechs.
What is a Regulatory Sandbox?
We can define “Regulatory Sandbox” as a structured environment created by the financial sector regulator that allows practical tests, on a small scale, of innovations by private companies under his supervision and control.
In this environment, regulations can be formulated and tested at a sufficiently fast pace, providing companies with a space to develop their innovations more safely.
Sandboxes form a symbiotic relationship between public and private entities with the aim of ensuring a favorable environment for the development of technologies that are in conformity with national legislation and enable regulators to better understand the complexity and impact of these disruptive technologies on society.
Generally, sandboxes have a fixed term, allowing Fintechs in the initial stage of constitution to test their applications and systems under the flexible regulatory scope, controlled and supervised by the competent regulatory authority.
Although this model is widely used in technology-related environments, its use in the financial market is recent.
The need for a regulatory sandbox for Fintechs
As we have seen, the main objective of the regulatory sandbox is to make compliance and regulation possible in conjunction with the rapid development of fintechs, always focusing on customer safety.
There is also another important objective when it comes to the regulatory sandbox, which is to attract the attention of banks, private equity and venture capital funds for investments in fintechs.
This is because legal and regulatory insecurity discourages investment in unregulated sectors, given that at any time, regulatory bodies may consider platform operations illegal, causing a drastic change in the system or business, thereby making their business activities unfeasible.
By participating in regulatory sandbox initiatives, fintechs have the opportunity, together with regulators, to test their products on the market.
In this way, startups can, with this, manage to convince investors of their real potential to fulfill their regulatory obligations while ensuring innovation in their products or services through their platforms.
On the other hand, regulators can develop public policies and regulations that are more appropriate to the market, fostering innovation and competitiveness.
In short, a regulatory sandbox benefits not only startups, but also regulators, customers, investors and society as a whole.
What are the main expected benefits?
From the regulation model via sandboxes, it is expected that there will be a boost in creative activity, since information asymmetries are eliminated and basic rules are established that ensure fairer conditions, generating confidence and minimizing market distortions.
In Brazil, the initiative aims to foster entrepreneurship and the development of the capital market through the creation of an experimental regulatory environment, in which participating entities will be able to test their disruptive business models in activities regulated by the CVM.
Regulatory Sandbox: experiences
In Brazil, the BC created the Laboratory of Financial and Technological Innovations (LIFT), in the experience of the Bank of England and the monetary authority of Singapore.
LIFT is an initiative that seeks to create an enabling environment for fintechs operating in Brazil that have developed innovative solutions using smart contracts, blockchain and other disruptive technologies.
However, LIFT is not a standard regulatory sandbox. There is no suspension of regulatory requirements and this experience is therefore considered a sectorial sandbox.
In this model, fintechs test new solutions off the market, in an environment without real customers and, therefore, without regulatory implications.
That way, they can collaborate with each other with new products, services and proofs of concept.
The sectorial sandbox is used to simulate customer behavior in order to test applications and even develop a new product for submission to the regulatory sandbox.
In the international context, we note that in 2015 the British government launched the first sandbox for fintechs, called Project Innovate, under the supervision of the UK Financial Conduct Authority.
Among the objectives of the British sandbox, the following stand out:
- Increase the ability to test products and services in a controlled environment;
- Reduction of time-to-market at potentially lower cost;
- Improved access to finance.
In 2016, the Monetary Authority of Singapore launched its sandbox to encourage experimentation and innovation in fintechs in the country.
This experiment, according to the Authority, allows fintechs to try innovative financial products or services in the production environment, in a controlled and supervised space.
Each regulatory sandbox has its particularity, taking into account the legal system of each country.
However, what they all have in common is the objective of promoting growth in innovation in the financial system, while maintaining protection for its customers and investors.
How will the Regulatory Sandbox work in Brazil?
The Brazilian Securities and Exchange Commission launched CVM Instruction 626 this month, which regulates the constitution and operation of the regulatory sandbox, coming into force on June 1, 2020.
According to information extracted from the CVM website, the participant admitted to the sandbox will receive temporary authorization to develop their innovative business model, and may receive exemptions from regulatory requirements to reduce the burden of compliance with the current rules established by the Municipality.
In return, conditions and limits to the participant's performance will be established, as well as safeguards to mitigate identified risks, in order to ensure the proper functioning of the market and to protect customers and other interested parties.
The participant will be continuously monitored by the CVM throughout the trajectory, providing mutual learning and opportunity for timely action by the regulator, if necessary.
The main benefits expected from the measure, according to the agency, are:
- Fostering innovation in the capital market.
- Guidance to participants on regulatory issues during the development of activities to increase legal certainty.
- Decreased cost and time to mature to develop innovative products, services and business models.
- Increased visibility and traction of innovative business models, with possible positive impacts on their attractiveness to venture capital.
- Increased competition between service providers and between suppliers of financial products in the capital market.
- Financial inclusion due to the launch of less costly and more affordable financial products and services.
- Improvement of the regulatory framework applicable to activities regulated by the CVM.
The composition and functioning of the Sandbox Committee will be regulated by the Ordinance of the CVM President.
Regulatory Sandbox: What will be considered as an innovative model?
CVM Instruction 626/2020 brought some criteria for the business model to be considered innovative.
Thus, innovative business models will be considered, for the purposes of the sandbox, those that, cumulatively or not:
- Use innovative technology or make innovative use of technology; or
- Develop a product or service that is not yet offered or with an arrangement different from what is being offered in the securities market.
It is noteworthy that the innovative business model must have the potential to promote efficiency gains, reduce costs or expand access by the general public to products and services in the securities market.
What will the admission process be like?
According to CVM Instruction 626/2020, the process of admitting participants in the regulatory sandbox will begin through communicated to the market, previously approved by the Board, disclosed on the official CVM page, indicating:
- the schedule for receiving and analyzing proposals; and
- the eligibility criteria and the required content of the proposals to be submitted, as well as the applicable selection and prioritization criteria
The Notice to the Market must indicate the maximum number of proponents that may be selected to participate in the regulatory sandbox, as well as restricting the admission of participants to those who carry out one or more regulated activities defined by the CVM.
It is anticipated that the Sandbox Committee will be able to establish complementary procedures for the process of admission of participants, aimed at:
- analyze proposals for participation in the regulatory sandbox that involve activities regulated by more than one regulatory body; and
- enable joint testing of innovative business models in foreign jurisdictions, in partnership with regulatory authorities in countries that have similar or compatible experimental regulatory environments.
What are the eligibility criteria?
CVM Instruction 626/2020 contains some minimum criteria that will be evaluated for participation in the Regulatory Sandbox. Below we list the criteria that will be analyzed:
- regulated activity must fit the concept of an innovative business model;
- the tenderer must demonstrate sufficient technical and financial capacity to carry out the intended activity in an experimental regulatory environment;
- the administrators and controlling partners direct or indirect bidder you can not: a) be disabled or suspended for the exercise of their position in financial institutions and other entities authorized to operate by regulatory bodies; b) have been convicted of bankruptcy, malfeasance, corruption, concussion, embezzlement, money laundering or concealment of goods, rights and values, against the popular economy, economic order, consumer relations, public faith or public property , the national financial system, or the criminal penalty that prohibits, even temporarily, access to public offices, by final decision, except for the hypothesis of rehabilitation; and c) be prevented from managing their assets or disposing of them due to a judicial or administrative decision;
- O proponent can't be forbidden to: a) contract with official financial institutions; and b) participate in a bidding process that has as its object acquisitions, disposals, works and services and public service concessions, within the scope of the federal, state, district and municipal public administration and indirect public administration entities;
- the tenderer must demonstrate that it has the capacity to establish at least mechanisms of: a) protection against cyber attacks and improper logical access to your systems; B) production and storage of records and information, including for the purpose of carrying out audits and inspections; and c) prevention of money laundering and terrorist financing; and
- the innovative business model must have been preliminarily validated through, for example, proof of concept or prototypes, and cannot be in a purely conceptual stage of development.
Finally, it should be noted that foreign legal entities are allowed to participate in the regulatory sandbox, subject to the aforementioned eligibility criteria.
What should be included in the proposals?
The formal proposal must be submitted by the proponent to participate in the regulatory sandbox and it must contain:
- Description of the activity to be developed and the aspects that characterize it as an innovative business model.
At this point, the tenderer must describe the following points:
- O market niche to be served by the service or product offered;
- the benefits expected in terms of efficiency gains, cost reduction or expansion of public access to securities market products and services;
- at metrics foreseen to measure performance and periodicity of measurement; and
- The validation preview of the innovative business model (proof of concept or prototype).
2. Indication of exemptions from intended regulatory requirements and the reasons why, in your view, they are necessary for the development of the regulated activity that is the object of the temporary authorization sought;
3. Suggestions of conditions, limits and safeguards that may be established by the CVM, either alone or in conjunction with another regulatory body, for the purpose of mitigating the risks arising from operations under exemption from regulatory requirements.
As an example, we have:
- limitations on the number of customers;
- maximum volume of operations;
- mechanisms for receiving and responding to customer and investor complaints;
- additional transparency measures in relation to the communication rules provided for in this Instruction; and
- restriction of securities that can be traded;
Suggestions for risk mitigation should present solutions and possible remedial measures for any damages caused to customers, investors and interested parties during the period of participation in the regulatory sandbox, including, if applicable, any contracted insurance.
4. Analysis of the main risks associated with its operations, including those related to:
- The cybersecurity;
- to processing of personal data; and
- The prevention of money laundering and terrorist financing;
5. Necessary procedures for putting into operation, necessarily containing a operational schedule indicative;
6. Contingency plan for orderly discontinuation of regulated activity, for any reason, including the treatment to be given to customers, investors or interested parties, as the case may be; and
7. Documents and information necessary to assess compliance with the eligibility criteria, as well as those of selection and prioritization, as disclosed in the notice to the market.
Finally, the tenderer must:
- indicate, in a justified manner, the information contained in the proposal whose disclosure may represent a competitive advantage to other economic agents, and which, therefore, should be treated by the CVM as confidential, protected under the protection of legal hypotheses of confidentiality; and
- manifest, expressly, who agrees with the possibility of CVM share your information, including confidential, with any the 3rd that can assist the CVM in analyzing the proposals.
About the author
Graziela Brandão is a lawyer and founder of BL Consultoria Digital, master in Human and Social Sciences Applied by UNICAMP and post-graduate student in Legal Tech, Innovation and Startups by PUCMinas. He works in the area of Digital and Regulatory Law with a focus on Compliance, Blockchain, Bitcoin and Personal Data Protection.
This source of this article is portaldobitcoin.com.