New Regulations for the FinTech Market
The objectives of the new regulations are threefold: to make the use of internet payment services safer and more convenient; to safeguard customers against fraud, abuse, and payment issues; to promote innovative mobile and payment services.
Payment Services Directive (PSD2)
The implementation of the payment services Directive (Directive (EU) 2015/2366, commonly referred to as PSD2) which was transposed into Greek legislation with Law 4537/2018 set in motion a significant part of financial innovation activities. PSD2 is perceived as an enabler of new and innovative payment solutions taking advantage of open finance APIs, as well as DLT, AI and other technologies. In other words, the PSD2 supports innovation and competition in retail payments and enhances the security of payment transactions and the protection of consumer data.
Entities all over Europe are exploring ways to disrpupt the market and offer competitive financial products or services,. As a result, a growing number of entities have shown interest in obtaining authorisation as payment or e-money institutions.
The 2015 EU Payment Services Directive II (PSD2) is a regulation that aims to enhance competition by granting open access to certain types of customer banking data for nonbank licensed providers of payment initiation services and account information services.
AML5 / 5th Anti-Money Laundering Directive (AML5)
AML5 that came into force on 9 July 2018 is to be implemented by Member States by 10th January 2020. The implementation of AML5 is of interest to the payment and FinTech industry especially with regards to the changes regarding electronic money and cryptocurrencies.
AML5 introduces in different sections digital identification and the European regulation of trust services 910/2014, eIDAS and delegates to it and to electronic trust services the ability to identify new customers.
C. EIDAS / Electronic identification and trust services for electronic transactions in the internal market
eIDAS entered into force in July 2016 eIDAS entered into force in July 2016 and has a technical background and specific stipulations on electronic identification solutions; a technical framework for validation solutions.
eIDAS Regulation, ensures that people and businesses can use their own national electronic identification schemes (eIDs) to access public services in other EU countries and creates an European internal market for electronic trust services:
- electronic signatures,
- electronic seals,
- time stamp,
- electronic delivery service
- website authentication.
FinTech Services are changing the way many consumers track, manage and facilitate their finances.
FinΤech Services are already popular among customers and every year an increasing number of people across the world is using them.
ELECTRONIC MONEY INSTITUTIONS (EMIs)
Electronic money, also known as “e-money”, is stored electronically, usually in an online wallet or on a prepaid card and is used to make payments for goods and services
AUTHORISED PAYMENT INSTITUTIONS (APIs)
APIs provide a range of regulated payment services. A type of API you could use may be a money remitter, which sends money around the world.
SMALL PAYMENT OR e-MONEY INSTITUTIONS (SPIs) and (SEMIs)
SPIs or SEMIs can provide the same services as APIs or EMIs, but handle much smaller amounts of money. As a result, there are fewer rules that SPIs need to follow.
ELECTONIC MONEY OR PAYMENT AGENTS OR DISTRIBUTORS (EMD/PSD Agent)
EMD/PSD Agents or Distributors are firms that can act on behalf of another firm (its principal) that is authorized or registered by the competent authority as a payment or e-money institution.
RegTech is an emerging area in FinTech, that uses technologies to solve regulatory and compliance requirements more effectively and efficiently. Technologies that are deemed to be applicable for RegTech include machine learning and artificial intelligence, biometrics, the interpretation of unstructured data such as e-mails and Facebook posts, and the use of application programming interfaces (APIs).
RegTech firms offer technological automation solutions to regulatory processes to other firms in the financial services sector, allowing the latter to improve their efficiency in areas such as risk management, regulatory reporting, and compliance.
RegTech firms may develop solutions using Distributed Ledger Technology – DLT and indicatively refer to:
- Customer digital onboarding, where firms enable the remote identification of customers through software solutions that automate the know-your-customer (KYC); due diligence; and identity verification processes.
- Compliance and risk management solutions, enabling authorised firms to ensure that the processing of legal information by means of artificial intelligence and machine learning is performed in an efficient manner and that all results are explainable and transparent.
AISPs are market players that retrieve account information data from banks and financial institutions, mainly through open banking interfaces, and use them to build new services for customers.
The most common and obvious service provided by AISPs is account information aggregation, which offers customers an overview of all their accounts held with different financial institutions, possibly enriched with added value services such as reporting and extensive data analysis.
The most common AISPs are offering services with credit-scoring applications based on the processing of aggregated account data with Big Data analytics and Artificial Intelligence.
Crypto assets may be regulated (security tokens and e-money tokens) or non-regulated such as BitCoin, LiteCoin.
This category includes utility tokens which can be redeemed for access to a specific product or service that is typically provided using a DLT platform. Investment products such as derivatives contracts that reference these cryptoassets are likely to be within the regulatory’s parameter. Notably, DLT is a relatively recent advancement that has received increasing amounts of industry, media, political and other stakeholder attention in recent years. It combines various existing tools such as shared databases, cryptography and peer-to-peer networking to offer firms the ability to share data efficiently and securely.
P2P lending platforms, in which individuals and companies invest in small businesses, enable the provision of credit without bank intermediation. They match borrowers and lenders directly: Some allow the lenders to choose the borrowers, while others form packages of loans, and online auctions are often used for this purpose. These platforms frequently provide business risk rankings to borrowers, obtained by algorithms using big data.
Crowdfunding can provide an alternative to unsecured bank lending, such as bank overdrafts or credit loans, which are currently the main sources of external finance for SMEs, especially during the initial period of activity.
FinTech innovation in investment advice is provided by so-called robo-advisors, which are computer programs that generate automated investment advice according to customer data while employing portfolio management algorithms. FinTech business models are created involving self-guided online wealth management and the provision of investment advice to their customers based on the analysis of the clients’ account information data. Investment institutions may use Application Programming Interfaces and rely on the use of APIs in order to be able to offer their service or product.
The insurance sector is not an exception to technology innovation, with developments in technology leading to possibilities of new methods of service provision as well as greater opportunities for data collection that can lead to better risk identification and mitigation measures, which are being referred to as “InsurTech”.
InsurTech businesses are developing business models that may better address the insurability of policyholders by using technology to simplify the contracting process (smart contracts) and tailoring policies to better suit their needs.
The practical understanding of FinTech and the profound knowledge of the complex legal and compliance legislation applicable, is our added-value service and the basis for the solid legal guidance we provide to our clients in scope of their business needs and strategic goals
The Idea Stage
We understand the components of your FinTech Services, FinTech products and technology solutions and liaise with the regulators and the FinTech Hub
The Compliance Stage
We identify the compliance and legal framework applicable to your FinTech Services, FinTech products and technology solutions
The Legal Stage
We answer your legal questions upon the regulations applicable such as:
- Are your FinTech Services, FinTech products and technology solutions regulated or not? What are your obligations and responsibilities?
- Does the provision of your FinTech Services require a passport, notification or authorization or not? Which is the competent authority?
- Is your RegTech solution authorized by the competent authority for use e.g. in customer due diligence and/or risk management or not?
- Does your RegTech solution meet the regulatory standards of robustness and assurance level under the legal framework applicable?
- Does the cryptoproduct qualify as a financial instrument and which are the provisions that the crypto-asset is subject to?
The Implementation Stage
We offer a one-stop shop approach and provide a controlled and safe environment:
- We help you set-up your business on a project management basis and assist with the passport, notification or authorization process required
- We provide legal guidance and assist with the assurance and/or service legal assessments required
- We draft the policies and manuals applicable to your FinTech Services, FinTech products and technology solutions towards the implementation and operation of your FinTech business and services
- We follow-up the new rules being implemented in Greece and on an EU level on the provision of FinTech services and the distribution of your FinTech products and technology solutions and provide you with all updated information on the evolving FinTech Regulatory framework.