The document discusses regulatory sandboxes as a way to promote financial technology (fintech) innovation while mitigating risks. It proposes the following key aspects of a regulatory sandbox:
- Eligible solutions must be genuinely innovative and unable to be offered under existing rules, with potential to benefit the financial sector or economy. Applicants must demonstrate viability and ability to control risks.
- Sandboxes provide a safe environment with some relaxed rules to test solutions. Safeguards like transaction limits and customer disclosure are required to contain risks and consequences of any failure.
- Feedback is sought on the sandbox approach except for peer-to-peer lending, to balance innovation, consumer protection and financial stability.
Expense Management Maximizing Efficiency for Business Success
MDEC Fintech Conference - Facilitating Innovation Through The Fintech Regulatory Sandbox, Bank Negara
1. Fintech Regulatory Sandbox Discussion Paper
1
Aznan Abdul Aziz
Chairman of the Financial Technology Enabler Group (FTEG)
Bank Negara Malaysia
2. Fintech and the regulatory spectrum
2
Too small
to care
Too large
to ignore
Too big
to fail
“Large” also includes “significant” and “interconnected”
3. The Sandbox explained
3
Build (almost)
anything you want
In a safe environment,
with clear boundaries
and safeguards
We may relax
some (but not all)
of our rules
Consequences of failure
can be contained
4. Our motivation for introducing the Sandbox
4
• Promote innovation
• Remove regulatory barriers or uncertainty
• Lower cost of testing new ideas
• Faster time to market
• Fine-tuning of products/solutions prior to launch
• Evaluate impact and monitor unintended consequences
• Reduce risk and contain the consequences of failure
• Review our regulations
5. Key features of the Sandbox
5
3 key components of regulatory sandboxes:-
- Eligibility criteria : Filtering mechanism to ensure only deserving candidates
are processed and approved for sandbox deployment
- Safeguards : To reduce risk and contain the consequences of failure. To be
proposed by the applicant, modified or enhanced as appropriate by the Bank
- Regulatory flexibilities
Regulatory sandboxes cannot be used to circumvent existing regulations, and
are therefore not suitable for activities/solutions that are already allowed under
existing regulations.
In addition to regulatory sandboxes, the Bank will also provide ‘informal steer’ to
guide individual FIs/Fintech companies.
6. Eligibility Criteria
6
The solution is genuinely innovative
The deployment of the solution is:
Not allowed due to any prohibition under existing laws or regulations; or
Either wholly or partly incompatible with applicable regulatory requirements
The solution has clear potential to:
Contributes to development of Malaysia’s financial sector;
Brings enhancement to financial institution’s efficiency or risk management
and controls; or
Significantly benefits the Malaysian economy and/or consumers
Due diligence was conducted to verify the viability of the solution and the
associated risks
Applicant has the resources to mitigate and control potential risks and losses
arising from the offering of the solution
The solution is planned to be offered commercially in Malaysia after the
Sandbox
7. Other requirements
7
Caveat: In addition to the safeguards proposed or offered by the applicant, the Bank may impose
additional safeguards as the Bank sees fit
Examples of Safeguards
Adequate disclosure of the potential risks to participating customers and confirmation of their
understanding of the attendant risks
Limiting individual and/or aggregate value or frequency of transactions
Restricting participation to targeted customers and duration of the testing period
Availability of consumer redress mechanism and adequate resources to undertake the testing and
contain the consequences of failure
Caveat: Additional conditions may be imposed by the Bank on the participants taking into account
risks peculiar to the respective test
Minimum Standards
Maintain adequate oversight and control arrangements
Maintain appropriate risk management systems and processes
Have in place appropriate customer protection safeguards
Have adequate financial capability