Australia - ASIC Issues "Sandbox" Framework, Including "Fintech Licencing Exemption".

Legal News & Analysis - Asia Pacific - Australia - Regulatory & Compliance

Asia Pacific Legal Updates


13 January, 2017


ASIC has published its Regulatory Sandbox Framework, which comprises a package of regulatory guidance and instruments designed to support innovation in financial services, while protecting consumers.


The Sandbox includes a new Regulatory Guide RG 257 Testing fintech products and services without holding an AFS or credit licence (RG 257).


RG 257 is a guide for financial technology (fintech) businesses who want to test their new products and services before they commit to obtaining an Australian financial services licence (AFSL) or Australian credit licence (ACL).


On 8 June 2016, ASIC released Consultation Paper 260 Further measures to facilitate innovation in financial services (CP 260) which proposed a number of measures designed to increase flexibility and ease of entry into the financial services industry for new fintech entrants. The key barriers to innovation under the existing regime were described as:


  • speed to market;
  • organisational competence; and
  • access to capital.


Twenty five submissions responding to CP 260 were published on the ASIC website. 

In what some may label an early Christmas present, "stage 3" of the consultation process has delivered a package of new and updated regulatory instruments and guidance. 


This innovation package, described by ASIC as a "world first" class waiver, forms the regulatory "sandbox" framework (the Sandbox), and includes:


  • the new RG 257;
  • a new ASIC Corporations (Concept Validation Licensing Exemption) Instrument 2016/1175 (Instrument 2016/1175);
  • a new ASIC Credit (Concept Validation Licensing Exemption) Instrument 2016/1176 (Instrument 2016/1176);
  • an updated Regulatory Guide 105 Licensing: Organisational competence (RG 105); and
  • an updated Regulatory Guide 206 Credit licensing - Competence and training (RG 206).


In keeping with ASIC's progressive approach to guidance, it has also furnished the industry with a new infographic, describing the eligibility requirements and benefits.


RG 257


RG 257 explains the Sandbox, which includes a new "fintech licensing exemption"; flexibility under the existing law; and the ability to request ASIC to grant individual relief where an exemption is not available.

It also clarifies that digital currencies are not regulated by ASIC.


Fintech licensing exemption


The "fintech licensing exemption" is a new exemption which has been made possible by virtue of the two new ASIC instruments, Instrument 2016/1175 and Instrument 2016/1176 (together, the Instruments).


Unlike "sandboxes" in other jurisdictions, there is no need for a fintech business to apply to ASIC to be selected to participate in a sandbox cohort.  Instead, the relief provided by the Instruments is available to all who meet the eligibility criteria. 


Eligible fintech businesses must notify ASIC if they wish to rely on an Instrument, and furnish ASIC with certain information. 


Following notice, a fintech business can rely on the respective Instrument for up to twelve months, which is intended to give the fintech business adequate time to validate their concept, determine the commercial viability of the product, learn more about the necessary standard of regulatory requirements, and apply for an ACL or AFSL (or both) for the period succeeding the exemption period.


A fintech business is only eligible if it is not:


  • banned from the activities;
  • an existing licensee;
  • a Representative of an existing licensee; or
  • a related body corporate of an existing licensee.


Financial services relief under Instrument 2016/1175 permits limited advice and dealing in relation to:


  • listed or quoted Australian securities;
  • simple managed investment schemes;
  • deposit products;
  • some kinds of general insurance products; and
  • payment products issued by ADIs.


The fintech business must not issue financial products.


Credit relief under Instrument 2016/1176 permits limited credit assistance, but not lending.


Limitations of the licensing exemption


In addition to other restrictions, fintech businesses relying on the fintech licensing exemption can only have up to 100 retail clients.  


This prohibits or limits:


  • volume and stress testing; 
  • fintech businesses relying on a low-yield/high-volume business model for testing full market interest; and
  • generating profits required to expand the business and fund licensing.


RG 257 also imposes dispute resolution obligations, PI insurance obligations, exposure limits, and other conditions. 


Existing relief 


The existing relief under the current law (as an alternative to the fintech licensing exemption) generally refers to a fintech business' ability to:


  • operate as a Representative under another ACL or AFSL; or
  • design its product in a way which relies on an existing exemption.


Existing relief may be useful to some, but can be restricting on the product features, or may require a relationship with a licensee who holds the balance of power.


Finally, at Part G of RG 257, ASIC reminds the industry that it has statutory powers to

issue individual relief on a case by case basis.


Key amendments to RG105


A refreshed version of RG105 has been published, giving better guidance to digital financial services businesses around Responsible Managers, and skills and education requirements.


The key changes to RG105 include the following:


  • the "Transitional Issues" section in Part A has been removed;
  • RG 105.26–RG 105.33 permits appointing, as a Responsible Manager, a person who provides sign-off in a small scale (defined as having fewer than 1,000 retail clients) and heavily automated business;
  • RG 105.23 and RG105.35 permits a Responsible Manager to be a person other than an "officer" of the company;
  • RG 105.24 changes the "day-to-day involvement" requirement of a Responsible Manager to a judgement-based test; and
  • further guidance is supplied regarding the knowledge and skill requirements. 


The changes to RG 105 moderately increase the class of potential Responsible Managers in a heavily digital or automated financial services business.


Key amendments to RG 206


RG 206 has also been refreshed, with very minor amendments throughout.  The key changes include the following:


  • RG 206.58 now clarifies that ASIC will not consider experience gained in an unlicensed or exempt credit environment;
  • Part C provides further guidance about acceptable 'overseas' (no longer referred to as 'foreign') qualifications and recognition; and
  • general formatting and nomenclature amendments.


The changes to RG 206 give some guidance in relation to representatives with offshore qualifications.

Ashurst Logo

For further information, please contact:

Corey McHattan, Partner, Ashurst
[email protected]