Regulatory sandboxes are an important part of the ongoing global race to attract FinTech talent, as different economies keep launching new programs to support FinTech and attract innovators. Australia is no stranger to this race: between 2014 and 2020, the number of FinTech start-ups in the country increased more than seven-fold and exceeded 700. In addition, Australia was one of the early adopters of the regulatory sandbox concept: a FinTech sandbox was launched at the end of 2016 and was based on the “fintech licensing exemption” (FLE) offered by the Australian Securities and Investments Commission (ASIC). This happened shortly after the establishment of sandboxes in major financial centres like the UK, Singapore, and Hong Kong.
Just as not all trailblazers are necessarily successful, so too Australia’s original FinTech sandbox did not meet expectations. Over almost four years of operation it was used by just seven firms. In the meantime, Australia’s regional competitors modernised their sandboxes: the Hong Kong Monetary Authority launched its “Fintech Supervisory Sandbox 2.0,” while the Monetary Authority of Singapore went further and established a new sandbox format known as “Sandbox Express” targeting a specific subset of FinTech firms matching a pre-defined profile.
Australia’s response came in the form of a revised legal framework entitled “enhanced regulatory sandbox” (ERS), which became operational in September 2020 and replaced the FLE. It is fair to say that the word “enhanced” in the ERS is a synonym for “expanded.” Among other things, the ERS offers a much longer testing period and admits new types of activities into the sandbox. At the same time, the ERS did not change the underlying sandbox model and follows the same unique non-authorisation approach as the FLE: technically there is no formal application process and firms intending to make use of the sandbox need to submit an advance notice to ASIC before commencing the testing phase.
In a new article entitled “A Better Model for Australia’s Enhanced FinTech Sandbox,” I argue that this reform only scrapes the surface of the many challenges underlying Australia’s FinTech sandbox and suggest that these challenges can only be adequately resolved by revising the underlying sandbox model and switching to an authorisation-based sandbox design (which is widely used globally and is more easily understood by FinTech firms). There are three main reasons why such a change would be useful.
First, the ERS is inconsistent with the chosen notice-based sandbox model. Under the ERS regulations, it is not necessary to obtain express approval from ASIC to use the sandbox; FinTech firms may start their test immediately upon the expiration of the 30-day notification period (as long as during that period the regulator does not raise any objections). This notice-based approach seemed justified in the original design of ASIC’s sandbox proposed in an earlier (June 2016) public consultation. Indeed, initially, the gatekeeping function was to be partially performed by third parties, known as “sandbox sponsors” (such as not-for-profit industry associations). Sandbox sponsors were expected to (i) reduce the underlying risks by declining to sponsor non-reputable firms and (ii) remove the need for case-by-case approval from ASIC (thus providing the main justification to the notice-based design of the sandbox). However, after that early public consultation ASIC abandoned the idea of sandbox sponsorship without amending the sandbox model accordingly.
Another important inconsistency stems from the increased complexity of the ERS. After all, a critical aspect of any regulatory sandbox is its usability. In authorisation-based sandboxes, much of the anxiety is relieved due to the formal application process and resulting information exchange with the regulator. Yet the ERS is different; it offers minimal interaction between prospective participants and ASIC. But if the only meaningful feedback from the regulator within the ERS takes the shape of a response confirming or denying compliance with eligibility parameters, the onus is on FinTech firms to “get it right” on the first attempt in order to avoid wasting time on resubmissions and resetting the 30-day notice timer.
In this setting, the ease of use and clarity of eligibility requirements become critical to attract innovators. Unclear, complex requirements are likely to make FinTech firms spend additional time and expense (e.g., on legal consultants), which could undermine the usefulness of the ERS as an accessible sandbox format to promote innovation.
Unfortunately, instead of simplifying the access requirements, the ERS has only grown in complexity, compared to the FLE. In particular, the ERS implements two new tests: the net public benefit test and the innovation test that need to be addressed in the notice to the regulator. ERS users are essentially required to make a self-assessment against vague and non-specific criteria that are based on the new requirements. These tests would perfectly fit any authorisation-based framework but seem out of place in a non-interactive notice-based sandbox regime.
Second, I argue that the revision of the ERS design would help to align it with a different regulatory sandbox established by the Australian Prudential Regulation Authority (APRA), which offers innovators an opportunity to obtain restricted ADI (authorised deposit-taking institution) licences. Alignment of the two frameworks is likely to be useful to further promote APRA’s and ASIC’s pro-innovation philosophy (particularly in the light of increased coordination between domestic sandboxes offered by some of the competing jurisdictions). In addition, it would be well aligned with the updated Memorandum of Understanding between these two regulators issued in November 2019, whereby APRA and ASIC commit to proactively engage with each other, provide appropriate information and promptly respond to information and document requests.
Third, the non-interactive design of the Enhanced Regulatory Sandbox can be described as a ‘solution waiting for a problem’ and is therefore inefficient. Australia’s unusual notice-based model of a FinTech sandbox demands precision, rewards foresight and punishes miscalculations much more than the typical (authorisation-based) sandbox design. This is because the ERS is not an interactive form of a regulatory sandbox. By design, there is no ongoing information exchange with the regulator, no mandated periodic (or even final) reporting, no possibility to apply for extension of the sandbox term (as there is no application process to begin with), and no better solution for FinTechs that quickly outgrow the limitations of the ERS than immediate exit from the sandbox.
The efficiency of a non-interactive notice-based sandbox model ultimately hinges on the ability of the regulator to predict the future direction of FinTech development in the relevant jurisdiction. Since there is no application process or dialogue with the regulator and no flexibility in modifying the sandbox parameters, such a sandbox model can be called a “solution waiting for a problem.” If the relevant prediction is right, the sandbox works. If, for whatever reason, the calculation is incorrect, then there is no demand, and the sandbox becomes useless.
The above issues could be adequately resolved by switching to an authorisation sandbox model. There is, perhaps, one potential cosmetic flaw in this proposal: it will make Australia’s sandbox framework look less unique on paper. However, given that it is the dominant sandbox format globally, the authorisation-based model of a FinTech sandbox will be much more easily understood by the end-users compared to the current puzzling—partially hands-on and partially hands-off—regime. A framework that is simple and clear would promote legal certainty and should be better aligned with ASIC’s competition promotion mandate. Simply put, it is much more likely to get the job done.
Dr Anton N Didenko is a Senior Lecturer at UNSW Sydney, Faculty of Law & Justice.
This post is adapted from his paper, “A better model for Australia’s enhanced FinTech sandbox,” available on SSRN.