Fintech 2022 UK: Law & Practice Simon Crown, Laura Douglas, Meera Ragha and Monica Sah Clifford Chance LLP - Financial Markets Toolkit
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Definitive global law guides offering comparative analysis from top-ranked lawyers Fintech 2022 UK: Law & Practice Simon Crown, Laura Douglas, Meera Ragha and Monica Sah Clifford Chance LLP practiceguides.chambers.com
UK Law and Practice The United Kingdom Contributed by: Ireland Simon Crown, Laura Douglas, London Germany Meera Ragha and Monica Sah Belgium Clifford Chance LLP see p.24 France CONTENTS 1. Fintech Market p.4 5. Payment Processors p.12 1.1 Evolution of the Fintech Market p.4 5.1 Payment Processors’ Use of Payment Rails p.12 5.2 Regulation of Cross-Border Payments and 2. Fintech Business Models and Remittances p.13 Regulation in General p.4 2.1 Predominant Business Models p.4 6. Fund Administrators p.14 2.2 Regulatory Regime p.4 6.1 Regulation of Fund Administrators p.14 2.3 Compensation Models p.5 6.2 Contractual Terms p.14 2.4 Variations between the Regulation of Fintech 7. Marketplaces, Exchanges and Trading and Legacy Players p.6 Platforms p.14 2.5 Regulatory Sandbox p.6 7.1 Permissible Trading Platforms p.14 2.6 Jurisdiction of Regulators p.6 7.2 Regulation of Different Asset Classes p.15 2.7 Outsourcing of Regulated Functions p.7 7.3 Impact of the Emergence of Cryptocurrency 2.8 Gatekeeper Liability p.8 Exchanges p.15 2.9 Significant Enforcement Actions p.9 7.4 Listing Standards p.15 2.10 Implications of Additional, Non-financial 7.5 Order Handling Rules p.16 Services Regulations p.9 7.6 Rise of Peer-to-Peer Trading Platforms p.16 2.11 Review of Industry Participants by Parties 7.7 Issues Relating to Best Execution of Customer Other than Regulators p.10 Trades p.16 2.12 Conjunction of Unregulated and Regulated 7.8 Rules of Payment for Order Flow p.16 Products and Services p.10 7.9 Market Integrity Principles p.16 2.13 Impact of AML Rules p.10 8. High-Frequency and Algorithmic 3. Robo-Advisers p.11 Trading p.16 3.1 Requirement for Different Business Models p.11 8.1 Creation and Usage Regulations p.16 3.2 Legacy Players’ Implementation of Solutions 8.2 Requirement to Register as Market Makers Introduced by Robo-Advisers p.11 when Functioning in a Principal Capacity p.17 3.3 Issues Relating to Best Execution of Customer 8.3 Regulatory Distinction between Funds and Trades p.11 Dealers p.17 4. Online Lenders p.11 8.4 Regulation of Programmers and Programming p.17 4.1 Differences in the Business or Regulation of 9. Financial Research Platforms p.17 Loans Provided to Different Entities p.11 9.1 Registration p.17 4.2 Underwriting Processes p.12 9.2 Regulation of Unverified Information p.18 4.3 Sources of Funds for Loans p.12 9.3 Conversation Curation p.18 4.4 Syndication of Loans p.12 2
UK CONTENTS 10. Insurtech p.18 10.1 Underwriting Processes p.18 10.2 Treatment of Different Types of Insurance p.18 11. Regtech p.19 11.1 Regulation of Regtech Providers p.19 11.2 Contractual Terms to Assure Performance and Accuracy p.19 12. Blockchain p.19 12.1 Use of Blockchain in the Financial Services Industry p.19 12.2 Local Regulators’ Approach to Blockchain p.19 12.3 Classification of Blockchain Assets p.20 12.4 Regulation of “Issuers” of Blockchain Assets p.21 12.5 Regulation of Blockchain Asset Trading Platforms p.21 12.6 Regulation of Funds p.21 12.7 Virtual Currencies p.22 12.8 Impact of Regulation on “DeFi” Platforms p.22 12.9 Non-fungible Tokens (NFTs) p.22 13. Open Banking p.22 13.1 Regulation of Open Banking p.22 13.2 Concerns Raised by Open Banking p.22 3
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP 1. FINTECH MARKET 2.2 Regulatory Regime There is no single regulatory regime for fintech. 1.1 Evolution of the Fintech Market Instead, both the nature of the activities a firm The UK remains a leading global hub for fintechs. performs and its business model determine UK tech venture capital investment is third in the whether it is regulated. world (behind the US and China) according to research from TechNation. The fintech ecosys- As discussed in 2.1 Predominant Business tem is supported by a progressive approach to Models, the UK fintech market is notable for regulation, access to international investment the breadth and depth of its sectoral coverage. and a skilled workforce. It encompasses a wide range of services such as crowdfunding, cross-border payments, foreign There are growth opportunities for fintechs, exchange services, digital wallets and e-money, including in playing a role in both addressing robo advice and crypto-asset-related activi- underlying environmental, social and govern- ties. Firms must assess the regulatory regime ance (ESG) issues, and in deploying AI and other that applies to their business on a case-by-case technologies to enable ESG data to be collected basis. and monitored in response to regulation requir- ing standardised reporting of ESG data. This is We have included a high-level overview of the an area where the UK fintechs are thriving – the general licensing regime and the framework UK is third in the world for investment into impact applicable to payment institutions and e-money tech according to research from Tech Nation. firms. In addition, COVID-19 has accelerated the General Licensing Regime under FSMA growth of digital adoption. There is also a shift All firms should consider the general prohibition in consumer behaviour, with increasing payment in Section 19 of the Financial Services and Mar- volumes moving online and an increased use of kets Act 2000 (FSMA), which prohibits carrying e-commerce. on a regulated activity by way of business in the UK without authorisation or an exemption. The regulatory landscape will continue to evolve to address concepts such as crypto-assets and A regulated activity is an activity of a specified stablecoins, cloud technology and artificial intel- kind that is carried on by way of business and ligence (AI). relates to an investment of a specified kind. The list of regulated activities is set out in the Finan- cial Services and Markets Act 2000 (Regulated 2. FINTECH BUSINESS Activities) Order 2001 (the RAO). This includes M O D E L S A N D R E G U L AT I O N (to name a few) accepting deposits, issuing elec- IN GENERAL tronic money, advising on or arranging deals in investments, dealing in investments as agent 2.1 Predominant Business Models or principal and operating an electronic sys- There are thousands of fintechs across the UK, tem in relation to lending. If a specified activity including mature brands and start-ups, and cov- is carried on by way of business and relates to ering a wide range of sectors and using a variety a “specified investment”, it will be caught as a of business models. The business models vary regulated activity. The list of specified invest- for firms across the different sectors. ments includes (but is not limited to) deposits, 4
UK Law and Practice Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP electronic money, shares and units in a collective Specific Rules for Particular Fintech Business investment scheme. Models There are specific requirements relevant to cer- Payment Institutions and E-Money Firms tain types of fintech business models. Many of Firms should also consider whether they are these, including peer-to-peer lending and cryp- subject to regulation under the Payment Servic- to-asset-related activities, are discussed further es Regulation 2017 (the PSR 2017) or Electronic below. Money Regulation 2011 (the EMR 2011). Impact of Brexit on the UK Regulatory Payment institutions and electronic money firms Regime must safeguard customer funds to ensure that, The UK left the EU on 31 January 2020 (Brexit), in the event of an insolvency of the firm, custom- and the transition period (during which period ers’ funds are returned in a timely and orderly EU law applied in the UK) ended on 31 Decem- manner. This is particularly important as funds ber 2020. Following the end of the transition held with payment institutions and e-money period, the European Union (Withdrawal) Act firms are not protected by the Financial Services 2018 (the EUWA) provided for the onshoring of Compensation Scheme. certain EU legislation as it applied at that date into UK domestic law. The Financial Conduct Authority (FCA) is focused on ensuring that payments are safe Kalifa Review and accessible (see further in 2.6 Jurisdiction An HM Treasury-commissioned independent of Regulators). Its main supervisory priority for report on the UK fintech sector was published in the payments sector is ensuring that firms have 2021 (the Kalifa Review). This contains a number robust safeguarding arrangements, prudential of recommendations, including proposals for a resilience and risk management arrangements, new digital finance regulatory framework. The and systems and controls to prevent financial government committed to implementing many crime. of its recommendations. The FCA intends to extend the Senior Managers 2.3 Compensation Models and Certification Regime to apply to payment The compensation models that fintech firms can institutions and e-money firms. utilise vary depending on the nature of a firm’s business and the regulatory rules applicable to New Consumer duty that firm. The FCA has consulted on a proposal for a new consumer duty that would raise the standard of There are restrictions on charging fees for cer- care that firms need to provide to retail consum- tain types of payment methods. The Consumer ers. This includes firms that do not have a direct Rights (Payment Surcharges) Regulations 2012 relationship with retail clients (eg, firms involved (SI 2012/3110) (the Surcharges Regulations) in the manufacture or supply of products and impose a ban in relation to payment surcharges, services to retail clients). The FCA is expected and limits on surcharges for certain payments. to publish the final rules by July 2022. Card Surcharge Ban Payees must not charge a payer any fee in respect of payment by means of card-based 5
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP payment instruments or other payment instru- FCA Green Fintech Challenge ments (other than commercial cards or other The FCA’s Green FinTech Challenge aims to sup- payment instruments as set out in the Surcharg- port firms in navigating regulation and supports es Regulations) to the extent that certain condi- live market testing of new products and services tions are met. that will aid the transition to a net zero economy. Limit on Surcharging for Other Payments FCA TechSprints There are also limits in relation to some busi- The FCA has been hosting TechSprints since ness-to-business and consumer-to-business 2016, which are events that bring together indus- payments. try participants to develop technology-based ideas to address specific industry challenges. 2.4 Variations between the Regulation of Fintech and Legacy Players The Global Financial Innovation Network The regulation applicable to both legacy players (GFIN) and fintechs depends on the nature of a firm’s The GFIN was launched in 2019 by an interna- business model and the activities that it con- tional group of financial regulators and related ducts, which must be determined on a case-by- organisations, including the FCA. This built on case basis. That being said, there are areas of the FCA’s early 2018 proposal to create a global regulation aimed at fintechs. For example, the sandbox, and the FCA now leads and chairs the PSR 2017 includes specific rules for small pay- GFIN. ment institutions. The GFIN seeks to develop a cross-border test- 2.5 Regulatory Sandbox ing framework (or “global sandbox”) to allow The FCA is a global pioneer in developing initia- firms to trial and scale new technologies or busi- tives to support firms using innovative technolo- ness models in multiple jurisdictions. gies. 2.6 Jurisdiction of Regulators FCA Regulatory Sandbox The key regulators for the UK fintech market are The FCA has offered a regulatory sandbox since the FCA, the Bank of England, the Prudential 2016 to allow firms to test innovative products Regulatory Authority (PRA) and the Payment in a controlled environment whilst ensuring there Systems Regulator. A brief description of each of are appropriate consumer protection safeguards their roles and objectives is summarised below: in place. • FCA – the FCA’s strategic objective is FCA Digital Sandbox Pilot to ensure that markets for financial ser- The FCA’s second cohort of the Digital Sandbox vices function well and it is responsible for, is focused on testing and developing products amongst other things: regulating standards of and services in the area of ESG data and dis- conduct in retail and wholesale financial mar- closure. kets; supervising trading and infrastructures that support those markets; and supervising FCA Regulatory Nursery payment institutions and e-money firms; In April 2021, the FCA announced it will launch a • Bank of England – the Bank of England’s regulatory nursery to provide additional support objective is to protect and enhance the to firms that have recently been authorised. stability of the UK’s financial system and it is 6
UK Law and Practice Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP responsible for monetary policy and financial critical or important are subject to more strin- stability; gent rules). • PRA – responsible for the prudential regula- tion and supervision of banks, building socie- In general terms, a non-exhaustive list of some ties, credit unions, insurers and major invest- of the outsourcing requirements includes: ment firms; and • Payment Systems Regulator – the independ- • regulatory notification obligations where the ent regulator for UK payment systems which proposed outsourcing is critical or important; is responsible for the regulation of payment • performing due diligence on the outsourcing systems designated by HM Treasury and the service provider (before the outsourcing, and participants in such systems. during the term of the outsourcing arrange- ment); Co-operation between Regulators • identifying and managing operational risks; The Bank of England, FCA, PRA and Payment • retaining the expertise to supervise the out- Systems Regulator have entered into a Memo- sourced functions effectively; randum of Understanding setting out how they • ensuring there is a written policy; and will co-operate with one another in relation • regularly evaluating the contingency arrange- to payment systems in the UK. This includes ments to ensure business continuity in the requirements to consult with one another in cer- event of a significant loss of services from the tain circumstances, or on matters of common outsourcing service provider. regulatory interest. The FCA expects firms to apply a risk-based and Other Regulatory and Public Bodies proportionate approach when meeting their out- There are several other regulatory and public sourcing requirements, considering the nature, bodies that are relevant to the UK fintech mar- scale and complexity of a firm’s operations. ket, including the Financial Ombudsman Ser- vice, the Competition and Markets Authority Operational and Cyber-resilience (the CMA) and the Information Commissioner’s The FCA’s new rules on operational resilience Office (the ICO). come into force in March 2022. 2.7 Outsourcing of Regulated Functions These rules include requiring firms to map impor- Outsourcing Requirements tant business services (including the people, Regulated firms may outsource certain functions processes, technology, facilities and informa- to third-party service providers; however, they tion that supports these services) and robustly retain full responsibility and accountability for test contingency arrangements. Firms need to their regulatory duties. Firms are not permitted consider their dependency on services supplied to delegate any part of this responsibility to a by third parties and the resilience of these third- third party. party services. Different outsourcing requirements apply to dif- The requirements apply to a wide range of firms, ferent types of firms, and these requirements including payment institutions, e-money firms, often depend on the type of function being out- UK banks, building societies and PRA-designat- sourced (eg, outsourcings deemed material, ed investment firms. 7
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP 2.8 Gatekeeper Liability The proposed regime is an ex ante regime, Certain platform providers may be carrying focused on preventing harm. It is proposed that on regulated activities triggering authorisation the DMU be able to impose penalties of up to under FSMA, depending on their activities and 10% of worldwide turnover. The FCA will also be business model. Where FSMA authorisation is given enforcement and implementation powers triggered, they will need to comply with relevant in regulated sectors. conduct of business requirements relating to the operation of the platform. The regulated activi- Online Safety Bill ties that may be triggered in relation to operating In May 2021, the government published a draft a trading platform are discussed in 7.1 Permis- of the Online Safety Bill. A Joint Committee sible Trading Platforms. published a report in December 2021 on how this draft Bill could be improved, and the UK The government has announced plans to intro- government is expected to issue a revised Bill duce a regulatory regime aimed at the largest (taking into account the Joint Committee’s find- digital firms designated with “strategic market ings) which will then be formally introduced to status”. In addition, there is a draft Online Safety Parliament. Bill which intends to improve online safety for UK users by requiring in-scope firms to prevent the This will establish a new legal duty of care for in- proliferation of illegal and harmful content. This scope companies and aims to improve the safe- is discussed below. ty of their users online. The proposal includes a requirement for in-scope companies to: Digital Firms with Strategic Market Status The government’s consultation on its proposal • prevent the proliferation of illegal content and for a new pro-competition regime for digital mar- activity online; kets closed in October 2021. The UK govern- • ensure that children who use their services ment has committed to legislating when Parlia- are not exposed to harmful content; and mentary time allows. • maintain appropriate systems and processes to improve user safety. In the interim, a Digital Markets Unit (DMU) was established in shadow form in April 2021 to pre- The Online Safety Bill is intended to apply to pare for the new regime, and it will eventually companies (including companies outside the oversee digital platforms designated with stra- UK) whose services either host user-generated tegic market status. content which can be accessed by users in the UK and/or facilitate public or private online inter- The proposed key pillars applicable to firms with action between service users, one or more of strategic market status are: whom are in the UK. • a new, legally binding code of conduct; Only companies with direct control over the con- • pro-competitive interventions (eg, interoper- tent of and activity on a service will be subject to ability requirements); and the duty of care. Business-to-business services • enhanced merger rules to enable the CMA to will remain outside the scope, and there are a apply closer scrutiny to transactions involving number of exemptions, including for services firms with strategic market status. which play a functional role in enabling online activity (eg, internet service providers), services 8
UK Law and Practice Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP used internally by businesses, and certain low- Data Privacy risk businesses with limited functionality. The UK data protection regime is set out in the Data Protection Act 2018 along with the General Ofcom will be the regulator and its enforcement Data Protection Regulation ((EU) 2016/679), as powers include the ability to impose fines of up it forms part of the domestic law of the UK by to GBP18 million or 10% of a company’s annual virtue of the EUWA. Firms will need to assess turnover (whichever is higher) and blocking non- the requirements on the processing and stor- compliant services from being accessed in the age of personal data on a case-by-case basis. UK. For example, business models using blockchain or distributed ledger technology will need to 2.9 Significant Enforcement Actions ensure compliance with the data privacy require- The PSR and FCA has taken enforcement action ments, which can raise practical issues given the against a number of payments firms. Most nota- decentralised and immutable nature of block- bly, in January 2022, the PSR fined five com- chain technology. panies more than GBP33 million for breaching antitrust rules in the prepaid cards market. In Technology Development – Big Data and AI February 2021 the FCA publicly censured a Ethics regulated payment institution for failing to safe- Firms developing innovative technology and guard its customers’ money and for misuse of its software need to assess the legal and regulatory payment accounts under the PSRs 2017. Cur- framework in relation to big data and AI ethics. rently, the PSR has a number of open investiga- tions regarding potential breaches of payments One of the ICO’s top three strategic priorities regulation. includes addressing data protection risks arising from technology and, specifically, the implica- In addition, the Office of Financial Sanctions tions of AI and machine learning. The ICO has Implementation (OFSI) recently imposed finan- published guidance on AI and data protection, cial penalties on two fintechs for breaches of which includes advice on how to interpret data financial sanctions regulations. protection law as it applies to AI. Additionally, the ICO has published guidance on how organisa- UK regulators have not otherwise concluded any tions can best explain their use of AI to individu- significant enforcement actions against fintechs. als. This addresses transparency and “explain- However, given the sector is under increasing ability” in relation to AI, meaning the ability to scrutiny, it is expected that regulators will take give full and clear explanations of the decisions enforcement action against fintechs if they iden- made by or with the assistance of AI. tify regulatory breaches. The UK House of Lords published a report in 2.10 Implications of Additional, Non- December 2020 which recommended that steps financial Services Regulations be taken to operationalise ethics and estab- Firms should assess the impact of non-financial lish national standards to provide an ingrained services regulation, including data privacy rules approach to ethical AI, including a framework and guidance in relation to big data and AI eth- for ethical development of AI which addresses ics. issues of prejudice and bias. 9
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP The UK government is due to publish a White unregulated activities that they carry on. Any Paper in early 2022 on the UK’s position on the financial promotions that also refer to unregu- governance and regulation of AI. See 2.8 Gate- lated products or services should make clear keeper Liability. those aspects which are not regulated. 2.11 Review of Industry Participants by Experience shows that some firms establish a Parties Other than Regulators separate entity to provide unregulated products Industry groups and trade associations (such and services. as UK Finance) play a key role in representing stakeholders, engaging in dialogue with regula- See 12.2 Local Regulators’ Approach to tors and publishing guidance. Blockchain in relation to future possible chang- es in the regulatory perimeter with respect to Firms may also need to comply with the rules crypto-assets, including HM Treasury consulta- and standards imposed by operators of payment tions on extending the UK financial promotions systems. In particular, Pay.UK operates the UK’s requirements under FSMA to unregulated cryp- retail payment systems and is responsible for to-assets and on the UK regulatory approach to delivering a New Payments Architecture, see 5.1 crypto-assets and stablecoins. Payment Processors’ Use of Payment Rails. 2.13 Impact of AML Rules Firms may need to engage with other external The Money Laundering, Terrorist Financing and parties such as auditors (to conduct an audit Transfer of Funds (Information on the Payer) of the accounts or carry out the requisite safe- Regulations 2017 (MLR 2017) impacts both guarding audit) or external consultants. regulated firms (eg, payment institutions and e-money firms) and unregulated firms. For exam- 2.12 Conjunction of Unregulated and ple, certain crypto firms that are not currently Regulated Products and Services regulated by the FCA must register with the FCA In broad terms, it is permissible for a regulated and comply with the requirements of the MLR entity to provide unregulated products and ser- 2017, including customer due diligence require- vices. ments, see 7.3 Impact of the Emergence of Cryptocurrency Exchanges. The FCA noted that where an FCA-authorised firm carries on unregulated activity (eg, in rela- Based on public records, many crypto-asset tion to an unregulated crypto-asset), while that firms that have applied for registration under the activity may not require a permission in itself, it MLR 2017 have not sufficiently demonstrated is possible in certain circumstances that some that their AML systems and controls are ade- FCA rules — like the Principles for Business and quate for registration. This is likely due to the the individual conduct rules under the Senior FCA applying high standards when assessing Managers and Certification Regime — may still the AML controls of crypto-asset firms. apply to that unregulated activity. The FCA reminded authorised firms in a Dear CEO letter dated January 2019 that they must not indicate or imply that they are regulated or otherwise supervised by the FCA in respect of 10
UK Law and Practice Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP 3. ROBO-ADVISERS 3.3 Issues Relating to Best Execution of Customer Trades 3.1 Requirement for Different Business The best execution rules are capable of applying Models to robo-advisers, depending on the nature of the Robo-advice is an umbrella term that refers to activities conducted by the firm. a broad spectrum of automated digital or online advice tools. Many firms use hybrid business Best execution means firms must obtain the best models which combine automated advice with possible result for their clients when executing some potential for interaction with a human client orders or passing them to other firms for adviser. The FCA “think it is likely that hybrid execution. The requirements vary depending on models will continue to dominate the sector” (in the nature of the activities conducted by the firm. a report dated December 2020). Firms that execute orders on behalf of clients are subject to more onerous requirements than firms There is no single, specific regime for robo- that transmit or place orders with other entities advisers. The regulatory requirements applicable for execution. The best execution requirements to each firm depend on the nature of the activi- are primarily set out in the FCA’s Conduct of ties it performs. The provision of investment Business Sourcebook (COBS). advice is a regulated activity in the UK. There are also a number of other regulated activities which The UK best execution rules are derived from may be performed in connection with robo-advi- the EU regime (in particular, under MiFID2 and sory services such as arranging transactions in MiFIR). Firms are expected to adhere to guid- investments and making arrangements with a ance issued by ESMA and CESR prior to Brexit, view to transactions in investments. interpreting it in light of the UK’s withdrawal from the EU and associated UK legislative changes. The FCA confirmed that it expects automated investment services to meet the same regulatory standards as traditional discretionary or adviso- 4. ONLINE LENDERS ry services, particularly in relation to suitability requirements. 4.1 Differences in the Business or Regulation of Loans Provided to The FCA established its Advice Unit in 2016, Different Entities which provides regulatory feedback to firms There are significant differences in the regulation developing automated advice models. of lending to consumers and commercial lend- ing. Commercial lending activities do not typi- 3.2 Legacy Players’ Implementation of cally trigger a regulatory licence or authorisation Solutions Introduced by Robo-Advisers requirement. In contrast, there are a number of According to the FCA, all major retail banks are regulated consumer credit activities in the UK, expected to have an automated advice proposi- including the activity of entering into a regulated tion in the next few years. Such legacy players credit agreement. will be able to leverage their existing client base. For details on peer-to-peer lending, see 7.1 Per- missible Trading Platforms. 11
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP 4.2 Underwriting Processes • Visa Europe; and The requirements in relation to the underwriting • Mastercard. process depend on the type of credit activity which is being carried out. COBS requires firms New Payments Architecture to undertake a creditworthiness assessment of Retail payments in the UK have historically been a customer. The FCA has also communicated processed using separate infrastructures, result- its expectations in relation to vulnerable con- ing in a mix of rules and standards around pro- sumers. Firms will also need to comply with the cessing, settlement cut-off times and messaging applicable rules relating to anti-money launder- formats. There is a proposal to bring certain pay- ing and KYC requirements. ment systems together to simplify the require- ments for payment service providers. 4.3 Sources of Funds for Loans The source of funds permissible for each busi- Pay.UK (the operator of BACS and FPS) is ness depends primarily on the nature of the responsible for facilitating the delivery of the lender. For example, banks are permitted to use New Payments Architecture (the NPA), which is deposits to fund loans subject to certain condi- a new way of organising interbank payments. tions, whereas some entities may obtain funds The NPA is intended to replace the existing cen- through peer-to-peer lending. tral infrastructure for BACS and FPS. The core clearing and settlement layer is expected to take 4.4 Syndication of Loans over the processing of BACS and FPS, which Consumer credit loans are not typically syndi- accounted for nearly GBP7 trillion of payments cated. in 2020. The Payment Services Regulator has comment- 5 . PAY M E N T P R O C E S S O R S ed that there are “unacceptably high risks” that the NPA programme may not provide value for 5.1 Payment Processors’ Use of money and could stifle competition. The Payment Payment Rails Services Regulator published a policy statement HM Treasury has the power to designate a pay- in December 2021 setting out requirements on ment system as a regulated payment system, both Pay.UK and a central infrastructure services which brings the system’s participants (opera- provider that aims to address risks to competi- tors, infrastructure providers, and payment ser- tion and innovation relating to the NPA ecosys- vice providers that provide payment services tem. The Payment Services Regulator plans to using the system) within the scope of the Pay- publish and consult on draft directions closer to ment Service Regulator’s powers. There are cur- the go-live date for the NPA (which, according rently eight payment systems which have been to Pay.UK’s baseline plan will be in mid-2024). designated by HM Treasury, as follows: Other Payment Systems • BACS; Payment processors are permitted to create • CHAPS; their own payment rails. • Faster Payments Scheme (FPS); • LINK; HM Treasury confirmed that there are other • Cheque and Credit; payment systems that are currently too small to • Northern Ireland cheque clearing; warrant consideration for designation as a regu- 12
UK Law and Practice Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP lated payment system or are not operational in (the UK CBPR). The UK CBPR onshores trans- the UK. The examples provided in 2015 were parency requirements on currency conversion American Express, Diners Club, PayPal, Paym, charges, however the equality of charges prin- Zapp, M-Pesa and Google Wallet, although HM ciple is not part of the UK CBPR regime. Treasury noted that if these were launched in the UK and/or became important enough, they Certain provisions in the EU CBPR regime relat- could potentially then be included in the scope ing to post-transaction disclosure for card- of regulation. based transactions have applied from 19 April 2021. These have not been onshored into the Payments Landscape Review UK regime, as these provisions did not become HM Treasury published its Response to the Call part of EU retained law at the end of the transi- for Evidence in October 2021 on the UK pay- tion period. ments landscape, which may lead to changes to the regulation of payments systems networks in UK Funds Transfer Regulation the UK. For example, there is proposal to consult For firms that provide cross-border payment on bringing systemically important firms in pay- services, as a result of Brexit, it is now neces- ments chains into Bank of England regulation sary to provide the name of the payer and payee, and supervision. and the address of the payer, when making pay- ments between the UK and the EU. 5.2 Regulation of Cross-Border Payments and Remittances The UK regime is set out in Regulation (EU) Brexit has resulted in changes to the regulation 2015/847 of the European Parliament and of the of cross-border payments in the UK, including in Council of 20 May 2015 on information accom- respect of the UK Cross Border Payments Regu- panying transfers, as it forms part of domestic lation, UK Funds Transfer Regulation and Single law of the UK by virtue of the EUWA (the UK Euro Payments Area (SEPA) transactions. Funds Transfer Regulation). Cross-Border Payments Regulation The FCA has exercised temporary transitional Up until 31 December 2020, Regulation (EC) powers to temporarily waive or modify certain No 924/2009, as amended by Regulation (EU) obligations which have changed as a result of 2019/518 as regards certain charges on cross- Brexit. In particular, the FCA’s standstill direc- border payments in the Union and currency con- tion applies in relation to amendments to the version charges (EU CBPR), applied in the UK. UK Funds Transfer Regulation made as a result The EU CBPR includes an equality of charges of Brexit. This means that firms can choose to principle which requires that intra-EU euro cross- comply with the pre-Brexit or post-Brexit version border payments must be the same for corre- of the requirements until 31 March 2022. Conse- sponding national payments either in euro or in quently, firms can choose to process payments a non-euro currency of an EU member state. The initiated by EEA payment service providers, even EU CBPR legislation no longer applies in the UK if an EEA payment service provider has not pro- as a result of Brexit. vided the full name and address details until 31 March 2022, subject to any scheme rules that The UK has onshored some aspects of the EU might apply. regime under the EU CBPR as it forms part of domestic law of the UK by virtue of the EUWA 13
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP SEPA 7. MARKETPLACES, The UK has maintained participation in SEPA EXCHANGES AND TRADING as a third country. SEPA enables quick and effi- P L AT F O R M S cient cross-border payments across the EU and a number of third countries. 7.1 Permissible Trading Platforms Exchanges and Trading Platforms The European Payments Council published a Stock exchanges (including UK-recognised Brexit reminder in November 2020, reminding investment exchanges), securities markets, and firms of the additional requirements that apply operators of such markets are heavily regulated. to cross-border SEPA payments involving a UK- There are three main types of trading venues based SEPA payment scheme participant from 1 (regulated markets, multilateral trading facilities January 2021 (as a result of the UK being treated (MTFs) and organised trading facilities (OTFs)) as a third country). and different rules apply to companies with shares trading on each of these markets. 6 . F U N D A D M I N I S T R AT O R S To the extent that an exchange or trading plat- form engages with crypto-assets or tokens that 6.1 Regulation of Fund Administrators come into scope of the UK’s regulatory perimeter Whilst there is no regulated activity which specif- (see 7.2 Regulation of Different Asset Class- ically covers fund administration services, a fund es), the entity may be carrying out a regulated administrator could potentially fall within the activity. For example, this may include operating scope of the UK regulatory regime, depending an MTF or OFT, dealing in investments as princi- on the nature of the activities that it conducts. pal or as agent, arranging deals in investments, In particular, a fund administrator should assess sending dematerialised instructions, making whether it is conducting the regulated activity arrangements with a view to investments, and of advising on investments, arranging deals in safeguarding and administering investments. investments, and establishing, and operating or winding up either a collective investment scheme For a discussion on the regulatory regime appli- or an unregulated collective investment scheme. cable to crypto-exchanges, please see 7.3 It may also need to consider whether it is acting Impact of the Emergence of Cryptocurrency as a manager of a UK undertaking for collective Exchanges. investment schemes (UCITS) or UK alternative investment funds (AIFs) or a depositary, as there Peer-to-Peer and Crowdfunding are detailed rules that apply to these entities. The activity of operating a crowdfunding plat- form may be regulated, depending on the nature 6.2 Contractual Terms of the activity conducted. The FCA regulates the The contractual terms that a fund administra- following crowdfunding activities: tor enters into may need to reflect regulatory requirements in relation to outsourcing, the pro- • loan-based crowd funding (known as peer-to- cessing of personal data, and potentially other peer lending): where consumers lend money regulatory requirements which will depend on in return for interest payments and a repay- the specifics of the business model and nature ment of capital over time; and of activities being performed. • investment-based crowdfunding: where consumers invest directly or indirectly in busi- 14
UK Law and Practice Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP nesses by buying investments such as shares asset exchange providers and custodian wallet or debentures. providers, are subject to the MLR 2017. Payment services provided in connection with Crypto-asset exchange providers and custodian the following activities are also regulated: wallet providers are required to register with the FCA. They are subject to ongoing obligations, • donation-based crowdfunding: where con- such as requirements to take steps to identify sumers give money to enterprises or organi- and manage the risks of money laundering and sations they want to support; and terrorist financing. These include establishing • prepayment or rewards-based crowdfunding: appropriate policies, controls and procedures, where consumers give money in return for a and carrying out the requisite customer due dili- reward, service or product (such as concert gence. tickets, an innovative product, or a computer game). Crypto-asset exchanges may be subject to other regulatory requirements depending on the regu- EU rules on crowdfunding under Regulation (EU) latory characterisation of the types of crypto- 2020/1503 on European crowdfunding service assets that are traded on the exchange, and the providers for business (the EU Crowdfunding activities that the firm conducts. For example, if Regulation) were not “onshored” into UK law the crypto-asset qualifies as a transferable secu- at the end of the Brexit transition period (which rity or other financial instrument, the operator of expired on 31 December 2020). In November the exchange may need to be authorised as the 2020, the Cabinet Office published a letter to operator of an MTF or OTF. A crypto-exchange HM Treasury, which stated that the UK govern- business should also consider whether it is issu- ment has been actively reviewing the merits of ing electronic money or providing a payment the EU Crowdfunding Regulation but found no service. evidence to suggest its implementation would result in material benefit to the UK crowdfund- 7.4 Listing Standards ing sector. There are no specific listing standards for unreg- ulated platforms (or for listing unregulated cryp- 7.2 Regulation of Different Asset to-assets). Classes See 2.2 Regulatory Regime for a discussion on However, crypto-assets that have substantive the licensing regime. In broad terms, an activity characteristics that are akin to traditional secu- is a regulated activity if it is an activity of a speci- rities (eg, shares or bonds) will be regulated as fied kind that is carried on by way of business securities. in the UK and relates to a specified investment under the RAO. In general, the MiFID2 financial For example, if a crypto-asset or token is a trans- instrument categories map into RAO-specified ferable security and the tokens are either offered investment categories. to the public in the UK or admitted to trading on a regulated market, the issuer will need to pub- 7.3 Impact of the Emergence of lish a prospectus unless an exemption applies. Cryptocurrency Exchanges Firms which carry on certain crypto-asset-relat- There are detailed rules governing the eligibil- ed activities in the UK, referred to as crypto- ity requirements and ongoing obligations for a 15
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP premium and standard listing of shares on a UK- 7.9 Market Integrity Principles regulated market, including prospectus require- The UK market abuse regime is primarily set out ments. A fintech firm interested in listing would in Regulation (EU) No 596/2014 of the European need to consider these requirements. Parliament and of the Council of 16 April 2014 on market abuse as it forms part of domestic law FCA rules also set out requirements for opera- of the UK by virtue of the EUWA (UK MAR). This tors of MTFs and OTFs which must have rules contains prohibitions on insider dealing, unlaw- setting out eligibility criteria, amongst other ful disclosure of inside information and market things. manipulation. 7.5 Order Handling Rules Broadly speaking, the scope of the market abuse The FCA’s Handbook contains rules in relation regime under UK MAR covers financial instru- to client order handling requirements and client ments (including security tokens) that are traded limit orders. or admitted to trading on a trading venue or for which an application for admission has been 7.6 Rise of Peer-to-Peer Trading made, as well as financial instruments whose Platforms price or value depends on or has an effect on the See 7.1 Permissible Trading Platforms for fur- types of financial instruments referred to above. ther details on the regulatory framework for peer- Certain provisions of UK MAR also apply to spot to-peer platforms. commodity contracts, financial instruments that affect the value of spot commodity contracts 7.7 Issues Relating to Best Execution of and behaviour in relation to benchmarks. How- Customer Trades ever, FX transactions and unregulated crypto- See 3.3 Issues Relating to Best Execution of assets (such as cryptocurrencies) are not gener- Customer Trades for further details on the best ally captured by the regime. execution requirements. 7.8 Rules of Payment for Order Flow 8. HIGH-FREQUENCY AND An FCA report dated April 2019 discusses the ALGORITHMIC TRADING expectations in relation to payment for order flows. This occurs when an investment firm (eg, 8.1 Creation and Usage Regulations a broker) that executes orders for its clients Algorithmic trading, including high-frequency receives a fee or commission from both the algorithmic trading, is regulated in the UK. Algo- client that originates the order and the coun- rithmic trading requirements encompass trading terparty the trade is then executed with (typi- systems, algorithmic trading strategies and trad- cally a market-maker or other liquidity provider). ing algorithms. These payments can create a conflict of interest between the firm and its clients. The definition of algorithmic trading is limited to trading in “financial instruments” – defined by Regulated firms that engage in payment for reference to specified investments in the RAO, order flows must consider the FCA’s rules in which broadly maps the MiFID2 financial instru- respect of the inducements regime, managing ments categories. Therefore, algorithmic trading conflicts of interest and meeting the best execu- in asset classes which do not constitute “finan- tion requirements. 16
UK Law and Practice Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP cial instruments” will not constitute “algorithmic trading must have effective systems and con- trading” for regulatory purposes. trols to ensure their trading systems. They must: 8.2 Requirement to Register as Market • be resilient and have sufficient capacity; Makers when Functioning in a Principal • be subject to appropriate trading thresholds Capacity and limits; There are specific requirements for firms who • prevent the sending of erroneous orders, or engage in algorithmic trading to pursue a mar- the systems otherwise functioning in a way ket-making strategy. In particular, such firms that may create or contribute to a disorderly must: market; and • not be used for any purpose that is contrary • carry out market-making continuously during to UK MAR or the rules of a trading venue to a specified proportion of the trading venue’s which they are connected. trading hours so that it provides liquidity on a regular and predictable basis to that trading Market conduct considerations need to be a vital venue, except in exceptional circumstances; part of the algorithm development process. The • enter into a binding written agreement with FCA has noted that it is good practice for firms the trading venue; and to consider, as part of their approval process, • have in place effective systems and controls the potential impact of algorithmic trading strat- to ensure that it meets the obligations under egies. The considerations would not be limited the agreement. to whether a strategy strictly meets the defini- tion of market abuse; rather, they would con- However, HM Treasury has consulted on a pro- sider whether the strategy would have a nega- posal to remove the requirement for algorithmic tive impact on the integrity of the market and/or liquidity providers and trading venues to enter if it would likely further contribute to scenarios into binding market making agreements, as part where there is wider market disruption. of the UK’s Wholesale Markets Review pub- lished in July 2021. 9. FINANCIAL RESEARCH 8.3 Regulatory Distinction between P L AT F O R M S Funds and Dealers There are no specific rules which distinguish 9.1 Registration between funds and dealers engaging in algo- The extent to which a financial research platform rithmic trading. would be regulated in the UK depends on the exact nature of its activities and the content of 8.4 Regulation of Programmers and the research it provides. Programming Whilst providers of algorithmic trading systems Licensing Requirements are not typically subject to the same regulations If the research material were to be of a general as the firms employing their software, there and purely factual nature, it is unlikely that this are regulatory requirements that apply when would trigger any licensing requirements in the developing and creating algorithmic trading UK. However, if research materials were to pro- programmes. Firms that engage in algorithmic vide recommendations in relation to individual securities, for example, it may constitute regu- 17
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP lated investment advice. This would mean that lar access to the traditional or electronic media the platform provider would need to be author- by voicing an opinion about an in-scope invest- ised by the FCA to provide investment advice. ment while having previously taken positions on that investment, and profiting from the impact of Financial Promotion Restrictions the opinions voiced on the price of that instru- If the financial research platform produces ment without having disclosed that conflict of content that would induce clients to enter into interest to the public. It also includes pump and investment activity, this would constitute a finan- dump and trash and can schemes (which entail cial promotion. There is a restriction prohibiting taking a position on an in-scope investment and any person from issuing financial promotions disseminating misleading information about that unless that person is authorised, the content of investment with a view to changing its price). the promotion is approved by an authorised per- son or, if the issuer of the financial promotion is not authorised, that person must rely on certain 10. INSURTECH exemptions. 10.1 Underwriting Processes 9.2 Regulation of Unverified Information Insurtechs have transformed the underwriting As discussed in 7.9 Market Integrity Princi- processes used in the insurance industry. These ples, UK MAR prohibits insider dealing, unlaw- firms typically use big data and AI technology to ful disclosure of inside information and market inform underwriting decisions, including pricing manipulation. The dissemination of rumours and strategies and risk assessments. other unverified information – including through online channels – may, in some cases, constitute Insurtechs must consider their regulatory obli- market manipulation. gations in relation to data privacy, the use of big data and AI ethics (see 2.10 Implications Additionally, to the extent that a platform is pro- of Additional, Non-financial Services Regula- viding investment advice, it must ensure that tions). investment recommendations and supporting information are objectively presented, and dis- 10.2 Treatment of Different Types of close any conflicts of interest. Insurance In principle, all types of insurers are regulated in If the financial research platform is engaged in the same way. Subject to a few exceptions, they financial promotions, the content of any financial are all subject to the UK regime, which imple- promotions must be clear, fair and not mislead- mented the Solvency II Directive, and to pruden- ing. tial regulation by the PRA. The UK is currently reviewing how to tailor the prudential regime 9.3 Conversation Curation to support the unique features of the insurance UK MAR prohibits insider dealing, unlawful dis- sector and regulatory approach in the UK, in a closure of inside information and market manip- post-Brexit context. ulation; see 7.9 Market Integrity Principles. The FCA’s Handbook provides descriptions of behaviour that amounts to market abuse. This includes taking advantage of occasional or regu- 18
UK Law and Practice Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP 11. REGTECH where pilot projects have demonstrated the fea- sibility and benefits of use. 11.1 Regulation of Regtech Providers There is no specific regulatory regime for regtech 12.2 Local Regulators’ Approach to providers. Blockchain We have included a non-exhaustive list of the Regtech providers typically provide technical key developments in the regulatory framework services and so may be less likely to trigger a applicable to blockchain technology. regulatory licensing requirement. However, such firms should assess whether they are conduct- • The UK has brought custodian wallet provid- ing a regulated activity in light of their specific ers and crypto-asset exchange providers into business model and the activities that they per- the scope of AML regulation. See 7.3 Impact form. of the Emergence of Cryptocurrency Exchanges. 11.2 Contractual Terms to Assure • In 2018, a Cryptoassets Taskforce was Performance and Accuracy announced which consists of the FCA, the A regtech provider may need to reflect in its con- Bank of England and HM Treasury. It pub- tractual terms any requirements relating to out- lished a joint report in October 2018 setting sourcing, the processing of personal data, and out the UK’s policy and regulatory approach potentially other regulatory requirements which to crypto-assets and distributed ledger tech- will depend on the specifics of the business nology. model and nature of activities being performed. • In July 2019, the FCA published its Final Guidance on when crypto-related activi- ties will fall within the scope of its regulatory 12. BLOCKCHAIN perimeter, including a taxonomy for crypto- assets comprising: 12.1 Use of Blockchain in the Financial (a) security tokens; Services Industry (b) e-money tokens; and The financial services industry has been explor- (c) unregulated tokens (including utility ing the use of distributed ledger or blockchain tokens and exchange tokens), see 12.3 technology in a number of areas, including Classification of Blockchain Assets. cross-border payments and remittance, trade • On 18 November 2019, the UK Jurisdic- finance, and identity verification. tion Taskforce published a Legal Statement on Crypto-assets and Smart Contracts to Financial institutions have traditionally taken a address legal questions as regards the status cautious approach to adopting blockchain tech- of crypto-assets and smart contracts. In nologies. This is likely due to reputational, data December 2019, these statements were refer- privacy and security considerations. However, enced in a High Court judgment. there are increasing signs of growth assisted by • In March 2021, the UK tax authority (HMRC) regulators providing legal clarity in relation to published a manual on the tax treatment of blockchain-related activities. It is expected that crypto-assets (following previous guidance legacy players will increase their use of private, published in December 2019). permissioned blockchain networks, particularly • On 6 January 2021, a ban on the sale, marketing and distribution to all retail con- 19
Law and Practice UK Contributed by: Simon Crown, Laura Douglas, Meera Ragha and Monica Sah, Clifford Chance LLP sumers of derivatives and exchange-traded of developing an operational and technology notes that reference unregulated transferable model for a UK CBDC. crypto-assets by firms acting in, or from, the UK came into effect. 12.3 Classification of Blockchain Assets Additionally, some of the key proposals on Whilst there is no specific legislation for block- changes to the UK regulatory regime in respect chain assets, recent developments have made of crypto-assets are summarised below. it clear that many uses of blockchain technology and related crypto-asset types could fall within • On 18 January 2022, HM Treasury published the UK’s regulatory perimeter. The versatility of its response to its 2020 consultation on blockchain and distributed ledger technologies crypto-asset promotions, confirming the UK’s means they can be used to perform various intention to bring additional types of crypto- regulated activities. Therefore, the regulatory assets into the scope of financial promotion treatment of blockchain assets depends on the regulations. At present, security tokens and nature and characterisation of the blockchain e-money tokens fall within the scope of the asset and the context in which it is used. UK financial promotions regime, and the government is proposing to extend this to The FCA has provided guidance in relation to “unregulated crypto-assets”. crypto-assets. Currently, some (but not all) cryp- • On 19 January 2022, the FCA also published to-assets are regulated in the UK. The FCA has a consultation on proposals to strengthen its indicated that a case-by-case analysis is needed financial promotion rules for high-risk invest- to determine the correct regulatory treatment ments (including crypto-asset promotions of a particular crypto-asset or token, depend- that HM Treasury plans to bring within scope ing on “the token’s intrinsic structure, the rights of the UK financial promotion regime as out- attached to the tokens and how they are used lined above), and for authorised firms which in practice”. Therefore, the structure and sub- approve and communicate financial promo- stantive characteristics of the blockchain asset tions. determine whether it is regulated in the UK. • On 7 January 2021, HM Treasury published a consultation on the UK regulatory approach The FCA has identified three broad categories of to crypto-assets and stablecoins. The gov- crypto-assets (comprising two types of crypto- ernment is considering expanding the scope assets which are regulated, and a residual cat- of regulated tokens to include stablecoins, egory of unregulated crypto-assets), as follows. ie, tokens which stabilise their value by referencing one or more assets, such as fiat • Security tokens are crypto-assets with char- currency or a commodity, and could for that acteristics akin to certain specified instru- reason more reliably be used as a means of ments under the RAO (such as shares, debt exchange or store of value. instruments and units in a collective invest- • In April 2021, the Bank of England and HM ment scheme), other than electronic money. Treasury launched a joint Central Bank Digital Broadly, these are likely to be tokenised, Currency (CBDC) Taskforce to co-ordinate digital forms of traditional securities. the exploration of a potential UK CBDC. The • E-money tokens are crypto-assets that meet CBDC Taskforce is expected to consult in the definition of electronic money under the 2022 on the case for a UK CBDC and merits EMR 2011. In general terms, this captures 20
You can also read