Andra Sonea, lead solutions architect with the Innovation & Digital Analytics Lab at Lloyds Banking Group in London, maintains that an industry that enables competition and economic development does not need a “sandbox intervention.” Competition and collaboration within financial services should be the norm.
By Andra Sonea
In June 2015, Ravi Menon, head of the Monetary Authority of Singapore (MAS), was first to suggest “Innovation in a sandbox” as an approach for innovation in financial services. In January 2016, however, Felix Hufeld, president of the German regulator BaFin, announced that BaFin will not build a “sandbox” because it is not their mandate to do so; and the model would create conflict of interests. On the other hand, the Financial Conduct Authority (FCA) considers that through the sandbox approach, it can “reduce some of the existing regulatory barriers to firms that are testing new ideas.”
The role of the regulator in the “regulatory sandbox”
In the IT delivery world, a sandbox generally allows a developer to try a solution while minimising any possible impact to the rest of the environment where the “good” code is stored. While we all want to see innovative ideas genuinely taking hold in the finance world, how can one help all participants without discriminating?
The FCA calls for two types of sandboxes: a “virtual sandbox” accessible to both authorised and unauthorised firms; and a “sandbox umbrella” run as a separate nonprofit company authorised and supervised by the FCA, and allowing the unauthorised innovators to operate under it. FCA recommends in both cases that the “sandboxes” should be set up by the industry; however, FCA would retain the role to define the criteria and exercise the control over access.
The MAS suggests otherwise: financial institutions themselves should “adopt a “sandbox” approach to launch their innovative products or services within controlled boundaries. MAS does not appear to control the “sandboxes” at all but it essentially frees the financial institutions (incumbents or challengers) to experiment. At first glance, the MAS initiative has more chances to succeed, as financial institutions and other market participants would establish “sandboxes” as needed for specific use cases and ecosystems.
Banking functionality of “sandbox”
It is not clear if the FCA sandbox is called regulatory because the regulator controls the access to it; or because it intends to embed certain “regulatory” rules into the platform. The fintech world would rightfully expect the box to contain not only data but also the regulatory rules and processes around it. They will be thoroughly disappointed. Also, FCA is not the generator of all regulation affecting financial services; rather, this emanates from many institutions with local and international jurisdictions. In my opinion, only those running specific operations in a bank know the set of rules applicable to their domain, and this knowledge will not be transparent in a sandbox.
One of the most commonly cited entry barriers for fintechs is the lack of reliable financial data. Taking the example of robo-advisors, if they do not partner with a financial institution that would provide the data, it is almost impossible for them to succeed, as the core of their idea relies on “knowing” and ”understanding” markets and customer behaviour before even having the first customer.
An ideal testing environment would be for innovators to have access not only to static data but live banking systems through a selected open application program interface (API). Open Bank Project, Kontomatik, and Fidor Bank showed the way in developing banking APIs. In April 2016, BBVA announced the alpha version of its own API Market, the first large bank to do so.
Governing, developing, and maintaining the “sandbox”
The FCA states that the virtual sandbox will offer “public data sets or data provided by other private firms” and even some FCA data. Like any technology platform, the sandboxes need to abide by governance rules. The sandbox will need to be continuously developed and maintained. This will require permanent development and support teams; project managers; and product managers in specialised areas, e.g., identity, wealth management, payments, etc.
While this could be agreed with typical multipartner terms and conditions in specific use-cases sandboxes, it is not clear how this would be handled if the controller is the regulator, and the developer is the wider industry as suggested by FCA. The cost of developing and maintaining such a platform is for sure not negligible and there is no suggestion yet by FCA on how this would work, and who will carry the burden.