Playing in the sandbox: a new path to authorisation for fintech firms

Posted on: 10 July 2019

The Financial Conduct Authority is busy.

In its 2017-18 annual report the regulator highlighted some telling stats on its authorisation activities during that year: over 4,400 applications for authorisation from firms, nearly 2,000 applications for approval of a change in control, and over 15,000 other cases relating to passporting and permissions.

And that was even before Brexit-related operations and new EBA regulatory standards on payments started keeping the FCA’s policy and legal staff up all night most nights.

Against this background it’s not surprising that fintechs and other payment firms applying for authorisation sometimes face delays getting case officers appointed and their applications processed.

Yet it’s also one of the FCA’s key cross-sector priorities to sustain a regulatory environment which supports innovation, technology and competition.

How to square the circle in these trying times?

One answer is the regulatory sandbox. Elsewhere in its annual report the FCA notes that fintechs often have to invest heavily to bring innovative concepts to market, at the same time as ensuring they meet regulatory requirements. Naturally this can act as a barrier to new market entrants.

The sandbox, part of the FCA’s wider ‘Innovate’ programme, gives firms the chance to test their innovations in a safe, commercial but still regulated environment, before deciding if they want to invest further in the idea, or to pursue full authorisation. Importantly the sandbox also helps safeguard consumers and provide a controlled testing ground for both the opportunities and risks that come with financial innovation.

By any standards the sandbox has been a stellar success. Since it launched in 2016 the FCA has received 375 applications to join the programme, and accepted 118 for testing, including 29 firms in the most recent (fifth) cohort which started on 29th April 2019.

There is no doubt that being accepted into the sandbox can give a quicker route to market than the conventional path to authorisation.

But it is not the answer in every case. Conditions apply. So it’s as well to be sure you have a good chance of being accepted on the programme before investing time and cost on a sandbox application; time and cost which could just as fruitfully be spent on a conventional path.

So what are the conditions?

Your proposal needs to be truly innovative, either genuinely new or significantly different from previous marketplace offerings. It needs to be aimed at the UK market. And the idea needs to be clearly targeted to benefit consumers and competition. You need to have thought carefully about the risks to consumers and how they might be mitigated. What’s more the need for testing should be apparent. If it isn’t, or if the product already fits comfortably into the existing regulatory framework, the sandbox is not the right answer. The irony here is that it’s the innovations which don’t fit into the existing rules without help, making it difficult or costly to get the innovation to market, which are more likely to get accepted into the sandbox. It’s the ones that would really benefit from being tested for viability, in a live environment, without incurring the cost and time of the full authorisation process.

To get accepted into the sandbox you will need to have done some testing already; to be ready to go with a well-developed, well-resourced testing plan that has clear objectives, parameters and success criteria. And even within the sandbox environment you’ll need to be fulfilling anti money laundering provisions, and to have good controls over sensitive data, payments and the like. But you’ll also need a clear view of your path to full authorisation: how you would scale up after the sandbox process has concluded.

How can we help?

When going through the sandbox process it helps to have someone working alongside you who knows the ropes – and is trusted by the regulator. Compliancy Services can advise you both on your prospects for being accepted, and on what to do when you get there – as well as the all-important path to full authorisation later.

We’ve worked with firms in several of the cohorts, including the current one. So we can give you the benefit of that experience, advise you on the pitfalls and how to make the most of the opportunity that the sandbox provides for a fintech firm with a big innovative idea.

John B

John Burns

John is one of the UK’s foremost compliance experts in payment services, and he is Senior Advisor in our Payment Services Practice.

Contact John

Related resources

All resources
iStock 171292310 Article

Identifying the weaknesses in firms’ transaction reporting governance and control frameworks

iStock 1065111748 Event

Bitesize webinar: Establishing a robust prudential monitoring framework

iStock 486530768 Article

Operational Resilience: regulatory guidelines for critical third parties aim to avoid systemic disruption

Cosegic test Company news

Press Release: Cosegic launches new Consumer Duty audit.