Risk management of digital financial market participants through the improved concept of a digital experimental environment (regulatory sandbox)

Piskarev Dmitrii Mikhailovich Data Scientist, PJSC Rosbank 143444, Russia, Moscow region, Krasnogorsk, Dezhneva str., 6 piskarev.dmitry25@gmail.com

The spread of financial technologies naturally entails the improvement of digital regulatory - technological innovations in the field of financial regulation of the activities of digital financial market participants and their risk management.

Regulation – its insolvency or insufficiency – is common to all financial market participants and a complex problem associated with the search for methods and tools for managing the compliance risks of market participants and the risks of the regulator considered in the article.

Participants in the digital financial market need a regulatory tool to reduce risks that limit the introduction of innovations. Such, in our opinion, is the digital electronic environment (CES).

It is possible to distinguish the following groups of risks of participants in the digital financial market, the quantitative assessment of which is provided by the use of CES.

1. Risks of the regulator – the risk of the impact of innovative technology on the financial market and the economy of the country:

2. Risks of participants in the digital financial market – financial institutions or fintech companies:- compliance risks after exiting the CES;

- risks of unprofitability of regulated activities – the risk of exceeding compliance costs over the added value from the implementation of an innovative product.

It is important to highlight the risk that arises when the regulator uses the CES as a RegTech management tool. The risk of the failure of the CES (or the sandbox paradox) is the simultaneous existence of two categories of risks:

- the risk of high barriers to access to participation in the CES (in other words, the risk of limited resources of the regulator for a fair selection of projects);

- the risk of an artificial competitive advantage for the participants of the CES due to the incorrect interpretation by consumers of an innovative product or service, as well as the goals and objectives of the CES; the consumer of a financial product or service may consider that a financial institution that has successfully tested its product in the CES has received "approval" from the central bank, which makes such financial institutions more attractive despite the fact that competing companies may have the same technology.

This article suggests ways to minimize the risk of insolvency of the CES. The choice of this research direction is due to the fact that the risks of the participants of the CES are assessed by each company independently and depend on the technology underlying the innovative product, as well as the risks of reducing the availability of financial services. Since the results of corporate internal risk management are confidential information, it is not possible to study in detail the accumulated experience of compliance risk management through the CES. It is difficult to offer on this basis any universal recommendations for use by financial market participants - financial institutions and FinTech companies when developing a test plan in the CES.

In addition, the paradox of the CES (regulatory sandbox) is a specific set of risks that have not received due attention from researchers. In addition to encouraging financial market innovation, CES have the potential to grant certain economic privileges to a selective set of companies without extending the same privileges to other firms in a similar position and implementing similar projects. Since one of the key tasks of the CES is to reduce compliance costs, the participants of the digital financial market allowed to participate in the sandbox may gain an unfair competitive advantage. Close interaction between business and government can potentially lead to the resolution of these uncertainties, as well as to greater transparency of regulation in general.

CES are being introduced into the practice of financial regulation as a risk management tool for participants through their testing and support of their innovative solutions.

A digital experimental environment, CES, (as well as a regulatory sandbox or regulatory framework) is a risk management tool that allows live, time—limited testing of digital innovations under the supervision of a regulator. Testing consists of four main stages: filing an application, its consideration by the regulator for compliance with the entry requirements, testing and making a decision on the admission of digital innovation to the open market.

New financial products, technologies and business models are checked and tested in accordance with a set of predefined rules, regulatory requirements and appropriate security measures, in particular in the field of consumer protection of a digital financial service or product.

Thus, the CES is a kind of separate experimental platform for market participants testing innovative financial solutions in real time with the involvement of real customers who have previously agreed to participate in the experiment. The organizer, consultant and controller is the financial regulator, whose responsibilities also include technical support. After the expiration of the testing period, as well as in the case of achieving the goals of the experiment, participants enter the open market.

The requirements for the CES may vary depending on the policy of the regulator, but, as a rule, they have the following general characteristics:

- the testing period is limited and pre-set;

- a limited number of financial service consumers participate in the experiment;

- the framework must necessarily contain provisions on consumer protection, as well as a compensation package for customers – consumers of the tested digital product who have agreed to participate;

- during the testing of a product or service, sandbox participants must provide all relevant information to the regulator.

The CES creates a favorable and at the same time limited both in time and in market coverage environment in which existing legal entities, financial institutions or fintech companies, as well as startups experiment with innovations on the verge or even beyond the existing regulatory framework.

The CES, firstly, reduces the cost of innovation by reducing the expected costs associated with both the long duration of the approval procedures for a financial product or service, as well as the need to attract additional funds (for example, the involvement of an external consultant) to ensure the process of adapting a financial product or service to the current regulatory norms and rules; secondly,secondly, it reduces barriers to entry into the financial market and allows regulatory authorities to accumulate important information for the subsequent development of regulatory and supervisory rules.

The result of successful testing may be the full or partial implementation of innovation; changes in the current regulation; a decision to discontinue testing.

The first regulatory sandbox was implemented by the UK financial regulator back in 2015, the result and contribution to the development of the digital financial market of which was recognized worldwide. At the moment, the digital experimental environment is actively used or being developed by regulators in more than 20 countries.

For example, the British regulator FCA has created its own CES to support "breakthrough innovations" in the financial services market in order to manage the risk of the absence of regulatory norms and standards (or their violation). The aim of the Australian Security and Innovation Commission (ASIC's Innovation Hub) is to strive to "stimulate innovation that could benefit consumers by helping Australian fintech startups navigate the regulatory system." In the US state of Arizona, the CES was created to stimulate businesses to develop innovative products and services in the financial market," and in Utah – to attract "innovative products and services to the financial market of Utah. Finally, the purpose of the sandbox (Compliance Assistance Sandbox, CAS) The U.S. Consumer Financial Protection Bureau aims to promote "increased accessibility of financial solutions and innovation."

In addition, the CES allow to expand the capabilities of regulators. By promoting a more open and active dialogue with innovators, sandboxes help resolve the conflict between, on the one hand, the need for strict regulation of financial market participants, and, on the other, the promotion of innovation.

One of the key features of the regulatory framework is the demonstration of the openness of the market for innovation. The sandbox is an initiative of the regulator, which can serve as a positive signal for the market, attracting investment.

The CES not only allows you to introduce a product to the market, the concept of which has already been tested, and the risks are eliminated through calculations based on actual data, along with reducing uncertainty in terms of regulation. It potentially ensures the introduction of innovations with greater speed and efficiency, lower costs for financial market participants. This can be especially relevant when outdated regulations are holding back the growth of FinTech.

When considering the launch of a CES, regulatory authorities should allocate sufficient funding for its implementation.

Thus, the CES can become an effective model for regulating innovations in the digital financial market and managing participants' risks. Taking into account the accumulated international experience, we will form a list of recommendations to the Bank of Russia regarding the modernization of the criteria for access to the experiment in the CES, evaluation of the test results and ways to monitor the testing progress.

Section 3 of the analytical note of the Bank of Russia of the proposal for the creation of a special experimental platform defines that the Central Bank's CES will consist of two stages: "testing" and "limited regulatory experiment", and also presents consolidated steps to implement the plan taking into account the experience of the UK, Singapore and Australia. At the same time, the Bank of Russia has not sufficiently taken into account the experience of other countries that have successfully implemented a regulatory framework on the financial market, in particular, Malaysia, Bermuda, Bahrain and Sierra Leone. Also, the document does not specify the main goals of launching the framework and criteria for selecting innovative projects for testing.

The purpose of the CES and the entry criteria should be extremely clear to the participants, structured and public to ensure a high degree of transparency of the process.Before developing its own CES, the financial regulator must determine its fundamental tasks, as well as a list of criteria for entering the testing circuit.

During the analysis of the international experience of creating a CES, it was revealed that the main tasks of the framework are:

- Development of the market of financial products and services by creating an effective competitive environment.

-                     Maintaining the integrity of the financial market by developing data-based approaches to regulation.

-                     Increasing the availability of financial services.

-                     Maintenance of AML/ATP standards.

-                     Ensuring the stability of the functioning of financial institutions.

-                     Maintaining the highest standards of customer trust.

-                     Introduction of innovative business models to the financial market.

These goals are implemented using the following methods:

-                     Creating a regulatory environment conducive to the deployment of FinTech projects in the country.

-                     Testing innovations in a real environment before admission to a wide market.

-                     Encouraging innovation that increases the availability of financial services.

-                     Risk management based on large amounts of actual data.

-                     Reducing the time and cost of bringing an innovative idea to a wide market.

The CES concept continues to evolve, forming various models determined by several factors. A significant common feature is the promotion of dialogue between financial market participants and central banks in achieving a balance of their interests and avoiding conflicts. The regulator acts as an organizer, consultant and technical operator during testing.

The key differences between the existing CES come from acceptance criteria, guarantees and testing requirements, organizational structure and other details. For example, binning testing can be applied inside the regulatory framework, i.e. the distribution of participating companies into subgroups in order to optimize the processes of monitoring the implementation of the experiment.

The author identifies two main models of CES:

- Binning test. Each innovative project or a similar subgroup of innovative projects is considered individually, and depending on the nature of the product or service, individual exemptions are applied in terms of compliance with regulatory requirements (UK, Canada, Singapore)

-                     Universal test. Companies are provided with universal concessions in terms of compliance without considering each project individually (Australia).

In addition, these types can be divided into models with the possibility of extending the testing period and without. As a rule, in a sandbox built according to the "binning test" model, participating companies can extend the deadlines provided they notify the regulator in advance, as well as indicate the reasons and a plan for implementing the goals.

Sometimes CES can be absolutely useless for those regulators who already have a developed and risk-based market environment for issuing various kinds of tools for testing solutions (temporary permits, licenses with restrictions and other tools).

It is important to be aware of the following risks of using the CES:

- creation of artificial competitive reputational advantages for companies participating in the sandbox or successfully tested, over companies with a similar product or technology, but at the same time have not passed testing or have not declared their desire to participate in the sandbox;

- the possibility of potentially introducing uncertainty into the financial market due to the lack of clear information for consumers and investors about the reliability of financial products;

- facilitating the emergence of destructive partnerships between the framework participants and the regulator, which can lead to corruption, in the absence of precise rules and internal controls.

Since the details of the agreements on participation in the CES, as a rule, are not published and are often subject to confidentiality agreements, regulators need to conduct constant checks of reporting on the processes of interaction between the participants of the sandbox and the regulator. This is especially true in developing countries with high levels of corruption. Participants admitted to the sandbox can gain advantages over others by relaxing regulatory rules.

Some candidates may be more likely to be accepted into the sandbox. For example, in Malaysia, candidates for participation in the CES who are "creators of jobs with high added value" will be more favorably evaluated by the central bank. The use of objective criteria, transparency and, possibly, the use of cohort analysis can help mitigate the risk of injustice and corruption.

It is appropriate to emphasize that by their nature, CES pose a danger to market competition, since they give an advantage to some firms over others. Although the potential of economic privileges may not exceed the advantages created by regulatory sandboxes, it should be taken into account when analyzing the development or implementation of new or existing frameworks.

According to the author, the CES is not a panacea for all the problems of risk management of participants in the digital financial market and is not the only solution. Innovations can eliminate traditional barriers to financial accessibility, such as legal (for example, AML/CFT requirements), operational (for example, the costs associated with the need to open a branch) and physical (for example, the limitations of traditional distribution channels). This was demonstrated by the success of the mobile banking project in Africa, which implements the "test-and-learn" approach to try out new ideas in special conditions in a real environment (the approach was also used in Indonesia, Kenya, the Philippines, Rwanda).  Telecommunications companies in Nigeria have a partial functionality of a banking organization, allowing their customers to make deposits of funds, payments and transfers, create applications for debit cards, receive financial advisory services and invest in government and central bank securities through mobile communication and telephone. According to the new standards, telecommunications companies can apply for a license to become a Payment Service Bank (PSB). Thanks to the new regulation, the availability of financial services for the population has increased, but PSB is not yet allowed to provide loans and loans due to the impossibility of a comprehensive assessment of credit risk.

Also, an alternative to the sandbox is a wait-and-see strategy, the task of which is to continuously monitor innovative trends without the use of government official intervention (for example, peer-to-peer lending, cryptocurrencies). The purpose of this approach is to accumulate knowledge about an innovative product in the subsequent decision on the need for regulatory amendments. Compared to these approaches, digital experimental environments appear to be noticeably more structured and at the same time objectively manageable, formal from the point of view of technology, resource-intensive (from the point of view of the costs of the regulator for organization and maintenance).

When analyzing the foreign experience of the creation of the CES by central banks, it was revealed that the introduction of innovation through a digital experimental environment consists of four main blocks: submission of an application; evaluation of a project/service; testing of a project/service in a sandbox; making a decision on bringing an innovative product to the open market.

This section will propose the principles of the organization of the CES, criteria for evaluating applications for participation in the experiment, as well as a variant of its structure, the terms of consideration of the application by the regulator. There is also a list of testing steps and possible dates for this stage.

According to the scheme (Figure 1), time means the moment when a fintech company submits an application for participation in the CES. The application is a questionnaire, usually containing several sections.

Figure 1 – Flow diagram of the process of implementing a digital project through a CES

Source: author's development

The application form of the CES of the Bank of Russia allows you to get only a superficial idea of the company (name, legal address, website, main state registration number, phone number, country of registration, a brief note outlining the main type of activity, contacts of the authorized representative). We suggest in the first section of the application to specify information about the founder, including the name of the company, industry, contact information. The applicant must also briefly outline the company's ownership structure, information about subsidiaries and affiliates, as well as provide a list of final beneficiaries and financial statements. If available, it is necessary to indicate foreign branches, as well as the fact of close cooperation with any financial organization - a voluntary participant in testing, within which it is planned to launch testing of a product or service in the sandbox.

The second block is a detailed description of the innovation, key features of the project, including:

- justification for the inclusion of innovation under the regulated perimeter;

- a detailed statement of all regulatory requirements applicable to innovation, which, in the applicant's opinion, cannot be met under the current regulation;

- justification of the need to test the technology and its key advantages;

- evidence of a significant difference between the innovation and the products and services presented on the financial market at the time of filing the application;

- substantiation of the advantages of innovation for the end user;

- justification of the need to test the technology on real clients inside the sandbox instead of business modeling of the project;

- confirmation of readiness to participate in the sandbox:

o a comprehensive legal audit of the company has been carried out;

o there is a well-developed testing plan;

o there is a well-developed plan of interaction with real customers during the testing period;

o the case of test failure has been worked out – there is a plan to terminate the test, losses for the final beneficiaries have been calculated.

The last block includes the presentation of a detailed test plan in the CES:

- purpose of testing;

- testing schedule and key control points;

- indication of the type of customers with whom interaction will take place during testing, as well as the resources provided to encourage customers to participate in the test: marketing, financial incentives, special privileges;

- a list of the main risks, both for the company and for consumers of the product or service, as well as methods of their control and management;

- description of cybersecurity systems or other relevant digital information protection tools provided to ensure the security of an innovative financial solution;

- description of key indicators – metrics for evaluating the success of testing in the CES;

- description of possible test results and an appropriate action plan in case of an adverse event (table 1)

Table 1 – Possible sandbox result scenarios

Source: compiled by the author

In case of successful completion of testing, the applicant must provide a plan for further actions to introduce the innovation to the open market outside the test framework. It is also necessary to indicate the applicant's intentions to introduce the technology directly or transfer it to a third party for implementation.

In case of a pessimistic scenario, when testing should be discontinued due to technological failures, identified damage to consumers, the applicant should prepare a plan that provides for such unforeseen circumstances, including offering metrics to assess the financial damage suffered by test participants.

At the stage of assessing innovation in the CES, the main criterion for the acceptability of the project is a balance between the need to protect consumers, including maintaining their trust, and stimulating innovation in the country. The regulator should assess the risk of the predominance of commercial benefits from the provision of a weakened regulatory regime over the financial damage from the sale and its maintenance.

At this stage, the possibility of the innovation's access to testing in the CES is evaluated. In addition, the compliance of the innovation and the fintech company with the criteria set by the Central Bank is being checked. According to international practice, the decision must be made and announced by the regulator within 15 to 180 days from the date of submission of the application for participation. Table 2 shows the review dates for the sandboxes of different countries.

Table 2 – Terms of consideration of the application for participation in the CES in various countries

Source: compiled by the author

However, it is impractical to establish a fixed time interval for a full assessment of innovation in view of the heterogeneity of the proposed technologies and high uncertainty regarding the regulatory framework. According to the practice of using the sandbox by the Singapore regulator, external consultants can be involved to evaluate the idea. At the evaluation stage, a scientific and flexible approach is applied, in which the regulator actively and closely interacts with the applicant, allowing adjustments and other additions to be made after the application is submitted.

Based on the conducted research of the international experience of the implementation of the CES, it is legitimate to identify the following main criteria for evaluating the applicant's digital innovation.

-                     Solvency. The applicant company must have a stable financial position, use innovative technologies and be able to demonstrate a serious intention to carry out regulated activities through the use of financial technologies. The firm's activities should expand the range and improve the quality of financial products and services for investors and benefit the financial services industry.

- Innovation. Is the solution really innovative and allows you to create a tangible advantage for consumers and the industry?

-                     Necessity. The applicant is obliged to justify the expediency and importance of testing the project in the sandbox.

- Limitation. The scope and stages (if any) of the pilot test, the terms and conditions of termination of the test are determined.

- Security. The applicant will take adequate measures to protect the interests of clients during testing, including a proper selection process for clients who understand the risks associated with participation in the sandbox and join the process voluntarily, a mechanism for timely and fair compensation of financial losses of clients caused by any failures during testing, and appropriate measures allowing clients to freely leave the applicant company and exit the framework.

- Effective risk management. Availability of reserves to reduce risks that may arise due to incomplete compliance with the requirements of the regulator.

-                     Readiness and monitoring. Readiness of the systems and processes involved in the sandbox, and careful monitoring of the test.

-                     Planning. Availability of strategies for entering a wide market, as well as withdrawal of the project in case of unsuccessful testing.

- Professionalism. Availability of specialized experts in the team.

After the application is approved, the experiment stage begins. At this stage, the Central Bank, in cooperation with the applicant, must ensure safe testing of the proposed product or service in an appropriate controlled environment.

The duration of the experiment should be sufficient to obtain statistically significant data (usually from 3 to 12 months). Table 3 provides information on the timing of testing for different countries.

Table 3. Timing of the experiment for different countries

Source: compiled by the author

The applicant must notify his clients, if any, that the product/service works within the framework of the CES framework, disclose the key risks associated with the product/service. The applicant must also receive confirmation from clients that they have read the notification and understood the potential risks of participating in the experiment. In order to ensure transparency and reliability of the information provided to clients on the Central Bank's website, relevant information about all approved provisions of the CES should be published, for example, the name of the applicant, the start and end dates of the experiment, as well as a general description of the framework.

At the stage of direct testing of innovation in the CES, the following steps should be implemented.

- documenting the risks associated with innovation and providing the participant with methods for managing such risks;

- establishment of measures for continuous monitoring and risk assessment, as well as their prompt elimination, including adjustments to the initial testing parameters;

- proposal of amendments to the legislative framework for the successful launch of innovation on the open market;

- allowing participants to carry out testing in strict accordance with established scenarios and mechanisms of control and supervision of testing;

- control and assessment of testing risks;

- provision by the regulator of technical and legal advice for the tested participant in order to develop the potential of innovation.

- by the decision of the regulator, the testing period may be extended, provided that it does not exceed one year, starting from the date of initial approval of the application.

The Central Bank has the right to stop testing in the following cases:

- during testing, the set goals were not achieved, including the deadlines and expected results specified in the approved testing scenarios;

- a violation has been detected or non-compliance with the sandbox conditions has been detected;

- unsatisfactory results of the experiment were obtained, including exceeding the risks associated with the large-scale implementation of the project with benefits due to implementation on the open market;

The fintech company has the right to exit the sandbox, and all obligations arising from the premature termination of testing must be satisfied. The applicant must regularly submit reports to the Central Bank on the progress of the experiment in a predetermined format. The Central Bank also has the right to conduct spot checks.

At the end of the testing period, the license for testing solutions in the sandbox expires. The CES regime may provide for the possibility of extending the experiment period if the fintech company submits an application for an extension to the regulator at least one month before its expiration and provides sufficient grounds for the need and expediency of an extension. The regulator must decide whether to renew the license on a case-by-case basis, and its decision will be final (not subject to appeal). After the expiration of the licenses, tested participants are allowed to start marketing financial services tested in the sandbox on a larger scale if:

- the regulator confirms that the expected results have been obtained;

- the fintech company is ready to fulfill all legal and regulatory requirements.

The applicant must be aware of their inability to comply with legal and regulatory requirements when applying and have an approved plan to meet these requirements. The experiment phase should be terminated if the sandbox subject is unable to fully comply with the relevant legislative and regulatory requirements after the expiration of the testing period. The applicant must notify the Central Bank in advance if there is a risk of non-compliance with legislative and regulatory requirements when exiting the sandbox. In this case, the experiment can be extended.

Upon completion of the sandbox experiment stage, the applicant must be officially notified of the success or failure of the test.

At the end of the experimental phase of the CES, the special regulatory requirements relaxed by the Central Bank lose their force, and the Applicant must exit the sandbox to the open market, unless the Central Bank notifies otherwise.

According to the plans outlined by the applicant before the start of testing, there should be customer protection measures agreed with the regulator and a plan to exit the sandbox. As a final step, firms should submit a report to the Central Bank detailing the results of the test and the next steps. The exit can take various forms depending on how the applicant decides to act. According to international practice, most sandbox participants decide to extend the experiment, but at the same time the applicant has the right to revise the business model, for example, by becoming a supplier of technological infrastructure or financial technology.

It is worth noting that there is no such thing as an automatic change of regulations, regardless of the results of the experiment in the sandbox. Any legal changes are evaluated by the Central Bank in close cooperation with the market before determining whether specific regulations can be fully or partially corrected or relaxed.

The expected result of the CES from the regulatory point of view should be a process in which the company successfully delivers an innovative new product or service, working closely with the regulator on the application of existing rules in a new area, which in some cases may lead to new regulatory or supervisory approaches.

Based on the results of systematization and generalization of the experience of the organization of the CES by foreign financial regulators, the following principles of the organization of the digital experimental environment have been developed:

- The limited easing of the current regulation. The goal is to avoid additional risks for the financial market and consumers of financial services.

-                     An individual but systematic approach to the analysis of innovation. The goal is to consider an innovative project as unique, but at the same time there is a formal list of rules that cannot be relaxed.

-                     Simplicity and transparency of the application process. The goals are, firstly, to maintain the level of "publicity" of the experimental environment in order to minimize the risks of unjustified privileges (for participants), and secondly, to optimize technical resources for processing and storing information.

- Continuous monitoring. The goal is to establish a structured oversight process to ensure that the company testing the innovative solution will fulfill the implementation stages agreed upon at the application stage.

-                     Invariance of criteria for interpreting the results of both successful and unsuccessful throughout all stages of the sandbox. The goal is to encourage participating companies to elaborate a detailed development plan for an innovative financial product or service. Refusal to enter the open market is an important part of the CES for the adaptation of participants and further improvement of the digital product.

- Safety and transparency during the experiment. The goal is to provide guarantees for consumers, since real testing on the market involves the risk of causing damage. It is important that customers know that they are in a test environment, are informed about the risks and the level of protection, and have the opportunity to withdraw from participation in case of disagreement with the terms.

You can simply select and copy link from below text field.