FinTech Licensing Framework in the UAE
The banking industry globally is moving from a traditional relationship based banking model to a more technology-based provision of services.
This is also true for the UAE as banks in the UAE are recognising the risks and competition they face from technology companies looking to provide financial services using technology (FinTech). To counter this, UAE banks are embracing innovation and technology by investing in FinTech solutions and adapting their business to ensure efficiency and ease in a more cost effective provision of financial services.
To promote the adoption of FinTech in the UAE, while ensuring the highest standards of consumer protection and financial stability, regulators have been actively issuing new rules, regulations and initiatives. We set out below a synopsis of recent regulations issued by the UAE Central Bank (‘Central Bank’), Dubai Financial Services Authority (‘DFSA’) and Financial Services Regulatory Authority (‘FSRA’).
I. UAE Central Bank
The Central Bank has issued the Regulatory Framework for Stored Values and Electronic Payment Systems on 1 January 2017 (‘Regulation’). The Central Bank is the sole authority with the power to regulate existing and future digital payment mechanisms onshore in the UAE.
The following concepts and definitions are central to comprehending the various aspects of the Regulation. The Regulation defines Digital Money as any monetary value represented by a claim on its issuer, issued against AED stored on electronic, magnetic, or mobile channels. In international parlance it is electronic money.
Digital Payment has been defined as any payment using electronic, mobile, or magnetic channels excluding credit and debit cards payment.
Payment Instruments that are permissible for being used to initiate or receive a payment instruction are AED denominated cash, bank transfers; credit cards, debit cards, or stored value facility / prepaid cards.
Licensing of PSP
Pursuant to the Regulation, payment service providers (‘PSPs’) now require a license from the Central Bank.
There are four categories of PSP licenses namely the retail PSP, Micropayments PSP, Government PSP and Non Issuing PSP.
- Retail PSP
Commercial banks or entities owned at least 50% by banks are eligible for the retail PSP license. It is the broadest category of license. A retail PSP can conduct the entire spectrum of permissible services, the most important of which is issuing Digital Money. Essentially, a retail PSP can offer a prepaid wallet which can be used for purpose of cardless deposits and withdrawals of cash at ATMs.
- Micropayment PSP
A micropayments PSP mainly targets the unbanked sector and is suitable for entities like telecommunication companies, exchange houses and entities licensed by the national transport authority. It permits much smaller funding and transaction limits.
- Government PSP
As the name suggests, a government PSP license enables prepaid digital payments to federal and local statutory bodies. There are also no transaction limits.
- Non-Issuing PSP
The last category is the non issuing PSP license. This license does not permit the issuance of digital money, handling or solicitation of funds. This category is exempt from several sections of the Regulation related to safeguarding payments, outsourcing, segregated bank accounts, registration requirements, outsourcing and Know Your Customer checks (‘KYC requirements’). There are also no transaction limits.
It should be noted that the Regulation details fourteen ‘dimensions’ which should be considered by a PSP when providing digital payment services in the UAE. These range from obtaining a Central Bank license to customer registration, appointment of agents, KYC requirements, Anti-Money Laundering matters, load and transaction limits, limits on charges, privacy matters, dispute resolution, payment execution, clearing and settlement etc.
Exemptions from the Regulation
The Regulation lists eight categories of payment services/providers that are exempt from the application of the Regulation. Certain categories are regulated under other Central Bank regulations like payment transactions using a credit or debit card. Two important categories are issuers of closed loop payments instruments and technical service providers.
Technical service providers are not considered to be conducting financial activities since they only facilitate the provision of financial services to PSPs. They do not handle or transfer cash and therefore do not acquire any financial transactions. A payment gateway operator could fall under this category.
The entities that are eligible to apply for a license are required to be those incorporated in the UAE (including in non-financial free zones). Entities incorporated in the Dubai International Financial Centre (‘DIFC’) and Abu Dhabi Global Market (‘ADGM’) are excluded.
There also appears to be some ambiguity in the Regulations as to the offering of virtual currencies or crypto currencies.
Restrictions on Fees and Charges
The Regulation sets out limits on funding, holding, daily and per transaction spending that must be complied with. The Regulation also provides that certain charges may not be imposed on users.
The Central Bank has recognized the impact that the Regulation could have on existing participants in the financial FinTech sector and has therefore provided a one year transition period.
Notwithstanding the one year transition period, concerned entities should promptly consider applicable compliance measures under the Regulation, in view of the breadth of scope and requirements of the Regulation. Non-compliance of the Regulation could attract financial penalties as well as other orders to be imposed by the Central Bank as it considers reasonable under the circumstances.
II. Dubai International Financial Centre
DIFC’s FinTech Hive Accelerator program
In January 2017, the DIFC launched the FinTech Hive Accelerator programme, providing a platform for financial services and technology firms to build solutions for the financial sector. Supported by Accenture, the programme runs over twelve weeks during which time participants have the opportunity to develop, test and modify their FinTech innovations in collaboration with top executives and financial institutions in the DIFC. It is intended to provide a platform that will allow concepts to be fast-tracked and converted into tried and tested, commercially viable propositions.
DFSA’s Innovation Testing Licence
In May 2017, the DFSA, the financial services regulator for the DIFC, announced that FinTech firms can apply for a type of financial services licence referred to as an Innovation Testing Licence. This restricted type of financial services licence will allow FinTech firms to develop and test their concepts from within the DIFC, without being subject to all of the DFSA’s rules and regulations. This would mean that firms operating under such licence would not have to comply with the DFSA rules when the concept is at a testing stage. Graduation from the testing phase would be a step towards obtaining a full financial services licence.
III. Abu Dhabi Global Market
FSRA’s Regulatory Laboratory in the ADGM
In November 2016, the FSRA of the ADGM launched its Regulatory Laboratory (‘RegLab’) with the implementation of its FinTech legislative framework. This framework sets out the FSRA’s approach to the RegLab which is a specially tailored regulatory framework that provides a controlled environment for FinTech participants to develop and test FinTech solutions without immediately being subject to all the regulatory requirements that would otherwise apply to a fully licensed firm. It is intended to provide a safe environment within controlled boundaries for businesses to test, develop and provide innovative FinTech products.
The ADGM had approved its first batch of RegLab participants in May 2017, comprising five FinTech startups with various innovative offerings. Participants will be granted a ‘Financial Services Permission’ by the FSRA to carry on the regulated activity of developing financial services technology within the RegLab. Participants can remain in the RegLab environment for up to two years, during which time it is expected that the technology will be developed to the point where it is in a position to launch and the participant will be able to migrate to a full financial services licence within the ADGM. The second batch of ADGM RegLab applications opened on 16 May 2017 and closes on 31 July 2017.
Taking into consideration the various licensing frameworks and initiatives briefly outlined in this article, it is clear that by laying these foundations the UAE is looking to support and encourage the growth of FinTech in the region. Entities looking to offer FinTech solutions should take into account which jurisdiction is most suitable and what licenses, if any, are required.
Al Tamimi & Company’s Financial Regulatory team regularly advises on licensing related matters. For further information please contact Divya Abrol Gambhir (firstname.lastname@example.org).