Regulatory Sandbox: Second Application Window for New Fintech Projects from 3 November to 5 December 2023

Written By

diego cefaro Module
Diego Cefaro

Senior Associate
Italy

I am a senior associate in our Banking & Finance and Financial Services groups, working across Rome and Milan.

stefano febbi Module
Stefano Febbi

Partner
Italy

I'm a partner in our Finance & Financial Regulation Group based in Milan and co-head of our International Financial Services Group.

On 27 July 2023, Bank of Italy, jointly with the Ministry of Economy and Finance, Consob and IVASS, announced that from 3 November to 5 December, supervised entities and FinTech operators will be able to apply for admission to the second phase of testing in Italy of FinTech activities: so-called “Regulatory Sandbox”.

Through the Regulatory Sandbox - provided for by the Ministry of Economy and Finance Decree No. 100 of 30 April 2021 (“Decree 100/2021”) - supervised entities and FinTech operators will be able to test innovative products and services in constant dialogue and discussion with authorities, eventually also benefit from a simplified transitional regime.

The first application window for the Regulatory Sandbox was opened from 15 November 2021 to 15 January 2022. The selected projects are currently being tested under the supervision of the Bank of Italy. Projects admitted to the first cohort' section include, but are not limited to (i) implementation of new process for carrying out customer due diligence obligations for intermediaries; (ii) implementation of an advanced fraud detection service, called "Hands-Free SCA", with the aim of identifying frauds on digital payments in real time, leveraging the exemptions to Strong Customer Authentication provided for by EU Directive 2015/2366 (PSD2); (iii) implementation of a technological platform offering financial intermediaries a service for the assessment of creditworthiness, in accordance with the indications laid down in the EBA Guidelines on loan origination and monitoring.

What is the Regulatory Sandbox

The Decree 100/2021 issued by the Ministry of Economy and Finance, implementing the delegated act envisaged under the Decree Law 34/2019 (“Growth Decree”), sets out the “FinTech Committee rules and experimentation”, i.e. the Regulatory Sandbox of FinTech activities at the supervisory authorities.

The Regulatory Sandbox is a controlled environment where supervised entities and FinTech operators will be able to test, for a limited period of time, technologically innovative products and services in the banking, financial and insurance sectors.

Objectives

Through the Regulatory Sandbox, the supervisory authorities aim to support the growth and development of the Italian FinTech market, thanks to the introduction of innovative models in the banking, financial and insurance sectors, while guaranteeing adequate levels of consumer protection and competition, and safeguarding financial stability.

At the same time, the supervisory authorities can observe the latest technological developments and identify the most appropriate and effective regulatory interventions to facilitate the development of FinTech, thereby limiting the spread of potential new risks from the outset.

Who can participate in the Regulatory Sandbox and the criteria for admission

The Regulatory Sandbox takes a cross-sectoral approach, with the objective of fostering innovation in the banking, financial and insurance sectors. It is open to FinTech operators, supervised entities and unauthorised firms that require authorisation to take part in the test; both Italian and foreign companies may access the Regulatory Sandbox.

Application to access the sandbox testing environment can be made for activities using innovative technology affecting the banking, financial or insurance sector and which, alternatively:

  • are subject to prior authorisation or registration by one of the supervisory authorities (or fall within the cases of exclusion or exemption provided for by the applicable laws);
  • are carried out in favour of entities that are supervised or regulated by at least one supervisory authority (also operating in Italy pursuant to the freedom to provide services or the right of establishment through a branch);
  • are carried out by entities, which are supervised or regulated by at least one of the supervisory authorities or by a foreign entity operating in Italy pursuant to the freedom to provide services or the right of establishment through a branch.

Entities that are already supervised or regulated but are incorporated in another EU country and operating in Italy through a branch or under the freedom to provide services may submit an application for admission to the Regulatory Sandbox and may be the recipient of a product/service tested by a FinTech operator.

The application for admission to the test can also be submitted by non-supervised or regulated European operators in the FinTech sector for activities to be provided to a supervised or regulated entity having its registered office or branch in Italy or operating under the freedom to provide services.

With regard instead to the entities that do not have their registered office in the European Union may apply for admission to the Italian sandbox if they already have a branch authorised to operate in Italy and are therefore subject to supervision or regulation by the Bank of Italy, Consob or IVASS.

The application for admission to the sandbox may also be submitted by FinTech operators who are not subject to supervision or regulation having their registered office in a non-European Union State for activities to be provided to a supervised or regulated entity that has its registered office or branch in Italy or operates with Italian customers under the freedom to provide services.

In the event that the application for entry into the sandbox is successful, the applicant must open a secondary or representative office in Italy, within 45 days of the decision of the competent authority to admit the applicant to the test.

In order to be admitted to the Regulatory Sandbox, projects must meet all the following eligibility criteria:

  • the activity is significantly innovative. The degree of innovation will be assessed not only by reference to the technologies used, but also by considering their application to a product, process or business model that is relevant to the national banking, financial and insurance sector.
  • The activity requires derogation from one or more supervisory guidelines or acts of a general nature adopted by the supervisory authorities or testing and joint examination with one or more supervisory authorities.
  • The activity adds value in terms of at least one of the following aspects, without significant prejudice to any of the others: (i) benefits for end-users, e.g. enhanced security safeguards; (ii) efficiency of the system, e.g. better usability and use of information; (iii) effectiveness in applying the regulations, in terms of: e.g. streamlining the internal processes designed to meet the regulatory obligations; (iv) improvement of the risk management systems, procedures and processes for banking, financial or insurance operators: e.g. increased effectiveness in identifying and/or measuring and managing risks.
  • The activity is at a sufficiently advanced stage for the test to be done or eligible to start the testing period immediately after receiving notice of admission to the sandbox.
  • The activity is sustainable from an economic and financial standpoint or in any event has an adequate degree of financial coverage.

When and where can an application for admission be submitted

The application for admission can be submitted from 3 November to 5 December 2023.

There are no limits on the maximum number of applications or on the thematic areas of the projects to be submitted for admission.

Applicants can start informal discussions with the competent authorities, i.e. Bank of Italy, Consob and IVASS ahead of the application window by filling out the forms on their institutional websites and sending it to through the relevant dedicated communication channels.

The testing period will last up to 18 months, subject to any extensions.

Please reach out to Stefano Febbi and our Italy based specialists if you would like some guidance or advice on the Regulatory Sandbox.

Latest insights

More Insights
featured image

Update on recent UK data protection guidance in the financial services space

3 minutes Dec 19 2024

Read More
Bank card propped up against laptop

Germany: BaFin updates AML guidance

Dec 19 2024

Read More
flower

NEWSFLASH - The UK’s New Consultation on AI and Copyright: Purr-suing Balance?

Dec 19 2024

Read More