Introduction
In furtherance of the Exposure Draft of Regulatory Framework for Sandbox Operation issued by the Central Bank of Nigeria on 23 June 2020, a final Framework for Regulatory Sandbox Operations was released by the CBN on 13 January 2021. This regulatory sandbox encourages innovation that can improve the design and delivery of payment services and is, therefore, also suitable for proposed products, services, or solutions that are either not contemplated under the prevailing laws and regulations or do not precisely align with existing regulations. This is a welcome development to help spur innovation and competition for the development of the industry and consumers. This article sets out to highlight the key provisions of this framework and its implications.
What is a regulatory sandbox?
According to the framework,“it is a formal process for firms to conduct live tests of new, innovative products, services, delivery channels, or business models in a controlled environment, with regulatory oversight, subject to appropriate conditions and safeguards”. A regulatory sandbox introduces the potential to change the nature of the relationship between regulators and financial service providers (regulated or aspiring) toward a more open and active dialogue.[1]It is pertinent that when a new product or innovation is to be introduced into the market space, a test is conducted to ascertain the success or failure of such a product or innovation when it is eventually accepted into the financial market space. This helps to prevent the circulation of inadequate services or innovations to the detriment of consumers.
What are the objectives of the Regulatory Sandbox?
Nigeria’s cash-based economy which has digitized over the years has boosted the country’s economy significantly. More people with mobile phones and the internet can transact digitally resulting in a faster and flexible transaction. The idea of sitting in the comfort of your home and making payment for services rendered relieves stress which every Nigerian would seek for. The framework sets out the objectives of the sandbox as follows. They include;
1.To increase the potential for innovative business models that advance
financial inclusion;
2.To reduce time-to-market for innovative products, services, and business
models;
3.To increase competition, widen consumers’ choice and lower costs;
4.To ensure appropriate consumer protection safeguards in innovative
products;
5.To clearly define the roles and responsibilities of stakeholders and the
operations of the Sandbox for the Nigerian Payments System industry;
6.To ensure adequate provisions in regulations to create an enabling
environment for innovation without compromising on safety for
consumers and the overall payments system; and
7.To provide an avenue for regulatory engagement with FinTech firms in
the payment space, while contributing to economic growth.
What are the criteria for participating in the Regulatory Sandbox?
It is provided that before an applicant could be accepted as a participant into the sandbox, proper check must be done at his end to ensure his products, service or solution is innovative with clear potential(s) to improve accessibility, customer choices, efficiency, security and quality in the provision of financial services; or enhance the efficiency and effectiveness of Nigerian Financial Institutions management of risks, or address gaps in or open up new opportunities for financial benefits or investments in the Nigerian economy.
Also, applicants with payment solutions must provide the proposed project within a limited transaction (value and volume) for better risk management and mitigation. The limits shall not be exceeded during the testing period. Firms looking to participate in the sandbox must provide an assessment report showing the usefulness and functionality of the product, service, or solution and identify the associated risks which should be devoid of adverse effect to existing structures and consumer experience.
There must be evidence that the applicant has the necessary resources to support testing in the sandbox. This includes the required resources and expertise to mitigate and control potential risks and losses arising from offering the product, service, or solution. The applicant should have a business plan to show that the product, service, or solution can be successfully deployed after exiting the sandbox. It will be a wasted effort for both the regulator and the financial institution if the product cannot begin operation due to a lack of resources. An applicant who unfortunately is unable to meet these requirements according to the framework will be denied access to the regulatory sandbox.
Who can participate in the regulatory sandbox?
There are two categories of participants considered under the framework for regulatory sandbox operations. The first is financial institutions with fintech initiatives that are licensed by the Central Bank of Nigeria while the other category is local companies including financial sector companies as well as technology and telecom companies intending to test an innovative payments product or service industry deemed acceptable by the CBN. Also, companies proposing non-regulated financial products and services using emerging technologies, i.e. innovators whose proposed solutions involve technologies that are currently not covered under any existing CBN regulations. Companies i.e. start-ups that are not regulated by the CBN fall under this category.
How to assess risks and safeguard financial institutions and consumers
Fintech innovations are important but the biggest challenge for the regulator is to strike a balance between innovation and regulation. The regulator can’t be too strict as it would kill the spirit of innovation and enterprise, it can’t give too much leeway either if it wants to safeguard consumer interest. To safeguard financial consumer’s interests and protect financial institutions, the applicant must identify risks that may arise from the testing of the product, service, or solution in the sandbox and propose appropriate safeguards to address the identified risks. This is why the CBN has given due regard to a certain aspect of the applicant’s innovation such as; Preserving sound financial and business practices consistent with monetary and financial stability, promoting the fair treatment of consumers, compliance with AML/CFT regulations, protecting the confidentiality of customer information, promoting the safety, reliability, and efficiency of payment systems and payment instruments, encouraging healthy competition for financial products and services. Among these aspects, protecting the confidentiality of customer information is key, because if firms cannot demonstrate that the testing of their innovations will protect customer’s data, it breaches trust and renders the innovation purposeless.
The process of application and approval
For application into the regulatory sandbox, an invitation is placed on the Central Bank of Nigeria’s website and local newspaper advertisements, stating the eligibility requirements for the proposed applicants. Further to this, receipt of application is sent to applicants within 5 working days after submission. Firms wishing to enter the regulatory sandbox shall apply to the CBN through the Regulatory Sandbox online application platform accessed via the CBN’s official email address (Sandbox@cbn.gov.ng). The application must be submitted with a cover letter signed by an authorised signatory of the entity and addressed to the Director, Payments System Management Department, Central Bank of Nigeria, Abuja. The Bank will inform an applicant of its eligibility and approval to participate in the sandbox, 45 working days after the closure of the application window. A Letter of Approval would be issued to the Innovator which would allow Sandbox participants to test their innovation upon entry into the sandbox.
Firms wishing to test their innovations should be on the lookout for advertisements in local newspapers and the CBN website for applying to the regulatory sandbox.
What are the entry requirements?
The framework highlights the important documents that are required for application to sandbox trials. The documents are;
1.Board Approval (where applicable)
2.Certificate of Incorporation
3.The company profile and functional contact: e-mails, telephone numbers, office, and postal addresses
4.Memorandum of Association Shareholding structure of the Company
5.Forms CAC 1.1 (Application for Registration)
6.CVs of Board and Management of the Company
7.Organogram of the Company
8.Project plan alongside a detailed business proposal
9.Key outcomes that the testing is intended to achieve
10.A document that shall outline the strategy of the sandbox trials including current and potential engagements, geographical spread, and benefits to be derived
11.AML/CFT Policy
12.Evidence of patent certificates or registration of patent rights, where applicable. 13.All firms shall supply any other information that the CBN may require from time to-time.
Filing Requirements
Apart from the required documents, after issuing the letter of approval to the innovators, the Central Bank of Nigeria will engage participants on proposed testing parameters, plans put in place in the event of a successful or unsuccessful test. Before the entry, participants are required to provide a general background or information of its organization such as their financial standing and areas of expertise, evidence on how the eligibility criteria for the sandbox has been met, a description of their targets and key performance indicators, start and end dates, target volunteer customer types, customer limits, transaction thresholds, cash holding limits, communication plans such as risk disclosures, customer safeguards, and measures for safety amongst other filing requirements
Reporting Requirements
This requires that participants put measures in place for consumer protection safeguards and the financial system as well. Participants are to submit a periodic report of the progress of the test. While a final report to be confirmed by the Chief Executive Officer of the company on the Key outcomes, key performance indicators against agreed measures for the success or failure of the test and findings of the test, a full account of all incident reports and resolution of customer complaints and in the case of a failed or unsuccessful test, lessons learned from the test and how the firm tends to wind down the test within 30 calendar days from the expiry of the testing period should be submitted by the participants.
Evaluation and Review of approval
The CBN has the power to evaluate and review the approval to continue participation in the sandbox at any time before the end of the testing period. However, before reviewing an approval, a notice of 45 days in writing by the CBN is issued to the participant stating the intention of the CBN and an opportunity for the participant to respond to the notice. The reasons for removal may include if the participant;
1.Fails to carry out the safeguards;
2.Submits false, misleading, or inaccurate information, or has concealed or failed to disclose material facts in its application;
3.Contravenes any applicable law administered by the Bank or any applicable law in Nigeria or abroad which may affect the participant’s integrity and reputation;
4.Is undergoing or has gone into liquidation;
5.Breaches data security and confidential requirements;
6.Carries on business in a manner detrimental to consumers or the public at large; or
7.Fails to effectively address any technical defects, flaws, or vulnerabilities in the product, service, or solution which gives rise to recurring service disruptions or fraud incidents.
After the review and evaluation of the approval by the CBN, the participant is required to cease the provisions of the product or service to consumers. However, the framework provides that the participants must comply with the obligation imposed by the CBN to dispose of all confidential information including customer personal information collected throughout the testing. A penalty for failure to dispose of all customers’ data should be provided to ensure compliance with this provision.
What is the duration of the Sandbox trial?
The testing period for a product in the sandbox is not explicitly provided by the framework, nevertheless, the testing period will vary depending on the peculiarities of the product which should be provided by the innovators in the application. The testing period according to the framework is calculated in months and an application for extension of the duration stating convincing reasons and required additional time should be submitted to the CBN not later than 30 days before the expiration date of the trial.
Notwithstanding, an extension of the testing period will not be immediately granted by the Bank unless the extension is necessary to conduct additional testing of the product, which is to resolve issues identified at the initial testing to prevent market distortion. A participant or innovator who decides to exit the sandbox must do so in writing addressing it to the bank for consent. This consent will be granted based on certain criteria such as the effective closure of any outstanding regulatory obligations and consumer-related matters, which may have arisen from the participant’s sandbox operations.
Moreover, a product, service, or solution may be refused deployment by the CBN into the market at the expiration of the testing period if the bank sees that the product has unintended negative consequences for the public and /or financial stability and the testing was unsuccessful based on agreed test measures.
The framework provides that the bank may support a successful applicant to obtain a requisite license in the following ways: providing guidance in filing their applications for license, advising on options for addressing identified risk issues. This provision appears to defeat the whole idea of testing the product for a specified period. The license for the application should be granted by the CBN upon a successful testing period.
The term ‘cohorts’
This is a group of innovators with the same characteristics, who are allowed to enter the sandbox at the same time for the same period. There is usually a cohort per year named after that year such as (2019 Cohort). The application window for a cohort and the list of firms in the cohort is published on the CBN’s website. The number of innovators to be accepted into a cohort depends on the bank’s resources to support innovators. Besides, the number of innovators that make up the cohort depends on a predetermined number.
Customer safeguards
Sandbox frameworks generally require the participant to present a plan which adequately protects consumers. Consumers are allowed to participate in the testing process and as a result of this, the bank and innovator are to set out measures to ensure the protection of consumers and avoid risks to participating in the test. The measures will be tailored to each test, the risks identified, and their impact.
General comments
Innovation changes the world, having a regulatory sandbox that encourages new ideas, solutions and a testing ground to make the solutions attractive to the market is a laudable initiative from the CBN. However, measures must be put in place to ensure the sandbox does not become a bottleneck hindering innovation in the industry. The sufficient resource requirement put in place for participants may prevent a participant with disruptive innovation but limited resources from applying to the sandbox.
The CBN can put measures in place to assist innovators with limited resources by providing access to resources subject to certain conditions. The provided exit plan resulting from a failed testing is also important for consumer safeguard because not all innovators have the best interests of the consumer in mind. Measures are put in place and these reveal the intentions of the CBN. The idea of a regulatory sandbox also serves as a signal to the public about new products that are set to enter the market space, while this increases competition without posing threats to existing financial institutions, it also increases the choice of the consumer to choose from a range of payment services or solutions. From the foregoing, the regulatory sandbox is a good start when compared to the sandboxes of other developed countries like the UK, Singapore among others.
