Fintech Regulation in Asia Pacific

Highlights from the report

Observed impact

• The COVID-19 pandemic has accelerated the adoption of fintech and increased the regulatory priority of the sector. Regulators in APAC acknowledge fintech’s ability to support their regulatory objectives. For example, most regulators view fintech as having the potential to support financial inclusion (75% versus 70% globally), the adoption of DFS (70% versus 53% globally) and consumer protection (60% versus 38% globally). In terms of the pandemic, 85% of APAC regulators stated there was a high degree of resilience and adaptability within their organisations in reacting to the crisis, with more APAC regulators feeling there was greater adequacy of resources available to respond (72%) than regulators in MENA (55%) or SSA (35%).
• APAC regulators considered that the COVID-19 pandemic has increased risks related to Fintech in terms of cybersecurity (82%), operational risks (71%) and consumer protection (47%). Regulatory measures undertaken by APAC regulators in response to COVID-19 were mainly related to ensuring economic relief (50%), cybersecurity (50%), customer onboarding and due diligence (44%), and business continuity (44%). In terms of specific Fintech verticals, 42% of APAC regulators who responded to this survey introduced measures for digital payments and remittances, in comparison to 61% globally with 17% (versus 15% globally) introducing measures for digital capital raising.

Regulatory frameworks

Fintech specific

• 90% of sampled jurisdictions in APAC have established regulatory frameworks for digital payments. In those jurisdictions with a framework, 55% regulate the wider payments sector through a general regulatory framework, while 35% employ a specific digital payments framework. Some regulators in sampled APAC jurisdictions have streamlined existing payment regulations to ensure they stay abreast of new developments in the payments sector. This is in addition to integrating payment service providers in a single activity-based regulation. Activity-based regulation entails applying rules for a specific activity uniformly, regardless of the type of entity undertaking the specified activity.
• 90% of sampled jurisdictions in APAC have established a regulatory framework for e-Money. Of these, 55% regulate the e-Money sector using a general payments framework that contains explicit provisions that are applicable to e-Money, while 30% employ a specific e-Money framework and 5% regulate it under another framework. The majority of sampled APAC jurisdictions allow agents to operate in the e-Money sector, and this has contributed to DFS expansion, and in turn, increased digital financial inclusion.
• 85% of sampled APAC jurisdictions have a regulatory framework for international remittances in place, 5% have one under development and 5% treat it as unregulated or self-regulated. In those jurisdictions with existing frameworks, 55% include international remittances within a general payments framework, 25% have a specific remittances framework and 10% regulate it through other frameworks.
• 50% of sampled jurisdictions in APAC have a bespoke framework that regulates P2P lending and 6% plan to introduce one. 22% of jurisdictions have prohibited P2P lending, while 22% treat it as unregulated or self-regulated. The establishment of bespoke regulatory frameworks for P2P lending activities is similar to the approach in MENA, where 50% of sampled jurisdictions have bespoke frameworks. This differs significantly from SSA, where only 11% of the jurisdictions sampled utilise a bespoke regulatory framework.
• 78% of sampled APAC jurisdictions have an equity crowdfunding framework, with 50% having a bespoke framework and 28% regulating under an existing framework. This is higher than the sampled MENA (50%) and SSA (34%) jurisdictions. 11% of jurisdictions prohibit this activity.

Cross sectoral

• 65% of sampled APAC jurisdictions have a broad framework for data protection in place, 20% plan to adopt one and 15% have no framework. In terms of specific data protection frameworks for financial services, it is notable that 90% of sampled jurisdictions have a framework in place.
• 95% of sampled jurisdictions in APAC have a broad regulatory framework for cybersecurity in place and the remaining 5% plan to introduce one. Since the start of the pandemic, 75% of sampled jurisdictions have reported introducing additional measures relating to cybersecurity, mainly focused on raising awareness of ongoing cybersecurity threats.
• 35% of jurisdictions in the APAC sample have regulatory frameworks in place for open banking and 35% plan to introduce one. There are indications that these low levels of adoption could be related to the amount of economic inequality within the region. According to the World Bank Income Group classification, all but two of the existing open banking frameworks in the sample are in high income jurisdictions.
• 79% of jurisdictions in the APAC sample have a framework in place for financial consumer protection (FCP), 5% plan to introduce one and 16% utilise general consumer protection frameworks for FCP. 61% of surveyed jurisdictions introduced additional consumer protection measures in response to the COVID-19 pandemic.
• All jurisdictions in the APAC sample have a framework in place for anti-money laundering (AML) and combatting the financing of terrorism (CFT), except Bhutan. Bhutan is planning to introduce a legal framework for AML/CFT.
• 66% of jurisdictions in the APAC sample have some type of e-KYC frameworks in place. In those jurisdictions with a framework, 22% are e-KYC specific and 44% are general KYC frameworks that enable e-KYC. 21% of jurisdictions plan to introduce an e-KYC framework, and 17% expressly forbid e-KYC. Fintechs in APAC reported an urgent need for e-KYC (33%) and remote onboarding (30%) regulatory support, highlighting key demands from market participants.

Regulatory innovation initiatives

• Across the region, prevalence of regulatory innovation initiatives is increasing rapidly. All APAC jurisdictions were reviewed regarding their regulatory innovation initiatives, including innovation offices, regulatory sandboxes and regtech/suptech efforts. The study revealed a significant increase in activity over the last two years:
  • 16 jurisdictions with at least one innovation office were identified across the region (with a further one planned); an increase from nine in 2019.
  • 25 jurisdictions with at least one regulatory sandbox were identified (with a further four jurisdictions planned); an increase from 13 in 2019. Regulatory sandboxes are the most common initiative across the sampled jurisdictions
  • 15 jurisdictions with at least one active regtech/suptech initiative were identified (with a further two planned); an increase from eight in 2019.
• COVID-19 appears to have had a positive impact on the increasing prevalence of regulatory innovation initiatives.

Hurdles faced

• APAC regulators reported several hurdles to effective supervision that may explain the variation in prevalence of regulatory frameworks in the region. The main obstacles reported in forming regulatory frameworks included limited technical expertise (86%), coordinating activities with multiple regulators (79%), lack of clarity on jurisdiction over an activity (71%) and limited funding/resources (64%).
• The COVID-19 pandemic has exacerbated existing challenges in regulating Fintech and introduced new ones. Of the surveyed regulators, 60% reported challenges in accessing timely data, in comparison to 29% globally. They also reported that COVID-19 made it more challenging to co-ordinate with other domestic agencies (33% versus 39% globally) and to perform their core functions while working remotely (33% versus 49% globally).