AI in Financial Services: embracing the new reality

For more than a decade, the use of innovative technologies has been dramatically reshaping the financial services sector that we know. Use of online banking apps, chat-bots and innovative payment solutions has become a new normal for consumers around the globe and some more advanced technological breakthroughs like crypto-assets are becoming ever less strange area for a great number of people as well. In the background, financial institutions have been leveraging the use of new technologies for the more efficient provision of financial services, from cloud computing, algorithmic and high frequency trading systems all the way to the distributed ledger technology (DLT).

Aiming to achieve better cost and time efficiency as well as better customer experience and investment outcome, financial institutions are competing with each other in a continuous race all looking to get the answer to the same question: what is going to be “the next big thing”?

End of last year, the wider public was for the first time able to see the capabilities of generative artificial intelligence (AI) based systems following the release of the chat-bot called „ChatGPT”. This sent the shockwaves throughout the world as well as the clear signal to big enterprises, including the financial institutions, that investment in AI shall be put (back) on the top of their agenda in the years to come.

It is no secret anymore that businesses and governments around the world are increasingly focusing on AI since according to some estimations, it is expected that AI could contribute up to $15.7 trillion to the global economy in 2030 by increasing productivity across various sectors.

In our latest publication, our experts Dr. Verena Ritter Döring (Partner, Banking & Finance Regulatory) and Miroslav Đurić (Associate, Banking & Finance Regulatory) analyse legal and regulatory aspects of the use of AI based systems in the financial services sector, by focusing on the existing challenges and upcoming regulatory developments in this space.

Regulation of Buy-Now-Pay-Later in the EU: new regime on the horizon

1. Introduction

In recent years, boosted by the changing consumer habits in the wake of the COVID-19 pandemic, the e-commerce sector has experienced an exponential growth. This new environment has created particular fertile breeding ground for the rapid emergence of a new consumer financing model that is getting ever more popular, the so-called Buy-Now-Pay-Later (BNPL). Introduced first by financial technology firms (FinTechs), BNPL has rapidly become one of the most frequently used payment options in the e-commerce ecosystem promising the convenience and flexibility for consumers around the world.

In a nutshell, BNPL is a point of sale loan provided by the BNPL provider that enables consumers to purchase goods (usually online) with a simultaneous postponement of the payment date – for instance within 30 days as of the date of purchase. In a typical BNPL structure, once the consumer creates the purchase order and chooses BNPL as a payment option, at the point of sale the BNPL provider pays to the merchant for the product instead of the consumer. By doing so, the BNPL provider basically grants a credit to the consumer which is usually interest free conditional upon the consumer repaying the borrowed amount within the agreed period. Many consumers around the world, have started to use BNPL as a payment option of preference during the COVID-19 pandemic given that this gave them a chance to pay for the goods purchased online, after they receive and inspect them or eventually not pay at all should they decide to return the purchased goods to the merchant.

And while the e-commerce market was fast in adopting this new consumer financing model, the laws and regulations regulating the credit agreements, did not adapt at the same pace to this new environment leaving a space for license free operation of BNPL providers in many EU Member States.

2. Current situation in the EU

When it comes to regulation of BNPL providers, the current state of the EU financial regulatory framework is far from harmonized. The existing regime based on the Consumer Credit Directive, generally does not apply to the most common credit structures that BNPL providers are using. This is particularly the case with credit agreements involving a total amount of credit less than EUR 200 as well as credit agreements where the credit is granted free of interest and which has to be repaid within three months.

Further, national regulations of individual EU Member States also provide for specific exceptions to the application of consumer credit regulations to BNPL providers, in particular when it comes to provision of interest-free loans, small value loans as well as short-term loans.

However, even under existing framework, BNPL providers are not able to operate in every EU Member State without a license. Namely in Germany, where strict rules around the granting and taking of loans of any kind (including interest free loans) apply, BNPL providers are not able to provide their products to customers without triggering application of existing regulations. Namely, with the aim of avoiding application of strict regulatory requirements applicable to provision of credit (Kreditgeschäft), BNPL providers operating in Germany are frequently relying on a less onerous framework that applies to factoring firms under German law. In this structure, the BNPL provider basically acquires the merchant’s payment claim against the customer, pays the online merchant immediately, and allows the consumer to pay the amount owned later or in installments. Where an ongoing cooperation between the merchant and the BNPL provider exist in this structure, this generally constitutes factoring within the meaning of the German Banking Act (KreditwesengesetzKWG”), an activity for which special license issued by the German Federal Financial Supervisory Authority (Bundesanstalt für FinanzdienstleistungsaufsichtBaFin”) is needed.

As the awareness of the risks that BNPL structures may pose to consumers started to rise, some EU Member States have started to amend their national legislation with the aim of bringing BNPL providers under the scope of application of financial regulation. For Instance, in Ireland, BNPL providers were up until recently exempt from the supervision and regulation by the Central Bank of Ireland given that the interest-free deferred payment structures were falling outside the definition of “credit” set out in the Central Bank Act 1997. However, on 16 May 2022, the Consumer Protection (Regulation of Retail Credit and Credit Servicing Firms) Act 2022 was commenced that aims to bring the BNPL providers under the scope of Irish financial regulation. The Act expands the definition of “credit” in the Central Bank Act 1997 by including within the definition “deferred payments” and “other similar financial accommodation” alongside cash loans. The provision of indirect credit is also within scope for the new Act for the first time which (among other) refers to the provision of credit by BNPL providers.

3. Revision of the Consumer Credit Directive

As part of its New Consumer Agenda launched in November 2020, on 30 June 2021 the European Commission adopted a legislative proposal that shall revise the existing Consumer Credit Directive. As a rationale for the proposed change of the existing regime, the Commission has pointed out that certain credit agreements that currently fall outside the scope of the existing Consumer Credit Directive, like short-term high cost loans whose amount is typically lower than the minimum threshold of EUR 200, can be detrimental for consumers, and as such shall be brought under the scope of existing rules applicable to credit providers. In the Commission’s view, other potentially detrimental products for consumers can also be interest free loans, that in the case of missed payment, can entail high fees or interest for consumers and as such, shall be equally regulated under the existing regime applicable to credit providers.

Against this backdrop, the Commission has concluded that these types of credit arrangements that BNPL providers are using, should be covered by the revised Directive, to ensure increased transparency and better consumer protection, resulting in higher consumer confidence.

Under the published proposal, the Commission is proposing significant expansion of the scope of application of the existing regime to:

  • credit agreements under EUR 200 and up to EUR 100 000;
  • leasing agreements that have an option to purchase goods or services (e.g. certain motor finance products);
  • credit agreements where the credit is granted free of interest and without any other charges; and
  • credit agreements under the terms of which the credit has to be repaid within three months and only insignificant charges are payable, capturing buy-now pay-later (BNPL) products.

Under the new rules, the lenders will also be required to ensure sure that consumers have easy access to all necessary information and that they are informed about the total cost of the credit, especially in digital and smart device friendly format that enables consumers to read all information contained in an advertisement or pre-contractual documentation. Further, the use of pre-ticked boxes in consumer agreements as well as certain tying practices will be completely prohibited.

On 2 December 2022, the Council and the Parliament announced that they had reached provisional political agreement on the revised text of the proposal. However, at the time of writing of this publication the revised text is still not published.

4. Outlook

With the proposed revision of the Consumer Credit Directive, which shall include introduction of the light-touch framework of BNPL providers, the EU Commission aims to achieve more harmonization in regulation of credit providers operating in the EU that shall enable all consumers in the EU to enjoy a high and equivalent level of protection of their interests within the well-functioning EU Single Market for financial services.

Despite being the first major jurisdiction that is openly looking to regulate BNPL sector, the EU does not appear to be alone in this race. For instance, in the UK, where BNPL models generally fall outside of Financial Conduct Authority (FCA) regulations, the Government is looking to amend the Consumer Credit Act 1974, with the aim of requiring BNPL providers to obtain FCA authorization and comply with the number of regulatory requirements when offering BNPL products to the UK customers.

And despite the increasing regulatory scrutiny, more companies are looking to include BNPL products as part of their service with the aim of joining FinTech firms in the battle for customers interested in BNPL as a payment option. In June 2022, Apple has announced that it will soon be launching a new payment option ‚Apple Buy Later‘, as part of their IOS 16, which shall allow their users to spread the cost of a purchase into four payments over six weeks. This type of initiatives together with the proposed regulatory framework that shall apply to all BNPL providers across the EU, may encourage more traditional banks to try entering into the space and to start testing this type of consumer credit product on their huge customer bases in the coming period.

Nonetheless, it is yet to be seen once the revised Consumer Credit Directive becomes operational, what practical impact will the new rules have on existing BNPL providers as well as new firms that are entering into the space in the coming years.

The EU Crowdfunding Regulation starts to apply: Overview & Practical Considerations (Part 2)


On 10 November 2021, the long-awaited EU Regulation on European Crowdfunding Service Providers, for business (Regulation (EU) 2020/1053) (the ECSPR) that aims to create a harmonised regulatory framework for crowdfunding platforms in the EU has started to apply.

In the first part of our publication we have analysed the scope of application of the ECSPR and the authorisation requirements that prospective CSPs will need to comply with under the new regime. In this second part of our publication we will take a closer look at the investor protection requirements under ECSPR and analyse the impact that the new regime will have on the existing regulatory framework on crowdfunding in Germany.

Investor Protection Requirements

Investor categorization & Entry knowledge test

In term of investor categorization, the ECSPR differentiates between sophisticated investors (professional clients under the MiFID II and persons meeting certain qualification criteria set out in Annex II of the new Regulation) and non-sophisticated investors. Whereas sophisticated investors will not be subject to any limitations when investing, non-sophisticated investors will be subject to mandatory entry knowledge test prior to investing in particular crowdfunding project. Therefore, prior to providing non-sophisticated investors with the full access to crowdfunding offers, CSPs will have to assess investors’ knowledge and experience, financial situation, investment objectives and risk awareness in order to assess which crowdfunding projects are appropriate for them. Periodic appropriateness assessment will have to be conducted every two years.

Key Investment Information Sheet (KIIS)

Inspired by similar concepts that have emerged years ago under the PRIIPs and the UCITS framework, the ECSPR requires CSPs to ensure that investors are provided with a so called Key Investor Information Sheet (KIIS) for each crowdfunding offer. Limited to maximum 6 A4 pages, the KIIS will have to contain key information about the project owner, the project itself, terms and conditions of the fund raising, risk factors, details on associated fees and costs as well as appropriate risk warnings. The KIIS will need to be drawn up by the project owner for each crowdfunding offer and CSPs will be required to have adequate procedures in place to verify the completeness, correctness and clarity of information contained in it.

Since the KIIS will neither be verified nor approved by the NCA like securities prospectus, project owners will be required to make proper disclosure thereto in order to warn prospective investors about the risks associated with investment in respective project. Lending based CSPs providing portfolio management services will be additionally required to draft the KIIS at platform level which shall contain key information on the CSP, available loans in which investors’ funds can be invested as well as information on fees and risks associated with investments.

Auto-investing and use of filtering tools

The use of commonly used filtering tools and automated systems have been also addressed in the new ECSPR. To that end, where filtering tools are available on the platform, based on which investor can shortlist available projects in accordance with the pre-specified criteria (e.g. economic sector, interest rate etc.), the results provided to investors are not to be considered as investment advice as long as information are provided in a neutral manner and without provision of a specific recommendation. On the other hand, CSPs using automated processes based on which investor funds can be automatically allocated to specific projects in accordance with predetermined parameters (so called auto-investing) will be considered as individual portfolio management of loans.

Right to withdraw

Non-sophisticated investors will be able to revoke their offer or expression of interest to invest in a particular crowdfunding offer, within a 4-day pre-contractual reflection period, without the need to provide any reason or to incur penalty of any kind. For this purpose, CSPs will need to provide investors with the clear information on the reflection period and the ways in which investors’ right can be exercised.

The impact of the ECSPR on national framework in Germany

Up until recently, the roles of fundraisers and investors in crowdfunding structures in Germany, could potentially fall under the scope of some regulated financial services.

  1. First, the lending activity of the investor itself could (under certain conditions) constitute the regulated activity of credit business (Kreditgeschäft) within the meaning of Section 1 paragraph 1 Nr. 2 of the German Banking Act (Kreditwesengesetz “KWG”).
  • Second the fundraising via crowdfunding platform could also trigger the licensing requirement for the provision of the so called deposit business (Einlagengeschäft) within the meaning of Section 1 paragraph 1 Nr. 1 KWG.

German national law and administrative practice of the German Federal Financial Supervisory Authority (BaFin) have stipulated a number of exemptions from these regulated activities whose application needs to be assessed always on a case by case basis (like for instance the frequently used exemption for qualified subordinated loans whose granting does not trigger either of the aforementioned regulated activities).

With the aim of bridging this regulatory uncertainty, the German national transposition law (Schwarmfinanzierung-Begleitgesetz), which was adopted on 10 June 2021, makes necessary amendments to KWG by stipulating that fundraisers and lenders that raise/invest funds via crowdfunding platform authorized under the ECSPR, are not to be considered to be providing either of the above mentioned regulated activities.

Further, public offering of securities can generally trigger prospectus obligation under the German Prospectus Act (Wertpapierprospektgesetz “WpPG”), where no exemptions apply. In line with the ECSPR, the national transposition law exempts securities offering made on crowdfunding platforms operating under the new regime from requirements under WpPG.

Timeline & Outlook

Whereas the ECSPR has started to apply as of 10 November 2021 for all in-scope CSPs, the Regulation provides for an additional transitional period for operators of crowdfunding platforms that were operating under national rules before the go-live date of the ECSPR. They will have to apply for a new license and bring their business in line with new requirements by 10 November 2022.

On 10 November 2021, ESMA has published the Final Report on Technical Standards (RTS and ITS) that shall help prospective European CSPs with preparation for compliance with new requirements. In addition to this, in February 2021 ESMA has also published Q&A that bring more clarity to questions around the use of SPVs in crowdfunding structures, transitional provisions and operational requirements under the ECSPR.

The ECSPR promises to overcome existing obstacles embedded in national regimes of individual Member States by enabling CSPs to provide crowdfunding services based on a single set of rules on a cross-border basis and project owners to raise funds from investors from all across the EU. However, it remains to be seen whether and to what extent will the new regime be accepted on the market and whether it will really meet the expectations of EU lawmakers and the crowdfunding industry.

The EU Crowdfunding Regulation starts to apply: Overview & Practical Considerations (Part 1)


On 10 November 2021, the long-awaited EU Regulation on European Crowdfunding Service Providers, for business (Regulation (EU) 2020/1053) (the ECSPR) that aims to create a harmonised regulatory framework for crowdfunding platforms in the EU has started to apply. The ECSPR was published in the EU Official Journal on 20 October 2020 after more than 2 years of long and intense discussions between EU lawmakers.

Unlike in the US where the first crowdfunding regulation was introduced already back in 2015[1], the EU did not have a common regulatory approach to this innovative way of fundraising which enables investors to directly invest in different projects of predominantly start-up companies and SMEs via online platforms. This lack of a harmonised regulatory framework has led to the creation of significant divergences in national rules on crowdfunding of various EU Member States which has been recognised as the main impediment to the provision of crowdfunding services on a cross-border basis in the EU.

With the aim of overcoming existing divergences in national frameworks, new Regulation provides a level-playing field for crowdfunding platforms in the EU, by introducing a harmonized set of rules that will be enable European crowdfunding service providers (CSPs) to explore the full potential of the EU single market.

In this first part of our publication we will analyse the scope of application of the ECSPR and the authorisation requirement that prospective CSPs will need to fulfil under the new regime.


The new EU framework on crowdfunding will cover two most common crowdfunding practices:

  1. the facilitation of granting of loans (lending based crowdfunding)
  2. placement of transferable securities and/or instruments admitted for crowdfunding purposes and/or reception and transmission of investors orders with respect to such instruments (investment based crowdfunding)

Only crowdfunding offers with a consideration not exceeding EUR 5,000,000 per project owner over a 12 month period will be under the scope of the ECSPR. Offers exceeding this threshold will need to be made in accordance with general requirements on public offering of transferable securities and provision of regulated financial services (e.g. under Prospectus Regulation, MiFID II etc.).

It is worth mentioning that some other types of crowdfunding practices, like donation-based crowdfunding or reward-based crowdfunding (in which case investors receive a non-financial consideration for their investment), will not be directly covered by the ECSPR.

Investment based crowdfunding

In terms of investment based crowdfunding, the ECSPR covers the placement of both transferable securities as well as other instruments admitted for crowdfunding purposes.

Transferable securities

The definition of transferable securities under the ECSPR is based on the definition under Art. 4 (1) (44) MIFID II. In the wake of ever-increasing use and popularity of crypto-assets the legitimate question that can be asked is whether crypto-assets can also be used for the purposes of fundraising in accordance with the new regime on investment based crowdfunding under the ECSPR? See our detailed analysis on this topic in our previous article.

Instruments admitted for crowdfunding purposes

This is a new definition introduced by the ECSPR which basically refers to shares in private limited companies issued by the project owner (or an SPV) that are not subject to transferability restrictions under national law. To this end, the EU lawmaker has decided to leave national lawmakers the possibility to allow or prohibit the use of shares in private limited companies for crowdfunding purposes. In Germany for instance, shares in private limited companies (Gesellschaften mit beschränkter Haftung „GmbH“) will not be suitable instruments for crowdfunding purposes, given that their transfer is subject to notarisation under national law.

Lending based crowdfunding

When it comes to facilitation of granting of loans the EU lawmaker emphasises that this crowdfunding practice shall be clearly distinguished from activities of regulated credit institutions that grant credits for their own account and take deposits or other repayable funds from the public. The operator of a crowdfunding platform acts as an intermediary who merely facilitate the conclusion of a loan agreement between the fundraiser (project owner) and the lender (investor) without at any moment acting as a lender or a fundraiser itself.

Under the ECSPR the term “loan” refers solely to an agreement in which a defined amount of money is made available to the project owner for an agreed period of time and which creates an unconditional repayment obligation of the lent amount (together with accrued interest) to investor in accordance with the instalment payment schedule. Despite seeming quite straight forward, this definition excludes certain types of loan agreements like for instance qualified subordinated loan agreements that have been frequently used in Germany as a way of circumvention of onerous national requirements on fund raising and lending.

Authorisation requirements

Legal entities that provide crowdfunding services within the meaning of the ECSPR will need to obtain authorization from the national competent authority (NCA) in their Member State of establishment and once authorized, they will be able to provide crowdfunding services across the EU on a cross-border basis (based on the EU passport for the provision of crowdfunding services).

Apart from being located in the EU, the prospective CSPs will also be required to fulfil a number of regulatory requirements for the purposes of authorisation under the new regime that can be summarized as follows:

Prudential requirements

Prudential safeguards need to be put in place in the form of own funds, insurance policy or combination of both equal to amount of at least the highest between:

  1. EUR 25.000, or
  2. one quarter of the fixed overheads of the preceding year, reviewed annually, including the cost of servicing loans for three months when the CSP also facilitate the granting of loans.

Entities that are already subject to CRR regime or are authorised as electronic money institution (under EMD) or payment services provider (under PSD 2) are not required to fulfil additional prudential requirements under this Regulation.

Conflict of interest & Inducements

In order to prevent potential conflict of interest, CSPs will be prohibited from having participation in crowdfunding offers offered on their platforms as well as from offering crowdfunding offers of persons closely related to them (i.e. their shareholders having more than 20% of shares/voting rights, their managers, employees or persons related to them).

The ECSPR also stipulates a „mini ban on inducements“ for CSPs by prohibiting them from paying or receiving any remuneration, discount or non-monetary benefit for routing investor’s orders to a particular crowdfunding offer offered on their or a third party platform.

Due diligence

Prior to listing crowdfunding offer on their platform, CSPs will be required to perform the necessary due diligence as regards whether the project owner has a criminal record and/or place of incorporation in a non-cooperative jurisdiction or high-risk third country. 

Provision of asset safekeeping & payment services

Given that in the course of crowdfunding intermediation, platforms usually need to collect investors’ funds (i.e. via wire transfer/credit card payment), place them on a designated account and then transfer them to the project owner account, the ECSPR sets clear boundaries with respect to provision of other regulated activities that can be essential part of this process. To that end, CSPs will be prohibited from providing payment services unless they hold a separate authorisation under the Payment Services Directive (PSD II) as well as custody services with respect to transferable securities where they are not authorised under the MiFID II or CRD IV framework.

Therefore, where CSPs do not hold above mentioned licenses to provide these services on their own, they will have to enter into cooperation arrangements with authorised third parties and inform their clients about relevant terms and conditions of service agreements and the fact that services will be provided by a third party.

Indirect effect of the AML/CTF rules

Besides bringing payment transactions for crowdfunding purposes indirectly under the scope of AML/CTF rules (by virtue of the fact that all payments will have to run through authorised payment providers that are obliged entities under the EU AMLD framework) the ECSPR does not explicitly bring CSPs on the list of obliged entities that are required to comply with rules on prevention of money laundering and terrorist financing. The recently published proposal of the EU AML/CTF Regulation, which we have analysed in our previous article, adds only crowdfunding service providers, operating outside the scope of the ECSPR to the list of obliged entities that are required to comply with AML requirements. Nevertheless, in one of its recitals[2] the ECSPR specifies that the EU Commission shall assess the necessity of adding the CSPs on the list of obliged entities in the future.

Individual portfolio management of loans

Allocation of pre-determined amounts of investors’ funds to one or several crowdfunding projects by CSPs in accordance with individual mandate will be defined as a provision of portfolio management services under the ECSPR in the case of which CSPs will be required to comply with additional requirements. The CSPs will have to properly define investment parameters for each portfolio management mandate and put in place effective systems and procedures on risk management, record-keeping and regular reporting to investors.

In the second part of our publication we will analyse the investor protection requirements that the prospective CSPs will need to comply with as well as the impact of the ECSPR on national regulatory framework in Germany.


[2] Recital 32 of the Regulation (EU) 2020/1503

Investment based crowdfunding and crypto assets – Challenges ahead

Crowdfunding Regulation

With the aim to overcome existing divergences in national frameworks on crowdfunding, in October 2020 the EU has adopted and published the long awaited final text of the Regulation on crowdfunding service providers (Regulation (EU) 2020/1503), the European Crowdfunding Service Provider Regulation “ECSPR”). The ECSPR provides a level-playing field for crowdfunding platforms in the EU, by introducing a harmonized set of rules that will be enable European crowdfunding service providers (CSPs) to explore the full potential of the EU single market.

The ECSPR covers two main types of practices used by crowdfunding platforms:

  1. Facilitation of granting loans (lending based crowdfunding)
  2. Placement of transferable securities within the meaning of Art. 4 para. 1 Nr. 44 MiFID II and/or instruments admitted for crowdfunding purposes that basically refer to shares in private limited companies that are not subject to restrictions that would effectively prevent them from being transferred (investment based crowdfunding)

Offers of financial instruments, either transferable securities or above-described instruments admitted for crowdfunding purposes under national law, of a single project owner whose total consideration is not exceeding 5.000.000 EUR will be eligible to be treated as crowdfunding offers and thereby will be exempted from more onerous requirements stipulated by EU and national rules on securities prospectus and securities issuing requirements.

The ECSPR will start to apply as of 10 November 2021. Crowdfunding service providers operating already under national regimes are provided with a 12-month transitional period within which they will have to ensure compliance with new rules.

Given that the ECSPR is primarily aimed to regulate crowdfunding service providers, the exact scope of application of the investment based crowdfunding in respective EU Member State can only be assessed based on relevant provisions of national law that implement MiFID II definition of transferable securities and define instruments that may fall under the definition of instruments admitted for crowdfunding purposes.

Investment based crowdfunding with crypto-assets – the new frontier?

In the wake of the ever increasing use of crypto-assets for fund raising, the legitimate question that can be raised is whether the crypto-assets can also be used for the purposes of fund raising in accordance with the new regime on investment based crowdfunding under the ECSPR.

Currently, most EU Member States do not stipulate de jure the possibility of issuing transferable securities via DLT or similar technology. However, majority of supervisory authorities across the EU tend to assess the legal status of each crypto-asset on a case by case basis by assessing its features based on various criteria like the level of standardization, tradability on financial markets etc.

  • Debt securities

In relation to crypto-assets with features of debt financial instruments (bonds, derivatives etc.) most supervisory authorities in the EU have taken pragmatic approach by assessing their legal status on a case by case basis and by treating them in accordance with applicable rules on issuance of financial instruments within the meaning of MiFID II. Nevertheless, there are also certain potential impediments to the issuance of debt transferable securities in tokenized form. These are particularly related to requirements under CSDR (e.g. requirement for transferable securities to be registered with CSD in book-entry form) as well as potential obstacles in national legislation like requirement for transferable securities to be represented in the form of a global certificate in physical form.

  • Equity securities

In addition to above mentioned challenges to tokenization of debt securities, the issuing of equity securities in tokenized form (in their literal meaning) has been prevented in most EU Member States due to open legal questions arising from company law that is barely harmonized at the EU level. Therefore, the possibility of using the new crowdfunding regulatory framework for the issuance and placement of equity based transferable securities depends largely on provisions of company law and securities law at national level. The recently published German Act on Electronic Securities (eWpG), which has for the first time allowed the issuing of securities in Germany in electronic or even crypto-form, is also one good example of how the issuing of tokenized shares can hardly be enabled by amendments of securities legislation. Due to related company law issues, German legislator has decided to make new provisions of eWpG solely applicable to debt instruments and units in investment funds, by leaving companies shares out of the scope of its application for the time being.

  • Reform of the MiFID II definition of financial instruments

With the intention to overcome the regulatory uncertainty around the application of MiFID II framework to crypto assets with features of financial instruments the European Commission has proposed in September 2020 a Directive that shall, among other, amend the MiFID II definition of financial instruments.

The new definition will be covering all types of financial instruments under MiFID II (including transferable securities) issued via DLT or similar technology as well. Due to the fact that MiFID II is a Directive, the revised definition will still need to be implemented into national law and currently significant divergences exist in national definitions of financial instruments across the EU. Last but not least, previously mentioned company law issues that prevent issuance of tokenized shares in many EU Member States and new laws on issuance of crypto-securities that fall short of covering all types of financial instruments in certain Member States (like in Germany) will represent challenges that will still need to be addressed. Until the new regime based on the expanded MIFID II definition becomes operational prospective the issuers of security tokens will still need to rely on national laws and the wide interpretative discretion of national supervisory authorities.

  • Instruments admitted for crowdfunding purposes

Looking into the issuing of instruments admitted for crowdfunding purposes (shares in private limited companies) in tokenized form, the picture doesn’t seems to be brighter either. The ECSPR stipulates explicitly that its definition and scope of application in relation to admitted instruments for crowdfunding purposes applies without prejudice to requirements under national laws that govern their transferability, such as the requirement for the transfer to be authenticated by a notary. To that end, EU Member States have a final say when it comes to deciding whether shares in private companies will be eligible to be used for crowdfunding purposes under the new regime. There is a fairly big chance that certain Member States will exclude shares in private limited companies from the scope of application of the new regime at national level by stipulating gold-platting provisions in national law. For instance, heavily criticized national transposition law in Germany, which was published in March this year, stipulates such an exclusion that will prevent shares in private limited companies of being used for crowdfunding offers under the new regime. Despite the fact that such measure would most probably just result in incorporation of fund raising SPVs in other EU jurisdiction (whose shares can still be offered on crowdfunding platforms anywhere in the EU) it cannot be excluded that some other EU Member State will follow similar approach.


Against the backdrop of everything mentioned above, it is fair to conclude that prospective fund raisers intending to leverage the new regime on crowdfunding as a less onerous regulatory framework comparing to regime under Prospectus Regulation will still largely need to ensure compliance with national laws in respective Member States from where they are intending to operate / set up an SPV for fund raising. The proposed EU Regulation on markets in crypto-assets (MiCAR) doesn’t seem to provide any further clarity to this topic either, because its scope of application will be limited solely to crypto assets that do not qualify as financial instruments under the MiFID II framework.

Therefore, despite the fact that the ECSPR has achieved significant progress in harmonization of rules on crowdfunding in the EU, there are still many challenges ahead that will need to be addressed before the crowdfunding as an alternative finance model starts to leverage DLT and crypto-assets in full capacity.

Die neue EU-Regulierung für Schwarmfinanzierungsdienstleister Teil 1: Wen trifft die neue Regulierung?

Ende Oktober 2020 wurde die Verordnung über Europäische Schwarmfinanzierungsdienstleister im Amtsblatt der EU veröffentlicht. Sie gilt ohne Umsetzungsgesetz unmittelbar in jedem EU-Mitgliedstaat ab dem 10. November 2021. Mit der Verordnung werden Schwarmfinanzierungsdienstleister erstmals einheitlich in der EU reguliert.

In einer zweiteiligen Beitragsreihe wollen wir näher betrachten, was Schwarmfinanzierung und Schwarmfinanzierungsdienstleister überhaupt sind, wie die bisherige Rechtslage in Deutschland aussieht und was die wesentlichen Inhalte der neuen Verordnung sind.

Schwarmfinanzierung – was ist das?

Schwarmfinanzierung bezeichnet eine Finanzierungsform, bei der eine Vielzahl von (privaten) Geldgebern ein konkretes Projekt oder Unternehmen, in der Regel mit jeweils eher geringeren Beträgen, finanziert. Erfolgt die Finanzierung über die Gewährung eines Kredits, spricht man von Crowdlending. Erfolgt das Investment hingegen über sonstige Anlagen, spricht man von Crowdinvesting. Die Anleger erhalten für das Investment z.B. einen festen Zinssatz oder werden über einen erfolgsabhängigen Zinssatz an zukünftigen Gewinnen des finanzierten Projekts beteiligt. Bei den kapitalsuchenden Unternehmen handelt es sich in der Regel um kleine und mittelgroße Unternehmen, häufig auch Start-ups, die sich so auf relativ unkomplizierte und schnelle Weise mit Kapital ausstatten können. Die Alternative für diese Unternehmen wäre eine klassische Fremdkapitalaufnahme bei Banken oder das Einsammeln von Kapital z.B. im Wege von Anleihen, womit aber häufig eine mit relativ hohen Kosten verbundene Prospektpflicht einhergeht. Anleger und kapitalsuchende Unternehmen finden in der Regel über Internet-Dienstleistungsplattformen zusammen, über die die Einsammlung der Gelder erfolgt. Die Internetplattform ist der Schwarmfinanzierungsdienstleiter.

Bisherige Rechtslage – Erlaubnis- und Prospektpflicht?

Der Plattformbetreiber wird in der Regel einer finanzaufsichtlichen Erlaubnis bedürfen. Welche Erlaubnis konkret erforderlich ist, hängt vom jeweiligen Geschäftsmodell im Einzelfall ab. In Betracht wird häufig eine Erlaubnispflicht nach dem Kreditwesengesetz (KWG) und dem Zahlungsdiensteaufsichtsgesetz (ZAG) kommen. Möglich ist aber auch einer Erlaubnis nach dem Kapitalanlagegesetzbuch (KAGB) oder der Gewerbeordnung (GewO). Je nach Ausgestaltung des Geschäftsmodells kann der Plattformbetreiber z.B. das Einlagengeschäft nach dem KWG erbringen, wenn er sich von potenziellen Anlegern bereits vor Abschluss konkreter Verträge die Geldbeträge einzahlen lässt, mit denen diese über die Plattform Projekte finanzieren möchten. Das kann z.B. im Rahmen der Nutzeranmeldung erfolgen. Möglich ist aber auch die Erbringung von Anlage- oder Abschlussvermittlung. Anlagevermittlung liegt vor, wenn die Plattform als Bote des Anlegers dessen Absicht, Finanzinstrumente anschaffen oder veräußern zu wollen, an das kapitalsuchende Unternehmen weiterleitet. Abschlussvermittlung wird z.B. erbracht, wenn der Plattformbetreiber als Stellvertreter bevollmächtigt ist, die Willenserklärung eines Anleger anzunehmen, um ein Finanzinstrument zu kaufen. In Betracht kommt aber auch eine Erlaubnis nach dem ZAG zur Erbringung des Finanztransfergeschäfts, wenn der Betreiber der Internet-Dienstleistungsplattform etwa Gelder von Anlegern entgegennimmt und an die Anbieter der Unternehmensbeteiligung weiterleitet.

Ist das Geschäftsmodell der Plattform so ausgestaltet, dass Vermögensanlagen nach dem Vermögensanlagengesetz (VermAnlG) oder Wertpapiere vermittelt werden, muss der Betreiber sich daneben auch die Frage stellen, ob er einer Prospektpflicht unterliegt. Das VermAnlG sieht insoweit zwei praxisrelevante Ausnahmen der Prospektpflicht vor. Es enthält zum einen eine sog. Bagatellgrenze, die z.B. eingreift, wenn von einer Vermögensanlage insgesamt nur wenige Anteile angeboten werden oder diese unter einer bestimmten Preisgrenze bleiben. Zudem sieht das VermAnlG eine Ausnahme eigens für Schwarmfinanzierungen vor. Durch sie entfällt die Pflicht zur Veröffentlichung eines Verkaufsprospektes für die angebotenen Vermögensanlagen, wenn diese über eine Internet-Dienstleistungsplattform vermittelt werden und weitere gesetzlich geregelte Voraussetzungen erfüllt sind; der Anleger z.B. max. 1.000 EUR bei einem kapitalsuchenden Unternehmen investieren kann.

An wen richtet sich die neue Verordnung?

Die neue Verordnung richtet sich an den Erbringer von Schwarmfinanzierungsdienstleistungen. Formaljuristisch bedeutet die Erbringung einer Schwarmfinanzierung im Sinne der neuen Verordnung die Zusammenführung von Geschäftsfinanzierungsinteressen von Anlegern und Projektträgern mithilfe einer Schwarmfinanzierungsplattform, durch die Vermittlung von Krediten oder die Platzierung von übertragbaren Wertpapieren, die von Projektträgern ausgegeben wurden, sowie die Annahme und Übermittlung von Kundenaufträgen in Bezug auf diese übertragbaren Wertpapiere. Schwarmfinanzierungsdienstleister ist also der Betreiber der Internet-Dienstleistungsplattform, bei denen sich das kapitalsuchende Unternehmen registrieren und sein Projekt den potentiellen Anlegern vorstellen kann. Nicht von der Verordnung erfasst sind Schwarmfinanzierungsangebote über 5 Mio. Euro; ab diesem Betrag gilt in der Regel eine Prospektpflicht, sodass eine zusätzliche Regulierung nicht erforderlich ist.

Ausblick Teil 2: Was ist der Inhalt der neuen Verordnung?

Mit der neuen Verordnung werden einheitliche Anforderungen an die Erbringung von Schwarmfinanzierungsdienstleistungen, an die Organisation, die Zulassung und die Beaufsichtigung von Schwarmfinanzierungsdienstleistern, an den Betrieb von Schwarmfinanzierungsplattformen sowie an Transparenz in Bezug auf die Erbringung von Schwarmfinanzierungsdienstleistungen in der EU festgelegt. Das schauen wir und in Teil 2 genauer an.

KAIT: Anforderungen an die IT von Kapitalverwaltungsgesellschaften

Einer der Aufsichtsschwerpunkte der BaFin für 2019 ist die IT-Infrastruktur der regulierten Unternehmen. Denn aufgrund der zunehmenden Digitalisierung der Finanzindustrie werden IT-Systeme und IT-Infrastruktur für Finanzinstitute immer wichtiger. Daher ist es für Institute von entscheidender Bedeutung, dass ihre IT-Systeme eine robuste Struktur aufweisen und sie sich der Risiken bewusst sind, die sich aus der Nutzung der IT ergeben können sowie dass sie für eventuelle Störfälle entsprechend vorbereitet sind. Denn nur so kann sichergestellt werden, dass das Unternehmen die Finanzdienstleistung dauerhaft und zuverlässig erbringen kann.

Zu diesem Zweck hat die Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) am 08. April 2019 eine Konsultation zum Entwurf des Rundschreibens Kapitalverwaltungsaufsichtliche Anforderungen an die IT (KAIT) veröffentlicht. Das Rundschreiben enthält Hinweise zur Auslegung der nationalen und europarechtlichen Vorschriften über die Geschäftsorganisation, soweit sie sich auf die technisch-organisatorische Ausstattung (und damit auch auf die IT-Systeme) der Kapitalverwaltungsgesellschaften (KVGen) beziehen. Die BaFin verfolgt das Ziel, die IT-Sicherheit im Markt zu erhöhen und das IT-Risikobewusstsein in den KVGen zu schärfen und gibt dem Management mit dem Rundschreiben einen Rahmen für die technisch-organisatorische Ausstattung der IT, insbesondere auch für das Management der IT-Ressourcen und für das IT-Risikomanagement. Da immer mehr Unternehmen IT-Dienstleistungen von Dritten in Anspruch nehmen, regelt das Rundschreiben auch den Umgang mit Auslagerungen von IT-Aktivitäten und IT-Prozessen und holt so auch nicht-regulierte IT-Anbieter in ihr Aufsichtsspektrum. Der Entwurf steht bis zum 15. Mai 2019 zur Konsultation.

Im Einzelnen regelt das Rundschreiben:

  1. Die Verpflichtung der KVG, eine IT-Strategie vorzuhalten sowie u.a. Mindestinhalte dieser Strategie. Aufzunehmen ist z.B. die strategische Entwicklung der IT-Aufbau- und IT-Ablauforganisation der KVG, die Auslagerung von IT-Dienstleistungen, Aussagen zum Notfallmanagement und Aussagen zu in den Fachbereichen selbst betriebenen oder entwickelten IT-Systemen.
  2. Die Implementierung einer IT-Governance, also einer Struktur zur Steuerung sowie Überwachung des Betriebs und der Weiterentwicklung der IT-Systeme einschließlich der dazugehörigen IT-Prozesse auf Basis der IT-Strategie. Die KVG muss insbesondere Bereiche wie das Informationsrisikomanagement, den IT-Betrieb und die Anwendungsentwicklung mit quantitativ und qualitativ angemessenem Personal ausstatten, für IT-Risiken angemessene Überwachungs- und Steuerungsprozesse einrichten, sicherstellen, dass IT-bezogenen Geschäftsaktivitäten auf der Grundlage von Organisationsrichtlinien betrieben werden und im Störungsfall geeignete Notfallmaßnahmen ergriffen werden.
  3. Die internen Prozesse zum Informationsrisikomanagement. Die KVG hat die mit dem Management verbundenen Aufgaben, Kompetenzen, Verantwortlichkeiten, Kontrollen und Kommunikationswege klar zu definieren und aufeinander abzustimmen. Sie hat angemessene Überwachungs- und Steuerungsprozesse einzurichten. Dabei ist besonders auf IT-Risikokriterien, die Identifikation von IT-Risiken und die Festlegung des Schutzbedarfs für den IT-Betrieb einzugehen.
  4. Vorgaben zum Informationssicherheitsmanagement. Dies macht Vorgaben zur Informationssicherheit, definiert Prozesse, steuert deren Umsetzung und folgt einem fortlaufenden Prozess, der die Phasen Planung, Umsetzung, Erfolgskontrolle sowie Optimierung und Verbesserung umfasst. Die KVG muss zudem z.B. eine Informationssicherheitsleitlinie beschließen und die Funktion eines Informationssicherheitsbeauftragten einrichten.
  5. Die Implementierung eines Benutzerberechtigungsmanagement, das sicherstellt, dass den Benutzern eingeräumte Berechtigungen so ausgestaltet sind und genutzt werden, wie es den organisatorischen und fachlichen Vorgaben der KVG entspricht. Das Rundschreiben enthält detaillierte Vorgaben, z.B. dass die Vergabe von Berechtigungen an Benutzer nach dem Sparsamkeitsgrundsatz (Need-to-know-Prinzip) zu erfolgen hat.
  6. Die Regelungen für IT-Projekte und die Anwendungsentwicklung. So sind IT-Projekte und Veränderungen der IT-Systeme vor ihrer Übernahme in den produktiven Betrieb zu testen und von den fachlich sowie auch von den technisch zuständigen Mitarbeitern abzunehmen. Produktions-und Testumgebung sind dabei grundsätzlich von einander zu trennen. Für die Entwicklung neuer IT-Funktionen sind angemessene Prozesse festzulegen, die Vorgaben zur Anforderungsentwicklung, zum Entwicklungsziel, zur technischen Umsetzung, zur Qualitätssicherung, sowie zu Test, Abnahme und Freigabe enthalten.
  7. Vorgaben zum konkreten IT-Betrieb. So sind beim Betrieb der IT-Systeme etwa Risiken aus veralteten Systemen zu berücksichtigen. Zudem sind alle Komponenten der IT-Systeme sowie deren Beziehung zueinander in geeigneter Weise zu verwalten und die hierzu erfassten Bestandsangaben regelmäßig sowie anlassbezogen zu aktualisieren.
  8. Konkretisierungen der Anforderungen an die Auslagerung und den sonstigen Fremdbezug von IT-Dienstleistungen. So werden z.B. Sachverhalte aufgezählt, die die BaFin als Auslagerung von IT-Dienstleistungen ansieht, wie z.B. die Anpassung von Software an die Erfordernisse der KVG (Customising).


Der Entwurf des Rundschreibens KAIT konkretisiert die Regelungen der Mindestanforderungen an das Risikomanagement von Kapitalverwaltungsgesellschaften (KAMaRisk), die Vorgaben des KAGB und der Delegierten Verordnung zu der Geschäftsorganisation einer KVG. Die BaFin legt damit ihre Verwaltungspraxis offen. KVGen bekommen dadurch detailliertere Vorgaben zu den aufsichtsrechtlichen Anforderungen, die ihre IT-Systeme und ihre IT-Infrastruktur erfüllen muss, was wiederum zu mehr Rechtssicherheit führt. Die Vorgaben sind prinzipienorientiert und lassen damit Raum für eine Aufsichtspraxis, die die Größe und die individuellen Geschäftsmodelle der KVGen berücksichtigt. Dem Investor kommen die aufsichtsrechtlichen Anforderungen an die IT wiederum deshalb zugute, da diese letztendlich eine kontinuierliche und störungsfreie Erbringung der Dienstleistung sicherstellen sollen.

ESAs publish joint report on regulatory sandboxes and innovation hubs – Part 1: Innovation hubs available for enquiries

On January 7th 2019, the European Supervisory Authorities (ESAs) (consisting of the European Securities and Markets Authority, the European Banking Authority and the European Insurance and Occupational Pension Authority) published as part of the European´s Commission FinTech Action Plan e a joint report on innovation facilitators (i.e. regulatory sandboxes and innovation hubs) available here . The report sets out a comparative analysis of the innovation facilitators established to date within the EU including the presentation of best practices for the design and operation of innovation facilitators.

We take the report as an occasion to present both innovation hubs and regulatory sandboxes in a two-part article. In Part 1 we will discuss what exactly innovation hubs are, what goals they pursue and how they are structured in Germany. Part 2 will then deal with the regulatory sandboxes.

Innovation hubs – What they are and what their goals are

It is often difficult for companies to obtain binding statements on regulatory requirements when a business model is still developing. Innovation hubs create a formal framework that considerably simplifies the exchange between innovators and supervisors, thereby promoting market access.

Innovation hubs provide a dedicated point of contact for firms to raise enquiries with competent authorities on Fin Tech-related issues to seek non-binding guidance on the conformity of innovative financial products, financial services, business models or delivery mechanisms with licensing or registration requirements and regulatory and supervisory expectations. In general, the innovation hubs are available to companies as a user interface at the relevant national authority. In Germany, the innovation hub is located at the Federal Financial Supervisory Authority (Bundesanstalt für FinanzdienstleistungsaufsichtBaFin) and is available here. A total of twenty-one EU Member States have established innovation hubs.[1]

Innovation hubs have been set up to enhance firms´ understanding of the regulatory and supervisory expectations regarding innovative business models, products and services. To achieve this goal, firms are provided with a contact point for asking questions of, and initiate dialogue with, competent authorities regarding the application of regulatory and supervisory requirements to innovative business models, financial products, services and delivery mechanisms. For example, the innovation hubs provide firms with non-binding guidance on the conformity of their proposed business model with regulatory requirements; specifically, whether or not the proposition would include regulated activities for which authorisation is required.

Who can participate and how does an innovation hub work exactly?

In the following, we explain which companies can participate in the innovation hubs and describe how exactly the communication between the companies and the innovation hub takes place.


The innovation hubs are open to all firms, whether incumbents or new entrants, regulated or unregulated which adopt or consider to adopt innovative products, services, business models or delivery mechanisms.

Communication process between firms and competent authorities

The following ESA graph illustrates the communication process between the firms and the competent authority using the innovation hub. The individual phases of the communication process are explained below. [2]

Submission of enquiries via interface

In order to submit enquiries, all innovation hubs set up in the EU Member States offer interested companies user interfaces through which contact can be established with the respective supervisory authority. This can be done e.g. by telephone or electronically, but also via online meetings or websites. Some innovation hubs also offer the possibility of organising physical meetings. In Germany, BaFin provides an electronic contact form in which both the company data and the planned business model can be presented and transmitted to BaFin. The contact form is available here.

Assigning the request to the relevant point of contact within the competent authority

As soon as the contact has been established and the request has been submitted, typically the authority conducts a screening process to determine how best to deal with the queries raised. In this process, the authority considers factors such as the nature of the query, its urgency and its complexity, including the need to refer the query to other authorities, such as data protection authorities.

Providing responses to the firms

Depending on the nature of the enquiries raised, several information exchanges between the firm and the competent authority may take place. Responses to firms may be routed to different channels such as meetings, telephone calls or email. Typically, the responses provided via the innovation hub are to be understood as preliminary guidance based solely on the facts established in the course of the communications between the firms and the competent authority. The companies can use the information gained to better understand the regulatory requirements for their planned business model and develop it further on this basis.

Follow-up actions

Some authorities offer follow-up actions within their innovation hubs. Especially if the communication process between the company and the authority shows that the business model of the company includes a regulated activity. In this case, some competent authorities may provide support within the authorisation process (e.g. dedicated point of contact, guidance on the completion of the application form).

Previous experiences on the use of innovation hubs

Although innovation hubs are available to all market participants, according to the ESA report, three categories of companies in particular use the innovation hubs: (i) start-ups, (ii) regulated entities that are already supervised by competent authorities and are considering innovation products or services and (iii) technology providers offering technical solutions to institutions active in the financial markets.

Typically, the firms use the innovation hub to seek information about the following: (i) whether or not a certain activity needs authorisation and, if so, information about the licensing process and the regulatory and supervisory obligations, (ii) whether or not anti-money laundering issues arise, and (iii) the applicability of consumer protection regulation and (iv) the application of regulatory and supervisory requirements (e.g. systems and controls).


Innovation hubs provide companies with a good opportunity to interact with regulators via a user-friendly platform. They can therefore clarify the regulatory requirements for the products they plan to develop at an early stage and incorporate them into their business planning. By setting up innovation hubs, especially for young and dynamic (FinTech-) start-ups, the inhibition threshold to contact the supervisory authority is significantly lowered, especially because predefined user interfaces can be used.

[1] Austria, Belgium, Bulgaria, Cyprus, Germany, Denmark, Estonia, Spain, Finland, France, Hungary, Ireland, Iceland, Italy, Liechtenstein, Lithuania, Luxembourg, Latvia, Netherlands, Norway, Poland, Portugal, Romania, Sweden, UK.

[2] Source: ESA Report FinTech: Regulatory sandboxes and innovation hubs.

Entwurf der neuen FinVermV bringt Verschärfungen und Erleichterungen mit sich

Am 7. November 2018 hatdas Bundesministerium für Wirtschaft und Energie den lang erwarteten Referentenentwurf   für die Verordnung zurÄnderung der Finanzanlagenvermittlungsordnung (FinVermV) veröffentlicht. Hintergrund ist die Anpassung derFinVermV an die Vorgaben der Zweiten Finanzmarktrichtlinie (MiFIDII). 
Wir hatten bereits hier darüber berichtet. Die neue FinVermV wird regeln, welche Vorschriften derMiFID II auch für gewerbliche Finanzanlagenvermittler mit einer Erlaubnis nach§ 34f GewO gelten. Zu dem Referentenentwurf konnte bis zum 22. November 2018Stellung genommen werden. Es wird erwartet, dass die neue FinVermV ohneÜbergangsfrist zum Jahresbeginn 2019 in Kraft treten wird.

Nach dem Willen der Bundesregierung sollten Finanzanlagenvermittler künftig zumindest in Teilen eine den Regulierungen für Banken und Finanzdienstleister nach dem WpHG entsprechende Regulierung erfahren. Doch wie weit diese entsprechende Regulierung konkret gehen soll, war bis zur Veröffentlichung des Referentenentwurfs nicht klar. Zu Anfang die schlechte Nachricht – auf Finanzanlagenvermittler kommen Verschärfungen zu.

Zukünftig müssen Finanzanlagenvermittler dieInhalte von Telefongesprächen und elektronischer Kommunikation aufzeichnen (Taping), sobald sie Vermittlung vonoder Beratung zu Finanzanlagen erbringen. Der Anlagevermittler muss zudem sicherstellen,dass auch mitwirkende Beschäftigte diese Pflicht einhalten. Dies dient derStärkung des Anlegerschutzes, der Verbesserung der Marktüberwachung und schafftRechtssicherheit für beide Seiten, Finanzanlagenvermittler und Anleger. DieRegelung orientiert sich am WpHG, vgl. zu den Anforderungen hier Nicht erfasst sind Gespräche, die nicht Beratung oder Vermittlung voneinzelnen oder mehreren konkreten Finanzanlagen zum Inhalt haben.Anbahnungsgespräche, Terminabsprachen und Kommunikation, die sich aufVersicherungsprodukte oder Darlehen bezieht, sind also nicht aufzuzeichnen. DieAbgrenzung ist jedoch schwierig, wenn sich ein Gespräch in eine andere als diegeplante Richtung entwickelt. Das Taping wird erhebliche Ressourcen inzeitlicher, technischer und personeller Hinsicht erfordern.

Ähnlich stellt es bezüglich der Vermeidung,Regelung und Offenlegung von Interessenkonflikten dar.Der Anlagevermittler muss angemessene Maßnahmen treffen, umInteressenkonflikte zu erkennen und zu vermeiden. Lassen sichInteressenkonflikte seitens des Anlagevermittlers im Vorfeld nicht vermeiden, müssen sie derart geregelt werden, dasssie keine Nachteile für den Anleger auslösen. Das betrifft insbesondere Interessenkonflikte,die durch Zuwendungen, ähnliche Anreize oder die Vergütungsstrukturhervorgerufen werden können. Bestehen trotz angemessener Maßnahmen weiterhin Interessenkonflikte, so sinddiese dem Anleger gegenüber rechtzeitig vor Abschluss eines Geschäfts offen zulegen. Die Art und Weise der Vergütungsstruktur und/oder Bewertung derMitarbeiter darf nicht mit der Mitarbeiterpflicht kollidieren, in bestmöglichenKundeninteresse zu handeln. Die konkrete Ausgestaltung darf auf keinen Falldazu führen, dass die Anlagenempfehlung nicht durch die Bedürfnisse desAnlegers, sondern durch die Vergütungsinteressen der Mitarbeiter bestimmt wird.Die Annahme und Gewährung von Zuwendungen darf sich nicht nachteilig auf dieQualität der Vermittlung und Beratung auswirken. Der Anlagevermittler muss außerdemstets im bestmöglichen Interesse des Anlegers ehrlich, redlich und professionellhandeln.

Schon unter der aktuellen FinVermV besteht für Finanzanlagenvermittlergegenüber dem Anleger eine Informationspflichthinsichtlich Risiken, Kosten und Nebenkosten der Anlage, der neue Referentenentwurfverlangt jedoch einen detaillierteren Kostenausweis. Das beinhaltet für dieFinanzanlagenvermittler die Pflicht zu einer Kostenaufstellung sowohl ex-ante alsauch ex-post. Sie müssen ihren Kunden nunmehr schon vor dem Abschluss des Geschäfts detailliert aufschlüsseln, welcheKosten für das Produkt voraussichtlich fällig werden. Der Anleger soll damit indie Lage versetzt werden, eine fundierte Anlageentscheidung treffen zu können. Nach Abschluss des Geschäfts müssen danndie tatsächlich angefallenen Kosten zusammengestellt werden. Das bedeutet einenerhöhten Verwaltungsaufwand für die Vermittler, der allerdings dadurch etwasabgeschwächt wird, dass sie für die Kostenaufstellung auch die Informationenverwenden können, die ihnen das die Finanzanlage konzipierende Unternehmen, derEmittent oder das depotverwaltende Institut zur Verfügung stellt.

Mit der Regulierung gehen aber auch gute Nachrichten fürFinanzanlagenvermittler einher.

Die Zuwendungsregeln fürAnlagevermittler sind weniger streng ausgefallen als die des WpHG, vgl. hier.Annahme und Gewährung von Zuwendungen dürfen sich nicht nachteilig auf dieQualität der Vermittlung und Beratung auswirken. Allerdings muss nicht jedeZuwendung vollständig in die Qualitätsverbesserung fließen, sodassAnlagevermittler Provisionen behalten dürfen. Auch müssen dieFinanzanlagevermittler im Gegensatz zu Banken und Finanzdienstleistern nach demWpHG keine eigene Zielmarktbestimmungvornehmen. Es reicht aus, wenn sie die Zielmarktbestimmung des Emittenten oderKonzepteurs einholen und verstehen, um so sicherstellen zu können dass sie demAnleger nur passende Finanzanlagen vermitteln. Die bisherige Pflicht zurErstellung eines Beratungsprotokolls entfällt. Stattdessen muss dem Anlegereine Geeignetheitserklärung zurVerfügung gestellt werden, in der die Gründe für die Anlageempfehlungzusammengefasst sind. Zudem ist auch weiterhin keine direkte Beaufsichtigung durch die BaFin vorgesehen.

Was bleibt also festzuhalten? Die neue FinVermV wird durchaus zu Veränderungenfür die Finanzanlagenvermittler führen. Insbesondere das Taping und dieKostenaufstellung ex-ante und ex-post, wird zu einem erhöhten Arbeitsaufwandführen. Positiv dürfte im Markt hingegen vor allem aufgenommen werden, dasskeine eigene Zielmarktbestimmung von den Vermittlern vorzunehmen ist und dieZuwendungsregeln weniger streng als befürchtet ausgefallen sind. BestehendeGeschäftsmodelle müssen daher nicht grundlegend neu gedacht, sondern lediglichinterne Prozesse angepasst werden.

FinTech Action Plan versus Global Financial Innovation Network

As outlined in Part 3 of this series of posts giving updates on the European FinTech regulation agenda, the envisaged harmonized regulatory framework for financial innovation within the Single Market will be based on a comprehensive understanding of the innovative landscape within the financial market. Building the knowledge takes time and effort. It took EBA three and a half months after laying out its FinTech Road Map to publish the first analyses which form part of the FinTech Knowledge Hub.

The Knowledge Hub aims at fostering a better understanding of the innovative landscape within the financial market through facilitating the exchange of information between European and national regulators, innovators and technology providers. On this basis, a regulatory framework can be built that will fit the market’s demands and will support new innovative business models.

In contrast to the European approach, the Financial Conduct Authority (FCA) in London approaches the support for FinTechs in what seems to be at a first glance a more rapid way. Already in February 2018 the UK regulator encouraged the idea of a “global sandbox.” A regulatory sandbox allows the provider of innovative technology to offer his or her idea to a certain number of potential clients within the financial market for a limited period of time without the application of the full set of compliance, license and capital requirements. During this time the provider can assess if his or her innovative approach is worth the investment of full regulatory compliance. In the UK the possibility for FinTechs to approach the market via a regulatory sandbox has been successfully established in 2016.

Driven by the understanding that major emerging innovation trends (such as big data, artificial intelligence and blockchain based solutions) are increasingly global, rather than domestic, in nature, in February 2018 the FCA started an international dialogue with firms doing business, or looking to do business, in the UK or overseas, regulators, consumers, or any other interested party to assess what a global sandbox could look like. The FCA received 50 responses to their call in February with an overall positive feedback. Key themes to emerge in the feedback were:

Regulatory co-operation: Respondents were supportive of the idea of providing a setting for regulators to collaborate on common challenges or policy questions that firms face in different jurisdictions.

Speed to market: Respondents saw as one of the main advantages for the global sandbox that it could be reducing the time it takes to bring ideas to new international markets.

Governance: Feedback highlighted the importance of the project being transparent and fair to those potential firms wishing to apply for cross-border testing.

Emerging technologies/business models: A wide range of topics and subject matters were highlighted in the feedback, particularly those with notable cross-border application. Among the issues highlighted were artificial intelligence, distributed ledger technology, data protection, regulation of securities and Initial Coin Offerings (ICOs), know your customer (KYC) and anti-money laundering (AML).

Building on the FCA’s proposal to create a global sandbox, on 7 August 2018 the FCA has, in collaboration with 11 financial regulators and related organisations, announced the creation of the Global Financial Innovation Network (GFIN). The FCA is the only European regulator within GFIN. The other members are the Abu Dhabi Global Market (ADGM), the Autorité des marchés financiers (AMF, Canada), the Australian Securities & Investments Commission (ASIC), the Central Bank of Bahrain (CBB), the Bureau of Consumer Financial Protection (BCFP, USA), the Dubai Financial Services Authority (DFSA), the Guernsey Financial Services Commission (GFSC), the Hong Kong Monetary Authority (HKMA), the Monetary Authority of Singapore (MAS), the Ontario Securities Commission (OSC, Canada) and the Consultative Group to Assist the Poor (CGAP).

The idea of GFIN is to:

  1. act as a network of regulators to collaborate, share experience of innovation in respective markets, including emerging technologies and business models, and communicate to firms;
  2. provide a forum for joint policy work and discussions; and
  3. provide firms with an environment in which to trial cross-border solutions (business-to-consumer (B2C) or business-to-business (B2B)).

With the announcement of the creation of GFIN, the FCA also published a consultation document laying out a mission statement for GFIN and the idea of a global sandbox which is still based on the FCA’s concept thereof published in February. The consultation is addressed to innovative financial services firms, financial services regulators, technology companies, technology providers, trade bodies, accelerators, academia, consumer groups and other stakeholders keen on being part of the development of GFIN and will be running until 14 October 2018.

Although the knowledge centered approach of the EU for a regulatory framework for FinTechs within the Single Market surely is a reasonable approach, an international approach could have the advantage of providing speedier solutions and create a competitive advantage. With Brexit on the horizon, the FCA’s approach seems sensible and certainly a good move to keep their financial market up to date.