《剑桥大学贾奇商学院:亚太地区金融科技监管报告(英文版)(93页).pdf》由会员分享,可在线阅读,更多相关《剑桥大学贾奇商学院:亚太地区金融科技监管报告(英文版)(93页).pdf(93页珍藏版)》请在三个皮匠报告上搜索。
1、FinTech Regulation in With the support of:Please cite this study as CCAF(2022)FinTech regulation in Asia Pacific,Cambridge Centre for Alternative Finance at the University of Cambridge,Cambridge Judge Business School,CambridgeThis study was funded by the UK Foreign,Commonwealth and Development Offic
2、e(FCDO)through the Cambridge Alternative Finance Collaboration Network(CAFCN)Programme and implemented by the Cambridge Centre for Alternative Finance(CCAF)at the University of Cambridge Judge Business School.Additional financial support has been provided by Invesco,and the Asian Development Bank In
3、stitute(ADBI).Table of ContentsForewords.5Research Team.9Acronyms.10Glossary.111.Executive summary.132.Introduction.183.Literature review and methodology.22Methodology.22Literature review:the regulatory approach to FinTech in APAC.244.Regulatory approach in specific verticals.28Digital payments.28E-
4、Money(including mobile money).29International remittances.31Peer-to-peer lending.32Equity crowdfunding.335.Cross-Sectoral Themes.37Data protection.37Cybersecurity.38Open banking.40Financial consumer protection.42Anti-money laundering and electronic know your customer.446.Regulatory Innovation Initia
5、tives in APAC.50Innovation offices in APAC.50Regulatory sandboxes in APAC.51RegTech and SupTech initiatives in APAC.517.Identifying gaps,and understanding challenges in APAC.54Uneven regulatory frameworks and innovation initiatives.54Evidence of framework development and impact on the FinTech market
6、.56Challenges and factors impacting regulatory response to FinTech in APAC.588.Concluding remarks and future research.649.The regulatory approach to FinTech in India.67Examples of positive regulatory practices in India.6910.The Regulatory approach to FinTech in Indonesia.73Examples of positive pract
7、ices in Indonesia.75Bibliography.78Forewords5ForewordsThe growth and adoption of FinTech and related activities presents many challenges,alongside opportunities,for regulators in emerging and developing economies.If a balance can be struck between promoting innovation while protecting consumers,thes
8、e financial innovations can help regulators achieve their objectives,particularly financial inclusion.Across APAC(Asia Pacific),there has been much variety in the regulatory response to the proliferation of the FinTech market,particularly in the introduction of regulatory frameworks and the developm
9、ent of innovation initiatives.Analysis of topical data regarding this regulatory response,as undertaken in this report,allows for regional regulatory benchmarking and knowledge sharing which is relevant to regulators and policy makers alongside the wide range of participants in the wider FinTech eco
10、system.The FinTech Regulation in APAC report highlights how a number of key FinTech verticals are regulated across the region.This involves identifying which regulators have a mandate for specific FinTech verticals,and whether these verticals are regulated under general or bespoke frameworks.There i
11、s also analysis on cross-sector verticals which affect the development of FinTech as a whole,with a focus on cybersecurity,data protection,consumer protection and eKYC.The development of regulatory innovation initiatives is also captured,highlighting which regulators have or are planning to introduc
12、e initiatives such as innovation offices,regulatory sandboxes and SupTech applications.The study is based on based also on a qualitative review of regulatory frameworks,including the laws,regulations,directives,and guidelines relating to FinTech activities.It also draws on data from the Global COVID
13、-19 FinTech Regulatory Rapid Assessment Study(CCAF and World Bank,2020)and Regulating Alternative Finance(CCAF and World Bank,2019).It is the third in a series of three regional FinTech regulation landscaping studies that include Sub-Saharan Africa(SSA)and the Middle East and North Africa(MENA)regio
14、ns.By comparing approaches across jurisdictions within APAC and other Regions,the study is able to provide a holistic picture and shed new light on the dynamic and evolving landscape of FinTech regulation.Finally,we would like to thank the regulators who contributed their time and expertise to provi
15、de us with case studies for this report.We also remain grateful for the foundational funding provided by the UK Foreign,Commonwealth&Development Office(FCDO)through the Prosperity Fund Global Finance Programme to support this research.We are also grateful for additional financial support that has be
16、en provided by Invesco,and the Asian Development Bank Institute(ADBI).Robert WardropManagement Practice Professor of FinanceDirector&Co-founder of the Cambridge Centre for Alternative Finance(CCAF)University of Cambridge Judge Business SchoolFinTech Regulation in Asia Pacific(APAC)6The UK Foreign,Co
17、mmonwealth and Development Office(FCDO)is delighted to partner with the Cambridge Centre for Alternative Finance(CCAF)on this report,analysing the regulatory approach to financial technologies(FinTech)in the Asia Pacific(APAC)region.FinTech is helping regulators widen access to financial services fo
18、r their citizens.We strongly welcome the development of regulation in APAC which balances innovation to encourage financial inclusion with robust consumer protection.The FinTech Regulation in the Asia Pacific Region report provides a timely and relevant overview of how financial regulators and polic
19、y makers are responding to the development and growth of FinTech within the region.This research aligns with UK efforts to facilitate increased economic resilience and innovation.The APAC region is home to two of our FinTech Bridges,as well as a new Digital Economy Agreement with Singapore to encour
20、age closer regulatory FinTech alignment.This report comes against the backdrop of the COVID-19 pandemic.Regulatory responses to the COVID-19 pandemic have varied,with the introduction of temporary relief measures alongside an enhanced focus on initiatives such as remote on-boarding and digital payme
21、nts.By comparing experiences across jurisdictions,this report sheds light on the dynamic and evolving landscape of FinTech regulation and provides important evidence and insights.I hope this report brings greater understanding and enables further work by regulators to use the potential of financial
22、innovation and technology to serve the best interests of their consumers.Moazzam Malik CMGDirector General AfricaForeign,Commonwealth and Development OfficeForewords7Invesco continues to support our partners at the Cambridge Center for Alternative Finance because of the caliber,consistency,and caden
23、ce of research being published through their organization.The latest report entitled“FinTech regulation in Asia Pacific(APAC)”comes at a critical moment in time.We believe that regulatory positioning is one of the most uncertain yet influential factors as we press forward in our pursuit of disruptiv
24、e distribution client experiences and digital assets globally and specifically in the APAC region.The complexity of the regional and cultural nuances of the APAC region are even more reason we look to our partners at Cambridge for insight because understanding cross-border regulatory regimes and fra
25、meworks informs potential opportunities,threats,and the pace at which we can move in the traditional financial services space.Continuous monitoring of how alternative finance verticals are being adopted across the APAC region provides indications of how participant behaviors and attitudes towards ce
26、rtain experiences in the financial services sector are changing and can inform how we approach the engineering of our own experiences as applied to the traditional finance world as universes of alternative finance,fintech,and traditional finance continue to converge.Several observations from this re
27、port jump off the page as we look to strengthen our presence in region following success of Invescos endeavors in the fintech space and joint ventures weve undertaken.Specifically,were encouraged by statistics that show broad regulatory coverage in cybersecurity and financial consumer protection.Sim
28、ilarly,other areas that align to our own goals and require more in-depth regional analysis from our own teams include the statistics around e-KYC and open banking.While Invesco does not operate in every jurisdiction included in the survey,we see promising growth opportunities in countries where we d
29、o operate.The increased activity across all jurisdictions in innovation offices and regulatory sandboxes is also encouraging as we look to regulatory agencies in region to partner with entities across the financial services value chain,conduct proof of concept and feasibility testing,and report out
30、on findings and consequently codify evolutions in regulatory frameworks and legislation.As technology races forward,it can be easy to get lost in noise and hyped trends.Additionally,while technology has the capacity to blur and breakdown borders,regulation reinforces them.Invesco endeavors to be a w
31、orld-class,client-centric asset manager,and as such,we see a dichotomy between unbridled innovation and technological advancement versus the protection of rights for sovereign nations and individual participants,so its critical to stay abreast of emerging trends across the fintech space and the corr
32、esponding regulatory landscapes to see how they grow and change over time.Dave Dowsett Global Head of Technology Strategy and InnovationInvescoFinTech Regulation in Asia Pacific(APAC)8The new generation of financial technology(FinTech)shows great promise to promote financial inclusion and the effici
33、ent delivery of financial services,but also can create new risks and unintended consequences,both for the financial sector and for users.Financial regulators face great challenges in determining the appropriate balance between supporting financial innovation and preserving financial stability,ensuri
34、ng consumer protection,and maintaining standards for anti-money laundering,terrorism financing and know-your-customer processes.Development of alternative payment and financing systems could undermine the stability of legacy financial institutions.Use of crypto assets involves risks related to crypt
35、o asset exchanges,illicit financial flows and possible tax evasion.Alternative finance involves risks related to maturity mismatches;information asymmetries;and the insufficient analytical capacities of banks and other investors.Crime-related risks associated with the use of Fintech include stealing
36、 sensitive consumer and corporate financial data through hacking,phishing or other fraudulent means,and theft of online financial assets.International cooperation will be needed to address these risks and promote development of FinTech that is compatible with financial stability and consumer protect
37、ion.Indeed,financial regulators are hard-pressed simply to keep up with innovations in the sector and to understand their implications.The COVID-19 pandemic has accelerated the demand for FinTech services,but at the same time has heightened risks such as cyber security and various kinds of consumer
38、fraud.The FinTech sector in Asia-Pacific(APAC)is diverse,dynamic and multi-faceted.On the whole,regulators in the region have taken a positive approach toward promoting development of the sector.Market conditions vary widely across the region in terms of economic and financial development,so it is n
39、ot surprising that regulators have taken diverse approaches to FinTech.This timely report provides a detailed and comprehensive view of regulation of FinTech in the APAC region.As such,it should become a valuable reference for identifying best practices and understanding the motivations for taking v
40、aried approaches under different conditions.It should benefit regulators,business practitioners and scholars in this field.ADBI is delighted to have supported this project.Peter J.MorganSenior Consulting Economist and Vice Chair of ResearchAsian Development Bank InstituteResearch Team9Research TeamT
41、he CCAF research team consists of the following individuals:Zain Umer,Alexander Apostolides,Nick Clark,Sarah Ombija,Ian P.Moloney,Pedro Schilling de Carvalho,Philip Rowan,Diego M Serralde,Nicholas Drury,Marini Nur Izzah,Herman Smit and Bryan Zhang.We would like to also thank,Shogo Owada,Gabrielle In
42、zirillo,and Henry Wells for their hard work and support on the regional study.AcknowledgementsThe research team would like to thank the regulators of the surveyed jurisdictions who kindly provided data and information to enable us to complete this study.We are grateful to the UK Foreign,Commonwealth
43、 and Development Office(FCDO)for its continued support of our work through the Cambridge Alternative Finance Collaboration Network(CAFCN).We would like to particularly thank Ron Bohlander and Sian Parkinson at the FCDO for their help and guidance.We are also grateful to Invesco and the Asian Develop
44、ment Bank Institute(ADBI)for their support of this study.We are grateful to Louise Smith for designing the study,Neil Jessiman for press and communications support,Hunter Sims and Kate Belger for their administrative support,as well as the CCAF market global benchmark team for their support and data
45、.FinTech Regulation in Asia Pacific(APAC)10AcronymsACL Australian Credit LicenceACSC Australian Cyber Security Centre ADBI Asian Development Bank InstituteAFI Alliance for Financial Inclusion AFIN ASEAN Financial Innovation NetworkAFSL Australian Financial Service LicenceAFTECH Indonesian FinTech As
46、sociation AML/CFT Anti-Money Laundering/Combating the Financing of Terrorism APAC Asia-PacificASEAN Association of Southeast Asian NationsASIC Australian Securities and Investments Commission B2B Business-to-BusinessBI Bank of IndonesiaBOT Bank of Thailand BCP Business Continuity Planning BSP Centra
47、l Bank of the Philippines CAC Cyberspace Administration of ChinaCCAF Cambridge Centre for Alternative Finance CDD Customer Due Diligence CFL Centres for Financial LiteracyCOVID-19 Coronavirus Disease 2019 CSA Singapore Cybersecurity Agency DFS Digital Financial Services DI Digital IdentityECF Equity
48、 Crowdfundinge-KYC Electronic-Know Your Customer FATF Financial Action Task Force FCP Financial Consumer ProtectionFIU Financial Intelligence UnitHKMA Hong Kong Monetary AuthorityGFIN Global Financial Innovation Network IFSB Islamic Financial Services BoardMAS Monetary Authority of SingaporeMENA Mid
49、dle East and North Africa ML/TF Money Laundering/Terrorist FinanceOJK Indonesia Financial Services AuthorityP2P Peer-to-PeerPBOC Peoples Bank of ChinaPIRI Pacific Islands Regional Initiatives SPI Indonesian Payment Gateway SystemSSA Sub-Saharan AfricaTF Terrorist Financing UIDAI Unique Identificatio
50、n Authority of IndiaUPI Unified Payments Interface UNSGSA UN Secretary-Generals Special Advocate for Inclusive Finance for DevelopmentGlossary11GlossaryAgent(s):a third party acting on behalf of a financial service provider to deal with customers.Cybersecurity:the practice of defending electronic in
51、frastructure and networks,as well as data,from malicious attacks.Digital payments:the transfer of value from one payment account to another using a digital device such as a mobile phone or computer.This may include payments made by traditional financial institutions and FinTechs via bank transfers,e
52、-Money and payment cards.Data protection:laws and/or regulations designed to protect peoples personal data.Digital financial services(DFS):financial products and services,including payments,transfers,savings,credit,insurance,securities,financial planning and account statements,delivered via digital/
53、electronic technology,that can incorporate traditional financial service providers.Digital infrastructure:the enabling digital structures,facilities,ecosystem and capabilities surrounding the provision of FinTech/DFS,but can be widely applicable beyond financial services.For this study,this typicall
54、y includes infrastructure related to identity(for example digital identity initiatives),data analytics and sharing,credit information and/or payment systems,and risk mitigations.While these may be directly or indirectly relevant for the regulation and supervision of FinTech/DFS,not all of these may
55、be under the remit or influence of financial regulators.e-Money:encompasses the issuance of electronic funds and the provision of digital means of payment to access these funds.It includes mobile money,which entails the use of a mobile phone to transfer funds between banks or accounts,deposit or wit
56、hdraw funds,or pay bills.FinTech:encompasses advances in technology and changes in business models that have the potential to transform the provision of financial services through the development of innovative instruments,channels and systems.For this study,FinTech refers to a set of activities(whic
57、h may be either regulated or unregulated,according to each jurisdiction)contributing to the provision of financial products and services facilitated predominately by entities emerging from outside the traditional financial system.FinTech market:the provision,transaction and facilitation of financial
58、 activities across emerging verticals,including digital lending(for example peer-to-peer(P2P)lending),digital capital raising(for example equity-based crowdfunding),digital banking,digital savings,digital payments and remittances,digital custody,InsurTech,WealthTech,cryptoasset exchanges and the sup
59、ply of enterprise technologies,RegTech,alternative data analytics,and other services.Innovation office:a dedicated office within a regulator that engages with and provides regulatory clarification to innovative financial services providers.These may also be known as innovation or FinTech hubs.Open b
60、anking:Open Banking can be defined as a collaborative financial technology programme that is aimed at creating a standard for data sharing protocols that give customers and third parties easy digital access to financial data.This often takes place through the use of application programming interface
61、s(APIs).FinTech Regulation in Asia Pacific(APAC)12RegTech/SupTech:for this study,SupTech refers to the use of innovative technologies by regulators to tackle regulatory or supervisory challenges.It is a subset of RegTech,which includes any use of technology to match structured and unstructured data
62、to information taxonomies or decision rules that are meaningful to both regulators and the regulated entities,to automate compliance or oversight processes.The two terms are used interchangeably in this study given their varying usage by regulators,and the potential for commonly adopted definitions,
63、standards and protocols.Regulatory framework:for this study,this is an umbrella term that includes laws,regulations,directives,guidelines,recommendations and procedures that are issued by legislators and regulators.These could be standalone or contained within a wider regulatory framework.Regulatory
64、 innovation initiatives:a broad set of activities carried out by regulators to innovate regulatory and supervisory functions,processes,organisations,and applications,which often,but not necessarily,involve the use of technological solutions.Regulatory sandbox:formal regulatory programmes within a re
65、gulatory agency that allow market participants to test new financial services or models with live customers,subject to certain safeguards and oversight.Executive summary13Executive summaryThe FinTech sector in Asia-Pacific(APAC)is diverse,rapidly growing and complex.On aggregate,the region has witne
66、ssed growth in FinTech,with P2P lending emerging as the leading FinTech vertical in the region while the prominence of digital payment platforms in the region remains unchanged.Digital payments play a pivotal role in e-commerce by facilitating the receipt of payments and storing of electronic value
67、for buyers and sellers.At the same time,COVID-19 and other challenges created by the pandemic have caused recent contractions in some FinTech verticals.A notable challenge is presented by identity verification,which creates barriers in customer due diligence processes.Although there are jurisdiction
68、s that have made progress by introducing digital ID systems,in others the absence of a national ID system is an obstacle to the implementation of eKYC.This study reviews how regulators in APAC have responded to the opportunities and challenges associated with FinTech and DFS through regulatory effor
69、ts and processes,as well as innovation initiatives.It forms part of a series of three studies reviewing the regional FinTech regulatory landscape in Sub-Saharan Africa(SSA)(CCAF,2021a)and the Middle East and North Africa(MENA)(CCAF,2022).By comparing the regulatory approaches across jurisdictions in
70、 APAC and other regions,this study seeks to shed light on the dynamic and evolving landscape of FinTech regulation as well as provide evidence and insights to inform policymaking and industry development.This study also draws on data from two surveys issued to a select number of regulators:Global CO
71、VID-19 FinTech Regulatory Rapid Assessment Study(CCAF and World Bank,2020)and Regulating Alternative Finance(CCAF and World Bank,2019).It also encompasses a qualitative review of regulatory frameworks1 relating to FinTech activities in 20 sampled jurisdictions across APAC.The FinTech verticals of sp
72、ecific interest in this study are digital payments,e-Money,international remittances,peer-to-peer(P2P)lending and equity crowdfunding(ECF).Also examined are cross-sectoral regulatory frameworks that affect the financial sector,such as data protection,cybersecurity,anti-money laundering,consumer prot
73、ection,open banking and electronic-know your customer(e-KYC).The study also maps current regulatory innovation initiatives,such as regulatory innovation offices and regulatory sandboxes,and the adoption of RegTech/SupTech solutions by regulators.Finally,two detailed case studies are presented on reg
74、ulatory approaches to FinTech that have been adopted by India and Indonesia.The study finds that regulators in APAC have taken active measures to advance the regulation of FinTech both in terms of approaches and initiatives.However,there are key areas still to address including gaps in terms of miss
75、ing frameworks in FinTech verticals,such as P2P lending and in cross-cutting areas,such as e-KYC.The results further suggest that regulatory responses to FinTech have been catalysed by the COVID-19 pandemic.Impact of COVID-19 on FinTech regulation in APACThe COVID-19 pandemic has accelerated the ado
76、ption of FinTech and increased the regulatory priority of the sector.Regulators in APAC acknowledge FinTechs ability to support their regulatory objectives.For example,most regulators view FinTech as having the potential to support financial inclusion(75%versus 70%globally),the adoption of DFS(70%ve
77、rsus 53%globally)and consumer protection(60%versus 38%globally).In terms of the pandemic,85%of APAC regulators stated there was a high degree of resilience and 1 Regulatory frameworks include laws,regulations,directives,guidelines and other regulatory information.FinTech Regulation in Asia Pacific(A
78、PAC)14adaptability within their organisations in reacting to the crisis,with more APAC regulators feeling there was greater adequacy of resources available to respond(72%)than regulators in MENA(55%)or SSA(35%).APAC regulators considered that the COVID-19 pandemic has increased risks related to FinT
79、ech in terms of cybersecurity(82%),operational risks(71%)and consumer protection(47%).Regulatory measures undertaken by APAC regulators in response to COVID-19 were mainly related to ensuring economic relief(50%),cybersecurity(50%),customer onboarding and due diligence(44%),and business continuity(4
80、4%).In terms of specific FinTech verticals,42%of APAC regulators who responded to this survey introduced measures for digital payments and remittances,in comparison to 61%globally;17%(versus 15%globally)introduced measures for digital capital raising.FinTech-specific regulatory frameworksThe study i
81、ndicates that the payments,e-Money and remittances sectors have the widest coverage in APAC in terms of existing regulatory frameworks.On the other hand,there are significant gaps with respect to P2P lending and ECF.90%of sampled jurisdictions in APAC have established regulatory frameworks for digit
82、al payments.In those jurisdictions with a framework,55%regulate the wider payments sector through a general regulatory framework,while 35%employ a specific digital payments framework.Some regulators in sampled APAC jurisdictions have streamlined existing payment regulations to ensure they stay abrea
83、st of new developments in the payments sector.This is in addition to integrating payment service providers in a single activity-based regulation.Activity-based regulation entails applying rules for a specific activity uniformly,regardless of the type of entity undertaking the specified activity.290%
84、of sampled jurisdictions in APAC have established a regulatory framework for e-Money.Of these,55%regulate the e-Money sector using a general payments framework that contains explicit provisions that are applicable to e-Money,while 30%employ a specific e-Money framework and 5%regulate it under anothe
85、r framework.The majority of sampled APAC jurisdictions allow agents to operate in the e-Money sector,and this has contributed to DFS expansion,and in turn,increased digital financial inclusion.85%of sampled APAC jurisdictions have a regulatory framework for international remittances in place,5%have
86、one under development and 5%treat it as unregulated or self-regulated.In those jurisdictions with existing frameworks,55%include international remittances within a general payments framework,25%have a specific remittances framework and 10%regulate it through other frameworks.50%of sampled jurisdicti
87、ons in APAC have a bespoke framework that regulates P2P lending and 6%plan to introduce one.22%of jurisdictions have prohibited P2P lending,while 22%treat it as unregulated or self-regulated.The establishment of bespoke regulatory frameworks for P2P lending activities is similar to the approach in M
88、ENA,where 50%of sampled jurisdictions have bespoke frameworks.This differs significantly from SSA,where only 11%of the jurisdictions sampled utilise a bespoke regulatory framework.78%of sampled APAC jurisdictions have an equity crowdfunding framework,with 50%having a bespoke framework and 28%regulat
89、ing under an existing framework.This is higher than the sampled MENA(50%)and SSA(34%)jurisdictions.11%of jurisdictions prohibit this activity.2 Activity based regulation entails applying rules for specific activity uniformly,regardless of the type of entity undertaking the specified activity.Executi
90、ve summary15Cross-sector regulatory frameworks that impact FinTech In the cross-sectoral verticals considered,the regulatory frameworks are most common in the AML and data protection verticals,with nearly complete coverage across the sample.In contrast,e-KYC had the greatest instance of missing regu
91、latory frameworks.65%of sampled APAC jurisdictions have a broad framework for data protection in place,20%plan to adopt one and 15%have no framework.In terms of specific data protection frameworks for financial services,it is notable that 90%of sampled jurisdictions have a framework in place.95%of s
92、ampled jurisdictions in APAC have a broad regulatory framework for cybersecurity in place and the remaining 5%plan to introduce one.Since the start of the pandemic,75%of sampled jurisdictions have reported introducing additional measures relating to cybersecurity,mainly focused on raising awareness
93、of ongoing cybersecurity threats.35%of jurisdictions in the APAC sample have regulatory frameworks in place for open banking and 35%plan to introduce one.There are indications that these low levels of adoption could be related to the amount of economic inequality within the region.According to the W
94、orld Bank Income Group classification,all but two of the existing open banking frameworks in the sample are in high income jurisdictions.79%of jurisdictions in the APAC sample have a framework in place for financial consumer protection(FCP),5%plan to introduce one and 16%utilise general consumer pro
95、tection frameworks for FCP.61%of surveyed jurisdictions introduced additional consumer protection measures in response to the COVID-19 pandemic.All jurisdictions in the APAC sample have a framework in place for anti-money laundering(AML)and combatting the financing of terrorism(CFT),except Bhutan,wh
96、ich is planning to introduce one legal framework for AML/CFT.66%of jurisdictions in the APAC sample have some type of e-KYC frameworks in place.In those jurisdictions with a framework,22%are e-KYC specific and 44%are general KYC frameworks that enable e-KYC.21%of jurisdictions plan to introduce an e
97、-KYC framework,and 17%expressly forbid e-KYC.FinTechs in APAC reported an urgent need for e-KYC(33%)and remote onboarding(30%)regulatory support,highlighting key demands from market participants.Regulatory innovation initiativesAcross the region,prevalence of regulatory innovation initiatives is inc
98、reasing rapidly.All APAC jurisdictions were reviewed regarding their regulatory innovation initiatives,including innovation offices,regulatory sandboxes and RegTech/SupTech efforts.The study revealed a significant increase in activity over the last two years:16 jurisdictions with at least one innova
99、tion office were identified across the region(with a further one planned);an increase from nine in 2019.25 jurisdictions with at least one regulatory sandbox were identified(with a further four jurisdictions planned);an increase from 13 in 2019.Regulatory sandboxes are the most common initiative acr
100、oss the sampled jurisdictions 15 jurisdictions with at least one active RegTech/SupTech initiative were identified(with a further two planned);an increase from eight in 2019.COVID-19 appears to have had a positive impact on the increasing prevalence of regulatory innovation initiatives.FinTech Regul
101、ation in Asia Pacific(APAC)16Hurdles faced by regulators when establishing regulatory frameworks and innovation initiativesAPAC regulators reported several hurdles to effective supervision that may explain the variation in prevalence of regulatory frameworks.The main obstacles reported in forming re
102、gulatory frameworks included limited technical expertise(86%),coordinating activities with multiple regulators(79%),lack of clarity on jurisdiction over an activity(71%)and limited funding/resources(64%).The COVID-19 pandemic has exacerbated existing challenges in regulating FinTech and introduced n
103、ew ones.Of the surveyed regulators,60%reported challenges in accessing timely data,in comparison to 29%globally.They also reported that COVID-19 made it more challenging to coordinate with other domestic agencies(33%versus 39%globally)and to perform their core functions while working remotely(33%ver
104、sus 49%globally).Country case studies:Two detailed case studies were conducted on the regulatory approaches to FinTech that have been adopted by India and Indonesia.The case studies provide insights on FinTech market development,the applications of regulatory frameworks and the challenges in creatin
105、g an enabling FinTech ecosystem for jurisdictions in APAC and beyond.India India is one of the fastest-growing FinTech markets in the world.Its regulatory approach involves creating an enabling environment for the growth of digital innovation by establishing the basic infrastructural entities that p
106、rovided the rails on which innovative products can run.Indias regulation strategy also involves encouraging wider participation by extending its scope to non-banks and increasing interoperability.There are several examples of positive practices in this jurisdiction.For example,in contrast to most ot
107、her jurisdictions in the APAC sample,India has a bespoke framework that enables P2P lending activities.Its regulatory approach to digital infrastructure is also notable:its India Stack is one of the most renowned examples in this regard.Regulators in India still face several key challenges including
108、 those related to fragmentation in the regulatory approach,and there are gaps in the digital lending regulatory framework.Indonesia Indonesia is adapting its regulatory environment to enable financial innovation.The regulatory authorities have appointed a FinTech Association to represent digital fin
109、ancial innovation firms and support efforts to create business-friendly regulations for the FinTech industry.The broad mandate conferred to regulators has enabled regulatory reform that encourages the development of the FinTech sector,especially in terms of mobile wallets and payments.Indonesias com
110、mitment to creating an enabling FinTech environment was highlighted in the Digital Finance Innovation Roadmap,launched in 2018.The roadmap supported a light touch and safe harbour approach to accelerate innovation,and enable investors and service operators to implement joint experiments in a control
111、led manner.The Indonesia Financial Services Authority(OJK)also launched an innovation centre,OJK Infinity,to facilitate a regulatory sandbox for balancing innovation and consumer protection,and to create an innovation hub and a FinTech education hub to support the growth of the digital finance indus
112、try while providing consumer protection.Regulators in Indonesia are facing several key challenges including inadequate infrastructure to support e-KYC,shortage of the talent needed to accelerate the digital economy.2.Introduction2.Introduction182.IntroductionAPAC,with its collective population of ov
113、er four billion people,has witnessed the growth of FinTech in many of its jurisdictions.Regulating FinTech in a region as diverse as APAC has led to distinct regulatory approaches and objectives to accommodate the diverse geographies,cultures,demographic specificities and varying levels of access to
114、 finance.Technology is not only transforming the provision of traditional financial products and services,but also facilitating the creation of alternative financial products by entities emerging from outside the financial system.This study identifies existing regulatory frameworks for specific FinT
115、ech verticals digital payments,e-Money,international remittances,digital lending and equity crowdfunding in a representative sample of APAC jurisdictions.An overview of the regulatory approach implemented for each specific vertical can be found in Chapter 4.Growth in digital payments and e-Money has
116、 led many APAC jurisdictions to design specific regulatory frameworks for these verticals,such as Indias Payment and Settlement Systems Act,2007,and Hong Kongs Payment Systems and Stored Value Facilities Ordinance(Osborne Clarke,2018).International remittances play a vital role in APAC;it was the la
117、rgest remittance-receiving region globally,with$325 billion in formal remittances instructed(45%of global flows)in 2019(ADB,2021).Digital lending was significant in emerging economies,with domestic players and homegrown platforms making up almost 80%of regional volumes in 2019 and 2020(CCAF,2021a).M
118、any authorities regard FinTech as a relevant tool in supporting efforts for financial inclusion and economic growth(World Bank,2020a).Regulations across APAC are at various stages of development in terms of creating an enabling regulatory environment to promote financial inclusion.In addition,many a
119、uthorities are still formulating their approach on how to balance promoting innovation and managing emerging risks(CCAF,ADBI and FinTechSpace,2019).Some regulators have introduced bespoke regulations for specific FinTech verticals,while others regulate FinTech through existing frameworks.The aim is
120、to encourage innovation while ensuring that consumer protection and market stability are not compromised.Regulators strategies toward FinTech vary across APAC jurisdictions,with approaches ranging from wait and see to test and learn and efforts to be an innovation facilitator(CCAF,ADBI and FinTechSp
121、ace,2019).One example of the test-and-learn strategy is the Philippines approach to e-Money.In the early 2000s,it allowed non-banks to offer financial services.Then,after observing the development of the market and incorporating the lessons learnt,the Philippines central bank passed the e-Money regu
122、lation(GSMA,2009).Other regulators acted as innovation facilitators by providing structured environments to promote innovation and experimentation,including innovation hubs and offices,accelerators,and regulatory sandboxes(World Bank,2020b).These regulatory innovation initiatives are mapped out in C
123、hapter 6.1.1.1 The impact of COVID-19:the regula-tory perspectiveWhile regulators globally have faced the challenges created by the COVID-19 pandemic,(CCAF and World Bank,2020)regulators in APAC have also had to respond to the impact of the crisis.This study identifies a range of specific challenges
124、 and risks that the pandemic has introduced for regulators in APAC.It also maps regulator opinion on the importance of FinTech during the COVID-19 crisis.The economic downturn during the pandemic and the challenges of economic recovery have FinTech Regulation in Asia Pacific(APAC)19created pressures
125、 in financial markets and for their regulators,as consumers shifted to DFS en masse.As a result,financial services have been classified as an essential service in some APAC jurisdictions(CCAF and World Bank,2020).Figure 2.1 indicates that most APAC regulators(55%)increased the priority of FinTech du
126、ring the pandemic.Figure 2.1:Regulator perception of FinTech priority in light of COVID-19 APAC(N=11)FinTechs in APAC that responded to the Global COVID-19 FinTech Market Rapid Assessment Study reported an increase in transaction volume and number of transactions in both digital payments and digital
127、 capital raising from H1 2019 to H1 2020(CCAF,WEF and World Bank,2020).3 In China the volume of alternative finance continued its dramatic decline from to$84.3 billion in 2019 to$1.2 billion in 2020,a drastic reduction from$358.3 billion in 2017(CCAF,2021a).This growth,however,was the second-lowest
128、compared to other regions.Digital lending was negatively affected,with transaction volume decreasing by 16%and the number of transactions by 17%(CCAF,WEF and World Bank,2020).In terms of alternative lending,there was a decrease of 7%during 2020(Q1Q4)in APAC and an even steeper decline for one of the
129、 largest alternative lending markets,China(CCAF,2021a)3.There was growth,however,in other FinTech verticals:digital payments saw an increase of 4%in transaction volume and 6%in the number of transactions.In digital capital raising,transaction volume increased by 34%and the number of transactions by
130、39%(CCAF,WEF and World Bank,2020).This growth indicates recovery from reductions in transactions volume that occurred during the first half of 2020.In terms of achieving their regulatory goals during the COVID-19 pandemic,APAC regulators faced similar challenges to those faced by other regulators gl
131、obally.Figure 2.2 shows that APAC regulators generally perceived that FinTech supports financial inclusion goals(75%),adoption of digital financial services(70%),market development(60%),consumer protection(60%)and promotion of competition(45%).APAC regulators are more positive(60%compared to 38%glob
132、ally)about the ability of FinTech to support consumer protection efforts(CCAF and World Bank,2020).45%55%Neutral IncreasedNote:N refers to number of regulators in APAC who responded to a survey.Source:(CCAF and World Bank,2020).2.Introduction20Figure 2.2:Perceived impact of FinTech on regulatory obj
133、ectives in light of COVID-19 APAC(N=20)However,APAC regulators also identified increasing risks in FinTech due to COVID-19.Figure 2.2 shows that 15%of surveyed regulators anticipate potentially harmful effects on financial stability and market integrity.When directly asked about increasing risks,82%
134、of regulators who responded considered cybersecurity risks to have increased and 71%reported increased operational risks(as shown in Figure 2.3).The concerns of APAC regulators regarding cybersecurity and operational risks are generally shared by regulators globally.An in-depth evaluation of regulat
135、ory approaches to cybersecurity can be found in Chapter 5.Figure 2.3:Regulator perceptions of COVID-19 increasing risks of FinTech APAC(N=17)Note:N refers to number of regulators in APAC who responded to a survey.Source:(CCAF and World Bank,2020).Supportive Potentially harmful%of respondents40%70%90
136、%30%60%80%20%10%50%100%Consumer protection40%15%Market development75%Market integrity45%Adoption of digital financial services60%5%5%Financial stability30%15%Financial inclusion70%0%Promoting competition60%40%30%20%10%50%60%80%100%70%90%of respondents0%82%Cybersecurity18%Fraud and scams18%Systemic71
137、%Operational47%Consumer ProtectionNote:N refers to number of regulators in APAC who responded to a survey.Source:(CCAF and World Bank,2020).Prudential12%3.Literature review and methodology3.Literature review and methodology223.Literature review and methodologyMethodology4 For past research on the re
138、gion see(CCAF,2016,CCAF,2018b)and(CCAF,2019).5 The APAC jurisdictions selected for this study are:Australia,Bhutan,China,Fiji,Hong Kong China,India,Indonesia,Japan,Laos,Malaysia,Marshall Islands,Nepal,New Zealand,Pakistan,Philippines,Samoa,Singapore,Sri Lanka,Taiwan China and Thailand.Sampled jurisd
139、ictions and data sourcesThis study builds on CCAFs prior research in APAC with other research partners.4 It was designed and implemented to evaluate the current regulatory environment relating to FinTech in the region.A representative sample of jurisdictions across APAC was selected;the first criter
140、ion for inclusion was representation in previous CCAF regulatory innovation surveys so that data collected during this study could be merged with existing datasets.In particular,a jurisdiction was included in the sample if at least one of its regulators had responded to the 2020 Global COVID-19 Regu
141、latory Rapid Assessment Study and the 2019 Regulating Alternative Finance Study(World Bank and CCAF,2020;World Bank and CCAF,2019).The purpose of those studies was to evaluate the impact of COVID-19 on the regulation of FinTech and regulatory innovation initiatives and understand the global regulato
142、ry landscape concerning alternative finance.This approach has enabled time-series observations as well as the ability to compare new data collected on regulatory frameworks with previous responses from regulators.Twenty jurisdictions were identified from which at least one regulator had responded to
143、 both surveys.The chosen jurisdictions represent a diverse sample in terms of income,legal systems and geographic distribution.The breakdown of sampled jurisdictions aligns with the United Nations sub-regions;APAC is separated into five Asian sub-regions and four Oceanian sub-regions.Our sample comp
144、rises six jurisdictions from South-East Asia,five from Southern Asia,four from Eastern Asia,both Australia and New Zealand,and one each from the Melanesia,Micronesia and Polynesia Oceania regional sub-groups.Figure 3.1 illustrates the jurisdictions included in the data-collection exercise.5Figure 3.
145、1 Sampled APAC JurisdictionsThe sample comprises a range of income groups based on the World Banks income classification,including lower middle income(seven),upper middle income(seven)and high income(six).The sample also comprises common law(seven),civil law(twelve)and mixed(one)legal system jurisdi
146、ctions.APAC is represented in its entirety in the mapping of regulatory innovation initiatives using publicly available information,as described in Chapter 6.This study also collected data through a primary desktop review of regulatory frameworks(laws,regulations,directives,FinTech Regulation in Asi
147、a Pacific(APAC)23guidelines and other regulatory information).The findings from this desktop review were supplemented through bespoke surveys of regulators that addressed data ambiguities and gaps.The findings from the review and surveys were then consolidated into a single dataset.This dataset,and
148、earlier regulatory surveys,were further supplemented with APAC-specific data gathered from the Global COVID-19 FinTech Market Rapid Assessment Study(CCAF,WEF and World Bank,2020;CCAF,2021b),to evaluate the challenges faced by the FinTech sector in APAC.Consequently,some of the insights are drawn dir
149、ectly from FinTech market participants and regulators responses.The methodology used in this report mirrors that utilised in the corresponding CCAF reports for SSA and MENA.This approach was used to allow for both intra-and cross-regional comparisons.Selected FinTech sectors and cross-sectoral theme
150、s The FinTech sectors included for analysis in this study are digital payments,e-Money(including mobile money),international remittances,P2P lending and ECF.The 2020 Global COVID-19 Regulatory Rapid Assessment Study(CCAF and World Bank,2020)identified these sectors as growing in importance and/or se
151、ctors in which increased market activity had been observed in response to COVID-19.The digital payments and remittances sectors are key sectors;regulators reported both increased usage and offering of FinTech products and services.These sectors were also the ones into which they had most frequently
152、introduced targeted regulatory measures.The second criterion for inclusion was the availability of historical CCAF data regarding the regulatory approach to FinTech,to enable examination of the verticals.For the 2019 report,Regulating Alternative Finance Survey(CCAF and World Bank,2019),data was col
153、lected on the regulatory approach to P2P lending and ECF,both globally and across APAC.The cross-sectoral legal and regulatory frameworks included for analysis in this study are those of consumer protection,data protection,open banking,AML,e-KYC and cybersecurity.These frameworks were selected as th
154、e most important cross-cutting requirements of relevance to the FinTech sector.Cross-sectoral requirements affect FinTech development as they can limit the ability of FinTech to scale.As noted in the study,such cross-sectoral issues can impact regulatory aims and mandates,as well as FinTech and DFS
155、more broadly.Analytical approachThe datasets generated from past CCAF studies,together with the findings from the desk-based reviews and responses from the regulatory outreach exercise,were used to conduct an in-depth study of the regulatory approach to FinTech in the sampled jurisdictions across th
156、e selected FinTech verticals and cross-sectoral areas.The datasets generated from the primary desktop review of regulatory frameworks were used in Chapters 4,5 and 6 to describe the regulatory environment in the selected verticals and cross-sectoral areas and map out the regulatory innovation initia
157、tives.In Chapter 7,the datasets from previous CCAF studies were supplemented with other sources,including payments data from the IMF,World Bank and GSMA,together with other secondary literature.These were used to distil insights specific to APAC.In Chapter 8,the study indicates themes for possible f
158、uture research in the region.Due to the wide variability in regulator remits and responsibilities across specific regulatory themes,this study looks at individual jurisdictions and not individual regulators as the basic level of analysis.It must also be noted that the sample on occasion differs,sinc
159、e data used from previous studies refers to the number of regulators surveyed,whereas the research on frameworks refers to the number of jurisdictions.Instances where the sample differs are indicated throughout the study,together with their sources.3.Literature review and methodology24Literature rev
160、iew:the regulatory approach to FinTech in APACThe FinTech landscape in APAC is rapidly evolving and the regulatory environment must evolve with it.The importance of the digital transformation of financial services and advancing financial inclusion is increasing on regulators agendas.There is a varie
161、ty of regulatory objectives in the sampled jurisdictions,necessitating a broad diversity in regulatory approaches.In alternative lending activities such as P2P lending and ECF,emerging economies are leading the way in lending models in terms of market size and business activities,while advanced econ
162、omies see more movement in equity and real-estate focused activities(CCAF,2021a).In APAC,P2P lending was the leading FinTech sub-sector in both 2019 and 2020.Domestic players and homegrown platforms dominated the market,accounting for over 80%of regional volumes(CCAF,2021a).In terms of investment,Fi
163、nTech investment and deal activity in APAC experienced a rebound in the first half of 2021 after the COVID-19-related decline previously reported(CCAF,WEF and World Bank,2020).According to a KPMG report,after dropping to$4.7 billion across 357 deals in H2 2020,H1 2021 saw$7.5 billion of investment a
164、cross 467 deals in APAC(KPMG,2021).Platform focus remains strong in APAC,with increasing investment in InsurTech,WealthTech and B2B services(KPMG,2021).There has been significant progress in terms of financial inclusion,although gaps still remain.In 2017,65%of the population had a bank account with
165、a financial institution;by 2021 this had increased to 71%.While FinTech growth in APAC has increased levels of financial inclusion,the use of FinTech is fragmented,highlighting disparities between income levels,gender and the urban-rural divide(Loukoianova et al.,2018).Variation in regulatory approa
166、chThere is a variety of approaches to FinTech regulation across APAC,ranging from implementing bespoke regulations for specific FinTech business models to adopting a wait-and-see,test-and-learn or innovation facilitators strategy.Some jurisdictions adopt bespoke FinTech regulations to strike an appr
167、opriate balance between maintaining market stability and consumer protection,and encouraging innovation.Indonesia is one example of a jurisdiction that has introduced bespoke regulations for P2P lending(OJK Regulation No.77/POJK.01/2016;CCAF,2019).Bespoke regulations have also been implemented in ot
168、her FinTech sectors such as digital payments,as demonstrated by the Payment Systems(Regulation)Act 1998(PSRA)by the Payment System Board(PSB)of Australias Central Bank(ASEAN,2020).APAC regulators that have adopted a wait-and-see approach monitor how the market develops before issuing any regulations
169、.This is similar to Chinas initial approach in response to mobile payments.Mobile payments in China were unregulated at inception in 2013.However,as the market grew,regulatory changes,such as tightening access to payment licenses,were introduced.Recognising the need for stronger scrutiny,the Peoples
170、 Bank of China(PBOC)began regulating mobile payments on 30 June 2018(World Bank,2020b).The regulators opting for a test-and-learn approach are choosing the flexibility of making decisions on a case-by-case basis,enabling them to grant restricted licences for new entrants or established intermediarie
171、s when testing new innovative products.An example of this approach is the Philippines response to e-Money in the early 2000s(World Bank,2020b).The Bangko Sentral ng Pilipinas(BSP)stated that they would follow the market by allowing non-banks to offer financial services through remittance agents and
172、provide operators with a letter of no objection.In 2009,after carefully observing the development of the market and incorporating lessons learnt from the past test period,the BSP issued e-Money regulations that were carefully tailored to the Philippines market(GSMA,2009).FinTech Regulation in Asia P
173、acific(APAC)25The innovation facilitators approach adopted by some regulators is defined as creating a structured framework environment to promote innovation and experimentation.The approach can include innovation hubs/offices,accelerators and regulatory sandboxes to act as different types of facili
174、tators(World Bank,2020b).There is a key distinction between this approach and the test-and-learn approach:innovation hubs and regulatory sandboxes are initiatives driven by regulators.In Chapter 6,we map the jurisdictions in APAC that have implemented regulatory sandboxes for FinTech(AFI,2020a).Thes
175、e include Australia,Bangladesh,Hong Kong,China,Philippines,Singapore,Indonesia,Malaysia,Japan and the Republic of Korea(APEC Economic Committee,2021).Regulatory sandboxes allow FinTech firms to test their products in a controlled environment without having to meet the challenging threshold expected
176、of training,compliance,risk and qualifications(Baker McKenzie,2017).For example,Australia allows FinTech firms that want to provide financial services or engage in credit services,to test their products without necessarily holding an Australian Financial Service Licence(AFSL)or Australian Credit Lic
177、ence(ACL)(CCAF and UNSGS;Baker McKenzie,2017).Regulators also actively engage in outreach to FinTech stakeholders,including industry participants(for example associations,incubators,accelerators,innovation labs and investors),and regulatory counterparts for the related sectors,such as financial cond
178、uct,security exchange and telecommunications.Some regulators also collaborate with industry-led associations or establish separate entities to support the creation of business-friendly regulations.For example,the Malaysia Digital Economy Corporation(MDEC)operates The Orbit,an innovation hub that off
179、ers frequent FinTech training events,including its quarterly regulator boot camp(AFI,2020a).While establishing such units is not a priority for APAC jurisdictions where FinTech is still nascent,regulators are promoting cross-functional coordination across existing organisational structures and build
180、ing technical capabilities.Regulatory challengesDespite recent rapid developments in FinTech markets across APAC,various regulatory challenges remain.One overarching issue emerging is the continued challenge in APAC of fostering financial inclusion and creating the digital infrastructure to support
181、digital identity.The need to verify identity often leads to obstacles in KYC and customer due diligence(CDD)for those who are financially excluded.Despite the region having some examples of digital identity,such as the Unique Identification Authority of India(UIDAI)providing the Aadhaar digital iden
182、tity system,KYC checks are still mainly limited to face-to-face identity verification(CCAF,ADBI and FinTechSpace,2019).In the Philippines,the absence of a national ID system remains an obstacle to e-KYC,despite the region having a favourable regulatory framework for FinTech(World Bank and ASEAN,2019
183、).A lack of interoperability across financial services providers in individual jurisdictions has also hindered the progress of financial inclusivity.An increase in interoperability could boost competition by reducing barriers to entry,enabling innovation and supply diversification,and enhancing the
184、performance of financial institutions,giving the consumer greater freedom of choice.Some regulators have launched initiatives to resolve this issue,for example,Bangladesh has completed the testing and pilot of an interoperability solution between 3 banks and 3 mobile financial services providers usi
185、ng the National Payment Switch Bangladesh(NPSB).This was to be scaled up in 2020 but the pandemic halted industry-wide platform testing.(AFI,2020b).Regulatory harmonisation is still a significant challenge in APAC,despite active regional collaboration.This manifests itself in a range of ways,such as
186、 varying data protection standards,which make it difficult for firms to operate across jurisdictions.This is an issue for cross-border payments and international remittances because each jurisdiction has 3.Literature review and methodology26individual requirements and policies,which makes it harder
187、for payment service providers to offer services at the regional level(CCAF,ADBI and FinTech Space,2019).Islamic financeA notable development in APAC is the emergence of Islamic finance,which refers to financial products and services that comply with Sharia or Islamic principles.Islamic finance is an
188、 important theme that emerged from the MENA study and one that is also relevant in APAC.The development of this sub-sector has led to the creation of a specific business model category:Islamic FinTech(CCAF,2022;CCAF,ADBI and FinTechSpace,2019).The Global Islamic FinTech Report 2021 identified 241 Is
189、lamic FinTech firms globally,77 of which are in APAC:62 from South-East Asia,and 17 from Central and South Asia(Dinar Standard and Elipses,2021).Malaysia and Indonesia are among the top five Islamic FinTech ecosystems in terms of estimated transaction volume,along with Saudi Arabia and UAE(Dinar Sta
190、ndard and Elipses,2021).The Islamic Financial Services Board(IFSB)is based in Malaysia and promotes the soundness and stability of the Islamic financial services industry,covering banking,capital markets and insurance activities.As of June 2021,IFSB had 187 members,comprising 81 regulatory and super
191、visory authorities,10 international inter-governmental organisations,and 96 market players(financial institutions,professional firms,industry associations and stock exchanges),operating in 57 jurisdictions(IFSB,2021).4.Regulatory approach in specific verticals4.Regulatory approach in specific vertic
192、als284.Regulatory approach in specific verticals6 Activity based regulation entails applying rules for specific activity uniformly,regardless of the type of entity undertaking the specified activity.This chapter analyses the current regulatory landscape for specific FinTech verticals across the 20 j
193、urisdictions surveyed.In particular,the chapter looks at digital payments,e-Money,international remittance,P2P lending and ECF.Existing legislation and broader regulatory frameworks are important for FinTech development as market providers seek to navigate the regulatory environment across these ver
194、ticals.Digital paymentsPayments is a key FinTech vertical for APAC,both because of its size and its relative importance in achieving regulatory objectives such as financial inclusion.Access to financial services for the financially excluded generally commences with payments as a means of receiving r
195、emittances or social benefits(World Bank,2019).Digital payments are considered a major driver of financial inclusion(World Bank,2019).In APAC,digital payment platforms feature prominently as they play a key role in e-commerce by facilitating the receipt of payments and storing of electronic value fo
196、r buyers and sellers(World Bank,2019).Many regulators in APAC have facilitated the use of e-payments in both,which is demonstrated by the widespread adoption of quick response(QR)payments in the region(CCAF,ADBI and FinTechSpace,2019).This section considers the regulatory approach to payments,and it
197、s related sub-sectors,including e-Money and mobile money and international remittances in key APAC jurisdictions.Digital payments:regulatory mandate/authorityMost sampled APAC jurisdictions(95%)have a regulator/agency with a mandate/authority for payments.Additionally,there is a greater propensity f
198、or jurisdictions to have central banks mandated to regulate payments(75%).Other financial regulators are also responsible for regulating and supervising payments activity(20%);examples include Japan(Japan Financial Service Agency),Marshall Islands(Banking Commission),New Zealand(Financial Market Aut
199、hority),and Taiwan,China(Financial Supervisory Commission).Digital payments:regulatory framework Figure 4.1 illustrates the approaches adopted by APAC jurisdictions regarding regulatory frameworks for digital payments.In 55%of sampled APAC jurisdictions,regulation of the digital payments sector is u
200、ndertaken based on a general regulatory framework.This is typically a broad framework that encompasses provisions applicable to different categories of payments activity.It may incorporate provisions on e-Money(including mobile money)and international remittances.Alternatively,35%of sampled APAC jur
201、isdictions have introduced more targeted frameworks to address developments in DFS by implementing a framework specific to digital payments.A noteworthy trend is the effort by some APAC regulators to streamline existing payment regulations to ensure they stay abreast of new developments in the secto
202、r.This is in addition to integrating payment service providers in a single activity-based regulation.6 Examples of this include Singapores Payment Services Act and Thailands Payment System Act(CCAF,ADBI and FinTechSpace,2019).FinTech Regulation in Asia Pacific(APAC)29Figure 4.1:Regulatory frameworks
203、 over payments APAC(N=20)Payments:licensing/authorisationIn 70%of sampled APAC jurisdictions,the regulatory frameworks require that providers of payment services obtain a licence from the relevant authority before engaging in this activity.In 20%of jurisdictions,the frameworks prescribe other requir
204、ements.For example,in India,the Marshall Islands and the Philippines,a provider may be required to be licensed as well as registered,or conditional approvals may be granted in other jurisdictions,such as in Fiji.E-Money(including mobile money)The e-Money and mobile money sector in APAC is significan
205、t,with 574 million registered mobile money accounts and almost half of all new registered mobile money accounts globally in 2020(GSMA,2021a).Additionally,as of 2020,Asia reportedly accounted for one-third of the value of all mobile transactions globally(GSMA,2021a).E-Money:mandate/authority Of sampl
206、ed APAC jurisdictions,94%had a regulator with a mandate for e-Money/mobile money issuance.Central banks were most likely to hold this mandate(70%).Other financial regulators also have a mandate in 25%of the sample,such as in Bhutan(Royal Monetary Authority of Bhutan),Hong Kong SAR China(Hong Kong Mo
207、netary Authority),Japan(Financial Service Agency),Marshall Islands,and Taiwan,China(Financial Supervisory Commission).This is a departure from the findings in other regions where central banks primarily hold the mandate.In MENA,the instances of financial regulators other than a central bank having a
208、 primary mandate over e-Money are 17%,while there are no such instances in SSA.E-Money:regulatory framework The approach to the regulation of e-Money varies across APAC.In some cases,it is covered under a general payments framework,while in others it is under an e-Money specific(bespoke)framework.A
209、cross-regional comparison of the different approaches reveals that in the sampled jurisdictions,the highest instances of bespoke e-Money frameworks are in SSA(55%),followed by APAC(30%)and MENA(27%).The APAC-specific findings shown in Figure 4.2 also demonstrate that in 55%of sampled jurisdictions,t
210、he regulatory framework for e-Money is covered under a general payments framework that contains explicit provisions that target e-Money.Note:N refers to the number of jurisdictions surveyed.40%30%20%10%50%60%70%of jurisdictions0%35%Specific Digital Payments Framework 55%General Payments FrameworkPla
211、nned Framework5%Unregulated/Self-regulated5%4.Regulatory approach in specific verticals30Figure 4.2:Regulatory frameworks over e-Money APAC(N=20)E-Money:licensing/authorisationTo engage in e-Money activity,issuers in 74%of surveyed jurisdictions are required to obtain a specific licence from the rel
212、evant regulator.In 21%of jurisdictions(for example in Fiji,Marshall Islands,New Zealand and Thailand),other requirements,such as registration,are prescribed in addition to or instead of licensing.In several sampled jurisdictions,regulatory frameworks for e-Money stipulate that both banks and non-ban
213、ks can become e-Money issuers subject to meeting regulatory requirements.In Indonesia,Malaysia,Philippines,Singapore and Thailand,commercial banks are permitted to become e-Money issuers.For non-bank e-Money issuers,a specific institutional type of regulation has also been established,with most juri
214、sdictions requiring non-banks to obtain an e-Money provider licence(World Bank and ASEAN,2019).E-Money:use of agents Most sampled APAC jurisdictions allow the operation of agents,which has contributed to DFS expansion,and in turn,increased digital financial inclusion(World Bank and ASEAN 2019).APACs
215、 agent network comprises 4 million registered agents,which is 52%of all mobile money agents globally(GSMA,2019a).The findings in Figure 4.3 suggest that most sampled APAC jurisdictions(86%)permit the use of agents in e-Money regulatory frameworks.Figure 4.3:Instances of agents permitted within the r
216、egulatory framework APAC(N=14)Further analysis was conducted to identify the link between jurisdictions where the use of agents is permitted and the existence of e-KYC provisions.Figure 4.4 suggests that agents are less likely to be permitted in jurisdictions that have introduced e-KYC requirements(
217、51%).This finding may be partially explained by the fact that where it is possible to undertake e-KYC,the need for agents is diminished.In many jurisdictions where agent usage is prevalent,KYC is typically one of the primary activities these agents undertake.At the same time,this is likely only a pa
218、rtial explanation,as agents do more than just undertake KYC as part of customer onboarding.According to the GSMA(2019b),agents are the face of mobile services.They are also considered integral in the provision of a convenient and trusted method to convert cash to a digital value,and vice versa,exerc
219、ising other activities such as customer support and education(GSMA,2020)on behalf of their principals.Note:N refers to the number of jurisdictions surveyed.40%30%20%10%50%60%70%of jurisdictions0%30%Specific e-Money framework55%General Payments FrameworkRegulated under other framework5%Unregulated/Se
220、lf-regulatedPlanned Framework5%5%Note:N refers to the number of jurisdictions surveyed.40%30%20%10%50%80%90%60%70%of jurisdictions0%7%No86%YesPlanned7%FinTech Regulation in Asia Pacific(APAC)31Figure 4.4:e-Money:Relationship between agent permission and e-KYC provision APAC,MENA and SSA(N=53)E-Money
221、:safeguarding customer fundsRequirements relating to deposit insurance and protection of customer funds(safeguarding arrangements)are seen as important for fostering trust in,and consequently increasing the usage of,e-Money/mobile money solutions.In APAC jurisdictions,the safeguarding of customer fu
222、nds is treated in different ways depending on whether the e-Money issuer is a bank or non-bank(World Bank and ASEAN,2019).For example,the requirement in Indonesia is that the full value of e-Money accounts is placed in escrow at banks,whereas in Malaysia,depending on the size of the non-bank issuer,
223、funds are required to be deposited in a trust account or a separate deposit account at a licensed institution(World Bank and ASEAN,2019).In 38%of sampled jurisdictions,safeguarding arrangements are provided by a general deposit insurance framework.In 25%of jurisdictions,this is covered under an e-Mo
224、ney specific framework.International remittancesThe international remittances sector in APAC is significant,as many expatriates in the region remit funds electronically.APAC was the largest remittance-receiving region globally,with$325 billion in formal remittances instructed(45%of global flows)in 2
225、019(ADB,2021).In 2021,official records indicated that remittances flow to East Asia and Pacific fell to$131 billion(a 4%drop from 2020).In the case of South Asia,records indicated that remittances grew to$159 billion,an 8%increase from 2020(World Bank and KNOMAD,2021;World Bank,2021c;ADB,2021).Despi
226、te the large global size of the sector,it is still considered to be an untapped opportunity for FinTechs to enter the market in APAC(GSMA,2019a).International remittances:regulatory mandate/authority All sampled jurisdictions in APAC have a regulator with a mandate for international remittances.Cent
227、ral banks have this responsibility in 68%of jurisdictions and 21%have another regulator with this mandate.Jurisdictions with mandated regulators other than the central bank include Australia(Australian Transaction Reports and Analysis Centre),Bhutan(Royal Monetary Authority of Bhutan),China(China Ba
228、nking Regulatory Commission)and the Marshall Islands.This is similar to findings in MENA,where 22%of sampled jurisdictions have a financial regulator other than the central bank for international remittances.In contrast,no such instances were identified in SSA.International remittances:regulatory fr
229、amework In 55%of sampled APAC jurisdictions,regulation requirements for international remittances are covered within a general payments framework,as shown in Figure 4.5.Regulatory frameworks specific to international remittances exist in 25%of jurisdictions and 10%regulate international remittances
230、under other frameworks.10%20%30%40%70%50%80%60%90%100%0%Use of agents-Yes eKYC framework-No11%Use of agents-No eKYC framework-Yes51%Use of agents-Yes eKYC framework-Yes23%Use of agents-No eKYC framework-No15%of jurisdictionsNote:N refers to the number of jurisdictions surveyed.4.Regulatory approach
231、in specific verticals32Figure 4.5:Regulatory frameworks over international remittances APAC(N=20)International remittances:licensing/authorisationIn terms of requirements,84%of surveyed APAC jurisdictions stipulate licensing/authorisation only and 5%prescribe other requirements,including registratio
232、n,in addition to licensing.Peer-to-peer lendingGlobally,peer-to-peer(P2P)lending is one of the most common FinTech sectors.In response to the emergence of P2P lending,regulators in SSA,MENA and APAC have developed regulatory frameworks for the sector.The number of P2P lending regulations developed c
233、orrelate with the industrys high presence in APAC,as P2P lending market activity represented$4.8 billion across the region(CCAF,2021d).P2P lending was also the leading FinTech lending vertical in the region in both 2019 and 2020.Domestic players and homegrown platforms dominated the market,accountin
234、g for over 80%of regional volumes(CCAF,2021a).P2P lending:regulatory mandate/authority Most sampled APAC jurisdictions(70%)have established a mandate that covers P2P lending activities,as shown in Figure 4.6.This is similar to the finding in MENA,where 67%of sampled jurisdictions have established a
235、mandate,but substantially higher than SSA(35%)Figure 4.6:P2P lending.Agencies with mandates-APAC(N=20)Most of the regulatory authorities responsible for P2P lending mandates were securities or capital market regulators(71%).In other jurisdictions,multiple agencies were involved,for example,in China,
236、two agencies were given authority for P2P lending activities:the China Banking Regulatory Commission and the Peoples Bank of China.The use of securities and capital markets regulators to oversee P2P lending is similar to that in MENA,where 63%of sampled jurisdictions designate sole licensing and reg
237、ulatory authority to securities and capital markets regulators.This is in contrast to SSA,where most of the sampled regulators with a mandate for P2P lending are central banks,with just 10%of sampled jurisdictions giving remit to securities and capital markets regulators.Note:N refers to the number
238、of jurisdictions surveyed.40%30%20%10%50%60%70%of jurisdictions0%25%International Remittances Specific Framework55%General Payments FrameworkRegulated under other framework10%ProhibitedPlanned5%5%of jurisdictionsNote:N refers to the number of jurisdictions surveyed10%20%30%40%70%50%80%60%90%100%0%YE
239、S70%NO30%FinTech Regulation in Asia Pacific(APAC)33P2P lending:regulatory frameworks The approach to regulating P2P lending activities varies across sampled APAC jurisdictions.As shown in Figure 4.7,establishing a bespoke regulatory framework was most common(50%),with one jurisdiction,Pakistan,plann
240、ing a regulatory framework for P2P lending activities.Other jurisdictions cover P2P lending activities under a general regulatory framework(22%),and a further 22%do not have a framework with P2P remaining unregulated or self-regulated.The establishment of bespoke regulatory frameworks for P2P lendin
241、g activities in APAC is similar to the approach taken in MENA,where 50%of sampled jurisdictions have bespoke frameworks.This differs significantly from SSA,where only 11%of sampled jurisdictions have developed a bespoke regulatory framework for P2P lending activities.Figure 4.7:Regulatory frameworks
242、 over P2P lending APAC(N=18)P2P lending:licensing/authorisationIn APAC,71%of sampled jurisdictions,for which there is publicly available data,have introduced capital requirements for P2P lenders.These requirements vary significantly across jurisdictions,ranging from approximately$10,000 to$1.5 milli
243、on.Other APAC jurisdictions with a mandate for P2P lending activities have introduced limits on lending volumes(50%).P2P lending:consumer safeguardsOf the sampled APAC jurisdictions,5%have established consumer safeguards in their P2P lending mandates by setting limits on the total amount individuals
244、 can borrow on platforms.Limitations imposed on borrowers vary across jurisdictions;some impose caps on the total amount any consumer can borrow on a platform,while others impose caps based on the borrowers monthly or annual income.For example,the Philippines limits consumers total borrowing to 5%of
245、 their annual income.Thailand sets a limit range of between 1.5 and 5 times a borrowers monthly income,depending on the income level.A small number of jurisdictions impose caps on the interest rate P2P lenders are permitted to charge borrowers.For example,Thailand sets the interest rate cap at 15%pe
246、r year and China limits it to 36%per year.The approach taken by APAC jurisdictions to capping borrowing limits differs significantly from the approaches in SSA and MENA.While only 23%and 30%of SSA and MENA jurisdictions respectively impose borrowing limits for P2P lending,55%of APAC jurisdictions im
247、pose this requirement.However,most jurisdictions in all three regions do not set interest caps on P2P:80%of APAC jurisdictions,91%of SSA jurisdictions and 78%of MENA jurisdictions do not do so.Equity crowdfundingEquity crowdfunding(ECF)is a collective term describing business models where individual
248、s and/or institutional funders purchase equity issued by a company.ECF is typically conducted via an intermediary online Note:N refers to the number of jurisdictions surveyed.40%30%20%10%50%60%70%of jurisdictions0%22%Prohibited50%BespokeUnregulated/Self-regulated22%Planned6%4.Regulatory approach in
249、specific verticals34platform that facilitates the sale of equity to sophisticated,institutional and retail investors.Compared to other regions,APAC has a well-established ECF market.In 2020,ECF market activity was approximately$300 million,which was significantly greater than the market activity of$
250、12.5 million in MENA(CCAF,2021).ECF:regulatory mandate/authorityAs shown in Figure 4.8,most sampled APAC jurisdictions(88%)have an established mandate for overseeing ECF activities,and Nepal is developing a mandate.Samoa is the only jurisdiction in our sample that has no established mandate and is a
251、lso not planning one.These findings are similar to those in MENA,where 91%of sampled jurisdictions have established a mandate,while only 38%of sampled jurisdictions in SSA have established a mandate for overseeing ECF activities.This well-established regulatory infrastructure could be one explanatio
252、n for the high ECF market activity in APAC(CCAF,2021d).Figure 4.8:ECF.Agencies with Mandates APAC(N=17)In 86%of sampled APAC jurisdictions,regulatory authority for ECF activities was given to securities and capital markets regulators,as shown in Figure 4.9.MENA and SSA have employed a more varied ap
253、proach,indicated by the fact that only 40%and 50%respectively have given regulatory authority to securities and capital markets regulators.Figure 4.9:Regulators with mandate on ECF APAC(N=14)ECF:regulatory frameworks While there was some consistency in how sampled APAC jurisdictions established ECF
254、mandates and the regulatory authority they charge with oversight,individual jurisdictions pursue varied approaches in terms of ECF regulatory frameworks.As shown in Figure 4.10,50%of sampled APAC jurisdictions have established bespoke regulatory frameworks for ECF,while 28%used other existing regula
255、tory frameworks.Two jurisdictions,India and Pakistan,prohibit ECF activities.Samoa has not established a regulatory framework.Note:N refers to the number of jurisdictions surveyed.40%30%20%10%50%80%90%60%70%of jurisdictions0%6%No88%YesPlanned6%Note:N refers to the number of jurisdictions surveyed.40
256、%30%20%10%50%80%90%60%70%of jurisdictions0%14%Central bank86%Securities/capital market regulatorFinTech Regulation in Asia Pacific(APAC)35Figure 4.10:Regulatory frameworks over ECF APAC(N=18)While 50%of APACs sampled jurisdictions have developed a bespoke regulatory framework for ECF;the correspondi
257、ng figure for MENA is 69%and for SSA it is 17%.28%of APAC jurisdictions regulate ECF under other frameworks.ECF is unregulated or self-regulated in only 6%of surveyed APAC jurisdictions,while ECF is unregulated or self-regulated in 15%of MENA jurisdictions and 33%of SSA jurisdictions.6%of surveyed A
258、PAC jurisdictions plan to develop an ECF regulatory framework,which is like the 8%of surveyed MENA jurisdictions that plan to do the same.Perhaps because of the much lower percentage of jurisdictions that have an ECF regulatory framework in place,33%of SSA jurisdictions plan to implement an ECF regu
259、latory framework.The approach of prohibiting ECF activity is similar in APAC(11%)and MENA(8%)jurisdictions.This differs from SSA,where none of the jurisdictions prohibits the activity.ECF:licensing/authorisationMost sampled APAC jurisdictions have established similar licensing requirements.12 jurisd
260、ictions have limited the amount of equity an entity can offer through ECF activities.Eight jurisdictions have established capital requirements as part of their licensing requirements for ECF platforms,which range from approximately$2,000 to$1.8 million(CCAF 2021d).ECF:consumer safeguards Ten of the
261、sampled APAC jurisdictions impose limits on the amount retail investors can invest in ECF.The type of limitations imposed vary across jurisdictions;some jurisdictions impose caps on the amount a retail investor can invest per year,while others limit the amount invested based on the investors income.
262、Two jurisdictions,Pakistan and India,prohibit retail investors from engaging in ECF activities,allowing only experienced and/or professional investors to engage in these activities.Note:N refers to the number of jurisdictions surveyed.40%30%20%10%50%60%of jurisdictions0%28%Regulated under other fram
263、ework50%BespokeUnregulated/Self-regulated6%PlannedProhibited6%11%5.Cross-sectoral themes5.Cross-Sectoral Themes375.Cross-Sectoral ThemesFinTech firms are not only affected by regulatory frameworks in their sub-sector,but also by related cross-cutting financial regulations and frameworks.Regulators a
264、re becoming more aware of the role that FinTech can play in ensuring financial consumer protection,data protection and cybersecurity in DFS.This chapter evaluates the existence of frameworks on cross-sectoral issues that support the development of DFS.Data protectionThis section identifies the data
265、protection mandates and frameworks established in selected APAC jurisdictions.Implementing policies on data protection is a key priority for regulators,with most jurisdictions having some form of data protection and data privacy laws.In response to the increased data protection and cybersecurity thr
266、eats regulators perceived during the COVID-19 pandemic,regulators and government bodies increased their adoption of data protection mandates and related policies such as cybersecurity(Ehrentraud et al,2020).Data protection:regulatory mandate/authority As shown in Figure 5.1,most of the sampled APAC
267、jurisdictions(70%)have mandates for data protection and 15%have plans to adopt one.The regulatory authority with the mandate varies across jurisdictions,for example,a Personal Data Protection Commission or Personal Information Protection Commission(Singapore and Japan),an Office of Privacy Commissio
268、ner for Personal Data(New Zealand and Hong Kong SAR China),a Department of Personal Data Protection(Malaysia),or a Personal Data Protection Committee(Thailand).Not only do the regulatory authorities vary across jurisdictions,but their levels of autonomy also differ.For example,the Office of Privacy
269、Commissioner for Personal Data in Hong Kong,and the Personal Data Protection Commissions in Singapore and Japan,are independent regulators.The Department of Personal Data Protection in Malaysia is an agency under the Ministry of Communications and Multimedia,and the Personal Data Protection Committe
270、e of Thailand is under the supervision of the Minister of Digital Economy and Society.Figure 5.1:Data protection.Authorities with mandate APAC(N=20)Data protection:domestic Among the sampled APAC jurisdictions,65%have a national data protection framework in place,20%are planning a national framework
271、 and 15%have no identified frameworks,as shown in Figure 5.2.Figure 5.2:The domestic data protection frameworks APAC(N=20)An example of a data protection regulatory framework in place is Australias Privacy Act 1988(No.119,1988),which consolidates its Note:N refers to the number of jurisdictions surv
272、eyed.40%30%20%10%50%80%60%70%of jurisdictions0%15%No70%YesPlanned15%Note:N refers to the number of jurisdictions surveyed.40%30%20%10%50%80%60%70%of jurisdictions0%15%No65%YesPlanned20%FinTech Regulation in Asia Pacific(APAC)38data protection laws to protect the privacy of individuals and provide th
273、e basis for consistent regulation of privacy and handling of personal information(AG,1988).This Act,together with the Australian Privacy Principles,constitute an integral and comprehensive regulation for data protection and privacy in the country.As a different example,the Laos Electronic Data Prote
274、ction Act of 2017 provides data protection to Lao citizens in circumstances where electronic information is collected,accessed,used or disclosed.The Act provides for general protection to personal information and establishes essential concepts such as consent,data retention and deletion practices,en
275、suring data accuracy.Similar to Australian Privacy Principles as complement/basis of the Australias Privacy Act,The Laos Electronic Data Protection Act is supplemented by the“Introduction on Implementation of the Electronic Data Protection Act”,which sets out examples of how data protection procedur
276、es may be implemented by companies.Data protection:financial services industry Of the sampled APAC jurisdictions,90%have a financial-service-specific national data protection framework in place.India plans to introduce a framework and Samoa does not have one in place.The prevalence of frameworks spe
277、cifically established for financial services is similar to that across sampled jurisdictions in MENA(85%)and SSA(85%).CybersecurityThe COVID-19 pandemic has increased cybersecurity threats and the awareness of cybersecurity risks:82%of surveyed regulators perceived that cybersecurity risks were incr
278、easing as evidenced in Figure 2.3.This section analyses the regulatory approaches to cybersecurity and financial sector cybersecurity frameworks in sampled APAC jurisdictions.Cyber threats are not localised within jurisdictions but cut across borders.However,the regulation of cybersecurity across ju
279、risdictions in APAC appears fragmented and localised,with no substantial developments toward regional harmonisation.Currently,the region is entering a second wave of cybersecurity regulation.The first wave was a call to action to all jurisdictions to set specific minimum levels of cybersecurity.In t
280、his second wave,regulators across APAC jurisdictions will set more robust standards for firms to implement(Deloitte,2021),the aim being to build cyber resilience across national borders.Examples of this second wave which incorporate the learnings from the response to and implications of the pandemic
281、,include:Security Legislation Amendment(Critical Infrastructure)Bill 2020 from Australia that classifies financial services as part of Critical National Infrastructure;Cybersecurity Fortification Initiative 2.0.from HKMA which include enhanced version of cybersecurity incident response,threat intell
282、igence changes,and attack simulations.In Singapore,MAS sought to update the guidelines on technology risk management and business continuity management.The Personal Data Protection Act was also amended to require mandatory breach notification(Deloitte,2021).Cybersecurity:regulatory mandate/authority
283、 All sampled jurisdictions in APAC have a mandate/authority for cybersecurity in place.The authorities with a mandate for cybersecurity vary across jurisdictions,for example,the Ministry of Post and Telecommunications in Laos and Nepal,the Ministry of Communication and Information Technology in Samo
284、a and its equivalent in India,the Ministry of Defence in Indonesia,as well as more specialised authorities such as the Cyberspace Administration of China and the National Cybersecurity Agency in Malaysia and Singapore.These findings indicate there are differences between regulators in terms of capab
285、ilities and supervisory obligations regarding cybersecurity,and hence different approaches to implementing cybersecurity measures and regulations.5.Cross-Sectoral Themes39Cybersecurity:domestic frameworks95%of sampled APAC jurisdictions have an existing cybersecurity framework in place and the remai
286、ning 5%plan to introduce one.This prevalence is marginally higher than in sampled SSA(85%)and MENA(92%)jurisdictions.Japan is an example of a jurisdiction that is prepared for cybersecurity risks.Its existing cybersecurity-related laws include the Basic Act on Cyber Security,the Act on the Protectio
287、n of Personal Information,and the Act on the Prohibition of Unauthorised Computer Access.Other existing frameworks,and developed policies and strategies,include the Cybersecurity Policy for Critical Infrastructure Protection,the International Strategy on Cybersecurity Cooperation,the Cybersecurity S
288、trategy 2018,and the Defence of Japan 2020(Unidir,2021).Cybersecurity:financial services industry As shown in Figure 5.3,75%of jurisdictions across the APAC sample have a financial-services-specific cybersecurity framework in place,10%plan to introduce one and 15%have no framework.This is significan
289、tly higher than sampled jurisdictions in MENA(54%)but less than in SSA jurisdictions(85%).Figure 5.3:Financial service industry cybersecurity frameworks APAC(N=20)Cybersecurity:efforts and measures during the COVID-19 pandemic75%of sampled APAC jurisdictions implemented new specific cybersecurity me
290、asures in response to the COVID-19 pandemic(CCAF and World Bank 2020).Table 5.1 summarises some of these cybersecurity measures.Table 5.1:Examples of Covid-19 specific cybersecurity efforts and measures JURISDICTIONS COVID-19 CYBERSECURITYEFFORTS DETAIL OF COVID-19 CYBERSECURITY MEASURESAustralia Th
291、e Australian Cyber Security Centre(ACSC)has published advice to help protect people to strengthen their cyber defenses and be alert to online threats through a new national cyber security campaign.The ACSC issued Cybersecurity tips.China The Cyberspace Administration of China(“CAC”)released the Noti
292、ce on the Protection of Personal Information when Using Big Data for Joint Support and Defense(“2019-nCoV Personal Information Notice”)on February 9,2020,setting forth a few privacy and cybersecurity principles in connection with the collection,use,and disclosure of personal information for purposes
293、 of containing 2019-nCoV.The Notice established some cybersecurity mechanisms to protect personal information such as:Determine authorized entities for legally collect personal information for purposes of containing Covid-19 pursuant to the Cybersecurity Law.Data minimization principle Entities shal
294、l implement organizational and technical measures to prevent theft or leakage of information.India The CERT-In,the Indian Computer Emergency Response Team and ReBIT,the technology arm of the Reserve Bank of India(RBI)issued warnings about online threats and scams and asked financial institutions to
295、be aware.CyTrain(National Crime Record Bureau),part of the Ministry of Home Affairs issued a Cybersecurity tips booklet in which they determined tips in the following topics:Online transactions/Financial Fraud Identity theft/cyber impersonation Unauthorized access/data breach Phishing&Spamming Ranso
296、mwareJapanJapans Ministry of Trade urged businesses to exercise greater leadership and strengthen internal cyber security efforts,warning cyber-attacks could worsen with the increase in telework.A new ministerial report highlights the fact that overseas hackers are targeting small and large firms wi
297、th globalized supply chains and those promoting expansion overseas.The Ministry of Economy,Trade,and Industry(METI)released,on 30 September 2020,a guide on cybersecurity systems and training human resources.In particular,the guide outlines recommendations for building a cybersecurity system.Singapor
298、eThe Cyber Security Agency of Singapore(CSA)issued warnings and tips to stay cyber-safe.The CSA issued an infographic called“How to Stay Cyber Safe During the COVID-19 Situation:bringing Your Business Online Securely”in which they determined to set strong passwords,do not use personal information in
299、 your passwords,enable Two-factor authentication,perform anti-virus scans and keep software up-to-date.Note:N refers to the number of jurisdictions surveyed.40%30%20%10%50%80%60%70%of jurisdictions0%15%No75%YesPlanned10%FinTech Regulation in Asia Pacific(APAC)40Open bankingOpen banking:regulatory ma
300、ndate/authorityOpen banking refers to making account and transaction data accessible in a secure,consent-driven manner,allowing third-party developers to build new and innovative financial products and services using existing banking infrastructure.These services,which often tackle issues of financi
301、al inclusion and education that have traditionally been passed over by incumbents,have facilitated regulators goals of increasing access to their underbanked populations and assisting consumers in achieving financial wellness.In practice,open banking is used to permit account transactions,such as tr
302、ansfers and payments,through application programming interfaces(APIs).Approaches to facilitate open banking vary across sampled APAC jurisdictions.Examples of jurisdictions that are successfully implementing open banking frameworks and open API integration include Singapore,Hong Kong,Australia and I
303、ndia.However,not all these frameworks are based on mandatory market participation,nor has the regulator led the way in setting standards for the market.For example,in Hong Kong and Singapore,it is not compulsory for the incumbent banking sector to participate in open banking.This is in contrast to o
304、ther open banking regimes,such as in the UK,which make it compulsory for incumbent banks to adhere to data sharing policies.Instead,traditional retail banks in Hong Kong and Singapore are being encouraged to develop more personalised and novel services in collaboration with third-party providers(Acc
305、enture Consulting,2019)to spur innovation.Singapore,though market-driven,has taken a strong top-down approach to implement open banking.The Monetary Authority of Singapore(MAS)set up the Singapore Financial Data Exchange(SGFinDex)allowing banks to exchange data voluntarily,but has strongly encourage
306、d banks to go above and beyond the suggested APIs and make additional information and processes available to developers and third parties(MAS,2021c).SGFinDex,a public-private collaboration,was launched so that individuals could allow or withhold consent online for their financial information held ac
307、ross government entities and financial institutions to be used.This was done by using individuals national digital identities stored in one centralised portal.In contrast,Hong Kong chose a light-touch,phased market-driven approach to open banking.Announced by the Hong Kong Monetary Authority(HKMA)in
308、 September 2017,the first two phases encouraged banks to disclose public data and open digital channels for acquisition.These were followed by the second two phases that were gradually introduced from the end of 2021.These two phases allowed access to account information,and enabled payments and tra
309、nsfers(HKMA,2017).In contrast to other jurisdictions,such as Australia,HKMA has not mandated open banking,instead opting for a voluntary opt-in process and providing high-level guidance assisting financial institutions to agree on standards amongst themselves.In Australia,the rollout of the Consumer
310、 Data Right(CDR)legalised,and made mandatory,open banking across financial institutions.Interestingly,the Australian Securities and Investments Commission(ASIC),and the Australian Competition and Consumer Commission(ACCC),did not follow the general trends seen in open banking.Instead,these commissio
311、ns guided alternative methods of data sharing outside standardised APIs and permitted screen scraping.And although they later issued warnings to consumers about the risks of sharing credentials with unknown third parties,they recognised that digital data capture services are similar to APIs,in that
312、they are a secure means of accessing information(AFR,2020).This example illustrates that the technical methods sanctioned by regulators vary just as much as the frameworks implemented across jurisdictions.5.Cross-Sectoral Themes41India is another example of an APAC jurisdiction that is implementing
313、open banking.Its hybrid approach to open banking has been strengthened,underpinned by previous progress in enabling access to financial services that had traditionally underserved parts of the population.Through its India-Stack approach India has focused on several inter-related and pre-cursor regul
314、atory and policy initiatives that create the necessary conditions for implementing an Indian open banking scheme.India-stack is a public-private unified software platform that was introduced more than ten years ago to integrate government and business processes.It now includes an interoperable payme
315、nts system,underpinned with universal digital ID.The National Payments Corporation of India(NPCI),with support from the Bank of India,regulates the payment scheme.It has now also launched the Account Aggregator framework to actively promote the development of new services.Even though the platform is
316、 not mandated,Indias financial institutions are keen to leverage the India-Stack(Carrire-Swallow,Haksar and Patnam 2021).In contrast to jurisdictions such as the UK that have a formal regulatory programme aimed at implementing open banking infrastructures and principles across the financial market,I
317、ndia has taken a more piecemeal approach.By creating rules and initiatives that focus on key components that are a pre-requisite to open banking,India is laying the foundation towards formal open banking interventions.Initiatives that are currently being pursued by regulators include providing clari
318、ty on data registries,defining who,how and what data can be stored and further refining account aggregation rules and supervision.Open banking:domestic frameworksAs shown in Figure 5.4,35%of sampled APAC jurisdictions have an open banking framework in place,35%plan to introduce one and 30%have no fr
319、amework in place.Figure 5.4:Open banking existing and forthcoming frameworks APAC(N=20)Grouping this data according to the World Banks income level classifications shows that most sampled high-income jurisdictions have an open banking framework in place(83%),whereas in lower-middle-income jurisdicti
320、ons the figure is much lower(43%).57%of upper-middle-income jurisdictions plan to introduce an open banking framework.Table 5.2 provides an overview of the open banking frameworks in place across APAC jurisdictions.The table also includes data protection and cybersecurity frameworks.Note:N refers to
321、 the number of jurisdictions surveyed.20%15%10%5%25%30%35%40%of jurisdictions0%30%No35%YesPlanned35%FinTech Regulation in Asia Pacific(APAC)42Table 5.2:Open banking.Existing and forthcoming open banking frameworksAustraliaHong Kong,ChinaIndiaJapanMarshall IslandsSingaporeTaiwan,ChinaBhutanChinaIndon
322、esiaMalaysiaNew ZealandPhilippinesThailandNote:The information was collected through publicly available information.14 jurisdictions in APAC have an existing or planned open banking framework.Additionally,all jurisdictions that have implemented an open banking framework have also implemented specifi
323、c cybersecurity standards for the financial services industry,and all but one have also implemented data protection frameworks for the financial services industry.Similarly,all jurisdictions that are planning an open banking framework already have data protection rules in place for financial service
324、s.All but two of these jurisdictions have implemented specific cybersecurity frameworks,but they do have cybersecurity roadmaps and strategies.Financial consumer protectionFCP encompasses the laws,regulations and institutions that ensure the safety of consumers in their use of financial services and
325、 products.An effective FCP regime enables consumers of financial products and services to make well-informed decisions,protects the development of financial services,and supports the wider aims of financial stability,financial integrity and financial inclusion(World Bank 2017a).The challenge facing
326、regulators is effectively ensuring consumer protection in an increasingly digital financial services marketplace.Consumer protection is a key mandate for regulators globally and has been identified as an increasing concern regarding FinTech in response to COVID-19,as seen in Figure 2.2.FCP:regulator
327、y mandate/authorityMany institutional regulatory models for FCP exist.To clarify and simplify this studys mapping of these models,the study employed the models used by the World Bank FCP survey(World Bank 2017b).The World Bank grouped the different regulatory arrangements as follows:Integrated Singl
328、e Financial Sector Authority Model:Where FCP supervision responsibilities fall under a single financial sector authority that is responsible for all aspects of supervision of all financial products or service providers.Integrated Sectoral Financial Sector Authority Model:Where FCP supervision respon
329、sibilities fall under multiple financial sector authorities,each responsible for all aspects of supervision of financial service providers operating within specific financial sectors.OPEN BANKING FRAMEWORK IN PLACEPLANNED OPEN BANKING FRAMEWORKFINANCIAL SERVICE INDUSTRY DATA PROTECTION FRAMEWORK IN
330、PLACEFINANCIAL SERVICE INDUSTRY CYBERSECURITY FRAMEWORK IN PLACEFINANCIAL SERVICE INDUSTRY CYBERSECURITY ROADMAP/STRATEGY IN PLACE5.Cross-Sectoral Themes43 Dedicated FCP Authority Model:Where FCP supervision responsibilities fall under a single authority primarily dedicated to FCP or market conduct
331、more broadly.Shared Financial Sector and General Consumer Protection Authority Model:Where one or more financial sector authorities,and one or more general consumer protection authorities,share FCP supervision responsibilities.General Consumer Protection Authority Model:Where financial consumer supe
332、rvision responsibilities fall under one or more authorities responsible for general consumer protection supervision within the jurisdiction.Figure 5.5 shows that of the sampled APAC jurisdictions,55%have an Integrated Sectoral Financial Sector Authority Model.In some jurisdictions,for example,Laos,N
333、ew Zealand,Singapore and Taiwan,financial consumer protection is part of the remit of a governmental department or ministry rather than of one of market regulators.Figure 5.5:Models of authority over financial consumer protection APAC(N=20)The G-20/OECD high-level principles also state that authorities need clear responsibility and the authority to fulfil their mandate in the financial markets tha