10 June 2016

Get ready to play, Fintech – ASIC proposes an Australian sandbox for 2017

By Roslyn Hinchliffe, Scott Farrell and Kate Jackson-Maynes.

As promised by the Government, ASIC has released its proposed design of a regulatory sandbox for fintech. It is to represent a “safe-place” in which businesses can test new products and services without immediately incurring all of the regulatory consequences of those activities. In this way, the proposal has the potential to allow fintech businesses to accelerate their development of innovative offerings in the Australian marketplace. Although ASIC’s sandbox only proposes to provide a safe-place in relation to the requirement to hold an AFS licence and does not extend to other potential regulation, it has more important features which distinguish it from equivalent overseas regimes.

Of course, it is critical that the sandbox is calibrated to strike the right balance between facilitating fintech opportunities and appropriate consumer protection mechanisms. ASIC has attempted to strike this balance through limiting the type and conditions of play in the sandbox. A summary of the features of ASIC’s sandbox proposal is in the table below.



Who can play?

New Australian businesses that do not currently hold an AFS licence.

What can you test?


  • giving financial product advice or
  • arranging for other persons to deal in,

any of the following products:

  • listed or quoted Australian securities or
  • simple managed investment schemes or
  • deposit products,

to wholesale and retail clients.

What are the limitations of play?

The limitations of play in the sandbox are to early stage testing for:

  1. services cannot be provided to more than 100 retail clients;
  2. each retail client can have exposure up to a maximum of A$10,000; and
  3. the total exposure of all clients (both retail and wholesale) is required to be less than A$5 million.

How long can you play in the sand box?

One period of 6 months (without extension)

What are the conditions of playing in the sandbox?

The conditions of play are that the business must:

  1. have adequate compensation arrangements for retail clients (generally licensee’s meet this obligation by obtaining professional indemnity insurance);
  2. be a member of an ASIC-approved external dispute resolution scheme;
  3. comply with modified disclosure requirements (similar to FSG disclosure and a SOA, the latter only if financial product advice is provided);
  4. comply with the best interests duty and conflicted remuneration provisions as if the business were licensed;
  5. must obtain a ‘sandbox sponsor’ which may need to check that the persons operating the business are fit and proper, provide some certification of a reasonably sound business model and assess the risk of consumer detriment associated with testing; and
  6. notify ASIC that it wishes to play, provide evidence of a sponsor and declare that it has reasonable grounds to expect that it can operate the business for the testing period; and
  7. give ASIC a short report on the test once completed.

What protection is there for investors?

Besides the obligations described above, entities playing in the sand box may still be required to comply with privacy, anti-money laundering or other requirements.  Of course, the protections that may be available as a matter of general law (rather than statute) would also continue to apply.  Also, ASIC will have the power to make a business withdraw from the sandbox at any time.

The usual option of making an individual application for relief is still available to fintech entities.

When ASIC launches the sandbox, Australia will join the likes of the United Kingdom in having a regulatory sandbox open for business (and we do not expect Singapore to be far behind, as they are preparing to release a consultation on the Singaporean sandbox proposal).

ASIC's proposed sandbox compares favourably to the UK sandbox in several ways. First, ASIC’s sandbox is not subject to the restraints of EU law. Also, ASIC's proposal is on the premise that the terms and conditions of play will be set out up front. This contrasts with the UK sandbox where the FCA tailors a unique set of terms upon application for each business (although the FCA has published broad parameters for those terms). A key advantage of the ASIC proposal is that it will allow some fintech businesses to test certain product offerings prior to a detailed assessment by ASIC. This means that the ASIC sandbox does not have an element of the regulator being required to “pick winners” for participation in the sandbox. Accordingly, the ASIC sandbox may not have the disadvantage of being difficult to replicate across jurisdictions which would provide consistency benefits.

As there is a lot of technical detail behind the regulatory concepts described in this alert, we urge the fintech industry to work through the points carefully and consider making a submission to ASIC. If you would like more detailed insight on this, or any assistance with this process, please contact us. We would be absolutely delighted to speak to you.

ASIC’s consultation process for these proposals ends on 22 July.


ASIC’s proposed sandbox relates to the requirement under Australian law to hold a licence – or find an exemption from doing so – if it carries on financial services business.

Generally (unless an exemption applies) you could be providing a financial service if you:

  1. provide financial product advice;
  2. deal in a financial product;
  3. make a market for a financial product;
  4. operate a registered managed investment scheme;
  5. provide a custodial or depository service; or
  6. provide traditional trustee company services.

Accordingly, this licensing requirement may be relevant to fintech businesses, for instance, with respect to digital advice, peer-to-peer lending services, blockchain payment systems and cognitive technologies.

In addition, a business that operates a financial market or a clearing and settlement facility in Australia may be required to hold a different sort of licence which is not covered by the sandbox. For instance, the sandbox will not be available to online trading platforms.

ASIC’s paper also proposes some additional guidance or flexibility with respect to the requirement in the application for an AFS licence to prove the business’s organisational competency through the expertise of a “responsible manager”. ASIC’s preferred approach is to implement a combination of these proposals along with the sandbox proposal.

More background on the introduction of a regulatory sandbox in Australia can be found here, here and here.

Scott Farrell is a member of the Australian Government’s Fintech expert advisory group. However, this Alert should not be taken to be connected with that role.

Key contacts

Data Central

Have you checked out our new Data Hub? Data Central contains a range of resources to help our clients minimise the legal, regulatory and commercial risks this data-driven environment presents and ensure that its full value is being realised.

Share on LinkedIn Share on Facebook Share on Twitter
    You might also be interested in

    On Friday 25 September 2020 the Treasurer Mr Josh Frydenberg announced significant reforms to the responsible lending obligations in the National Consumer Credit Protection Act 2009.

    25 September 2020

    ACCC commences new inquiry into perishable agricultural products and the dairy code.

    04 September 2020

    The Federal Government has announced that it will direct the ACCC to conduct a market inquiry into the water markets operating in the MDB.

    06 August 2020

    On 22 May, the Chinese government unveiled its economic and social development blueprint for the year head – the 2020 Government Work Report (政府工作报告). This article provides a high-level overview of...

    25 May 2020

    This site uses cookies to enhance your experience and to help us improve the site. Please see our Privacy Policy for further information. If you continue without changing your settings, we will assume that you are happy to receive these cookies. You can change your cookie settings at any time.

    For more information on which cookies we use then please refer to our Cookie Policy.