LogoRegulatory Alerts
2019-01-01

Regulatory Sandbox Policy Guidance Note - March 2019

The Capital Markets Authority of Kenya has established a regulatory sandbox to facilitate the live, limited-scale testing of innovative capital market products and services not covered by existing regulations. Applicants must submit a comprehensive business model, exit strategy, and detailed testing and safeguard plans to demonstrate how they will manage risks and protect investors during the trial period. Upon conclusion, the Authority will determine whether to grant formal operational approval, propose new regulatory frameworks, or reject further deployment of the innovation.

Capital Markets Authority Kenya logo

Kenya

Capital Markets Authority Kenya

Click to view thumbnail

REGULATORY SANDBOX POLICY GUIDANCE NOTE

About this Note

This Policy Guidance Note is to be used in Kenya as a guide on the operational environment of a Regulatory Sandbox Program and will inform future refinement of a Regulatory Sandbox framework.

CAPITAL MARKETS AUTHORITY – KENYA

MARCH 2019

Introduction

A. The Capital Markets Act establishes the Capital Markets Authority with the dual mandate of developing and regulating the capital market with emphasis on promoting, regulating and facilitating the development of an orderly, fair and efficient capital market in Kenya through- (i) promotion of orderly fair and efficient market; (ii) removal of impediments in the market; (iii) protection of investor interests; and (iv) facilitation of the use of electronic commerce.

B. In accordance with its dual mandate, the Authority issues this Policy Guidance Note pursuant to Section 12A of the Capital Markets Act (the “Act”).

C. This Policy Guidance Note provides a framework for a Regulatory Sandbox (“the Regulatory Sandbox”) to allow for testing of innovative products, solutions and services that have the potential to deepen or broaden the Kenyan capital markets.

D. The Regulatory sandbox is a tailored regulatory environment for conducting limited scale, live tests of innovative products, solutions and services. The Regulatory Sandbox provides an evidence-based tool for fostering innovation while allowing the Authority to remain vigilant to investor protection, financial stability and integrity risks.

E. The Regulatory Sandbox supports the broader national policy agenda described in Kenya Vision 2030 and the 10-year Capital Market Master Plan. Drawing on emerging global best practices, the Authority seeks to position the Regulatory Sandbox as a tool for facilitating capital markets innovation in Kenya and helping to advance the Authority’s goal of creating a vibrant and globally competitive financial sector.

F. This Policy Guidance Note sets forth the eligibility, application, safeguard, and testing requirements for firms interested in live testing of innovative products, solutions or service with the Authority’s Regulatory Sandbox. The Regulatory Sandbox application form is attached as Annex A.

Definitions

  1. For purposes of this Policy Guidance Note: “Applicant” means a company limited by shares that has applied for approval to participate in the Regulatory Sandbox; “Participant” means an Applicant that has been accepted by the Authority to participate in the Regulatory Sandbox; “Regulatory Sandbox” means a tailored regulatory environment for conducting limited scale, live tests of innovative products, solutions and services as further defined in this Policy Guidance Note.

Purpose and Objectives

  1. The Authority seeks to provide a regulatory environment that is conducive for the deployment of a variety of innovative business models and emerging technologies that have the potential to deepen or broaden the capital markets in Kenya. This includes reviewing and adapting regulatory requirements that may unintentionally inhibit investor-friendly innovations or render them non-viable under current regulations.

  2. As part of this process, the Regulatory Sandbox is intended to enable innovative capital markets-related products, solutions and services to be deployed and tested in a live environment prior to launching into the open market, within certain specified parameters and timeframes. Equally important, the Regulatory Sandbox is intended to help accelerate the Authority’s understanding of emerging technologies and support evidence-based approaches to regulation that advance the goals of investor empowerment and protection, capital markets deepening and broadening in accordance with the stated objectives.

  3. The Regulatory Sandbox is not applicable for proposed products, services or business models that are already clearly addressed under existing laws and regulations. The Authority may nonetheless consider any credible cases evidencing that a proposed model is not envisioned in the existing framework and serves to advance the goals detailed in (3) above. In all such cases, the Authority shall be the final arbiter of whether such threshold has been met.

  4. Participation in the Regulatory Sandbox is based on application and approval by the Authority and does not guarantee any special status to operate in the marketplace after completion of the testing program without further approval by the Authority.

Eligibility, Application and Acceptance Criteria

  1. The Regulatory Sandbox is available to an Applicant who: (a) has its company incorporated in Kenya or is licensed by a securities market regulator in an equivalent jurisdiction; and (b) intends to offer an innovative product, solutions or service in Kenya following a successful exit from the Regulatory Sandbox.

  2. An Applicant may apply to participate in the Regulatory Sandbox at any time. The Authority shall review applications on a rolling basis.

  3. (1) An Applicant shall submit to the Authority the following documents - (a) Completed application form as set out in Annex A; (b) Certified copies of all registration documents; (c) Certified list of directors and shareholders, if applicable; (d) CVs for all founders and key management personnel; (e) Outline of business model for the product, solution or service which should include: (i) The potential benefits of the proposed product, solution or service for capital markets deepening or broadening in Kenya; (ii) Why a Regulatory Sandbox test is required; (iii) Evidence that the product or service is sufficiently mature to be tested in a live environment or a sound rationale for admission where the product is not ready for testing; (iv) Evidence that the Applicant has adequate arrangements to support live testing, including measures to protect the interests of investors and other capital market participants if the test fails; (v) the potential risks resulting from the Regulatory Sandbox test; and (vi) The proposed safeguards and risk mitigation strategies for avoiding potential harm to investors or the capital markets and their likely effectiveness. (2) The Applicant shall also submit a projected plan and clear strategy for exiting the Regulatory Sandbox which shall include: (a) scenarios for transitioning and/or compensating customers in the event the proposed product, solution or service is discontinued; and (b) proposals for deploying the product, solution or service on a commercial scale in Kenya after successful exit from the Regulatory Sandbox; (c) a draft sandbox testing plan.

  4. The Authority shall on receipt of an application communicate to the applicant within fourteen working days on the next course of action.

  5. The Authority shall evaluate the application and for successful applicants, the Authority shall issue a letter of approval to participate in the Regulatory Sandbox. Once granted approval, the Participant shall be considered as an approved person in line with the capital markets laws and regulations.

  6. The Authority reserves the right to delay or defer acceptance of otherwise qualified Applicants for any reason including, among other things, limitations on its current or anticipated supervisory capacity, the anticipated burden of planning and supervising the sandbox test, or any other reason that may affect the quality, effectiveness, or impact of the proposed Regulatory Sandbox test.

  7. Any decision by the Authority to deny admission to the Regulatory Sandbox shall be supported by a written statement provided to the Applicant which sets forth the Authority’s rationale for denying the application.

Testing Plan

  1. An Applicant shall submit to the Authority a test plan with information on: (a) Key test objectives (including the specific regulatory questions or hypotheses to be tested in the Regulatory Sandbox); (b) Testing metrics and/or performance indicators; (c) Testing methodologies; (d) Scope and testing parameters (e.g., number and/or kind investor and/or test market, aggregate value and/or frequency of transactions, etc.); (e) Proposed testing period; (f) Relevant reports to be submitted during the testing period and feedback mechanisms; and (g) Safeguards and remediation measures.

  2. The Authority shall review and approve the test plan with such modifications as may be necessary.

  3. The Authority may, in the course of the testing period, require modifications to be made to the test plan as may be necessary to ensure that the test objectives are met or to protect investor interests. The Participant may propose the modifications to the test plan for the Authority’s approval.

  4. The initial testing period shall be determined through consultations between the Authority and the Participant. The testing period shall not exceed twelve months unless the product, solution or service has tested positively and it can be demonstrated that extended testing is necessary to respond to specific issues or risks identified during initial testing. Any extension shall not exceed a further twelve months.

Records and Reporting Requirements

  1. Participants shall provide the Authority with interim reports on the progress of the test, which reports shall identify: (a) Key performance indicators, key milestones and statistical information; (b) Key issues arising as observed from misconduct, fraud or operational incident reports and, if any, measures taken by the Participant to address such incidents; (c) Actions or steps taken to address customer complaints, emergent risks, or other issues relevant to Authority’s assessment of applicable regulatory requirements; (d) Proposed changes to the Participant’s key personnel, management, leadership, business plan, or any concerns on financial solvency; and (e) Any other relevant matters.

  2. The frequency and specific details to be included in interim reports shall be agreed between the Authority and the Participant, taking into account the duration, complexity, scale and risks associated with the test.

  3. Participants shall ensure proper maintenance of records during the testing period to support review by the Authority of the testing activities.

  4. Participants shall submit a final report to the Authority within thirty calendar days from the expiry of the testing period or within any other period as may be agreed upon by the Authority and the Participant. The final report shall contain: (a) Key outcome and performance indicators; (b) A full account of all incident reports and resolution of customer complaints; and (c) In the case of a failed test, lessons learned from the test; or (d) In the case of a successful test, the Participant’s plan for the transition of the product, solution or service to commercial scale.

  5. The Test plans and all test results shall be treated by the Authority as confidential unless otherwise indicated in this Policy Guidance Note or agreed with the Participant. From time to time, the Authority may disclose data on and types of firms that have applied to participate in the Regulatory Sandbox.

Regulatory Relief and Safeguards

  1. Regulatory Sandbox tests shall incorporate appropriate safeguards to identify and manage potential risks and mitigate the consequences of failure, such as undisclosed risk of financial loss or other undisclosed risks to customers, investors, market participants, and the Kenya capital markets.

  2. Participants shall comply with certain minimum regulatory requirements prescribed by law and applicable to all capital market participants as further specified by the Authority in a safeguard and supervision plan (a “Safeguards Plan”) which forms a part of the test plan. In the Safeguards Plan, the Authority will also determine the specific regulatory requirements it is prepared to temporarily modify during a Regulatory Sandbox test on a case-by-case basis, subject to the safeguard requirements described below.

  3. Every Participant shall commit to implementing a Safeguards Plan for the duration of the test. The Safeguards Plan will be designed by the Participant in consultation with the Authority and shall address, at minimum, the integrity, conduct, and investor protection requirements applicable to the Applicant as a capital market participant. Specifically, the Safeguards Plan shall: (a) Require compliance with applicable rules and regulations regarding the prevention of money laundering, counter-terrorism financing, and other illicit activities included in the Guidelines on the Prevention of Money Laundering and Terrorism Financing in the Capital Markets; and (b) Address the unique risks presented by the Regulatory Sandbox test and specify any mandatory actions to be taken by the Participant to minimize and/or remediate the impact of such risks on investors, market participants, and the Kenya capital markets.

  4. To the extent a Participant already operates in Kenya under a license issued by the Authority, the terms and conditions of that license would continue to apply during the test to all non-sandbox approved activities. The Regulatory Sandbox would however permit a specified product, solution or service to be tested by the licensed entity in accordance with the provisions of a Test Plan and without requiring a separate or modified license for purposes of the test.

  5. The Authority may, in addition to any other enforcement action, revoke or suspend an approval to participate in the Regulatory Sandbox at any time before the end of the testing period if the Participant: (a) Fails to implement any required safeguards; (b) Submits false, misleading or inaccurate information, or has concealed or failed to disclose material facts in the application; (c) Contravenes any applicable law; (d) Is undergoing or has gone into liquidation; (e) Breaches data security and confidentiality requirements; (f) Carries on business in a manner detrimental to customers, investors, or the public at large; (g) Fails to effectively address any defects, flaws or vulnerabilities in the product, service or solution which gives rise to recurring service disruptions or fraud incidents; or (h) Any other reason determined by the Authority.

  6. Any decision by the Authority to suspend or revoke approval to participate in the Regulatory Sandbox shall be in writing and detail the Authority’s reasons for terminating or revoking the approval. Prior to making this decision, the Authority shall give the Applicant an opportunity to be heard.

  7. The Participant may voluntarily seek revocation of their approval to participate in the Regulatory Sandbox subject to clearly demonstrating how it has addressed the interests of existing clients or investors to the satisfaction of the Authority.

Regulatory Sandbox Outputs

  1. After the testing period is completed, the Authority shall take any of the following decisions: (a) Grant the Participant a license or approval to operate in Kenya subject to compliance with existing legal and regulatory requirements; or (b) Grant the Participant permission to operate in Kenya subject to compliance with the terms of a letter of No Objection; (c) Adopt new regulations, guidelines or notices pursuant to Section 12 and 12A of the Act, based on insights gained from the Regulatory Sandbox test, where there is need for a broader legal or regulatory reform (for example, the design and adoption of a new regulation to govern a specific class of business model or innovation that is not adequately addressed under existing regulation); or (d) Issue a denial of permission for the Participant to operate in Kenya under prevailing legal and regulatory requirements.

Confidentiality

  1. The Authority shall treat all non-public information received from an Applicant and/or Participant in connection with a Regulatory Sandbox application or test as confidential and proprietary to the Applicant and/or Participant. The Authority shall not disclose such information to third-parties unless required to do so by law or allowed in writing by an Applicant and/or Participant.

  2. The Authority may enter into a non-disclosure agreement with a participant to further protect the confidentiality of any information shared in connection with a Regulatory Sandbox test.

  3. It is the responsibility of the Applicant or Participant to take measures to protect its intellectual property where necessary.

Fees

  1. Applicants to the Regulatory Sandbox will pay a non-refundable fee of Kenya Shillings Ten Thousand (KES 10,000).

Annex A: Application Form (Includes general information, proposal details, testing criteria, and required attachments for applicants.)

Share