Proposed Regulatory Sandbox Framework

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 1 of 27 Industry Comments General Comments: Ref CBB’s Response A bank noted:

1. In order to encourage creativity, innovation and encourage entrepreneurs and investors, eligibility criteria and stringent regulatory requirement should be implemented in a phased manner, i.e. startup firms should be given some flexibility during the developmental phase. GR-1 Noted
2. Decision points are left to the discretion of CBB, specially the due diligence process. While as regulator CBB has the ultimate decision, an independent advisory panel can aid CBB in decision-making and help in identifying genuine innovations. Moreover, it is important to elaborate more on the criteria of approval, evaluation and experimentation to eliminate any ambiguity. GR-2 Disagree
3. There are several processes and procedures to Regulatory Sandbox that require further elaboration by CBB though issuing a guideline document or manual. It would have been beneficial if such guideline or manual were available for consultation. GR-3 Internal licensing procedures developed A bank noted: FinTech is not a free-ride, hence, any innovation that moves from ‘Sandbox’ to production will need to be a chargeable service. Regulatory mandates around fees & charges related to such products/services will stifle the technology investment and the chances of innovation GR-4 Noted A Fintech Firm Noted: Overall we think it looks great, really exciting. We love that it's an open application, limited in restrictions on who can apply. The timeframe is great, and criteria feels fair. The documentation will be added work, but that's difficult to avoid. Our only comment is that from experience, it can be good to have a liaison or two from the CBB for each project. Perhaps that actually report on the project to their team, get to know it, but also serve as a primary point of contact for the business. It can make it a little more collaborative overall, if feasible. GR-5 Agree & the contact person will be assigned depending on the type of the service. A Fintech Firm Noted: My only major comment is as follows. You have identified the key features, application requirements, approval process and timeline…. which are all very clear. From an applicant’s point of view, however, it is important for us to understand a little more on GR-6 1. Not mandatory-on demand, conference and video will be accepted.
4. Biweekly reports are

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 2 of 27 how the interaction between the sandbox applicant and the CBB will work in practice. Understanding that this will differ for each applicant depending on their idea or scenario, some very high level guidance around the following would be really useful: 1.Meeting frequency and format - will the applicant be asked to meet with the CBB weekly? Monthly? Quarterly? Or not at all? And will this need to be physical, or can it be done via conference or video call? 2.Reporting requirements - will there be any? Are these likely to be in the form of statistics? Written report with management comment? Both? Other? 3.Team requirements - is there a ‘nominated’ person to lead the sandbox project? Are there any requirements for them specifically to be in attendance at meetings? Sign off on reporting documents? Will there be a requirement for the lead and/or team members to be in Bahrain, and if so, when? 4.Term of sandbox - for info, ADGM very proudly lead by offering up to 2 years sandbox licence. Can you give any approximate guidelines on how long the sandbox may last for a company? i.e. 6-12 months? maximum 18 months? etc. Any guidance would help a lot here. already required, by filling templates provided by the CBB. 3. Representation from the Fintech firm is a must, but doesn’t have to be in Bahrain all the time. 4. Amended to 9 months sandbox period, with a max extension of 3 months if required. A Fintech Firm Noted:

1. Have you started to come up with pricing?
2. Will the startups need to register as a company in Bahrain? GR-7 1. BD100 sandbox entry fees
3. No, experimental stage A bank noted
4. Please advise what is required by banks to launch these innovative products,services, business models and delivery mechanisms without immediately incurring all the normal regulatory. More details is required on how to initiate the process.
5. CBB to define the process in case of third party involvement, will the outsourcing regulations apply.
6. CBB to advise which regulations would the regulatory sandbox falls under.
7. Will there be any digital working group planned to be formed to bring all representatives from all financial institutions to leverage from each one’s experiences?
8. Suggest having a workshop for all licensees in order to have a consistent understanding of the requirements.
9. In case, HSBC is invited to be a party to the testing of a new to market product via the regulatory sandbox, there may be massive challenges in terms of legal contracts between large banks like HSBC and small fin tech companies – it may not be possible for some Fintech companies to have the legal expertise, hence the legal contractual process should be fair and CBB is expected to provide oversight on this process (CBB to define/outline the responsibilities of Fintech companies and the Financial institutions to help the banks set out the legal contracts.
10. Banks have their own policies, procedures, cyber security measures, hence we suggest that this process includes the requirement of maintaining sufficient cyber security measures.
11. In order to protect the integrity of the financial system and manage cyber security and fraud risks, certain minimum vetting standards should be imposed in case of partnering with third party Fintech company, we suggest adding a section with this requirement. GR-8 1.It is optional for licensees to enter the sandbox. 2.Outsourcing rules will be tailored on a case by case basis. 3.This depends on the nature of the service. 4.This can be done through BAB. 5.Noted.
12. This is a bilateral arrangement between the 2 parties, and CBB would not provide legal oversight. 7.These measure will be incorporated.
13. same

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 3 of 27 9. In case of initiatives taken by some/all banks, all participating banks should be conscious of the time that is required for the internal vetting process required by each bank before they take these applications to the regulator for approval. 10. The number of customers involved in each test needs to be considered. Does the CBB wish to limit the number of customers (i.e restrict the number of customers taking part in each test). 11. Would CBB be comfortable inviting staff to the test environment or would it be customers only? If staff will be used, all banks should be aware of the fact that staff have sufficient level of knowledge on products, hence consideration should be given to use staff to test new products. 12. Banks should have an exit policy in place, this is to be implement when something goes wrong during the testing period before customer detriment happens , exit strategy should not be limited to the end of testing. It should cover other trigger events such as reputational/operational risks and negative news. 13. Customers who agree to participate into the test environment need to be aware that this is a test of the product which may be withdrawn at a later stage, appropriate communication should be done at all stages. Suggest considering the addition of a section on customers notification and communications before they are invited to the test environment. 14. What is the CBB’s approach in using regulatory sandbox to test wider products in the GCC? Will there be any regulatory agreements with GCC countries’ regulators? 9. Noted 10.The CBB is not intending to limit the number. 11. yes, staff can participate. 12.Noted. 13. Agree. 14. Not applicable. A Fintech Firm noted: The regulations must include the following to cater to Compliance as it relates to local and Cross Border Transactions:

1. Regulations should include the ability for Wallet to be Online and Physical Agents.
2. They must all reference the same Compliance Engine with should be fully AML, KYC, ATF and full Fraud Management.
3. The Digital Wallet should have both a local and international ecosystem.
4. The Digital Wallet should have a local and international marketplace to promote Merchants in Bahrain.
5. The Digital Wallet must have full, smart Analytics to be mined to increase the consumer experience.
6. The Digital Wallet must be able to make Cross Border payments seamlessely.
7. The Digital Wallet must reference the National HR Database for reference checks and attached to Bank Accounts. This can then be leveraged to deploy a Fingerprinting recognition for the elderly and those who cannot read and write.
8. Digital Wallet should have a Merchant/Vendor Module which will create an Open Loop and/or Closed Loop Solution.
9. Digital Wallet should have a Mobile POS Solution (MPOS) as part of the Digital Wallet.
10. Must have NFC Devices fully integrated to the Digital Wallet. This will also include NFC Cards.
11. Must have a QR Code Platform to allow Merchants across Bahrain to become integrated into the Wallet and Payment Ecosystem. Along with this, the Merchant App will be launched to allow comprehensive reconciliation.
12. Become a Hub for Inbound Remittances into Bahrain for Bank deposits, Digital Wallet deposits and Agents. This will allow all Merchants/Vendors on the Platform to become part of a Correspondent Network.
13. The Digital Wallet must be integrated into the Processing Switch Networks in Bahrain. This will allow the Digital Wallet to be accessed by clients that are with other banks on the Switches. GR-9 Not relevant to the sandbox, as such products/services are already covered in the CBB rulebook-Volume 5.

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 4 of 27 14. Established funding methods to load the Wallet locally and internationally. 15. Must have Multi-Currency feature on the Wallet that would work seamlessly across Bahrain. 16.Digital Wallet must have the ability to make in store payments directly or payments at merchants. 17. Establish a Merchant Network to make payments easier. This will enable Merchants that are not part of the Processing Network to become part of the Banking Infrastructure and Digital Wallet ecosystem. 18. Must have the ability to allow for Currency Exchange on the Wallet if applicable. 19. Integrated compliance and credit reference to allow for Micro Finance loans and other secure products provided the credit reference backend exists. 20. The Digital Wallet must have the integration to Card Products. This will allow the recharge of Prepaid Card and/or Debit Cards with Credit Lines to be loaded through the Wallet. 21. The Digital Wallet must have the integration to Remittances (Agent, Online and Mobile) and Global Correspondent Network. 22. Build a local and international ecosystem for customers to use:  Offer Comprehensive Merchant Services (Online and Mobile).  Offer Comprehensive Bill Pay (Local and International).  Offer Airtime Top-Up (Local and International).  Insurance  Loans  Tickets (Movie, Bus, Airline, Events)  Donation  Taxes  Govt. Payments  Tuition Payments  Gas Station Payments  Telco Payments (Any Service)  Card Payments (Prepaid, Credit Cards, Recharge Cards)  TV and Entertainment  Newspaper and Magazine  Games  Books  Other relevant services. 23.Capability to establish and deploy an E-Commerce and M-Commerce Marketplace. Receipt sent to warehouse for delivery (automatic). Ideal for Shopping Marketplace. 24.Capability to launch a Digital Content Marketplace. 25.Loyalty and Rewards feature where Cash-back is given. A Fintech Firm noted: GR- 1.yes, the telecom

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 5 of 27

1. As per page 1 from the consultation document, telecom companies are one of the prospective beneficiaries of the sandbox, would that mean that the CBB are open to license telecoms?
2. Just to buy time, can we as a telecom company, start working with the sandbox, and move the launch of the system to another company once the testing period is done, and the new company is up and running?
3. If the CBB are open to licensing the telecom providers, will that mean the TRA will be involved? 9A company must apply to the CBB as a separate company that meets the ancillary service provider license requirements, not through the telecom company itself. 2.yes, the telecom company can apply to the sandbox.
4. please refer to point 1 above, TRA will not be involved, as a new company will be established and licensed by the CBB. An Insurance firm noted: Entities authorised to operate in the sandbox are likely to target personal lines and less specialised areas, eg motor, medical and life which account for a significant proportion of the GWP here in Bahrain - motor (28% of GWP), medical (20%), and life (20%) - totalling 68%, according to the Ernst & Young 2017 report "Insurance opportunities in the Middle East". Unlicensed, foreign companies entering the market via the sandbox could well result in premium which is currently retained in Bahrain, being remitted elsewhere, impacting not only on the insurance market but also on the Bahrain economy. Given the likely target areas, as described above, this could represent a considerable chunk of current GWP.  The Bahrain insurance industry is already extremely competitive. There are many active players covering all risk areas and the trend over the last few years has been for premium rates to fall. Whilst in the short term this benefits consumers, longer term this could cause markets to fail. Additional (unlicensed and possibly foreign) players in the Bahrain market may well exacerbate this trend.  Unlicensed entities operating in the sandbox would have an unfair advantage over licensed entities, in that they may not be complying with regulation and thus have smaller overheads than CBB licensed entities. Additionally, this could present a risk to consumers  We would like assurances that unlicensed operators would not be able to utilize any client data in order to target additional (unauthorized) business, especially if the entity is not ultimately licensed to operate in Bahrain. GR-10 Not relevant A bank noted: The proposed consultation will help develop the FinTech industry in Bahrain, however, the appropriate authority needs to create GR-11 IP rights can be registered in the Bahrain Chamber

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 6 of 27 dedicated or adapted legal regimes (eg intellectual property rights) for new business models which are flexible to accommodate new entrants and allow them to succeed that are within the scope of FinTech such as crowd-funding, cloud computing and peer￾to-peer lending. Given the fast moving and ever advancing technological environment, the timeframe for introducing new legislations is paramount. of Commerce. A bank noted: To help promote the FinTech industry and given the global implications of the FinTech industry, we suggest that the CBB consider harmonizing the standards and requirements with other regulators such as the UK’s FSA, Singapore’s MAS and Australia’s ASIC from a global perspective. Harmonizing such standards helps in putting Bahrain in the global map for FinTech companies. GR-12 This was already studied A bank noted: The CBB may consider having a separate/dedicated agency or forum to provide clear guidance and technical IT checks against key regulatory requirements especially cyber security and money laundering that are applicable for the FinTech industry. The dedicated agency can also provide other types of non-financial supports such as cross-governmental /agency support, training on regulatory requirements, linkages with incubators and accelerators. GR-13 To be considered A fintech firm noted:

1. It would be helpful to mention the charges for FinTech startups to participate in the regulatory sandbox.
2. There is no mention of the timeframe that the startup can remain in the sandbox. We assume that this would depend on the FinTech product / idea. Please clarify.
3. For new FinTech Product / Idea, will the sandbox facilitate bringing together stakeholders who may benefit from the Product / Idea?
4. Could you include a application template for the sandbox? GR-14 1. BD100 sandbox entry fees.
5. Amended to 9 months sandbox period, with a max extension of 3 months if required. 3.Sandbox will not do that.
6. A template developed An IT firm noted:
7. IP: We suggest that a provision for the protection of new IP be inserted to avoid uncertainty in terms of Intellectual Property ownership forming part of the Sandbox. Specifically we would ask that where collaborations is a material part of the Sandbox, that applicants who are collaborating be required to address IP ownership in advance of engagement.
8. Confidentiality: We would suggest that an option be inserted whereby a participant may elect to require confidentiality. Alternatively, if the aforementioned is unpalatable we would ask that a provision be inserted to allow co-ordination with an applicant prior to publication of any results or findings. GR-15 1. Noted
9. Disagree-not to the CBB’s advantage. A fintech firm noted:
10. We recommend to have also an innovative retail bank in Bahrain to be part of this approach, because fintech companies do their apps and services in the financial sector to offer a distinguished services to the end customers wither by an innovative quick approach or better economical method GR-16 1.Disagree 2.Not relevant

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 7 of 27 Hence a retail bank in the sandbox will allow fintechs to test their services , integrations, ease of method, AML, CFT, FC rules..etc to the service on a bank development environment in the sandbox Each bank have its own core banking system , delivery channels , customers’ contact point . but we are sure that for any bank , despite the complexity ,to build a middleware environment that fintech connects to it , then we will be able to offer a new innovative services such as ( lending , murabaha, loans, microfinance, money transfer, payments ..etc) to end customer The Bank who decides to join the sandbox approach could have a grace period of 6 months exclusivity to use the outcome service (fintech+bank ) then it can be offered to all banks in Bahrain if needed after that, this to encourage banks to participate 2. Some of our apps and services are fully integrated with the Bank mobile banking application , such as ( digitizing bank card on Bank’s mobile application to offer NFC Mastercard & Visa digital card payment services ) hence in the sandbox approach CBB must adopt the possibility of having the single app of both fintech and Bank together , so regulation may request banks to put their apps in sandbox as well An ancillary service provider noted: The scalability transaction volumes must not be more than 500k US$/annum. GR-17 Volume depends on the nature of the Fintech activity/service. A licensee noted: Intellectual Property Protection One of the key considerations for the Fintech players would be the protection of their intellectual property. Therefore provisions may be included to ensure that the same is protected during all stages of the regulatory sandbox testing. GR-18 Noted A licensee noted: Potential change/ impact to existing regulations An important aspect of this exercise is to determine the extent of change expected in the existing regulatory framework to ensure effective legislative and operational controls are in place to support the proposed service. This could result in enhancement of existing legislation or passing new resolutions to ensure effective implementation of the proposed service. GR-19 Noted-CBB may decide to make amendments in due course. A licensee noted: Competitive Participation GR-20 a.Disagree b.Not relevant

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 8 of 27 a. FinTech solutions and companies being new or even first timers, may not have previously worked with Commercial Banks in Bahrain. Therefore, it may be prudent for CBB to identify participating Banks for each of the solutions. This may be achieved through a competitive scenario, such as “participating bank(s)” or “sponsoring bank(s)”. b. The above measures may also include funding the experiment / testing phase to foster healthy competition among all the stakeholders (including the Banks, FinTech etc.). A licensee noted: Sandbox Testing a. The measure may include provision for making relevant changes during the testing phase and post exit. The changes may be identified by CBB, Sponsoring Bank or FinTech in line with business requirements. b. These measures may include if required, arbitration and dispute resolution, under CBB. c. Relevant information of approved sandbox applications to be published on the CBB website. GR-21 a.Noted b. This is subject to the agreement between the 2 parties. c. Good suggestion-to be implemented. An investment firm noted: To indicate the estimated date for the implementation of the new approach. GR-22 Upon Finalization of the regulatory sandbox document. An insurance firm noted:

1. Is there an anticipated point when the Fintech Sandbox will no longer be necessary, or is the Sandbox intended to remain in place indefinitely?
2. Is the Sandbox process intended to be the same for existing CBB regulated entities introducing a new Fintech product/service compared to an unknown new entrant to the market? The existing local market should be able to benefit from their current regulated position.
3. What are the regulations that may be relaxed if a Sandbox approach is taken?
4. Under Key success factors (b) How will you “design the appropriate regulatory framework for each company taking into account each company’s individual characteristics” When you don’t know which companies will be apply in advance? The appropriate regulatory framework should be in place before the Sandbox opens for new business.
5. Applicants are able to effectively experiment/test the solution in a laboratory or test environment. What is advantage of participating in the Sandbox? Could it qualify successful participants with a simplified/streamlined licensing process?
6. We do not know how the Sandbox will work. It is critical that any proprietary information provided by the applicant should remain confidential. As such, the application and technology solution should be entirely confidential so as to GR-23 1.To be decided later by the CBB. 2.yes, same. 3.This will be decided on a case by case basis.
7. This will be decided on a case by case basis. 5.Kindly refer to the introduction part of the document the see the purpose of the regulatory sandbox. 6.confidentiality is addressed by the CBB

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 9 of 27 protect their competitive advantage. 7. The Eligibility Criteria includes “genuine innovation” and “consumer benefit”. Is the Applicant required to meet one or both of them? If both, it would appear as uncompetitive – just because there is a service already available should not preclude another solution from being tested in the Sandbox. 8. Consumer benefit (one of the two key ‘eligibility criteria’) in the insurance industry entails some regulation for avoiding misselling and for appropriate product development and governance. Hence how ‘relaxed’ regulation will achieve this is a challenge, especially for the insurance industry. Another challenge will be the availability of skilled workforce, market access, a stable and mature regulatory environment as well as a functioning ecosystem for the Fintech market to evolve. Law and this regulation. 7.yes, both. 8. This will be decided by the CBB on a case by case basis. A bank noted:

1. We would also like to suggest that the regulatory sandbox could be a useful tool through which the CBB could test future technology related reporting similar to Esrad, the IIS and going forward, the CRS and FATCA reporting.
2. If the CBB intends to charge for the use of the sandbox, the costs of the same should be clarified. GR-24 1.Noted
3. BD100 regulatory sandbox entry fees. A bank noted: We do believe that the paper should place additional layer of comfort to the licensees, that their intellectual property are protected. We strongly believe that the success of such initiative depends on the strength of the platform’s infrastructure and the active participation of the licensees. In order to encourage such desired active participation, the owners/developers of the innovative financial products and/or services, needs to have comfort that their intellectual property rights will not be compromised during the regulatory sandbox testing period. Such comfort level can be elaborated by reflecting the main governance parameters surrounding such initiative (i.e. by providing clarity on the legal and regulatory framework addressing the confidentially aspect as well as by demonstrating the robustness of the IT infrastructure). GR-25 Noted An money exchange firm noted:
4. What are the criteria for unlicensed firms?
5. Is there any charges involve in deployment stage for deploying into Sandbox, there is no mentioning to the access procedure from external rights.
6. Filing Requirements Number 8 – Need to be elaborated
7. We noticed that the initial approval time frame is four weeks but the final approval keep open which should not exceeds six months to one year.
8. Page 4, Points 2, Item 3 Only CBB licensed retail banks will be trusted with handling customer’s money and/or assets on behalf of the Fintech firm – if Money Changers can be allowed for their related services? GR-26 1.same as licensed.
9. BD100 regulatory sandbox entry fees. 3.This will be done at a later stage.
10. Amended to 9 months sandbox period, with a max extension of 3 months if required. 5.Not acceptable.

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 10 of 27 Specific Comments: Reference to the draft Directive: Comments REF CBB’s Response Introduction – The need to have a Regulatory Sandbox A Regulatory Sandbox (Sandbox) is a framework and process that facilitates the development of the FinTech industry in a calculated way. It is defined as “a safe space in which businesses can test innovative products, services, business models and delivery mechanisms without immediately incurring all the normal regulatory and financial consequences of engaging in the activity in question.” Financial products/services based on new technologies, or new permutations of existing technologies, can be tested in the Sandbox without the burden of heavy regulations and licensing. Those that are successful (i.e. that meet the predefined experimentation criteria to the satisfaction of the CBB) can apply for the relevant license while others have to leave the Sandbox after a defined time period. This allows both existing licensed financial institutions and newcomers to the market to experiment with innovative financial services for a specified period of time in an environment where actual products and services are rendered to consumers, but where the risks to said consumers and to the local banking system as a whole are clearly defined and mitigated. A licensee noted

1. It may make sense here to include a reference to Bahrain positioning itself as a future FinTech hub – i.e. why a ‘Sandbox’ in Bahrain (rather than in general)
2. We recommend that all new entrants should have full disclosure norms in place which highlight all the potential risks to the test customers. SP-1 1.Agree – good suggestion 2.Agree A bank noted It has to be ensured that the ‘Sandbox’ is not misused to have variations of services/technologies that are in place due to SP-2 Noted-Refer to Eligibility Criteria.

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 11 of 27 regulatory mandates – for example, a fintech offering a local payment services product that competes with EFTS A bank noted a. The proposed Sandbox is understood to be a regulatory framework and process only to ease the regulation of launching new FinTech innovative services. It is not a technical environment. This may need to be clarified further. b. Is the entry of the Sandbox for licensed financial institutions optional or a must? (i.e. for any new innovative idea the bank is planning to introduce, does it need to go through the sandbox process or the bank can follow the existing approach of informing CBB/getting approval). c. Is the sandbox experiment bound by time only, or other limitations as well such as transactions limits, number of customers, etc.? c. With this regulatory implementation of Sandbox, what is the expected contribution from existing financial institutions? SP-3 a.Noted 2.This is optional c. The CBB is not intending to add limits for the time being, however, this might be considered on a case by case basis. A bank noted If the “Pre-defined experimentation criteria for the satisfaction of the CBB” can be shared so that the same can be taken as one of the required benchmarks. SP-4 This will be decided on a case by case basis. Key features of the Regulatory Sandbox  The Sandbox will be a virtual space for both CBB-licensed financial institutions and unlicensed firms to test their technology-based innovative solutions. A licensee noted 1.Need to define “virtual space”. Does it mean that testing cannot be done on real customers? 2.Need to define “unlicensed firms” SP-5 1. Means that a firm may not have a physical presence in Bahrain. 2. Amended (licensees and others).  The Sandbox application process will be open to both existing CBB licensees and unlicensed companies (local + foreign). The latter may include financial sector companies as well as tech and telecom companies intending to test an innovative product or service, professional service firms who partner with or service financial institutions, or any other type of applicant working within the financial services industry deemed A licensee noted 1.Unlicensed / foreign companies should be required to have a local licensed partner before entering the sandbox. 2.Sanctions screening should be there for the origin of the country of the unlicensed companies. SP-6 1.Disagree 2.Noted

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 12 of 27 acceptable by the CBB. A legal firm noted: We note that the regulatory sandbox provides that “The Sandbox application process will be opened to both existing CBB licensees and unlicensed companies (local + foreign)”. We believe that the Sandbox regime should be coordinated with the system administered by the Ministry of Industry, Commerce and Tourism (“MOIC”) in respect to the issuance of commercial registrations for it to achieve its intended goals and purposes. In particular we note that the activities carried out within the regulatory sandbox would still require a commercial registration issued by the MOIC as no person can carry out commercial activities in Bahrain without a commercial registration and the regulatory sandbox should cope with this requirement stemming from the Commercial Companies Law as implemented by the MOIC. This has double-fold implications: first, as far as foreign companies are concerned, this implicates the necessity for them to establish a subsidiary or branch in Bahrain for the purpose of obtaining the commercial registration necessary for engaging in the envisaged activities in Bahrain; second, a proper corporate object should be identified for the purpose of obtaining the relevant commercial registration noting that the corporate objects associated with CBB licensed activities would not be generally available for such companies in the absence of a license issued by the CBB. We believe that it would be of the utmost importance for the CBB, in coordination with the MOIC, to create a new corporate object ad SP-7 Agree

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 13 of 27 hoc for the regulatory sandbox, associated with an own ISIC 4 Code under the MOIC-administered system. This new corporate object could be identified as “fintech activities” or something similar, should be opened to 100% foreign ownership (also in the forms of branches of a foreign company) and/or individual ownership and should be associated with no minimum capital requirements. It would also be advisable to consent the exercise of such activities from any physical address in Bahrain (even shared with other companies). This with a view to reducing to a minimum the hurdles connected with the establishment of a business in Bahrain for the purpose of accessing the sandbox system. An audit firm noted: I really believe that the smart and forward looking approach in the Bahrain sandbox is the fact that it is open to tech firms and telcos. Many others globally (eg HKMA) are only open to banks. You guys have to emphasise that from a PR perspective. Dont think you need to change the consultation paper on this point but really make sure to emphasise it in the press release or media. SP-8 Noted A bank noted We note that the Sandbox application process will be open to existing CBB licensees and unlicensed companies (local + foreign). There is an inherent operational risk that unlicensed foreign companies may breach the strict confidentiality rules of the CBB, especially those concerning customer data. Lack of confidentiality is detrimental to the sandbox’s potential to foster an innovative friendly environment. It is hence imperative that in its final guidelines, there should be a specific section which addresses the confidentiality standards required of the protection of customer data, especially by unlicensed firms that operate in the sandbox. SP-9 Confidentiality is already covered in the Application and Approval Process (point 2)  The testing of a product or service may be limited in terms of the number of customers and the duration A licensee noted: Limitations should focus on the solution to specific types of SP-10 This depends on the nature of the service

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 14 of 27 from the date of CBB’s approval. customers or setting a threshold on transaction values or cash holding limits. provided. A bank noted:  Will pilot customers be informed of their rights to any damages that could be inadvertently caused by the ‘Pilot’. o Since only CBB licensed retail banks will be trusted with handling of customer’s money on behalf of the Fintech firm, who bears the liability in case of loss incurred by the bank’s customers during a pilot. SP-11 Noted  It must be emphasized that the Sandbox is not intended to be a means to avoid the legal and regulatory requirements already in place. A licensee noted: This section is not clear as many new Fintech initiatives like Wealthtech, Regtech, Insuretech, e-loans etc. cannot be tested. SP-12 Not relevant. A financing company noted: In certain other jurisdictions where the Sandbox framework/ approach has been implemented, the concerned regulators have the authority to issue ‘No Action/ No Enforcement Letters’ (NALs). At a high level, NALs serve to provide comfort to participants of the Sandbox that the concerned regulatory authorities will not take enforcement/ disciplinary action against the concerned participant(s) for any unexpected regulatory breach. We would request CBB to consider the above-mentioned practice for inclusion within this section. SP-13 Disagree Eligibility Criterial and Filing Requirements Genuine innovation: The solution should be truly innovative or significantly different from existing offerings, or offer a new use for existing technologies, as evidenced by market research showing that there are few or no comparable offerings in the Bahrain market, and a comparison of the key features of the Applicant’s technology or operating methodology against competitors. An IT firm noted: Innovation Criteria: We would ask that you consider implementing what we refer to as “incremental innovation”. We feel that true innovation criteria can be subjective and an incremental approach will assist in revealing true innovation. Additionally, and more importantly we feel that (based on experience) truly disruptive innovation generally emerges following series of incremental innovations. SP-14 Any innovative idea may be tested, based on the CBB’s judgement.

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 15 of 27 The Applicant must demonstrate eligibility to the satisfaction of the CBB by showing clear evidence as outlined above or in any other applicable way. A bank noted Similar to those already offered…’ – this is vague and needs a clearer definition. Will this include new technology solutions that will enhance/replace existing solutions that are provided by the incumbent financial institutions? SP-15 Yes, refer to the eligibility criteria. A bank noted: The Applicant fails to satisfy…’ – this is risky in that the applicant may have already spent a substantial investment while testing the proposed solution in a Lab Environment. Testing in a lab environment should only happen after the final approval (after evaluation stage by CBB) and prior to the experimentation stage. This term could actually favor the established international Fintech players as they would have established technology systems elsewhere and would just needs Bahrain’s sandbox for testing the waters locally. Being tested effectively in a controlled environment….’ – if the testing is done in a controlled environment, then what is the purpose of applying for the ‘Sandbox’. The applicant may as well prepare for the applicable regulatory requirements, and apply to CBB for the necessary license SP-16 Disagree – licensees and others have the option to test innovative ideas in the regulatory sandbox. A bank noted: What defines genuine innovation? And what happens if two firms are approaching the sandbox with similar areas or functions? Is there a detailed evaluation criteria? What method will be used to calculate and quantify the benefits? SP-17 This will be decided by the CBB on case by case basis. An audit firm noted:

1. Whilst I agree with the idea of "genuine innovation", that is a very subjective element. Also asking to conduct a market research to SP-18 1.Any innovative idea may be tested, based on the CBB’s judgement.

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 16 of 27 prove that is a bit too much. I would instead say something along the lines that the solution should be innovative and provide a value add that is not generally available in the Bahrain market today. 2.Whilst the consumer benefits paragraph is good, I would add something to clarify that B2B solutions are also welcomed. As discussed, I really believe that Bahrain can be the hub for certain sectors of broader Fintech and many of these are solely B2B (eg RegTech). So I would add something along the lines that consumer also includes CBB licensed financial institutions and unlicensed institutions exploring new B2B solutions that would benefit them for a broad range of uses cases. I think this is critical to position Bahrain as a B2B hub as well and to encourage financial institutions to be innovative and forward thinking. 2.Regulatory sandbox is open to all kinds of solutions, including B2B. A bank noted: 1.For new solutions, it will be difficult to define whether a comparable solution already exists in the market or not because for certain types of innovation, the uniqueness will be minor however the benefit could be high. For example, would a foreign solutions provider be allowed in the “Sandbox”, even though its innovation is similar to an existing solution, i.e. that of a local solutions provider? We should attract foreign companies to enter the gulf market because that is a positive step towards creating a technology driven environment. 2.The nature of the financial industry leads to many similarities among different financial innovators. Therefore, eligibility requirement of being ‘significantly’ different from existing offerings could possibly discourage potential innovators from applying to the “Sandbox”. We would therefore suggest that this criteria should be aligned more towards customer impact rather than uniqueness. 3.The “Sandbox” should also be available to vendors and partners of the licensees for them to be able to test a solution before those SP-19 1.This is based on CBB’s discretion. 2. Disagree 3. Regulatory sandbox is open to all. 4. Amended: to delete the reference to Middle East, and to add a pre-condition saying (applicants must have the intention to do business in Bahrain post regulatory sandbox period). 5.Agree – to mention shari’a compliant services.

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 17 of 27 solutions can be assessed for viability. This will give the licensees a better insight on the risks, challenges, demand and acceptability of the solution before it intends to add it to its future offering. 4.Applicant’s intention of a broader deployment after exiting the “Sandbox” should not be restricted to Middle East region only. GIB would suggest that there should be a restriction on the number of such companies but they should not be completely blocked. We would suggest that the CBB should invite international companies to the local environment and encourage them to offer its products in the local market before their international deployment. This will also encourage a culture of innovation in the local market. 5.Direct addressing the Islamic banking solutions in the “Sandbox” concept would bring additional clarity. In the current version of the consultation paper it is unclear whether Islamic banking products and services providers could apply to the program and what the impact of associated regulatory requirements would be. A licensee noted: As the FinTech landscape is promising proliferation of technological innovations and solutions, and many of these innovations may not comply with some of the existing regulations of Central Bank of Bahrain (CBB). Because of this many of promising innovations may result in missed opportunities. We suggest following key considerations to be taken into account: 1.Qualification criteria may consider for participating FinTech companies to operate out of country or region. 2. The criteria may also consider “cloud based / Open Source” technology solutions platforms. 3. The qualification considerations may exempt the participating companies from establishing a legal entity in Bahrain. At the same time, CBB may facilitate such companies to apply for license from overseas also. 4. Some of these innovations may be first timers, and may not SP-20 1. Noted. 2.Yes. 3.Noted 4.Regulatory sandbox is open to all. 5.Yes

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 18 of 27 have successfully operated in any other region. 5. For the above key considerations, appropriate security and regulatory requirements to be fulfilled under a controlled staged process. Readiness for testing: The Applicant must show well￾developed testing plans and sufficient safeguards to protect customers. Key risks of the solution and how they can be mitigated must be separately highlighted. The Applicant will be required to report on the test progress, on achieved milestones, and likelihood of achieving target outcomes to the CBB on a pre-agreed schedule, followed by a final report within one month of completion of the test. To the extent possible, the reporting format will be kept simple and concise. A bank noted: CBB may consider introducing the following steps: 1.Periodic interim reports should also include fraud or operational incident reports and steps taken to address key issues therein 2.The interim and final reports must be confirmed by the senior management / CEO. SP-21 1.Good suggestion-to be included in the bi-weekly report. 2.the reports to be confirmed by the Fintech firm and the CBB. The FinTech solution is assessed by the CBB (based on the Applicant meeting the success criteria in the filing requirements as described below) to be similar to those already offered in Bahrain; A bank noted: It would be interesting to have multiple FinTech solutions covering more or less the same scope and running in parallel, as the final customer experience/offered services/outcome may not be the same. SP-22 Noted A bank noted: Please clarify the meaning of “Similar”. Furthermore, please provide examples of circumstances where the regulatory sandbox is not applicable. SP-23 This is already covered in the document The Applicant fails to satisfy the CBB that it has done sufficient due diligence and testing of the proposed solution in a lab environment or has obtained external validation of the solution; A bank noted: To clarify what external validation is required to enter the sandbox, as such ambiguity in the disqualification criteria may be prohibitive for some FinTechs. SP-24 We requested (lab environment) or (External Validation), the Fintech firm may choose whatever is suitable. Further, this is covered in the internal licensing procedures.

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 19 of 27 An audit firm noted: 1.You mention "lab environment" and then "controlled environment" in the next paragraph. I would just define what you mean by those terms. 2.Also make sure to add a contact point that people can send you questions/reach out at the end of the document and ensure that the team will be there to answer any questions. Problem for HK was that they put an email address but people were getting a reply like 2 months after....doesn't look very good! SP-25 1.Agree – this will be clarified. 2. Agree & the contact person will be assigned depending on the type of the service. An IT firm noted: Deployment Testing: As regards this matter, we would like to see testing opened up to a broader spectrum of participants. There may be sound reasons to restrict testing only to the applicant, but for genuine innovation, an ability to test in a collaborative manner may yield greater results and we would encourage you to consider adding licensees, affiliates and partners to a post-testing deployment environment. SP-26 This will be decided by the CBB on a case by case basis.  To clarify, the Sandbox may not be suitable in cases such as the following: o The proposed solution is capable of being tested effectively in a controlled environment (in which case such testing should be done prior to applying for the Sandbox); A licensee noted: There seems to be a potential contradiction between this point and the one above; either the solution has been sufficiently tested or not; it may help to differentiate between a “technical test” (i.e. the solution works as designed) which should have been done prior to applying, and a “controlled market test” (i.e. use the sandbox to test market acceptance/constraints) SP-27 To think about this – needs to be clarified. A bank noted: 1.Applicant must demonstrate that it has conducted adequate assessment of usefulness, functionality and viability of products / solutions proposed, for Bahrain 2.Applicant must ensure that it understands applicable relevant regulations for its products / solutions as laid down by the CBB. The SP-28 1.Disagree 2.Noted 3.Noted

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 20 of 27 products / solutions may either wholly or partly be incompatible with the existing regulations laid down by the CBB. However, incompatibility should not be of nature for which regulatory relaxation cannot be provided by the CBB (e.g. AML regulations etc. as proposed in the consultation document) 3.As per product testing requirements, firms could partner with another entity, by way of contractual agreement, if required, to be able to test their products. Filing Requirements A disclosure of the boundary conditions for the Sandbox such as start and end dates, target customer types, customer limits, transaction thresholds, cash holding limits, and so on. A licensee noted: In line with the earlier comment above, will boundary conditions be prescribed by CBB or set by the applicant? Assume the applicant proposes and CBB approves – if so, that could be made clearer SP-29 This will be decided by the CBB on a case by case basis. A bank noted: CBB may implement below steps to reduce risk to the customers who are participating in the Sandbox: 1.Company should provide adequate disclosures of the potential risks to customers participating in the Sandbox and obtain confirmation from such customers that they fully understand and accept the attendant risks 2.Restricting participation of customers to a certain segment or profile as relevant 3.Provide consumer redress mechanism (through CBB Complaint Redressal System), if adequate disclosures are not made. Limiting the transaction value and frequency of transactions tested. SP-30 1.Good suggestion – to be incorporated. 2. This will be decided by the CBB on a case by case basis. 3. the CBB may receive complaints, but the CBB will not interfere in any legal action. A bank noted: Given than only CBB licensed retail banks will be trusted with handling of customer’s money on behalf of the Fintech firm, the filing requirement should include a local bank who can work with them without undergoing the necessary due-diligence that the bank would normally conduct for a corporate account SP-31 Disagree

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 21 of 27 A bank noted: a. Can there be a comprehensive scoring system to qualify applicants against the criteria? b. Its suggested that an independent security review to be conducted on firms before entering the sandbox. SP-32 Disagree A bank noted: I would add under this section the below requirements:

• Details of eventual financial/banking/other partners that are already engaged with the Fintech or are ready to financially support the FinTech during the trial phase.
• A description of the main technical assets and requirements supporting the offered solution and, to a certain extent, the level of complexity to integrate these requirements within the current infrastructure available in the country. SP-33 A template is designed to cover all necessary requirements.

6. A description of the customer communications plan which shall include risk disclosures and material information about the company and the Sandbox. A bank noted: Please define the required disclosures as stated in the document SP-34 This will be decided by the CBB on a case by case basis. Application and Approval Process The CBB will consider relaxing certain regulatory requirements, while maintaining others. Depending on the case of the Applicant, the CBB will determine which requirements will be relaxed and to what extent. Following are examples of regulations which may not be relaxed under any circumstance:

• Confidentiality of customer information;
• AML and Countering Financing of Terrorism (CFT);
• Only CBB licensed retail banks will be trusted with handling of customer’s money and/or assets on behalf A licensee noted: 1.Could CBB add examples of regulatory requirements that CAN be relaxed – especially for non-licensed/ foreign applicants? (capital requirements, credit rating, risk management framework etc…) 2.Apart from relaxing certain regulatory requirements, will CBB provide any other types of support or incentives? SP-35 1.This will be decided by the CBB on a case by case basis. 2.No

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 22 of 27 of the Fintech firm. A financing company noted: We have the following comments on this section, for CBB’s consideration: 1.Apart from licensed retail banks, for Sandbox trials, other types of licensees (e.g. Finance Company licensees) should also be allowed to handle customer’s funds and/ or assets on behalf of the Fintech firm. 2.CBB should not limit itself to grant extensions to the Sandbox period for only six months. 3.Giving the concerned applicant the right to appeal in case it is not satisfied with CBB’s decision to terminate the Sandbox trial. If this is considered, we would request that the process around the same be clarified too. 4.Insertion of a requirement for the Sandbox entity to fully address/ fulfill its existing obligations to Sandbox customers in cases where the Sandbox trial is terminated by CBB or discontinued by the applicant itself. 5.Prescription of a shorter turn-around time (i.e. less than four calendar weeks) for responding to changes made subsequently by applicants to their initial filing requirements that were approved earlier by CBB. SP-36 1.No 2.Amended to 9 months sandbox period, with a max extension of 3 months if required. 3. Noted 4.Agree 5.Disagree A bank noted: CBB should consider introducing the following steps in the event of discontinuation of the Sandbox trial by an applicant: 1.Make it mandatory for applicant to provide reasons for discontinuation 2.Obtain a declaration from applicants that they have not retained / stored any data used for testing purposes, applicable especially for Tech firms. SP-37 1.Disagree 2.This is already civered in the “Application and Approval Process” section. A bank noted: 1.Other regulations that are recommended to be maintained during the sandbox process are ‘KYC’ and ‘Cyber-Security’ SP-38 1.These measure will be incorporated. 2. yes 3. Noted

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 23 of 27 2.In case the bank works on a service offering that requires customer information to be stored on cloud based systems that are hosted either outside of Bahrain or hosted with entities in Bahrain not licensed by CBB – would that be acceptable during the Sandbox period? 3.The Fintech firms….’ – since the sandbox is open to financial institutions also, the reference to Fintech firms in this statement needs to be amended A bank noted: a. Customer confidentiality is critical and it’s clearly mentioned in the consultation document, however, there should be special attention given to the protection of customer privacy, leaving no place for sale of PIIs, bulk collection or mass tracking of behavior without specific consent and regulatory oversight. b. While inside the sandbox, the regulator may impose limits on number or transactions or value of transactions that can be processed. c. Will there be any limitation of storage of customer data outside Bahrain or utilize cloud services? Are CBB willing to relax the outsourcing regulations? d. Changes must be fully evaluated to assess their impact as they may introduce additional functionalities or concerns that are not presented in the initial application filing. e. In the event of sandbox discontinuation, the one month advance notice may not be achievable all time. SP-39 a.Noted b. Yes, and this will be decided by the CBB on a case by case basis. c.no d.Noted e.Noted A financing company noted The point which states that “Only CBB licensed retail banks will be trusted with handling of customer's money and/or assets on behalf of the Fintech firm”. Does this mean that Fintech will not be authorized to issue financial products such as cash vouchers. credit or prepaid cards unless the product is owned by bank or financial institutions or they can issue their own products and services? SP-40 No, cash must be held with a licensed retail bank.

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 24 of 27 A bank noted: 1.In situations where several companies are jointly involved in an innovative project potentially eligible for the “Sandbox” should be able to apply together. Alternatively, in case of joint ventures of several companies; one of those companies (preferably CBB licensee) could become the leading applicant, responsible for fulfilling the “Sandbox” requirements, reporting obligation, service standards etc. 2.One of the potentially frequent cases of application for the “Sandbox” will be testing outsourced services provided by third parties in place where relaxed regulations of outsourcing are applied. Some of those companies could be small, inexperienced, start-up entities. GIB would recommend that in case of outsourced services the CBB licensee is the formal applicant on behalf of the companies providing outsourced services. Having the CBB licensee act as the applicant would facilitate the application process while providing necessary level of confidence to the CBB as the regulator. 3.There will be solutions that we, or any other bank would like to keep under wraps until it has been tested in the lab environment and subsequently in the ‘Sandbox’. For these kind of solutions, an external validation should not be required because of the risk of the concept being compromised and adapted by competitors. We can maintain confidentiality within our lab testing and sandbox but the requirement to obtain external validation may impact this confidentiality. 4.In order to accelerate the solutions development, it would be ideal if the 4 week application process is reduced to 2 weeks. Alternatively, the solutions provider should be allowed to make an application whilst it is in process of conducting internal testing. By the time the internal testing completes and results are presented, the applicant can enter the sandbox soon after. SP-41 1.Agree 2.Disagree-Sandbox is open to licensees and others. 3. We requested (lab environment) or (External Validation), the Fintech firm may choose whatever is suitable. 4.Disagree

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 25 of 27 A bank noted: Please clarify how will the regulatory requirements be relaxed and whether any clear process is in place to address which regulatory requirements will be relaxed, eg what will be the outsourcing requirements, management experience required and so on. SP-42 This will be decied by the CBB on a case by case basis. A bank noted: Please clarify the level of involvement or requirements pertaining to the retail banks with regards to FinTech company tie-ups with retail banks. Furthermore, Please clarify the responsibility and requirement boundaries of “Handling”. SP-43 This would pertain to normal escrow account arrangement. An IT firm noted: Regulatory requirements and relaxing thereof: While we understand what areas will not be relaxed, is there an opportunity to inform an applicant of what areas might be relaxed? The intention here is to be able to envision a future landscape to determine what technologies can be brought into play. Naturally the intention is not to bind the CBB, but for an applicant and the CBB to truly engage around a future position and anticipate where regulation can go (as opposed to the traditional scenario where regulation is playing “catch-up”). SP-44 This will be decided by the CBB on a case by case basis. A licensee noted Clear commitments should be made to specify the period of time and assign KPIs to the evaluation stage of the application process. SP-45 1.Amended to 9 months sandbox period, with a max extension of 3 months if required. 2.KPIs will be decided on a case by case basis. Regulatory Sandbox Timeline A licensee noted It may make sense to add the possibility for sandbox extension after the evaluation phase SP-46 Amended to 9 months sandbox period, with a max extension of 3 months if required. A bank noted: Just to confirm, the experimentation cannot start prior to CBB giving approval (or otherwise) by the end of the ‘Evaluation Stage’ – is the SP-47 It starts upon CBB’s approval – chart amended

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 26 of 27 understanding correct? A bank noted: 1.Once a company has exited the sandbox, the response time of it being granted a go ahead/license should be defined so that the end to end process of sandboxing to public launch can be planned. 2.In instances where CBB asks a company for an early exit from the Sandbox the minimum time to exit should be granted. GIB would recommend a two month time period for that purpose. However, when risk to customers or financial system is significant and/or already materialized then CBB should instruct an immediate exit. 3.The maximum extension time in the “Sandbox” should be treated on a case by case basis. If it has to be defined then the period should be extended from 6 months to 1 year. This is to ensure that the technology has gone through an appropriate lifecycle before it is launched to the wider market or parked for further analysis. SP-48 1.Normal licensing requirements will apply. 2. This will be decided by the CBB on a case by case basis. 3. Amended to 9 months sandbox period, with a max extension of 3 months if required. A bank noted: We believe that the extension period should be determined on case by case basis and not limited to a maximum of six months. SP-49 Amended to 9 months sandbox period, with a max extension of 3 months if required. An IT firm noted 1.Timelines: we believe that the current timeline schedule may be vague and propose that stricter deadline be inserted to avoid ambiguity. We would ask that a more specific general period be included to ensure applicants participate on a firm understanding. 2.You may also wish to consider incentive (possibly a Tax incentive or something similar) for early submissions to create momentum in the program. SP-50 1. Amended to 9 months sandbox period, with a max extension of 3 months if required. 2.Not relevant

Consultation on the Proposed Regulatory Sandbox Industry Comments and Feedback April 2017 Page 27 of 27 Key Success Factors for the Regulatory Sandbox  A separate dedicated team within the CBB having appropriate knowledge, skills and aptitude to (a) understand and assess the Applicants in terms of business model, test outcomes, risk mitigation measures, etc.; (b) design the appropriate regulatory framework for each company taking into account each company’s individual characteristics; (c) monitor and assess performance of Sandbox companies on an ongoing basis. A bank noted: I would add under this section:

• Proper (and aggressive) advertisement on the benefits of building a FinTech in Bahrain
• Proactive upgrade –whenever necessary- of the country’s technical infrastructure to allow the Fintech’s solution, once validated, to be offered to a wide public (optical fiber,..) SP-51 Section deleted An IT firm noted Key success factors: We would recommend that you consider adding a “public interest” or “public welfare” criteria so as to more generally provide an overarching driver for the outcome of the Sandbox. SP-52 Section deleted No comments 139 NIL responses