Law 7/2020, of November 13, for the Digital Transformation of the Financial System

I. GENERAL PROVISIONS HEAD OF STATE 14205 Law 7/2020, of November 13, for the Digital Transformation of the Financial System.

FELIPE VI KING OF SPAIN

To all who shall see and understand this. Know ye: That the General Courts have approved and I come to sanction the following law:

PREAMBLE I

The digital transformation of the economy and the financial sector in particular represents a phenomenon of structural change, driven by both technological factors and variations in the demand for services requested by citizens and businesses. Increases in computing capacity, the digitization of information, global connectivity facilitated by the internet, the reduced marginal cost of data storage, and advances in the processing capacity of this data are enabling a profound transformation of the production, marketing, and distribution processes of goods and services in the economy.

Specifically, in the financial sector, new technologies produce efficiencies for providers and users of financial services. Likewise, the number and quality of services provided are growing, with the offer adapting to the pressure of demand, which seeks flexibility, agility, efficiency, and on-demand services on any medium, with a strong preference for mobile devices. New technologies can facilitate the reduction of information asymmetries and contribute to improving the allocation of risks in the economy, also through automation and improved supervision of the financial sector. In this sense, terms of use that are increasingly common such as fintech, insurtech, or regtech, referring to financial activity in general, insurance activity, or the use of new technologies for regulatory purposes, reflect the advances that are producing substantive changes in production processes, in the relationship with clients, in business models, and in the structure of the sector itself, due to the emergence of new actors.

From the perspective of public authorities, the accelerated change, driven by new technologies and business models based on them, implies, first of all, a challenge of technological adaptation, but also a more fundamental one: financial policy must guarantee that innovation applied to the financial field is safe and benefits society as a whole. It is a matter of facilitating access to financing as an engine of the economy, ensuring that digital transformation does not in any way affect the level of protection for consumers of financial services, financial stability, and integrity in the markets, nor allow the use of the financial system for money laundering and the financing of terrorism. Additionally, it is necessary to ensure that digital transformation strengthens the capacity of the entire financial system to drive the productive economy and social and territorial cohesion, guaranteeing equal opportunities for all people regardless of their economic situation and place of residence. Finally, it is of special relevance to take into account the implications that digital transformation may have in relation to the objectives of financial inclusion and demographic challenges, as well as the use of data by users themselves.

In short, with the set of measures included in this Law, the aim is to accompany the digital transformation of the financial system, focusing it on two main objectives. The first is to guarantee that financial authorities have adequate instruments to continue fulfilling their functions optimally in the new digital context. The second is to facilitate the innovative process in order to achieve more equitable development through better access to financing for the different productive sectors and the attraction of talent in a highly competitive international technological environment.

II

These objectives are specified in Title I, in which the main concepts are also defined and it is clarified that this Law will not imply the modification of the current framework of distribution of competencies among authorities, without prejudice to the collaboration among all of them within the new digital context for the proper fulfillment of the principles of financial policy.

Title II is configured as the central part of the Law, as it regulates the controlled testing environment, that is, with its own characteristics, which in the European and international context is called a regulatory sandbox. It is a set of provisions that support the controlled and delimited execution of tests within a project that can provide technological-based financial innovation applicable in the financial system, defined as that which may give rise to new business models, applications, processes, or products with an impact on financial markets, the provision of all types of financial and complementary services, or the performance of public functions in the financial field. This definition stems from that adopted within the framework of the Financial Stability Board (FSB), an international organization whose function is to safeguard financial stability, and has also been adopted by the Basel Committee on Banking Supervision.

Three aspects function as the keystone of the testing environment: it is a controlled space; it is a supervisory instrument; and it is governed by a law-protocol scheme.

First of all, as the main element, it is a controlled space, that is, a space that must be safe for participants and for the entire financial system, in which potential risks have been duly mitigated or eliminated. Access to the controlled testing space regulated in this Title or the execution of tests within a pilot project will not in any case constitute the granting of authorization to begin the exercise of an activity or the habitual provision of financial services on a professional basis. Consequently, pilot projects and proposed tests within such projects will not be subject to the specific legislation applicable to the provision of financial services, but must always comply with what is provided in this Law and the corresponding protocol.

In any case, participation in the controlled testing space makes it necessary to fully guarantee public policy objectives in three particularly sensitive areas: the protection of personal data, the protection of users of financial services, and the prevention of money laundering and the financing of terrorism. The legal goods identified in each of these three areas must remain completely protected, so that the assumed risk is mitigated or eliminated through the establishment of compensatory measures to leave participants in the tests free from any harm, following a scheme similar to that already provided for in other sectoral fields that also require maximum protection, of which the paradigmatic example is the current legislation on clinical trials.

This aims to increase the quality of public health thanks to the possibilities of innovation and research, without it being able to imply any type of lack of protection for patients, but quite the contrary, that it serves as an indispensable mechanism to avoid harmful treatments and drugs, and in general, for innovation to be placed at the service of the main interest: curing better. In the same way, the testing environment will be a controlled space by the responsible authorities with the ultimate aim of contributing to facilitating access to financing as an engine of the economy and improving current regulation.

It is therefore that the second essential element of the controlled testing environment regulated in this Law is its importance as a regulatory and supervisory instrument that will allow knowledge of the developments and potential effects of digital transformation on the provision of financial services and on the goods to be protected within the financial system, in particular the protection of users and financial stability. By facilitating the better performance of the activity of legislators and supervisors, it will not only allow a better knowledge of technological-based financial innovations that places authorities in a better position to understand the implications of digital transformation, as have pointed out, among others, the Financial Stability Board (FSB), but it will also contribute, from the moment of its implementation, to better control of compliance with current legislation.

Finally, as a third fundamental element, the regulatory framework that will apply to the controlled testing environment is formed by the provisions on said space contemplated in this Law—which regulates the general regime, including the rights and obligations that must be contemplated in a norm with legal rank and that guarantee that the space is safe—and by a testing protocol that contains the concrete regime in which each test will be carried out and that will be signed by the authorities in charge of monitoring the tests and the promoters of the project.

In addition to these features, reference can be made to the detail aspects regarding the functioning of the controlled testing environment. For this purpose, Title II has been divided into three chapters that refer to the different moments of the process of development of tests in the controlled space, that is, the access regime, the guarantees regime while projects are developed and tests are held, and finally, the exit regime and effects after the completion of said tests.

Regarding the access regime, in Chapter I a single financial window system is established for the presentation of projects by technology companies, financial entities, research centers, or any other interested promoter. Projects may receive a favorable evaluation if they are sufficiently advanced and if they can add value in aspects ranging from the improvement of regulatory compliance or instruments of protection for clients, to the increase in efficiency and the improvement of the provision of financial services. Following this preliminary evaluation, supervisors and the promoter will sign a protocol on the development of the tests that will include the details of its celebration and, in particular, its limited duration and scope. Once the protocol is signed, tests may begin if the guarantees provided for in Chapter II are met.

With respect to the guarantees regime and protection of participants during the execution of the tests, provided for in Chapter II, seven main precautions are established, especially directed at tests in which real users participate: informed consent and protection of personal data; right of withdrawal; promoter's liability; guarantees covering the promoter's liability; confidentiality; supervisory monitoring throughout the exercise of the tests; and finally, the possibility of interruption of the tests, among others, in cases of malpractice or non-compliance with legislation or the protocol.

Regarding the exit regime, in Chapter III two elements are contemplated. First, the examination of the results which will be carried out by the promoter of the tests and included in a report that will be sent to the authorities that have monitored the tests. Second, the existence of an access gateway to the activity is contemplated, which implies a simplification of the legal and regulatory procedures required in case a license or authorization is necessary for the subsequent exercise of the professional activity. In particular, the possibility of reducing the deadlines of the procedure is established, to the extent that the streamlining is in the public interest. The simplification of procedures will occur exclusively in those cases where the activity for which authorization is required is intended to be carried out mainly through the technology and business model proven, and the public authorities with competence for authorization estimate that the execution of tests allows a simpler but equally rigorous analysis of the compliance with the requirements required to obtain said authorization.

III

Title III collects other measures. First, specific provisions are contemplated for the application of the principle of proportionality in the entire actions of public authorities in the financial field. In particular, it is foreseen that the learning derived from the functioning of the controlled testing environment informs the entire financial legislation, specifically regarding the need to better calibrate the correspondence between activities, risks, and regulation in the context of digital transformation, as have pointed out the main international organizations in the matter. In this regard, it is indispensable to guarantee equal conditions among all those intermediaries that carry out the same activity.

Secondly, a channel of direct communication with supervisory authorities is provided that brings confidence to innovators and transparency in public functions.

Thirdly, a channel is established for written consultations on aspects of regulation and others that may arise in the achievement of tests that, due to the difficulty of understanding or anticipating the meaning of their application, may function as entry barriers for the different financial actors or generate uncertainty in the different recipients of the norms. The existence of a complex multi-level European legal order recommends the introduction of an instrument that contributes to improving legal certainty in contractual relations regarding the regulation of the provision of financial services in the context of digital transformation.

IV

Beyond the mechanisms provided for in Titles II—controlled testing environment—and III—proportionality, direct communication channel, and consultations—directed to preserve the objectives of financial policy and to facilitate innovation that contributes to the reinforcement of said objectives, Title IV collects a set of institutional provisions and accountability provisions. Among them stands out the collaboration between authorities and the coordination of their actions related to digital transformation. The Law provides for a reinforced framework of collaboration and coordination without altering the distribution and exercise of respective competencies fixed in the regulations governing the institutional architecture of the financial system. All this is the best guarantee that there is no alteration of the principle of correspondence between the assignment of responsibilities and decision-making. Specifically, for the monitoring and promotion of the controlled testing environment, the other measures provided for in the Law, and in general, the monitoring of the digital transformation process of the financial system, a Coordination Commission is established, presided over by the General Secretariat of Treasury and International Financing, in which representatives of supervisory authorities or other sector institutions will participate.

Likewise, the markedly transnational character of financial activity in the context of digital transformation makes it advisable to provide for mechanisms of international cooperation between public authorities that allow the instruments provided for in the Law to incorporate the global dimension, thus expanding the possibilities of forging alliances and responding jointly to challenges that notably exceed national action capacities.

On the other hand, the Law collects the need for the cultural change that digital transformation requires within all institutional actors to be accompanied by those internal reorganizations that are necessary to achieve a more efficient relationship between means and ends.

In addition, the set of provisions included in the Law makes timely accountability necessary, which is established through an annual report on the digital transformation of the financial system that will be published and sent to the General Courts and in which the possibilities of improvement identified as a consequence of the implementation of the instruments provided for by the Law, in particular the controlled testing environment, will be included. The report will address new technological developments, international evolution, effects on the protection of users of financial services and financial stability, and those aspects of regulation and supervision that may require improvements or adaptations.

Finally, the Law incorporates two additional provisions, in the first it empowers the General Secretariat of Treasury and International Financing to fix the application model and the first date for the presentation of applications for access to the controlled testing environment; in the second it establishes that the application of the provisions contained in the Law shall not cause an increase in public spending. For their part, the four final provisions refer to the objective and development of the result of the tests to simplify existing legislation and relevant procedures, to the competence title, the empowerment for regulatory development, and the entry into force.

TITLE I General Provisions

Article 1. Object. This Law regulates a controlled testing environment that allows the practical implementation of technological innovation projects in the financial system with full compliance within the legal and supervisory framework, respecting in all cases the principle of non-discrimination.

In addition, the Law reinforces the necessary instruments to guarantee the objectives of financial policy in the context of digital transformation. To this end, the Law equips competent authorities, promoters of technological-based innovations applicable in the financial system, and users of financial services with instruments that help them better understand the implications of digital transformation, in order to increase efficiency, the quality of services, and particularly safety and protection against new technological financial risks.

Article 2. Competencies. What is provided for in this Law will not, in any case, imply the alteration of the competencies attributed to public authorities by their specific legislation, without prejudice to the general duty of collaboration among them for the purposes of compliance with this Law and the achievement of its object.

Article 3. Definitions. For the purposes of this Law, the following shall be understood: a) "Competent Authority": The General Secretariat of Treasury and International Financing, the supervisory authorities, and any other authority that, in accordance with current legislation, has specific competencies attributed over financial activity. b) "Supervisory Authority": The national financial authority with supervisory functions competent by reason of the matter, whether the Bank of Spain, the National Securities Market Commission, or the General Directorate of Insurance and Pension Funds, in accordance with what is provided in Article 7 of Law 13/1994, of June 1, on the Autonomy of the Bank of Spain, Article 17 of Royal Legislative Decree 4/2015, of October 23, approving the Consolidated Text of the Securities Market Law, and Article 7 of Law 20/2015, of July 14, on the ordering, supervision, and solvency of insurance and reinsurance entities. c) "Coordination Commission": The Commission integrated by the competent authorities whose competence is the coordination of actions in application of this Law in accordance with what is provided in Article 23. d) "Controlled Testing Environment": The controlled and delimited testing environment regulated by Title II of this Law and by the corresponding protocols that support the execution of one or more technological-based financial innovation tests applicable in the financial system, included in a pilot project. e) "Technological-Based Innovation Applicable in the Financial System": Any action or set of actions that, through the use of technology, may give rise to new applications, processes, products, or business models with an impact on financial markets, the provision of financial and complementary services, or the performance of public functions in the financial field. f) "Monitor": Each of the persons designated by the supervisory authorities from their staff for the monitoring of each project or some of the tests. In no case shall they assume responsibility for the non-compliance by the promoter of their legal or contractual obligations. g) "Participant": Each of the users who, after having signed the unique informative document provided for in this Law, decide to participate in one or more of the tests. h) "Promoter": Any natural or legal person who, individually or jointly with others, requests the initiation of their own pilot project in accordance with what is provided for in this Law, including technology companies, financial entities, credit administrators, representative associations of interests, public or private research centers, and any other interested party. i) "Protocol": Document in which the terms in which the tests will be carried out are included. It will be signed by the promoter and the supervisory authority or authorities that are competent by reason of the matter of the project. j) "Pilot Project": Technological-based innovation on which a set of experimental tests will be carried out, supported by what is provided for in this Law and subject to monitoring by the supervisory authorities. In no case shall it imply the provision of services on a professional and habitual basis, nor shall it have an indefinite character. k) "Test": Each of the limited scope trials that are carried out, with or without participants, within a pilot project.

BOLETÍN OFICIAL DEL ESTADO No. 300 Saturday, November 14, 2020 Sec. I. Page 99899 cve: BOE-A-2020-14205 Verifiable at https://www.boe.es