FinTech & Innovation
As part of the Central Bank of Bahrain’s ongoing initiatives towards financial digital transformation in the Kingdom and developments in digital financial services, the CBB established a dedicated Fintech & Innovation Unit to ensure that best services are provided to individual and corporate customers in the financial services sector by encouraging an agile regulatory framework that fosters FinTech and innovation.
This follows the CBB’s other initiatives, which includes introducing a Regulatory Sandbox that will allow startups, FinTech firms and licensees to provide innovative banking and financial solutions, in addition to the issuance of Crowdfunding regulations for both conventional and Sharia-compliant services.
The CBB’s FinTech & Innovation Unit is also responsible for the approval process to participate in the Regulatory Sandbox, supervision of authorized Sandbox companies’ testing progress, monitoring technical and regulatory developments in the FinTech field, both regionally and internationally, to lead on strategic FinTech initiatives and to work closely with all stakeholders within the FinTech ecosystem in the Kingdom.
FinHub973: CBB Digital Lab
FinHub 973, by the Central Bank of Bahrain (CBB), is the region’s first cross-border, digital innovation platform that connects and facilitates collaboration between financial institutions and fintechs under the supervision of the central bank. Powered by Fintech Galaxy, FinHub 973 enables local and global fintech’s to connect seamlessly with Bahrain’s financial institutions for exploring, testing, and prototyping on a centralised digital sandbox. FinHub973 integrates the technical testing and validation of digital solutions with the regulatory framework of the CBB. The platform also showcases qualified fintechs for collaboration, procurement, partnerships and investment within Bahrain’s ecosystem, while also interfacing with regulatory authorities to facilitate quicker and easier regulatory testing and supporting business scalability.
Responsible for maintaining monetary and financial stability in the Kingdom of Bahrain, the CBB launched the FinHub 973 platform in an effort to further cement Bahrain’s position as the region’s financial hub, providing robust infrastructural support to the financial industry in Bahrain and driving innovation and cross-border collaboration across the region.
Click here to go to FinHub973.
Global Financial Innovation Network (GFIN)
The Global Financial Innovation Network (GFIN) was formerly launched in January 2019 [link to GFIN news story] by an international group of financial regulators and related organisations, including the Financial Conduct Authority (FCA). This built on the FCA’s early 2018 proposal to create a global sandbox.
The GFIN is a network of 28 organisations committed to supporting financial innovation in the interests of consumers.
The GFIN seeks to provide a more efficient way for innovative firms to interact with regulators, helping them navigate between countries as they look to scale new ideas. This includes a pilot for firms wishing to test innovative products, services or business models across more than one jurisdiction.
It also aims to create a new framework for co-operation between financial services regulators on innovation related topics, sharing different experiences and approaches.
Confirming the GFIN’s functions
The GFIN was proposed in a consultation paper in August 2018 [link to https://www.fca.org.uk/publication/consultation/gfin-consultation-document.pdf]. The GFIN received 99 responses from 26 jurisdictions in response to the consultation paper. The response from industry and other international regulators was overwhelmingly positive in favour of establishing the GFIN to facilitate a new practical method of regulatory collaboration on innovation and creating an environment for cross-border testing.
Following this consultation, the GFIN has finalised terms of reference for governance and membership of the group [link to ToR doc] and confirmed 3 primary functions:
- To act as a network of regulators to collaborate and share experience of innovation in respective markets, including emerging technologies and business models, and to provide accessible regulatory contact information for firms.
- To provide a forum for joint RegTech work and collaborative knowledge sharing/lessons learned.
- To provide firms with an environment in which to trial cross-border solutions.
Since the end of the consultation, the GFIN has discussed further development of our core functions and next steps of the network. Alongside discussions on the sharing of experience, regulators involved agreed to launch a pilot phase of cross-border testing (for firms) and to formalise the membership and governance structure for regulators and international organisations interested in joining the Network.
Following the consultation feedback, the GFIN has:
- Opened a 1 month application period for a pilot phase of cross-border testing. Interested firms are asked to submit applications to relevant participating regulators by 28 February 2019.
- As part of the finalised terms of reference for governance and membership, expanding from the founding 12 members, the group now includes 28 organisations. Financial regulators and related organisations with a commitment to supporting innovation in the interest of consumers are invited to join.
Cross-border testing applications – pilot phase for firms
Consultation feedback indicated widespread support for creating an environment that allowed firms to simultaneously trial and scale new technologies in multiple jurisdictions, gaining real-time insight into how a product or service might operate in the market.
To support the development of cross border testing we have opened a 1 month application window for firms interested in joining a pilot cohort for cross-border testing.
Firms wishing to participate in this pilot phase must meet the application requirements of all the jurisdictions in which they would like to test. For example, a firm wishing to test in the UK, Australia and Hong Kong must independently meet the eligibility criteria, and/or other relevant standards, of the regulators in those jurisdictions.
Interested firms should note whether a particular regulator is the relevant authority for the proposed activity before applying to test in their jurisdiction.
Each regulator will decide whether a proposed test meets its individual screening criteria, areas of interest, and ability to support the activity. Each regulator will also make sure that appropriate safeguards for their jurisdiction are in place. Regulators are only responsible for tests in their jurisdictions and should consider the associated risks. We believe this is important to maintain high standards of consumer protection and market integrity in regulators’ respective jurisdictions.
Pilot tests will run for a 6-month period, unless regulators agree to extend them. We expect the pilots will run from Q2 2019.
This pilot is as much a trial for GFIN members as it will be for firms. We are looking for firms who can be flexible and agile in their participation, and can provide GFIN regulators with feedback on their experience. Firms will benefit from the opportunity to test and compete in the regulated space, and their tests will help inform the future work of the network. Over time, trials could inform regulatory authorities about potential areas of regulatory convergence, although we stress this is a longer-term opportunity.
Firms interested in applying to GFIN cross-border testing should review the list of regulators currently able to support the pilot test (see list below) and submit an application to each jurisdiction in which they would like to test before the 28 February 2019 deadline.
Regulatory Sandbox Framework
1
The Regulatory Sandbox Framework sets out the Central Bank of Bahrain’s (CBB) approach to participation in the FinTech Regulatory Sandbox (the “Sandbox”) of the Kingdom of Bahrain (“Bahrain”).
2
The Sandbox is a virtual space for both CBB-licensed financial institutions and other start-ups and FinTech firms to test their technology-based innovative solutions/services relevant to FinTech before scaling up their operations in Bahrain and across the region.
3
The CBB aims to transform and develop the financial services sector in Bahrain through FinTech and digital financial services which is to be achieved through ongoing initiatives introduced by the CBB, including innovation-friendly regulations and knowledge sharing via cross collaborations with regional and international regulators.
4
The CBB shall include a list of authorised Regulatory Sandbox Participants (hereinafter referred to individually as “Participant” and collectively as “Participants”) on its website.
5
All forms relating to the Sandbox can be found on the CBB’s website.
1
The Sandbox is open to both existing CBB licensees (financial institutions with FinTech initiatives) and other companies (both local and foreign) intending to test innovative financial services (hereinafter referred to individually as “Applicant” and collectively as “Applicants”).
2
The Sandbox is not suitable where the Applicant is unable to comply with the requirements of this framework, and in particular, the core requirements such as those relating to Anti Money Laundering and Combating the Financing of Terrorism (AML/CFT), handling of Volunteer Customer/Client Money and Assets and maintaining the confidentiality of customer information.
This section sets out the main eligibility criteria for participation in the Sandbox, which include the following:
(1) Innovation: The service must be truly innovative, addresses a market gap or is sufficiently different from existing offerings, or offers a new use for existing technologies within financial services (as evidenced by market research and a comparison of the key features of the Applicant’s technology or operating methodology against competitors).
(2) Customer benefit: The service must offer identifiable direct or indirect benefits to customers (for e.g. based on customer research showing improved security, customer experience, efficiency, quality of product, lower prices or a combination of any of the above). These must be supported by quantifiable estimations or demonstrations, where possible.
(3) Identification of Major Risks: The Applicant must identify the major risks associated with the solution or service, as well as the measures to mitigate these, including business continuity and disaster recovery.
(4) Compliance with CDD and AML/CFT Requirements: The Applicant must be able to comply with the Customer Due Diligence (CDD) and Anti-money Laundering/Combating the Financing of Terrorism (AML/CFT) Requirements set out in the CBB Rulebook.
(5) Confidentiality Requirements: The Applicant must be able to maintain the confidentiality of customer information in accordance with the Central Bank of Bahrain and Financial Institutions Law No.64 of 2006, as amended (“CBB Law”) and other applicable laws.
A
Application Process
1. Prior to applying to enter the Sandbox, prospective applicants:
(a) are encouraged to approach the CBB to discuss their application at an early stage, so that any specific questions may be dealt with prior to submitting the application to the CBB. Such enquiries may be sent to sandbox@cbb.gov.bh.
(b) must ensure that they have met, and are able to continue to meet, the eligibility criteria set out in Section 3 above.
2. Applicants wishing to enter into the Sandbox must apply to the CBB through the Regulatory Sandbox online application platform in the CBB’s official website.
3. The declaration page of the application form must be signed and submitted to the CBB along with the application.
4. In cases where more than one FinTech firm are jointly involved in an innovative project or where a CBB licensed financial institution wishes to work with a particular FinTech Firm, a joint application may be made.
5. The Sandbox application form requires the provision of, among other details, the following information along with supporting documents (where applicable):
(a) A brief description of the Applicant company, including its financial standing, technical and business domain expertise and its founders and management (along with their CVs).
(b) A brief description of the service and solution to be tested in the Sandbox and the manner in which it addresses particular gaps or benefits customers.
(c) A description of how the Applicant has met the Eligibility Criteria described in Section 3 above (along with supporting evidence).
(d) A description of the plan with regards to communication with volunteer customers, which must include adequate risk disclosures and material information about the Participant, the service and the testing being conducted in the Sandbox.
(e) The testing plan and a description of the testing target and predicted outcomes and Key Performance Indicators (KPIs) which will be used to determine the success of the testing.
(f) A description of any third-party outsourcing arrangement, including the due diligence conducted by the Applicant on such third party.
(g) Any other information which the CBB ought to be informed about.
6. All documentation provided to the CBB as part of the application must be in either Arabic or English language.
B
Application Fee
1.The Application fee for the Sandbox is BD 100 (non-refundable) to be paid at the time of submitting the application.
2. Applicants may pay the required application fee through the CBB’s Website.
C
CBB Approval Process
1.The CBB shall provide a formal decision on a submitted application within 15 calendar days after all required information and documentation have been submitted in a form acceptable to the CBB.
2.The CBB shall then inform the Applicant in writing that it has either:
(a) Granted the application without conditions;
(b) Granted the application subject to conditions specified by the CBB; or
(c) Rejected the application, stating the reasons for the rejection. Reasons for rejection may include inability to meet the eligibility criteria set in Section 3 above.
3.The CBB may consider relaxing certain regulatory requirements while maintaining others. This will be assessed on a case-by-case basis taking into account the particular circumstances of the Applicant. For the avoidance of doubt, certain core legal and regulatory requirements such as those relating to AML/CFT and confidentiality of customer information shall not be relaxed and must be maintained at all times.
4.Once the CBB approves the application, the Applicant must establish a company registered by the Ministry of Industry, Commerce and Tourism to be used solely for the purpose of the Sandbox and must provide the CBB with a copy of the company’s Commercial Registration certificate.
5.The Applicant must also open a bank account with a CBB licensed retail bank for the purposes of handling the funds of volunteer customers in accordance with Section 6(B)(3) below.
1.The duration of the Sandbox is up to a period of 12 months from the date of the CBB’s authorisation to participate in the Sandbox.
2.The testing period may be extended subject to the following:
(a)The Participant must notify the CBB at least 30 days prior to the expiry of the 12-month testing period.
(b)The authorised Regulatory Sandbox Participant must provide the CBB with a detailed account of the reasons for the request for extension.
3.The CBB may, approve or reject, a request for extension in its discretion.
4.Where the CBB approves the request for extension, it may stipulate the appropriate time period for extension which may differ from the requested period.
Below is a flowchart in relation to the Sandbox process and timeline:
A
General Obligations
- The Participant must assign a contact person to communicate with the CBB.
- In conducting the testing, the Participant must not infringe upon any Intellectual Property rights of third parties.
- The Participant must comply with all applicable laws in Bahrain.
B
Specific Obligations
1. CDD and AML/CFT Requirements and Financial Crime
a) Participants must comply, at all times, with legal and regulatory requirements relating to CDD and AML/CFT, including those set out in the CBB Rulebook.
b) Participants must maintain adequate systems and controls to address the risks of financial crime occurring during the course of Sandbox testing.
2. Confidentiality of Customer Information
a) Participants must comply with all legal and regulatory requirements relating to maintaining confidentiality of customer information.
b) Volunteer customer information must be kept confidential (both during and after the Sandbox period) and must not be used for any purpose other than for their Sandbox testing purposes in Bahrain.
3. Client Money Account Requirements
a) Participants must open an account with a retail bank licensed by the CBB to be used solely for the purpose of handling the funds of volunteer customers. A confirmation document from the bank should be provided to the CBB. For the avoidance of doubt, the client money account may not be used for any purpose other than for holding the funds of volunteer customers.
b) The Participant must ensure that it keeps adequate records of the funds belonging to each volunteer customer including records showing that the money was deposited into the client money account.
c) A separate corporate account may be opened by the Participant for Sandbox testing purposes to be used solely for testing purposes and such account must not be used for any other purpose.
d) Participants must maintain sufficient systems and procedures in respect of the handling of the money of volunteer customers as well as sufficient internal controls to monitor this requirement.
4. Management
The management of the Participant must conduct themselves with honesty and integrity at all times.
5. Risk Mitigation
Participants must conduct periodic reviews to identify risks associated with the service and solution and put in place measures to mitigate them.
C
Reporting Requirements
- Participants must fill out the CBB’s standard form on quarterly progress reporting and submit it to the CBB on the last day of every calendar month. The form must be signed by a member of senior management who is an authorised signatory of the Participant and emailed to sandbox@cbb.gov.bh.
- The CBB may request the Participant to provide further information as and when required.
D
Notification Requirements
The Participant must immediately notify the CBB in the event of the occurrence of any of the following:
a) Any changes to the information provided to the CBB in support of the Sandbox application whether such change occurs prior to, or after, entering into the Sandbox.
b) Any changes to the testing plan.
c) Any adverse events relating to the testing, including but not limited to, cyber security incidents, major operational issues, obstacles that have a major impact on the testing, any failure to comply with applicable laws or this framework etc.
- The permissible number of volunteer customers for testing is up to 100 customers. However, the CBB may permit testing with more customers where the nature of testing requires so. In such cases, the CBB will decide and inform the Participant of the number of permissible volunteer customers for testing.
- The total transaction limit for the testing or the transaction limit per customer shall be approved or decided by the CBB on a case-by-case basis.
- Participants must ensure that they provide appropriate levels of written disclosure to volunteer customers on the nature of the service, any fees or charges and any risks associated with the testing/service. Such disclosure should be transparent and complete. Participants must also ensure that volunteer customers have read, fully understand and accept such risks prior to commencing testing with them.
- Participants must have clear and sufficient onboarding procedures for volunteer customers which meet the requirements set out in the CBB Rulebook.
- Participants must have in place appropriate procedures and channels to deal with customer enquiries, complaints and feedback.
- Participants should not use the term ‘licensed’ during the course of their testing, or otherwise hold themselves out to be a licensee of the CBB or as being regulated by the CBB, unless they are already a CBB licensee.
- The term to be used by Participants is “Authorised Regulatory Sandbox Participant”.
A
Where it determines that continued testing would cause harm or poses a threat to the customers or the financial sector.
B
Where the Participant fails to comply with the requirements of this framework, and especially the core requirements referred to in Section 6 (B) above.
C
Where the Participant is found to be in breach of any of the conditions imposed by the CBB during the authorisation stage or thereafter.
E
For any other reason at its discretion.
D
Where it is discovered that any of the information or documents provided along with the Participant’s application are inaccurate or false;
A
Voluntary Exit from the Sandbox
The Participant may choose to discontinue the testing at any time, subject to providing the CBB with a one-month notice. The CBB may impose conditions in such cases. The Participant will not be permitted to exit until such conditions are met.
B
Completion of Testing and Exit
- Upon exiting the Sandbox, Participants must cease all activities carried out during the Sandbox period. Furthermore, the bank account(s) opened for the purpose of the Sandbox must be closed immediately after the Participant’s exit from the Sandbox.
- Within two months of completion of the Sandbox testing period, the Participant must fill out and submit to the CBB the form on final management report, prepared and signed by the management of the Participant, which must include the following information:
a) A description of the Participant’s business model, services, products (and their delivery channels) along with any transactional flowcharts.
b) A comprehensive evaluation of all aspects relating to the testing, including:
- Number and type of volunteer customers that participated in the test (i.e. retail or corporate);
- A general description of the demographics of the volunteer customers (nationality, age groups and country of residence of the volunteer customers);
- Description of the CDD process that was used for onboarding volunteer customers;
- Number and volume of the test transactions; and
- Key findings and results of the test.
c) Key risks identified and steps taken to address and mitigate such risks.
d) Brief details about the technology architecture.
e) Detailed log of operational or technical incidents, if any, and steps taken to address them.
f) Feedback from volunteer customers, including complaints, if any.
g) Details on any audits conducted.
h) Findings and observations regarding the success of the test.
Regulatory Sandbox Register
The following list shows the current FinTech Regulatory Sandbox Approved Companies and the Authorization Date to join the sandbox. Please hover over the company to view more details.
Eurrum
11 July 2024
E-Money Platform
4357 AlQuds Unit No.1 Riyadh, Al Khabra Saudi ArabiaAMWAL
21 May 2024
Crowdfunding Platform operator
Al Saraya Mall Zayed 2 Entrance Giza EgyptSonic Pay
7 May 2024
Crypto Aggregator
house 1598 road 4546 block 745 Kingdom of BahrainAbsolute Collateral Technology
10 March 2024
Repo Trading Platform
1 Vincent Square, London, SW1P 2PNSoor
19 February 2024
Insurance Aggregator
Building 2740 Road 3649 Block 436 Seef District Kingdom of BahrainGCCPAY
31 January 2024
Payment Service Provider
7470 2438 Moudrak Al Zabi Al Quds Riyadh 13214 Saudi ArabiaTanami Capital
26 December 2023
Investment Platform
Flat / Shop No. 1390 Building 2102 Road/Street Number 2825 Block 428 Town AlSeefTakharoj
21 December 2023
Unlisted Companies Securities Trading Platform
2277 Macca Road Riyadh KSA Saudi ArabiaB-Tameen
27 November 2023
Insurance Aggregator
House No 336G Road No 3207, Block 732 A'ali BahrainGallon Insuretech
27 November 2023
Insurance Aggregator
3626, Al Qairawan, 7867 Al Sulaimaniyah Dist. Riyadh - 12245 Saudi ArabiaRTGS Global
19 October 2023
Cross-Border Settlement System
Heron Tower 110 Bishopsgate London, United Kingdom EC2N 4AYAT Fintech Platform
3 October 2023
Banking Service Platform
Office no 302 Building 551 Road 4612 Block 346 Manama – Water Bay Kingdom of BahrainWakeel
26 July 2023
Insurance Aggregation platform
Al Seef area, block 436 Road 3618, building 852, office 42 BahrainInsurance Hub
6 June 2023
Insurance Aggregator
House 368 Road 605 Block 1206 Hamad 1206 BahrainSuyula
21 February 2022
Crowdfunding Platform Operator
Shop No. 302 Road 4612 Building 551 Block 346 Manama/Sea Front