Who can play in the new sandbox?

The regulatory Sandbox built for FinTechs in 2016 has had little use. Based on recent statements by the Prime Minister and some lively debate in Parliament, we may be about to see it opened up for a much broader group, including existing licensees.


Australia's "Regulatory Sandbox" allows for FinTech products and services to be tested without the need for an Australian financial services licence (AFSL) or credit licence1. Provided the eligibility criteria are met, only a few basic disclosure and dispute resolution requirements need to be complied with.

The problem is that those eligibility criteria have proved so restrictive that, in practice, the Sandbox has rarely been used. In the nearly three years since it was established, just seven businesses have made use of it. That use has principally been for banking and share-trading products. It has never been used for general or life insurance.

This, though, may be about to change.

Who's currently allowed in the Sandbox?

Before looking at the changes, its valuable to revisit the rules that apply to the current Sandbox2. That can only be used as follows:

  • Most importantly, businesses which already hold an AFSL cannot use the Sandbox at all, even for a new product or service which falls outside of their licence authority. Also excluded are all related companies to the AFSL holder, so it is not an option for a licensee to set up an innovative subsidiary to test a new idea. Authorised Representatives of an AFSL holder are also prohibited access where the AFSL covers the product or services concerned.
  • The Sandbox can only be used for specified products and services. For insurance, that is a very limited group – only home contents insurance and personal and domestic insurance (for instance, for mobile phones). The current Sandbox is not available to test any other general insurance products and cannot be used at all for life insurance products.
  • A business cannot use the Sandbox to test a product it issues itself. This means that it cannot be used by an insurer to test the issue of a new type of insurance product (even if that were possible under the rules referred to above).
  • Finally, where a business does qualify to use the Sandbox, it may only provide its product or services to a maximum of 100 retail clients. Where that relates to a general insurance product, that must also have a sum insured of no more than $50,000 (with a maximum total client exposure of $5M).
So, for insurance, we would be looking for a business which does not have an AFSL and is not related to or have a relevant authorisation from an AFSL holder, which wishes to test advice or dealing services relating to home contents or personal and domestic insurance products to a group of no more than 100 retail clients. It's not surprising that that has not happened.

These rules also effectively limit the use of the Sandbox by start-up businesses that want to test a product or service in partnership with an established insurance business. Consider, for instance, the provider of innovative software for home contents insurance. If they need to work with an insurer to develop their product, that would effectively prevent them from using the Sandbox.

What changes are being proposed?

The changes currently being considered would significantly improve the Sandbox's potential for general and life insurance3, though not without some continuing challenges.

First, it is proposed that an existing AFSL holder would now be entitled to use the Sandbox where its licence does not include an authorisation to provide the product or service concerned. The same is the case for related companies of an AFSL holder and its Authorised Representatives. On its face, this would seem to significantly expand the scope of businesses that can use the Sandbox. For insurance, it would include established insurance companies, underwriting agents, brokers and their related companies (on their own, or in collaboration with other FinTech businesses).

The one caveat I would signal here, though, is that most AFSL authorisations are broadly put. A business with an authorisation to advise and deal in general insurance products for retail and wholesale clients, for instance, would not be able to use the Sandbox to test any products or services which fall within that scope. That might, in practice, rule out most of the FinTech opportunities that the business would want to test.

The second big change being proposed is to significantly expand the scope of products and services which are able to be tested in the Sandbox. For insurance, that would include all general and life risk products other than consumer credit insurance. So, FinTech opportunities on basic retail products through to complex financial products could all be tested in the Sandbox.

The prohibition on testing by the issuer of an insurance product remains, however. This means that, while it will be possible to use the Sandbox to test FinTech ideas for advising on and dealing in insurance products, to both retail and wholesale clients, it will not be available to test the issue of new products.

It is also currently proposed that the 100-retail client limit will remain, though some submissions have asked for that to be increased. While the reason for this limit is plain enough, it will be quite restrictive to a business looking to test services on low-value, high-volume retail products. No similar limit will apply to testing with wholesale clients.

A sum insured limit will also be retained for retail clients, though that would be increased to $85,000 for general insurance and would be put at $300,000 for life insurance. In each case, these will operate subject to a $5M limit on the total sums insured, as is currently the case. Use of a "sum insured" limit raises some obvious issues for general insurance. Retail products which offer liability cover, for instance, could be expected to always exceed this limit. This problem would be resolved by replacing sum insured limits with a premium measure, however that may not be considered as a good an indicator of consumer risk (for instance regarding the worst-case loss in the event of shortcomings in the service concerned).

Ultimately, these rules are being driven by the need to balance the desire to facilitate the testing of innovative FinTech products and services against the risk of consumer detriment. That is understandable, however if, as a result, too many restrictions are put in place, the practical value of the changes will fall away, and the Sandbox will continue to have limited use.

What is the current status of these changes?

The FinTech sector does appear to be a legitimate priority for the Government. In relation to the proposed Sandbox changes, for instance, the Prime Minister has said:

"we are putting in place the world's most forward-leaning regulatory sandbox for FinTech development … [which will] … reduce the time it takes to make their products and services available to consumers and it will mean entrepreneurs are more informed in making decisions on their offering before applying for a licence." 4

In May, the Government also appointed an Assistant Minister, Senator the Hon Jane Hume, with specific responsibility for financial technology.

However, that does not necessarily mean the changes will go through in their current form as, it is fair to say, they do not have universal support.

The Second Reading debate of the draft Bill on 19 September 20195 illustrated the tensions that exist between improving support for better financial services innovations and limiting risks that an expanded Sandbox will lead to consumer detriment.

On the one hand, the Government argues that the Bill is a benign attempt to support the testing of genuine innovation in the FinTech sector, which is needed if Australia is to remain competitive in that field. On the other, the Opposition has raised concerns about the Sandbox being used by those who do not require it and the risks of consumer detriment associated with its use.

Those concerns were also captured in a submission made by Choice, Consumer Action and the Financial Rights Legal Centre6. Their view is that users should be required to apply to ASIC for approval before using the Sandbox (ie. rather than having a standing right to use it where eligibility rules are met). Under that model, ASIC would carry out an assessment of whether the proposed use is innovative and provides a consumer benefit before a regulatory exemption is granted (noting that applying measures of what is "innovative" or provides a "consumer benefit" might raise some challenges).

This idea has developed into an amendment, circulated recently by the Opposition, which would provide ASIC with 30 days to review an application to use the Sandbox. During that period, it would consider whether it is satisfied that the financial service:

  • is new or a new adaptation or improvement of another financial service; and
  • the proposed exemption will result in a potential benefit to the public which will outweigh the potential detriment to the public.
If this were to go ahead, applicants would need to make their case to ASIC on these points. While this approach would not require formal ASIC approval, it would give the regulator an opportunity to make an informed decision to block use of the Sandbox, or presumably to allow it, but to monitor outcomes more closely.

Perhaps that is the compromise that will be needed in order to allow for better use of the Sandbox. Rather than applying more restrictive rules to a general right of use, it may be possible to accept some broader rules on the basis that ASIC would assess proposals prior to businesses being given access and that it would, thereby, be in a better position to monitor their use.

For more information on the Regulatory Sandbox and licensing requirements as they apply to innovative insurance products and services, please contact insurance advisory principal, Mathew Kaley.

1 Given that my focus for this article is insurance, I'll put aside references to credit requirements which, in any case, are similar in structure.
2 As set out in ASIC Corporations (Concept Validation Licensing Exemption) Instrument 2016/1175, ASIC Credit (Concept Validation Licensing Exemption) Instrument 2016/1176 and ASIC Regulatory Guide 257 "Testing fintech products and services without holding an AFS or credit licence" 3 Treasury Laws Amendment (2018 Measures No. 2) Bill 2018, Corporations (FinTech Sandbox Australian Financial Services Licence Exemption) Regulations 2017 4 House of Representatives Hansard, 8 February 2018, p.4
5 House of Representatives Hansard, 19 September 2019, p.34
6 Submission to Treasury, 3 November 2017