Use the Lexology Navigator tool to compare the answers in this article with those from 20+ other jurisdictions.

Regulatory issues

Regulatory approach

How would you describe the regulatory policy for fintech products and services in your jurisdiction?

The Jersey Financial Services Commission (JFSC) encourages innovation in the financial services industry by:

  • helping innovative businesses to understand how the regulatory framework applies to them and their proposed products and services;
  • listening to and engaging with industry and considering relevant policy where appropriate to foster the development of innovative products or services;
  • working to ensure a technologically neutral regulatory regime wherever possible; and
  • working closely with key stakeholders, including the States of Jersey, industry bodies and international standard setters to ensure that Jersey is well placed to respond quickly to new innovations in financial services.

The JFSC actively monitors fintech developments and potential regulatory implications. Some examples of the JFSC's work on fintech include:

  • working with the States of Jersey on the regulation of virtual currencies;
  • updating its Anti-money Laundering and Countering the Financing of Terrorism Handbook to provide further guidance to firms looking to use digital systems to satisfy certain customer identification requirements; and
  • issuing FAQs on crowdfunding.

Have any fintech-specific laws or regulations been enacted in your jurisdiction? Are any envisaged?

Jersey was one of the first jurisdictions to adopt a regulatory regime for virtual currency. The regulation exempts start-ups involved in virtual currency exchange from paying fees to the JFSC for regulation, until they reach a turnover threshold of £150,000 per annum. While these businesses must still register with the JFSC and comply with Jersey's anti-money laundering legislation, innovation within these parameters is facilitated with reduced regulatory costs.

Further legislation may be introduced as fintech industries mature and evolve (eg, in relation to ICOs).

Regulatory authorities

Which government authorities regulate the provision of fintech products and services?

The JFSC regulates financial services, including (to the extent regulated) fintech.

Other government bodies such as the Jersey Population Office regulate related matters including immigration and business licensing.

Financial regulatory framework

Which laws and regulations governing the provision of financial services apply to fintech businesses?

The legislation and codes of practice that govern the traditional financial services industry include:

  • the Financial Services (Jersey) Law 1998, which regulates and controls entities undertaking financial services business on or from the Island;
  • the mandatory codes of practice published by the JFSC pursuant to its powers under the Financial Services (Jersey) Law 1998;
  • the Proceeds of Crime (Jersey) Law 1999, the Proceeds of Crime (Supervisory Bodies) (Jersey) Law 2008, the Money Laundering Order 2008, the Community Provisions (Wire Transfers) (Jersey) Regulations 2007 and other related subordinate legislation thereunder (together, the Anti-money Laundering Legislation); and
  • the Anti-money Laundering and Countering the Financing of Terrorism Handbook produced by the JFSC to outline the requirements of Jersey legislation and the JFSC in relation to money laundering.

The extent to which these apply to fintech businesses in any given case will depend on the nature of the business and the way in which any particular fintech product or service is structured and delivered.

Under what conditions are fintech businesses subject to licensing requirements? Are there any exemptions?

The extent to which fintech businesses are subject to licensing requirements depends on the nature of the business and the way in which any particular fintech product or service is structured and delivered.

Jersey has adopted a regulatory regime for virtual currency which exempts start-ups involved in virtual currency exchange from paying fees to the JFSC for regulation, until they reach a turnover threshold of £150,000 per annum. While these businesses must still register with the JFSC and comply with Jersey's anti-money laundering legislation, innovation within these parameters is facilitated with reduced regulatory costs.

A new sandbox is proposed for fintech business more widely, but the exact parameters are not yet known.

Are any fintech products or services prohibited in your jurisdiction?

Any fintech product or service falling within the ambit of the existing legislation would be prohibited if it does not comply with the applicable regulatory framework.

Although the JFSC issued a risk warning in November 2017 in relation to ICOs, Jersey's first ICO has since been launched.

Data protection and cybersecurity

What rules and regulations govern the processing and transfer (domestic and cross-border) of data relating to fintech products and services?

Jersey's data protection legislation will be updated in May 2018 to bring it in line with the EU General Data Protection Regulation (GDPR). This local legislation will apply to all Jersey businesses, including fintech businesses, and is expected to include provisions relating to the processing and transfer of data consistent with the GDPR.

What cybersecurity regulations or standards apply to fintech businesses?

JFSC codes of practice

The JFSC's codes of practice (applicable to businesses that are regulated by the JFSC) cover operational risks which include cybersecurity. The JFSC expects all regulated businesses to take appropriate steps to properly manage their cybersecurity arrangements. Therefore, to the extent that fintech businesses are regulated by the JFSC, these codes of practice will apply.

Data protection

More generally, Jersey's data protection legislation, which will be updated in May 2018 in line with the GDPR, regulates the processing and protection of personal data and requires businesses to put in place technical and organisational measures to protect data.

Channel Islands Information Security Forum

The Channel Islands Information Security Forum has been established as the association for cybersecurity policy and education in Jersey and Guernsey. It has a public awareness programme aimed at the public, educators, policymakers, business and community leaders and professionals. It also delivers and facilitates training for security professionals and seeks to establish the Channel Islands as centres of excellence in cybersecurity.

Financial crime

What anti-fraud, anti-money laundering or other financial crime regulations govern the provision of fintech products and services?

The legislation and codes of practice that govern the traditional financial services industry include:

  • the Financial Services (Jersey) Law 1998, which regulates and controls entities undertaking financial services business on or from the Island;
  • the mandatory codes of practice published by the JFSC pursuant to its powers under the Financial Services (Jersey) Law 1998;
  • the Proceeds of Crime (Jersey) Law 1999, the Proceeds of Crime (Supervisory Bodies) (Jersey) Law 2008, the Money Laundering Order 2008, the Community Provisions (Wire Transfers) (Jersey) Regulations 2007 and other related subordinate legislation thereunder (together, the Anti-money Laundering Legislation); and
  • the Anti-money Laundering and Countering the Financing of Terrorism Handbook produced by the JFSC to outline the requirements of Jersey legislation and the JFSC in relation to money laundering.

The extent to which these apply to fintech businesses in any given case will depend on the nature of the business and the way in which any particular fintech product or service is structured and delivered.

What precautions should fintech businesses take to ensure compliance with these provisions?

Fintech businesses are encouraged to discuss their proposals with the JFSC and specialist legal counsel in Jersey so that the applicable requirements are fully understood and appropriate measures can be put in place to ensure compliance.

Consumer protection

What consumer protection laws and regulations apply to the provision of fintech products and services?

Complaints can be made to the Channel Islands Financial Ombudsman to the extent that the products or services being provided fall within any of the following areas of financial services:

  • banking;
  • lending;
  • money services;
  • insurance;
  • pensions; and
  • investments.

More generally, draft consumer protection legislation has been adopted by the States of Jersey, which is based on the Unfair Commercial Practices Directive 2005. This legislation is subject to sanction by Order of Her Majesty in Council and, once implemented, will apply to all Jersey businesses which deal with consumers.

Additionally, the Distance Selling (Jersey) Law 2007 and the Supply of Goods and Services (Jersey) Law 2009 apply for the protection of consumers.

Competition

Does the provision of fintech products or services in your jurisdiction raise any particular competition regulatory concerns?

The Competition (Jersey) Law 2005 implemented a merger control regime in Jersey and restricted anti-competitive practices and the abuse of a dominant position. This law applies to all businesses operating in Jersey, including fintech businesses.

Cross-border regulation

Are there any particular regulatory issues concerning the cross-border provision of fintech products and services (eg, operating jurisdiction rules and currency controls)?

The GDPR and the equivalent local data protection legislation to be introduced in Jersey will regulate the cross-border transfer of data.

Click here to view the full article.