In this article, we are going to jump right into the regulatory sandbox, covering its creation, process, progress and problems.


The program was started by the Financial Conduct Authority (FCA) in 2016 to provide a ‘testing ground’ for innovative FinTech products and services within the UK.

The testing stage normally runs for several months and allows early-stage FinTech startups to launch and evaluate their products in a limited market environment, whilst this is under supervision, the companies do not have to be fully licensed.

What does the process look like?

Application and Authorization

In order to be accepted into one of the FCA’s ‘prestigious’ cohorts firms have to submit an application form explaining how their proposal meets the sandbox’s eligibility criteria. These are:

  1. In Scope – Whether the proposal is looking to deliver innovation that is either regulated business or supports regulated business in the UK financial services market.
  2. Genuine Innovation – Whether the innovation represents a new or a significantly different offering in the marketplace.
  3. Consumer Benefit – The innovation should offer a good prospect of identifiable benefit to consumers (either directly or via heightened competition).
  4. Need for a Sandbox – Whether the innovation has a genuine need to test the innovation in our sandbox, although applicants aren’t required to need a sandbox tool to meet this criteria.
  5. Ready for Testing – Finally; whether the innovation is ready to be tested in the real market with real consumers.

Once accepted, (although this is not a sure thing; for the first cohort there were 69 applications, out of which 24 were accepted and 18 tested,), firms are required to complete all the necessary paperwork to obtain authorization(s) – typically with restrictions such as the number of customers or the volume of transactions.


After the firm is authorized, the innovations move into the testing phase….

This transition may take several months, as mobilizing capabilities for testing can be time consuming – specifically customer acquisition and opening a business bank account have proven to be common challenges for new entrants.

The testing process, despite having to be approved by the FCA, is mostly up to the firm. Another advantage comes in the form of the ability to choose the Key Performance Indicators (KPIs) used to assess the performance of the test(s) which are normally used to measure business objectives rather than regulatory compliance.

Provided the necessary consumer safeguards are in place, the FCA has normally been very flexible and willing to consider small amendments to both testing plans and KPIs if required.


As part of the testing period, firms are required to have customer safeguards and exit strategies that can be implemented when the test finishes. This means that the final step is to submit an outcome report to the FCA with test results and findings. Firms looking to continue the tested business model have to apply for a “variation of permission” to lift the restrictions imposed during the test.

Source – Deloitte & Innovate Finance – A journey through the FCA regulatory sandbox


“The Financial Conduct Authority (FCA) has, in collaboration with 11 financial regulators and related organizations, on 7 August 2018 announced the creation of the Global Financial Innovation Network (GFIN), building on the FCA’s proposal to create a ‘global sandbox’.”

The current GFIN membership is the following:

  1. Abu Dhabi Global Market (ADGM) – United Arab Emirates
  2. Alberta Securities Commission (ASC) – Alberta, Canada
  3. Australian Prudential Regulation Authority (APRA) – Australia
  4. Bank of Lithuania (BL) – Lithuania
  5. Bangko Sentral ng Pilipinas (BSP) – Philippines
  6. Bermuda Monetary Authority (BMA) – Bermuda
  7. British Columbia Securities Commission (BCSC) – British Columbia, Canada
  8. Capital Markets Authority (CMA, Kenya) – Kenya
  9. Capital Market, Insurance, and Savings Authority (CMISA) – Israel
  10. Central Bank of Eswatini – Eswatini (Swaziland)
  11. Central Bank of Kenya (CBK) – Kenya
  12. Central Bank of the UAE – United Arab Emirates
  13. Centrale Bank van Curaçao and Sint Maarten – Curaçao and Sint Maarten
  14. Comisión Nacional Bancaria y de Valores (National Banking and Securities Commission) (CNBV) – Mexico
  15. Commodity Futures Trading Commission (CFTC) – United States
  16. Commission de Surveillance du Secteur Financier (CSSF) – Luxembourg
  17. Federal Reserve Board (FRB) – United States
  18. Financial Industry Regulatory Authority (FINRA) – United States
  19. Financial Services Commission Mauritius (FSC) – Mauritius
  20. Financial Services Regulatory Authority of Ontario (FSRA Ontario) – Ontario, Canada
  21. Financial Supervisory Commission Taiwan – Taiwan
  22. Financial Superintendence of Colombia (SFC Colombia) – Colombia
  23. Federal Deposit Insurance Corporation (FDIC) – United States
  24. Gibraltar Financial Services Commission – Gibraltar
  25. Hong Kong Insurance Authority (IA) – Hong Kong
  26. Isle of Man Financial Services Authority (IOMFSA) – Isle of Man
  27. Israel Securities Authority (ISA) – Israel
  28. Jersey Financial Services Commission (JFSC) – Jersey
  29. Magyar Nemzeti Bank (Central Bank of Hungary) – Hungary
  30. Malta Financial Service Authority (MFSA) – Malta
  31. National Bank of Georgia (NBG) – Georgia
  32. New York State Department of Financial Services (NY DFS) – State of New York, United States
  33. Office of the Arizona Attorney General – State of Arizona, United States
  34. Office of the Comptroller of the Currency (OCC) – United States
  35. Ontario Securities Commission (OSC) – Ontario, Canada
  36. Securities and Commodities Authority, UAE (ESCA) – United Arab Emirates
  37. Securities and Exchange Commission (SEC) – United States
  38. Securities and Exchange Commission (SEC Nigeria) – Nigeria
  39. Securities Commission of the Bahamas (SCB) – Bahamas
  40. Securities and Exchange Commission of Brazil (CVM) – Brazil
  41. Seychelles Financial Services Authority – Seychelles
  42. South African Reserve Bank (SARB) – South Africa
  43. West Virginia Division of Financial Institutions – West Virginia, USA
  44. Wyoming Division of Banking -Wyoming, United States

Posible Issues

Concerns have been raised over the motives a startup may have for entering the regulatory sandbox; many believe it to serve as free PR and a stamp of approval, which attracts the wrong kind of business. There is also a tendency for regulators to want to attract sandbox applicants through lax regulation; an advertisement for the Arizona sandbox ironically states “Arizona State Offering Regulation-free Access for UK Companies” – Regulation-free???

There is an increasing concern over the regulation of global regulatory sandbox, as not all regulators possess the same level of competency and compliance standards; the priority is, and always should be customer safeguarding, not increased sector investment.

In conclusion, the sandbox projects represent a positive move forwards in terms of FinTech adoption, but in order for its true potential to be realized it needs to be developed and regulated to the highest standard.