Tag: technology

HOW TO PLAY IN ARIZONA’S FINTECH SANDBOX – PART IV: How to Apply?

Posted by Michael Rolland on September 5, 2018

The Arizona legislature recently signed into law the nation’s first fintech regulatory sandbox, which started accepting applications on August 3, 2018. Participants in the sandbox will enjoy a reprieve from many of the licensing and regulatory burdens of companies in the financial sector, so the program offers a great incentive for financial technology (aka, “fintech”) companies to settle and operate in Arizona. This is the fourth in a five part series on how to apply and participate in the sandbox. If you are new to the series, go back and read the first three parts, which discuss the history of sandbox programs, the benefits of participation in the Arizona sandbox, and eligibility requirements. This part four will explain the application process, and part five will address how to comply with the rules once you are in the sandbox. The official website for the fintech sandbox was recently launched and can be viewed HERE, and the full text of the law can be viewed HERE.

HOW TO APPLY

Applying for the sandbox is pretty straightforward: complete a separate application form for each innovation you plan to test, and pay a $500 application fee. The $500 fee will be deposited by the attorney general into the Consumer Protection-Consumer Fraud Revolving Fund, which is a fund used by the attorney general for operating expenses for consumer protection division.

Applications are reviewed by the attorney general’s office on a rolling basis, and decisions will be rendered within ninety days. Under A.R.S. §41-5603(J), the attorney general has absolute discretion to deny an application, and there is no process to appeal the denial. This means that your application better be polished from square one. However, there does not appear to be any restriction on re-applying following a denial, so in theory you can keep submitting new applications (paying a fresh $500 fee each time) until you are admitted.

The application form essentially has two parts: (1) describe your company and its employees, and (2) describe the innovation you will be testing. You are permitted, but not required, to supplement your application with “Supporting Documents.”

Description of Your Company

This section of the application generally requests basic identification and contact information, like the state of incorporation, addresses, federal tax ID, etc., most of which is simple enough for anyone to complete. However, there are a few sections that warrant scrutiny. First, you must designate a contact person for inquiries by the attorney general, and a contact person to handle consumer complaints. These roles can be filled by the same person, and in either case you should take the designation very seriously. Maintaining good standing in the sandbox will probably require quick and careful responses to all complaints and inquiries. These designated contacts will be on the front lines, and will be the first, and sometimes only, person to interact with the attorney general and/or consumers about any problems with your innovation. Make sure the person you appoint has the time to address inquiries quickly, the regulatory knowledge to respond to them accurately, and authority within the company to mandate any necessary internal changes.

Second, you must identify and describe the duties of all “Active Managers,” who are defined as:

any individual or entity, paid or unpaid, that: (i) is primarily responsible for Testing the Product or Service; (ii) has direct supervisory authority over the staff Testing the Product or Service; or (iii) serves as an officer or director of the business or business unit that is Testing the Product or Service.

You must similarly identify “Key Personnel,” who are defined to include Active Managers and any person that owns 15% or more of the company. Before submitting your application, you should ensure that none of your Key Personnel have any black marks on their record. The application specifically requires you to disclose whether any Key Personnel have a felony conviction, have had a civil judgment, order, sentence or even settlement agreement relating to “fraud, money laundering, or a breach of fiduciary duty or trust,” or have been the target of government investigations or regulatory actions relating to financial goods and services. If at all possible, you should take steps to ensure that the people responsible for implementing and overseeing the innovation do not have this type of checkered history. If that is unavoidable, then you should supplement your application with Supporting Documents that demonstrate why the Key Personnel’s history will not undermine the attorney general’s mandate to ensure that consumers are protected.

Third, you must disclose whether you are already licensed to provide a similar service in another state. The attorney general will probably use this information to contact the governing regulatory authority in that state to discover whether you have ever been subject to negative agency action. If you are a larger institution, it is entirely possible you have been the recipient of numerous consumer complaints and/or regulatory censures. We do not yet have any guidance from the attorney general’s office on how they will evaluate this type of history, but I would imagine that they will focus not only on the volume and nature of complaints/censures, but also on how you responded to regulatory issues in the past. Do you respond to complaints quickly? Did you timely comply with all regulatory orders? If this is a concern, you should coordinate with your regulatory department or compliance officer to prepare documentation to explain negative regulatory events.

Fourth, you also need to disclose whether you will be working with, or licensing any technology from, third parties as part of the innovation. These should also be closely scrutinized. Do any of your commercial partners have a history of negative regulatory action or been repeated targets of government investigations? This information will surely be discovered during the attorney general’s review of your application, so be prepared in advance to answer any tough questions that may arise from your choice of commercial partner.

Description of Your Innovation

This section is the real meat of the application, and will probably require the help of an attorney or someone well versed in the regulatory regime normally applicable to your innovation. There are seven subparts:

About Your Product or Service
Explain How Your Product or Service is Eligible for the Sandbox
About Your Testing Plan
Describe the timeline of the proposed Testing plan and key milestones for the Product or Service given the two-year Testing period and any possible extensions.
What is Your Consumer Protection Plan?
What is Your Exit Plan?
What records and data will You keep in the ordinary course of business?

In this portion of the application you should keep in mind that, underlying all of the specific requests, the attorney general’s office is broadly evaluating whether your innovation offers real benefits to consumers, and whether it is likely to satisfy licensing requirements after completing the sandbox. Therefore, you should tailor your application to clearly demonstrate not only that your testing plan is designed to yield a completed product at the end of the two year testing period, but that you have safeguards in place to protect consumers if things do not proceed according to plan. You should probably also avoid unrealistic projections and overly effusive descriptions of your innovation. Rather, it is better to acknowledge the risks and challenges facing your innovation, because doing so will help demonstrate that you are adequately equipped to address them.

I should also note that your application and any other records submitted to the attorney general will not be considered “public records” generally open to inspection by the public. Therefore, you should feel relatively free to be forthcoming in your application, without fear that some unfavorable piece of information will immediately show up in media headlines. Be aware, however, that these records can be disclosed to state and federal agencies, appropriate agencies of foreign governments, state auditors, and in response to a subpoena.

Getting into the sandbox can be a challenge. You may need to solicit the help of an attorney to ensure your application is completed correctly, particularly if you are a startup or early stage company without experience navigating applicable the regulatory regime. If you do get admitted, then you need to put procedures in place to ensure that you comply with the sandbox’s requirements. More on that will be coming soon in the fifth and final installment of this series.

About the Author: Michael Rolland is a member of the civil litigation and commercial transactions practice groups with the law firm of Engelman Berger, P.C. Michael has a special interest in the intersection of technology and the law, and writes on tech law issues.

Disclaimer: This blog is not legal advice and is only for general, non-specific informational purposes. It is not intended to cover all the issues related to the topic discussed. If you have a legal matter, the specific facts that apply to you may require legal knowledge not addressed by this blog. If you need legal advice, consult with a lawyer.

HOW TO PLAY IN ARIZONA’S FINTECH SANDBOX – PART III: Who can Apply?

Posted by Michael Rolland on August 13, 2018

The Arizona legislature recently signed into law the nation’s first fintech regulatory sandbox, which started accepting applications on August 3, 2018. Participants in the sandbox will enjoy a reprieve from many of the licensing and regulatory burdens of companies in the financial sector, so the program offers a great incentive for financial technology (aka, “fintech”) companies to settle and operate in Arizona. This is the third in a five part series on how to apply for and participate in the sandbox. If you are new to the series, go back and read parts one and two, which discuss the history of sandbox programs and the benefits to participants of the Arizona sandbox. This part three will examine the eligibility requirements. Part four will explain the application process, and part five will address the rules once you are in the sandbox. The official website for the fintech sandbox was recently launched and can be viewed HERE, and the full text of the law can be viewed HERE.

Who Can Apply?

The statute is very inclusive right from the start: “Any person may apply to enter the regulatory sandbox to test an innovation.” (Emphasis added). This includes not only startups or other new entrants to the Arizona market, but also established companies already licensed in the state. In fact, I expect that a sizable percentage of sandbox participants will be legacy banking institutions, as they will benefit equally from the opportunity to use Arizona as a testing ground for new products and services.

A Place for Innovators

The sandbox is limited to the testing of financial products or services—meaning consumer lending, motor vehicle sales financing, insurance, or investment management—that are deemed “innovative,” which is defined to mean:

the use or incorporation of new or emerging technology or the reimagination of uses for existing technology to address a problem, provide a benefit or otherwise offer a product, service, business model or delivery mechanism that is not known by the attorney general to have a comparable widespread offering in this state.

We will have to wait and see how broadly the attorney general applies the requirement that the product or service be innovative. However, every formal statement by the attorney general’s office about the sandbox leads me to believe that it will be a very loose and inclusive assessment.

Must be in Arizona.

To participate in the sandbox, the person will also need to be subject to the (1) jurisdictional authority and (2) oversight of the attorney general. Specifically, under A.R.S. § 41-5603(C), the applicant must demonstrate that it both:

Is an entity or individual that is subject to the jurisdiction of the attorney general through incorporation, residency, presence agreement, or otherwise.
Has established a location, whether physical or virtual, that is adequately accessible to the attorney general, from which testing will be developed and performed and where all required records, documents and data will be maintained.

Let’s break this down a bit.

Subject to Jurisdiction in Arizona

Under the text of the statute, the jurisdictional requirement can be satisfied a few different ways. However, based on the following language in the recently released sandbox application, it appears that admitted applicants will uniformly be required to satisfy the jurisdictional requirement by executing a written acknowledgment:

If accepted into the Sandbox, Applicant agrees to be bound by the requirements of Chapter 55 of Title 41 of the Arizona Revised Statutes and understands that Applicant and Active Managers will be required to acknowledge they are subject to the jurisdiction of the Arizona courts with respect to any action arising out of or relating to Applicant’s Testing.

This language relates to the “presence agreement” option listed in A.R.S. § 41-5603(C)(1). The attorney general has not publicly released the presence agreement that will be used, so it is worth taking a quick look at the three other statutory prongs available to satisfy jurisdiction: “incorporation,” “residency,” “or otherwise.”

First, incorporation simply means that the company is formed under the laws of Arizona. It could be argued that use of the term “incorporation” was meant to refer only to “corporations” formed under Title 10 and not limited liability companies under Title 29 (LLC’s are “organized” or “formed” rather than “incorporated”). However, given the otherwise inclusive language of the sandbox bill, which is open to any “person,” I don’t think the legislature intended to limit jurisdictional eligibility under the incorporation prong to Title 10 corporations, especially given that LLC’s organized in Arizona are generally subject to Arizona’s jurisdiction in other circumstances.

“Residency” generally means exactly what you would expect: if you are an individual that lives in Arizona full time, or if you are a company incorporated or organized in Arizona or whose principal place of business is in Arizona, then residency should be clearly satisfied. However, if you split time between Arizona and another state, or if you simply have some, but not all, business operations in Arizona, then determining your state of residence may involve a more complex legal analysis.

The final provision, “or otherwise,” is simply a catch-all provision that recognizes the many other ways people can become subject to the jurisdiction of a state. For example, if you are a foreign business, but you obtained a license to conduct certain business in Arizona, then by doing so you may have agreed to be subject to Arizona jurisdiction. Similarly, if you conduct significant ongoing business in Arizona, or if you have a significant presence in Arizona in the form of employees and/or offices, you may also be generally subject to jurisdiction in Arizona.

Location Must be Available to the Attorney General.

The second element requires the applicant to designate a specific place to develop and perform testing and to maintain all records, documents and data. This element is interesting in that it allows the applicant to designate a “physical or virtual” place – a savvy drafting decision by the legislature because it recognizes that many of these companies are going to be operating exclusively online.

It is not clear whether this element requires companies to give the attorney general access to original records and/or the exact same development and testing platform used by the company, or whether the company can simply create a copy for the attorney general’s use. In either case, it must be “adequately accessible” to the attorney general, and although that phrase is not specifically defined, I would expect that it will involve some measure of unfettered administrative access. I am including this component in our discussion of eligibility, but in actuality it is a requirement that can likely be satisfied after admission to the sandbox by coordinating with the attorney general to provide access.

Criminal History May be a Barrier

The text of the fintech sandbox statute does not prohibit the admission of applicants with a criminal history, but it does require prior criminal convictions of the applicant or the applicant’s key personnel to be disclosed in the application. This suggests that criminal history will have some impact on the attorney general’s evaluation, but exactly how much is unknown. My guess is that applicants who have been convicted of financial or other white collar crimes may have difficulty getting admitted to the sandbox, particularly if that crime relates to the same financial sector the applicant’s fintech innovation would serve.

The attorney general will also evaluate applications in consultation with any agencies the innovation are or would be subject to, so if you already have a history of censures, investigations, or other negative agency actions, then your application may get rejected.

Whatever your background, applications should be completed thoroughly and carefully, which I will explore further in part four of this series.

HOW TO PLAY IN ARIZONA’S FINTECH SANDBOX – PART II: What’s the Benefit?

Posted by Michael Rolland on August 8, 2018

The Arizona legislature recently signed into law the nation’s first fintech regulatory sandbox, which started accepting applications on August 3, 2018. Participants in the sandbox will enjoy a reprieve from many of the licensing and regulatory burdens of companies in the financial sector, so the program offers a great incentive for financial technology (aka, “fintech”) companies to settle and operate in Arizona. This is the second in a five part series on how to apply and participate in the sandbox. If you are new to the series, go back and read part one, which gave a little background on sandbox programs implemented worldwide and efforts to create similar programs in the United States. This part two will discuss the benefits of participating in the Arizona sandbox. Part three will examine the eligibility requirements. Part four will explain the application process, and part five will address the rules once you are in the sandbox. The official website for the fintech sandbox was recently launched and can be viewed HERE, and the full text of the law can be viewed HERE.

What’s the Benefit?

The stated purpose of the sandbox is “to enable a person to obtain limited access to the market in this state to test innovative financial products or services without obtaining a license or other authorization that otherwise might be required.” A.R.S. § 41-5602. “Financial product or service” is defined to mean products or services in consumer lending, motor vehicle sales financing, or investment management, which are heavily regulated industries that generally require a state license to operate. A.R.S. § 41-5601(3). For example, Arizona consumer lenders must be licensed and pay annual licensing fees starting at $1,000. Money transmitters are similarly subject to licensing requirements, including annual fees starting at $1,500, and are only eligible for a license if they have a net worth exceeding $100,000 and satisfy a number of other requirements. The Arizona sandbox will allow fintech companies who would normally be subject to such licensure requirements to operate in Arizona without a license.

Less Regulation, Cheaper Costs, Fewer Penalties.

As unlicensed companies, sandbox participants are “not subject to state laws that regulate a financial product or service” except for those specifically identified in the sandbox statute. A.R.S. § 41-5605(F). For example, while consumer lenders will still need to comply with restrictions on finance charges and certain other loan terms, they will not need to provide annual reports and will not be subject to the normal penalty of $300/per violation of the state consumer disclosure requirements. Similarly, vehicle sales financiers who willfully fail to comply with any provision of A.R.S. § 44-281 et seq. would normally be penalized by losing the finance charge due under the loan, but participants in the sandbox will not be subject to that.

Money transmitters in the sandbox will not need to comply with any of the regulations in A.R.S. § 6-1201 et seq. Investment management companies will be exempt from the numerous state requirements set forth in A.R.S. § 44-3101 except for prohibitions on fraudulent practices and “dishonest and unethical practices,” rules governing custody of client funds and disclosure of information to clients, and requirements to maintain books and records in compliance with federal law. Notably, they will be exempt from administrative penalties and the other enforcement provisions in the statute.

The Growing Regulatory Mess: For Example – Money Transmitters.

The costs to get licensed and to comply with even well understood regulations can certainly deter tech companies from pursuing a new fintech project. However, the growing challenge for fintech companies is the lack of clarity about how existing regulations apply to new technologies. For a good example, look at money transmitter laws. Not so long ago, many companies and individuals dabbling in cryptocurrency would not have considered their activities to be subject to state or federal money transmitter laws. The IRS treats cryptocurrencies as property and not as currency. Similarly, the Commodity Futures Trading Commission (CFTC) has been of the opinion as early as 2015 that cryptocurrency is a commodity rather than a fiat currency. The District Court for the Eastern District of New York in CFTC v. McDonnell, No. 18-cv-0361 even recently adopted the CFTC’s view, which might lead a rational observer to conclude that trading cryptocurrency is not the transmission of “currency” subject to money transmitter laws.

Well that clears that up, right? Not so fast. On March 6, 2018, the same day the Eastern District of New York issued its ruling, the Financial Crimes Enforcement Network (FinCEN) published a letter it had penned the month prior stating that cryptocurrency token issuers may be money transmitters, and are therefore required to follow federal money transmitter requirements.

So how is a new cryptocurrency company supposed to proceed in light of inconsistent or unclear federal regulations, not to mention the even murkier application of state-by-state money transmitter laws? This is the type of problem fintech companies will routinely face, as the legal establishment struggles to figure out how to apply existing laws to new technologies that do not fit conveniently into previously established paradigms.

This is where the benefit of the Arizona fintech sandbox really come into focus. You don’t need to answer these tough questions right away. Instead, you get two years to test your product, and in that time you can work openly and collaboratively with the Arizona Attorney General and other governing regulatory authorities to figure out how your product fits into the regulatory framework. These exemptions can potentially provide substantial cost savings to sandbox participants. Most importantly, it will allow you to devote more of your focus and resources on development of your innovative product. Sandbox participants will still need to comply with sandbox-specific disclosure and recordkeeping requirements subject to the oversight of the Arizona Attorney General, which I will discuss at greater length in part four. However, these requirements are much easier to comply with than the normal regulatory regime.

HOW TO PLAY IN ARIZONA’S FINTECH SANDBOX – PART I: What is a Sandbox?

Posted by Michael Rolland on August 1, 2018

The Arizona legislature recently signed into law the nation’s first fintech regulatory sandbox, which will start accepting applications on August 3, 2018. Participants in the sandbox will enjoy a reprieve from many of the licensing and regulatory burdens of companies in the financial sector, so the program offers a great incentive for financial technology (aka, “fintech”) companies to settle and operate in Arizona. The purpose of the sandbox is to encourage businesses, including both startups and established companies, to develop innovative products and services in the financial sector.

If you are interested in participating in the sandbox, you may need some help. This is the first in a five part series on how to apply and participate in the sandbox. In this part one, I will give a little background on the history of sandbox programs implemented worldwide and efforts to create similar programs in the United States. Part two will discuss the benefits of participation in the Arizona sandbox. Part three will examine the eligibility requirements. Part four will explain the application process, and part five will address the rules once you are in the sandbox. The official website for the fintech sandbox was recently launched and can be viewed HERE, and the full text of the law can be viewed HERE.

History of the Sandbox

The last couple of years have seen a wave of technological innovation that promises to revolutionize the financial sector. However, the financial sector is also one of the most highly regulated industries, making it very difficult for small, bootstrapped startups to enter the space. The challenge of navigating a myriad of overlapping and complex regulatory and statutory regimes, not to mention the threat of being slapped with crippling legal liability if you fail to comply, is often too much risk for a young entrepreneur to stomach. Compounding the deterrent effect of potential future liability, are the significant up-front legal costs associated with regulatory compliance (this is why people hate lawyers). When faced with that reality, too many entrepreneurs decide it would be easier to just work on safer projects, like another social networking app – and who can blame them?

To address this problem, a handful of countries have created programs dubbed regulatory “sandboxes,” so named because the programs create a regulation-free testing ground in which tech companies can play. Sandboxes provide participants with limited relief from a number of regulatory requirements, allowing participants to test innovative financial products under the close watch of a supervising government authority. Sandboxes are designed to lower the barriers to entry and decrease the time it takes to bring innovations to market, while still giving government sufficient oversight to ensure that consumers remain protected.

The Arizona Sandbox

Despite successful efforts by the U.K., Singapore, U.A.E., Canada, and Australia, the United States has not created their own program. That changed on March 23, 2018, when Arizona Governor Doug Ducey signed into law House Bill 2434, making Arizona the first state to create a fintech sandbox. The Arizona Attorney General’s Office will start accepting applications to participate in the sandbox on August 3, 2018, so now is the time to start preparing to enroll. The official website was recently launched, and a preliminary draft of the sandbox application has been posted. Sandbox participants will generally have two years to test their product or service on up to 10,000 Arizona users, provided that they remain in good standing and comply with the sandbox rules.

Future Federal Programs

Arizona’s sandbox program only exempts you from state, not federal, regulations. However, we might see the federal government roll out a federal program modeled on the Arizona sandbox in the near future. Paul Watkins, the chief counsel for the Arizona AG’s civil litigation division and the chief architect of the Arizona sandbox, was recently hired by the Consumer Financial Protection Bureau to serve as Director of their Office of Innovation and to guide the CFPB’s efforts to make a sandbox of its own. I have also personally heard Mr. Watkins speak about his hope that federal agencies will work with the Arizona AG’s office to provide a similar carve out from federal regulations for companies already participating in the Arizona sandbox, so I would not be surprised if one of his first projects with the CFPB is to implement a program like that.

By granting participants a reprieve from certain state regulations, the sandbox makes Arizona a very attractive place for fintech startups to test and launch their newest products. Perhaps best of all, fintech companies can trade the exorbitant up-front legal fees with a cheaper and more streamlined sandbox application. If you are a founder of a fintech startup, you may be saying to yourself, “that’s great! How can I play in the sandbox?” That is exactly the question I will answer in this four part series. In part two, I will address the most fundamental question: What’s the benefit? Is the juice worth the squeeze?