1
The Regulatory Sandbox Framework sets out the Central Bank of Bahrain’s (CBB) approach to participation in the FinTech Regulatory Sandbox (the “Sandbox”) of the Kingdom of Bahrain (“Bahrain”).
2
The Sandbox is a virtual space for both CBB-licensed financial institutions and other start-ups and FinTech firms to test their technology-based innovative solutions/services relevant to FinTech before scaling up their operations in Bahrain and across the region.
3
The CBB aims to transform and develop the financial services sector in Bahrain through FinTech and digital financial services which is to be achieved through ongoing initiatives introduced by the CBB, including innovation-friendly regulations and knowledge sharing via cross collaborations with regional and international regulators.
4
The CBB shall include a list of authorised Regulatory Sandbox Participants (hereinafter referred to individually as “Participant” and collectively as “Participants”) on its website.
5
All forms relating to the Sandbox can be found on the CBB’s website.
1
The Sandbox is open to both existing CBB licensees (financial institutions with FinTech initiatives) and other companies (both local and foreign) intending to test innovative financial services (hereinafter referred to individually as “Applicant” and collectively as “Applicants”).
2
The Sandbox is not suitable where the Applicant is unable to comply with the requirements of this framework, and in particular, the core requirements such as those relating to Anti Money Laundering and Combating the Financing of Terrorism (AML/CFT), handling of Volunteer Customer/Client Money and Assets and maintaining the confidentiality of customer information.
This section sets out the main eligibility criteria for participation in the Sandbox, which include the following:
(1) Innovation: The service must be truly innovative, addresses a market gap or is sufficiently different from existing offerings, or offers a new use for existing technologies within financial services (as evidenced by market research and a comparison of the key features of the Applicant’s technology or operating methodology against competitors).
(2) Customer benefit: The service must offer identifiable direct or indirect benefits to customers (for e.g. based on customer research showing improved security, customer experience, efficiency, quality of product, lower prices or a combination of any of the above). These must be supported by quantifiable estimations or demonstrations, where possible.
(3) Identification of Major Risks: The Applicant must identify the major risks associated with the solution or service, as well as the measures to mitigate these, including business continuity and disaster recovery.
(4) Compliance with CDD and AML/CFT Requirements: The Applicant must be able to comply with the Customer Due Diligence (CDD) and Anti-money Laundering/Combating the Financing of Terrorism (AML/CFT) Requirements set out in the CBB Rulebook.
(5) Confidentiality Requirements: The Applicant must be able to maintain the confidentiality of customer information in accordance with the Central Bank of Bahrain and Financial Institutions Law No.64 of 2006, as amended (“CBB Law”) and other applicable laws.
A
Application Process
1. Prior to applying to enter the Sandbox, prospective applicants:
(a) are encouraged to approach the CBB to discuss their application at an early stage, so that any specific questions may be dealt with prior to submitting the application to the CBB. Such enquiries may be sent to sandbox@cbb.gov.bh.
(b) must ensure that they have met, and are able to continue to meet, the eligibility criteria set out in Section 3 above.
2. Applicants wishing to enter into the Sandbox must apply to the CBB through the Regulatory Sandbox online application platform in the CBB’s official website.
3. The declaration page of the application form must be signed and submitted to the CBB along with the application.
4. In cases where more than one FinTech firm are jointly involved in an innovative project or where a CBB licensed financial institution wishes to work with a particular FinTech Firm, a joint application may be made.
5. The Sandbox application form requires the provision of, among other details, the following information along with supporting documents (where applicable):
(a) A brief description of the Applicant company, including its financial standing, technical and business domain expertise and its founders and management (along with their CVs).
(b) A brief description of the service and solution to be tested in the Sandbox and the manner in which it addresses particular gaps or benefits customers.
(c) A description of how the Applicant has met the Eligibility Criteria described in Section 3 above (along with supporting evidence).
(d) A description of the plan with regards to communication with volunteer customers, which must include adequate risk disclosures and material information about the Participant, the service and the testing being conducted in the Sandbox.
(e) The testing plan and a description of the testing target and predicted outcomes and Key Performance Indicators (KPIs) which will be used to determine the success of the testing.
(f) A description of any third-party outsourcing arrangement, including the due diligence conducted by the Applicant on such third party.
(g) Any other information which the CBB ought to be informed about.
6. All documentation provided to the CBB as part of the application must be in either Arabic or English language.
B
Application Fee
1.The Application fee for the Sandbox is BD 100 (non-refundable) to be paid at the time of submitting the application.
2. Applicants may pay the required application fee through the CBB’s Website.
C
CBB Approval Process
1.The CBB shall provide a formal decision on a submitted application within 15 calendar days after all required information and documentation have been submitted in a form acceptable to the CBB.
2.The CBB shall then inform the Applicant in writing that it has either:
(a) Granted the application without conditions;
(b) Granted the application subject to conditions specified by the CBB; or
(c) Rejected the application, stating the reasons for the rejection. Reasons for rejection may include inability to meet the eligibility criteria set in Section 3 above.
3.The CBB may consider relaxing certain regulatory requirements while maintaining others. This will be assessed on a case-by-case basis taking into account the particular circumstances of the Applicant. For the avoidance of doubt, certain core legal and regulatory requirements such as those relating to AML/CFT and confidentiality of customer information shall not be relaxed and must be maintained at all times.
4.Once the CBB approves the application, the Applicant must establish a company registered by the Ministry of Industry, Commerce and Tourism to be used solely for the purpose of the Sandbox and must provide the CBB with a copy of the company’s Commercial Registration certificate.
5.The Applicant must also open a bank account with a CBB licensed retail bank for the purposes of handling the funds of volunteer customers in accordance with Section 6(B)(3) below.
1.The duration of the Sandbox is up to a period of 12 months from the date of the CBB’s authorisation to participate in the Sandbox.
2.The testing period may be extended subject to the following:
(a)The Participant must notify the CBB at least 30 days prior to the expiry of the 12-month testing period.
(b)The authorised Regulatory Sandbox Participant must provide the CBB with a detailed account of the reasons for the request for extension.
3.The CBB may, approve or reject, a request for extension in its discretion.
4.Where the CBB approves the request for extension, it may stipulate the appropriate time period for extension which may differ from the requested period.
Below is a flowchart in relation to the Sandbox process and timeline:
A
General Obligations
B
Specific Obligations
1. CDD and AML/CFT Requirements and Financial Crime
a) Participants must comply, at all times, with legal and regulatory requirements relating to CDD and AML/CFT, including those set out in the CBB Rulebook.
b) Participants must maintain adequate systems and controls to address the risks of financial crime occurring during the course of Sandbox testing.
2. Confidentiality of Customer Information
a) Participants must comply with all legal and regulatory requirements relating to maintaining confidentiality of customer information.
b) Volunteer customer information must be kept confidential (both during and after the Sandbox period) and must not be used for any purpose other than for their Sandbox testing purposes in Bahrain.
3. Client Money Account Requirements
a) Participants must open an account with a retail bank licensed by the CBB to be used solely for the purpose of handling the funds of volunteer customers. A confirmation document from the bank should be provided to the CBB. For the avoidance of doubt, the client money account may not be used for any purpose other than for holding the funds of volunteer customers.
b) The Participant must ensure that it keeps adequate records of the funds belonging to each volunteer customer including records showing that the money was deposited into the client money account.
c) A separate corporate account may be opened by the Participant for Sandbox testing purposes to be used solely for testing purposes and such account must not be used for any other purpose.
d) Participants must maintain sufficient systems and procedures in respect of the handling of the money of volunteer customers as well as sufficient internal controls to monitor this requirement.
4. Management
The management of the Participant must conduct themselves with honesty and integrity at all times.
5. Risk Mitigation
Participants must conduct periodic reviews to identify risks associated with the service and solution and put in place measures to mitigate them.
C
Reporting Requirements
D
Notification Requirements
The Participant must immediately notify the CBB in the event of the occurrence of any of the following:
a) Any changes to the information provided to the CBB in support of the Sandbox application whether such change occurs prior to, or after, entering into the Sandbox.
b) Any changes to the testing plan.
c) Any adverse events relating to the testing, including but not limited to, cyber security incidents, major operational issues, obstacles that have a major impact on the testing, any failure to comply with applicable laws or this framework etc.
A
Where it determines that continued testing would cause harm or poses a threat to the customers or the financial sector.
B
Where the Participant fails to comply with the requirements of this framework, and especially the core requirements referred to in Section 6 (B) above.
C
Where the Participant is found to be in breach of any of the conditions imposed by the CBB during the authorisation stage or thereafter.
E
For any other reason at its discretion.
D
Where it is discovered that any of the information or documents provided along with the Participant’s application are inaccurate or false;
A
Voluntary Exit from the Sandbox
The Participant may choose to discontinue the testing at any time, subject to providing the CBB with a one-month notice. The CBB may impose conditions in such cases. The Participant will not be permitted to exit until such conditions are met.
B
Completion of Testing and Exit
a) A description of the Participant’s business model, services, products (and their delivery channels) along with any transactional flowcharts.
b) A comprehensive evaluation of all aspects relating to the testing, including:
c) Key risks identified and steps taken to address and mitigate such risks.
d) Brief details about the technology architecture.
e) Detailed log of operational or technical incidents, if any, and steps taken to address them.
f) Feedback from volunteer customers, including complaints, if any.
g) Details on any audits conducted.
h) Findings and observations regarding the success of the test.
The following list shows the current FinTech Regulatory Sandbox Approved Companies and the Authorization Date to join the sandbox. Please hover over the company to view more details.
7 August 2022
Crypto Payment Service Provider
9800 Wilshire Blvd Ste 205 Beverly Hills, CA 90212 United States of America21 February 2022
Crowdfunding Platform Operator
4110 Al-Imam Muhammad Ibn Saud Rd – Khuzama District Unit No. 525 Riyadh 12572 - 8807 Kingdom Of Saudi Arabia25 January 2022
Digital Financial Advice
16 January 2022
Open Banking Platform
3634 Anas Bin Malik Al Malqa Dist. Riyadh 13524-6441 Kingdom of Saudi Arabia16 January 2022
Trading Finance
DD-15-134-007, Level 15, Wework Hub 71, Khatem Tower, ADGM Al Maryah Island, Abu Dhabi United Arab Emirates10 January 2022
Cross-Border Payment Service Provider
N/A - Not Incorporated21 December 2021
SME Financing Platform
House 1009, Road 1225 Block 312 Kingdom of Bahrain12 September 2021
Smart Interactive Receipts
Office 21, Ajeyaad Seef, Building 2304, Road 2830 Seef 428, Kingdom of Bahrain1 September 2021
Buy Now, Pay Later
Office no 302, Building 551, Road 4612, Block 346, Manama – Water Bay, Kingdom of Bahrain26 July 2021
Aggregator of Financial Products Information
Office 11, Building 548, Road 4415, Block 244 Arad, Kingdom of Bahrain8 July 2021
Auto Insurance Data Analytics Provider
8872 ,Emaar Square Jeddah Saudi Arabia8 July 2021
Investment Portfolio Management
N/A - Not Incorporated24 June 2021
Rewards and Payments
in5 Design - EO12 Dubai Design District, Dubai United Arab Emirates12 April 2021
Tokenization Services Company
INABLR MIDDLE EAST W.L.L. DSO - IFZA Dubai Silicon Oasis Dubai, UAE9 February 2021
Digital Contract Payment Network
496 Aureole Walk New Market, Suffolk England, United Kingdom31 January 2021
Loan Aggregator - AISP
P.O.Box 10667 Jeddah 21443 Saudi Arabia3 December 2020
Investment Platform
981 Mission Street #15 San Francisco, CA 94103 United States of America10 October 2019
Sandbox Ancillary Service Provider
Office 2046 RESCOWORK02 Al Sila Tower, Abu Dhabi Global Market Square Abu Dhabi United Arab Emirates23 July 2019
Sandbox Ancillary Service Provider - Micro-lending platform
Interactive Solutions for Financing LLC King Hussein Business Park Building 7, Ground Floor P.O. Box 851222 Amman 11185 Jordan
Article ID: 16
Created: November 22, 2022
Last Updated: November 22, 2022
Author: Dr. Nabil Chaiban
Online URL: https://kb.bankingwords.com/article.php?id=16