Unquestionably, FinTech has continued to take centre stage in recent months. Not only that FinTech players are raising millions of funding from investors, governments and regulators around the world (including Malaysia) are also looking to regulate and facilitate the growth of FinTech industry in their respective countries through the creation of FinTech frameworks.
To this end, it is recognised that some form of policy and regulatory framework is necessary to be put in place so that FinTech participants can operate in a safe, efficient and transparent manner, as rightly pointed out by the Governor of Bank Negara Malaysia, Datuk Muhammad bin Ibrahim.
Equity crowdfunding (“ECF”)
The first player to the FinTech party scene in Malaysia is ECF.
In February 2015, the Securities Commission of Malaysia (“SC”), a statutory body in charge of the securities and derivatives markets in Malaysia, released guidelines to facilitate ECF market. Six (6) ECF platform operators (Alix Global, Ata Plus, Crowdonomic, Eureeca, pitchIN and Propellar Crowd+) were approved by the SC to operate ECF platforms.
Malaysia is the first country in the ASEAN region to have introduced an ECF regulatory framework.
The SC describes ECF platform as “a new form of fundraising platform that allows startups or other small-and-medium-sized enterprises to obtain funding through small equity investments from a relatively large number of investors, using online portals to publicise and facilitate such offers to investors”.
Investors receive shares in return for their investments and can expect a return in the form of dividends if the company performs well.
According to the SC, from May 2016 until October 2016, the combined amount SMEs have raised through the six regulated ECF platforms amounted to RM8 million for 11 Malaysian businesses. The platforms have also received widespread interest from across 38 different sectors.
In April 2016, the SC released another guideline and this time, it sought to regulate the even more lucrative P2P Lending market. The first round of application was opened from 2 May 2016 to 2 July 2016 and the SC had received more than 50 applications from interested applicants.
Six (6) P2P Lending platform operators (B2B FinPAL, Ethis Kapital, FundedByMe Malaysia, ManagePay Services, Modalku Ventures and Peoplender) were approved by the SC in early November 2016.
These platforms are expected to launch their operations in 2017. Malaysia is once again the 1st country in the ASEAN region to have formally authorised such platforms to operate in the P2P Lending market.
P2P financing, as described by the SC, is a “web-based innovation that broadens the ability of entrepreneurs and SME business owners to unlock capital from a pool of individual investors in small amounts and provides a quick turnaround time to obtain financing for their businesses, through an online digital platform”. Individuals, however, are not allowed to seek personal financing via a P2P Lending platform.
Investors may now use P2P Lending platforms to buy securities in the form of an investment note or Islamic investment note, which are issued by businesses or companies.
Once purchased, the issuer of the investment note or Islamic investment note will be obliged to pay the investors over a period of time, with interest or profits. Both borrowers and lenders benefit from better interest rates and returns on investment, respectively, compared to traditional financing methods. In addition, there are no intermediation parties as money change hands directly.
Bank Negara Malaysia’s FinTech Regulatory Sandbox
Following a public consultation exercise in July-September 2016, Bank Negara Malaysia (“BNM”) released the Financial Technology Regulatory Framework on 18 October 2016. The framework seeks to provide a regulatory environment that is conducive for the deployment of FinTeech in the form of a FinTech sandbox.
With this framework, FinTech product, service or innovation can be deployed and tested in a live environment within certain testing parameters and timeframes.
In order for a participant to participate in the sandbox, the participant must show the following:
- its product, service or innovation is genuinely innovative;
- it has conducted an adequate and appropriate assessment to demonstrate the usefulness and functionality of the product, service or innovation and identified the associated risks;
- it has the necessary resources to support testing in the sandbox;
- it has a realistic business plan to deploy the product, service or innovation on a commercial scale in Malaysia after exiting from the sandbox; and
- it is led and managed by persons with credibility and integrity.
Additionally, in determining an application to participate in the sandbox and the extent of regulatory flexibilities to be granted to the participants, BNM has indicated that they would take into account various factors which include, but not limited to the following:
- the potential benefits of the proposed product, service or innovation;
- the potential risks and mitigating measures; and
- the integrity, capability and track record of the participants.
- The test will run for a period not exceeding 12 months. Participants may extend the testing period by submitting a written application to BNM no later than 30 days before the expiry of the testing period.
At the end of the testing period, BNM will work with the participants to develop a transition plan for the deployment of the solution on a commercial scale in Malaysia upon successful testing. On the other hand, if the test fails or is discontinued, BNM will then consult the participants and develop an exit strategy for them.
Beefing Up Cyber Resilience in Capital Market Industry
While the SC is advocating the benefits of digital finance, the SC is also mindful of the new forms of risks and challenges posed by technology. To address this, the SC published a new Guidelines on Management of Cyber Risk on 31 October 2016 to raise awareness of industry-wide cyber resilience.
The objective of the new guidelines is to enhance governance measures and counter cyber risk so as to protect investors within the capital market.
Against a backdrop of increased dependency on information technology and Internet connectivity in capital market activities, operations of market intermediaries, market infrastructure and market-based financing platforms, there is a need to put in place cybersecurity policies and procedures to safeguard and protect the confidentiality, integrity and availability of information systems used by capital market participants. Sound and vigilant management of cybersecurity risk have been identified as a critical component to further strengthen the resilience of the Malaysian capital markets.
The guidelines stipulate the following requirements:
- roles and responsibilities of the board of directors and management in the oversight and management of cyber risk;
- cyber risk policies and procedures that should be developed and implemented by capital market entities;
- requirements for managing cyber risk; and
- reporting requirements to the SC.
The guidelines will be implemented in phases. Entities will be selected for the different phases based on, among others, size, nature of activities and market share. With this guidelines, it is hoped that this will minimize disruption to the capital market, protect investors’ confidential data and preserve market confidence.
More to come in 2017
The SC intends to introduce a Digital Investment Services framework in 2017, which will enable approved licensees to offer automated discretionary portfolio management which is a more cost-effective, accessible and convenient channel for investors to manage and grow their wealth.
The aim is to achieve four key objectives, namely to enhance access to financing, increase investor participation, augment the institutional market and develop a synergistic ecosystem.
With all these initiatives introduced by both SC and BNM, it will definitely heat up the FinTech party in Malaysia!