Regulatory sandboxes for Fintech

Childs sandbox with toys

In November of 2018, Cayman Islands Financial Services Minister Tara Rivers announced that her ministry is planning to implement a regulatory sandbox for digital assets and other innovative financial technologies that do not neatly fall within existing regulations. According to Ms. Rivers, the aim is to “encourage, foster and incubate legitimate activities,” while ensuring, “sufficient oversight and monitoring to ensure the activities taking place are compliant, fair and transparent.”

Quoted text: A regulatory sandbox is a ‘safe space’ in which businesses can test innovative products, services, business models.The move is intended to address concerns that Cayman is falling behind other jurisdictions that have already established regulatory frameworks for digital assets. Although Cayman has hosted numerous initial coin offerings (ICOs), including the largest to date (EOS/, which raised over $4 billion), uncertainty remains as to the regulatory status of digital assets issued in the jurisdiction. A recent article on the popular software blog Hackernoon listed the top ten jurisdictions for a “worry free initial coin offering” as: (1) Switzerland, (2) Singapore, (3) Gibraltar, (4) the United States, (5) Thailand, (6) Israel, (7) France, (8) Malta, (9) Russia, and (10) Estonia.

At first glance, it may appear paradoxical that regulation should be required in order to encourage innovation. In most cases, regulation inhibits innovation (except within the narrow context of innovations enabling compliance with the regulation). However, in the case of finance, regulation is now so pervasive that innovators fear that, unless they are expressly given permission to operate, they may well be in violation of one or more regulations – now or in the near-future.

One solution to this conundrum is explicitly to pre-empt such threats by removing as many regulatory roadblocks as possible. For example, under its Digital Ledger Technology (DLT) framework, which entered into force in January 2018, Gibraltar has established a set of nine principles for the operation of DLTs. In addition, in its proposed regulation for tokens, which was scheduled to be enacted into law in late 2018, it has deemed that: “Most often, tokens do not qualify as securities under Gibraltar or EU legislation. In many cases, they represent the advance sale of products that entitle holders to access future networks or consume future services. They are akin to mobile phone companies pre-selling airtime in networks they plan to build using the proceeds of those airtime sales. As such, these tokens represent commercial products (albeit reliant on future availability and utility) and are not caught by existing securities regulation in Gibraltar.”

Switzerland has taken a slightly different approach, establishing a relatively simple and clear process for the registration of ICOs. Switzerland’s Financial Markets Authority (FINMA) rules on each application individually and applies different rules depending on whether the token is classified either as a payment, utility or asset.

Another approach, adopted first in the U.K. but now followed by several others, including Singapore, Hong Kong, Australia, Canada, India, Malaysia and Abu Dhabi, has been to create a “regulatory sandbox”. The term derives, originally, from the sandbox – a small cordoned-off area of sand in which children can experience some of the delights of the beach and experiment, building sandcastles and the like, without risk of being swept away by the tide or traipsing sand into the house. The term was then adopted by software engineers who have for years used code “sandboxes” in which they experiment with changes to a program in an environment that largely replicates but is isolated from the live code.

Fintech graphicA regulatory sandbox performs a similar function for the regulation of new technologies and business models, as the U.K.’s Financial Conduct Authority, explained when it introduced the idea in 2015: “A regulatory sandbox is a ‘safe space’ in which businesses can test innovative products, services, business models and delivery mechanisms without immediately incurring all the normal regulatory consequences of engaging in the activity in question.”

Thus, for example, in the U.K. context, “A sandbox could allow a firm to make their advice platform available to a limited number of consumers. As a safeguard, once the advice is issued, but before transactions are executed, financial advisers would review the advice. This would allow firms to learn how consumers interact with their advice platform and how their algorithm performs compared to human assessment.”

Regulatory sandboxes enable companies to develop and implement, on a small scale – i.e. with a limited number of customers – novel financial technologies that either do not neatly fall under existing regulations or could pose compliance challenges due to their unusual nature. They are also applicable to new products with an uncertain market – enabling firms to trial the products without having to go through a full regulatory review process.

Regulatory sandboxes typically require applicants to provide details of the proposed trial, demonstrate the financial wherewithal to implement the trial, specify the timeframe and scale of the trial (i.e. the number of customers, maximum size of transactions), demonstrate that the applicant has in place appropriate risk mitigation measures, and describe the planned “exit strategy” (i.e. either through expanding the program if successful or transitioning customers if not). In addition, where applicable, sandbox applicants must ensure the anonymous nature of any “test” client data used, as well as all safeguards that would be in place to maintain cybersecurity across the code base.

The UK’s FCA undertook an evaluation of its regulatory sandbox program in 2017. In its first cohort, the FCA received 146 applicants, of which it accepted 50. Of those, it found that 75 percent successfully completed testing. Moreover, it found: “Around 90 percent of firms that completed testing in the first cohort are continuing toward a wider market launch following their test. The majority of firms issued with a restricted authorization for their test have gone onto secure a full authorization following completion of their tests.”

The G20 has also been working on a proposal for a set of standards for crypto-currencies and other digital assets, with a particular focus on issues related to AML and KYC. In the communiqué from its December meeting in Buenos Aires, the G20 stated: “We will continue to monitor and, if necessary, tackle emerging risks and vulnerabilities in the financial system; and, through continued regulatory and supervisory cooperation, address fragmentation. We look forward to continued progress on achieving resilient non-bank financial intermediation.

We will step up efforts to ensure that the potential benefits of technology in the financial sector can be realized while risks are mitigated. We will regulate crypto-assets for anti-money laundering and countering the financing of terrorism in line with FATF standards, and we will consider other responses as needed.”

Given the widespread interest in new digital assets, including ICOs and other blockchain-based products, combined with the likelihood of increased scrutiny of such products from an anti-money laundering (AML) and “know your customer” (KYC) perspective, the introduction of a regulatory sandbox for these and other novel financial technologies is to be welcomed in Cayman. In so doing, it is important to create a simple application and review process.

Cayman might also follow Gibraltar’s example and specify clearly up-front which tokens will be considered securities.

Previous articleThe Post-War Order: What is it and why is it controversial?
Next articleFinancial institutions and dishonest assistance
Julian Morris

Julian graduated from the University of Edinburgh with a Masters in economics. Graduate studies at University College London, Cambridge University and the University of Westminster resulted in two further masters’ degrees and a Graduate Diploma in Law (equivalent to the academic component of a JD). 

Julian is the author of dozens of scholarly articles on issues ranging from the morality of free trade to the regulation of the Internet, although his academic research has focused primarily on the relationship between institutions, economic development and environmental protection. He has also edited several books and co-edits, with Indur Goklany, the Electronic Journal of Sustainable Development (  

Julian is also a visiting professor in the Department of International Studies at the University of Buckingham (UK). Before joining Reason, he was executive director of International Policy Network (, a London-based think tank which he co-founded. Before that, he ran the environment and technology programme at the Institute of Economic Affairs, also in London. 

Julian Morris

Vice President, Research
Reason Foundation

T: +1 (212) 495 9599
E: [email protected]




Reason Foundation

Reason Foundation advances a free society by developing, applying, and promoting libertarian principles, including individual liberty, free markets, and the rule of law.

Reason Foundation produces respected public policy research on a variety of issues and publishes the critically-acclaimed Reason magazine. Together, our top-tier think tank and political and cultural magazine reach a diverse, influential audience, advancing the values of choice, individual freedom and limited government.

Reason Foundation's nonpartisan public policy research promotes choice, competition, and a dynamic market economy as the foundation for human dignity and progress. Reason produces rigorous, peer reviewed research and directly engages the policy process, seeking strategies that emphasize cooperation, flexibility, local knowledge, transparency, accountability and results.

Through practical and innovative approaches to complex problems, Reason seeks to change the way people think about issues, and promote policies that allow and encourage individuals and voluntary institutions to flourish.

Reason magazine is the monthly print magazine of "free minds and free markets." Founded in 1968, the magazine covers politics, culture, and ideas through a provocative mix of news, analysis, commentary, and reviews. Reason and provide a refreshing alternative to right-wing and left-wing outlets by making a principled case for liberty and individual choice in all areas of human activity. is home to The Drew Carey Project and other great videos that deliver compelling stories about freedom from all corners of the Internet.


Reason Foundation
5737 Mesmer Ave.
Los Angeles, CA 90230
Phone: (310) 391-2245
Fax: (310) 391-4395

Reason Foundation
1747 Connecticut Avenue, NW
Washington, DC  20009
Phone: (202) 986-0916
Fax: (202) 315-3623

T: +1 (212) 495 9599
E: [email protected]