Japan’s fintech strategy a work in progress

Author: | Published: 27 Mar 2017
Email a friend

Please enter a maximum of 5 recipients. Use ; to separate more than one email address.

Recent amendments to Japan’s banking regulatory framework are expected to boost the profile of fintech companies and enhance the protection of customers using their services

1 minute read
Japan is in the process of opening both its economy and its financial services industry to fintech. Its Revitalisation Strategy 2016 comprises several regulatory developments in this field including online currency and fintech legislation, and new rules regarding payment services using APIs and payment service providers in the credit card space.

The proposed legal changes also include amendments to the banking act to encourage larger financial institutions to collaborate with or incorporate smaller fintech companies. The country’s financial regulator believes this would stimulate innovation in this sector.

Recent regulatory developments in the fintech field are primarily based on the Japan Revitalization Strategy 2016, a policy paper published by the Japanese government in 2016 which actively encourages fintech investment from businesses in various sectors, including banks, financial institutions and startups. The latest legal and regulatory changes affecting the fintech industry include virtual currency legislation, the relaxation of rules restricting bank ownership of fintech companies, proposed new legislation for payment services using banking application programming interfaces (APIs), and amendments to the regime regulating payment services providers (PSPs) in the credit card industry.

Regulation of virtual currencies

The collapse of Mt. Gox in 2014 triggered a huge backlash against bitcoin and virtual currencies more generally in Japan. In 2015, a working group in Japan's Financial Services Agency (JFSA) issued a report on recent developments in payments services, including the regulation of virtual currencies, following which Japan implemented legal reforms that introduced anti-money laundering/counter-terrorist financing (AML/CFT) measures relating to virtual currencies, and user protection rules. In particular, the Payment Services Act was amended to introduce a registration system for virtual currency and fiat currency exchange service providers (VC exchange operators) and user protection rules, and the act on prevention of transfer of criminal proceeds was amended to make VC exchanges responsible for verifying the identity of exchange participants, so enhancing the AML regime. The new regulatory regime for virtual currencies is scheduled to come into force from April 2017.

Under the new regime, VC exchange operators must be registered with the prime minister or its delegated authorities, and a foreign entity may only operate a VC exchange through a business office in Japan or an locally-incorporated entity in Japan. If a business office is used, it must have an individual resident in Japan as a representative. According to a proposed Cabinet Office Ordinance on VC exchange operators, a minimum capital of JPY 10 million ($88,300) is required for registration. The VC exchange operator must also establish systems and procedures to enable it to comply with user protection rules, including the segregated management of money and virtual currencies deposited by users, and audits by an audit corporation or certified public accountant. There are some concerns that capital of JPY 10 million might be insufficient to build such internal control systems.

There are also concerns that if the JFSA, as a regulator, takes the stance that it will interpret the regulations (particularly in respect of requisite measures for user protection) strictly, it might interfere with the growth of virtual currency exchange services.

Relaxation of the five percent ownership rule under the Banking Act

The legal reforms also include significant amendments to the Banking Act, which are expected to come into force in 2017. Currently, the act generally prohibits banks from owning more than five percent (or 15% in the case of bank holding companies) of the voting rights of any other company with certain limited exceptions.

The 2016 amendments will allow banks and bank holding companies to own holdings in companies engaged in businesses that contribute, or are expected to contribute to banking sophistication and improve user convenience (such as fintech companies, for example) in excess of these limits, subject to obtaining permission from the prime minister or its delegated authorities. Some of the standards envisaged for the granting of such permission include, for example, that the assets and income of the bank and each of its subsidiaries remain sound even if the bank loses its entire investment in the subject company.

The JFSA seems to want these reforms to stimulate fintech innovation by encouraging banks to incorporate fintech companies into their corporate group.

Cash-out service using debit cards

ATMs and e-money are common in Japan, so there has been very little incentive to develop cash-out services allowing accountholders to access cash at retail stores via debit cards, and consequently there are no specific regulations regarding such services. Because of this, banks are reluctant to engage in such services as doing so would violate the Banking Act which strictly prohibits businesses not permitted under it.

The 2016 amendments will enable banks to provide such cash-out services via retail stores, and the use of debit cards is expected to increase after the amendments come into effect.

Open banking API and regulation of PISPs and AISPs under proposed amendments to the Banking Act

A movement to provide banking systems using open API is gaining traction in the fintech industry. For instance, one fintech service that is common in Japan is the use of household account-keeping apps and accounting assistance services for companies where users of these services can view bank account information on the service provider's smartphone app after providing the service provider with their internet banking ID and password.

Currently, an account-scraping method is adopted, under which a user's ID and password are entered directly with the service provider to confirm the user's internet banking account information. However, potential users may balk at the idea of providing their banking IDs and passwords to a third-party service provider, and open banking APIs would provide comfort by enabling them to use these services without having to do so.

The JFSA has decided to take a fresh look at the legal regime relating to EPSPs, and proposed amendments to the banking act for this purpose are now under discussion in the Diet

There are currently two types of electronic payments service providers (EPSPs): payment initiation services providers (known as PISPs), and account information services providers (known as AISPs). A PISP acts as an intermediary which electronically delivers a depositor's instructions to its bank to transfer funds between accounts while AISPs provide account information to the depositor at its request, using electronic data processing systems. The operation of an electronic payment service business (PISP or AISP) requires under proposed amendments to the Banking Act prior to registration with the prime minister or delegated authorities, and a foreign entity may only operate as an EPSP through a Japan branch (which itself must have a representative resident in Japan).

To promote cooperation and collaboration between financial institutions and fintech companies whilst also ensuring user protection, the JFSA has decided to take a fresh look at the legal regime relating to EPSPs, including operators of household account-keeping apps, and proposed amendments to the Banking Act for this purpose are now under discussion in the Diet. The material amendments currently under discussion include:

  • EPSPs will only be able to provide electronic payment services after execution of a contract with a bank – the contract must include certain specified provisions regarding the allocation of liability for compensation for losses incurred by users. EPSPs must make those terms public through the internet or some other appropriate way.
  • An EPSP will be required to make public its measures for ensuring appropriate handling and safe management of user information obtained in the course of providing its services, and the measures the contracting bank will take in the event of EPSP's failure to do so.
  • Banks must prepare and make public standards of requirements for EPSPs to fulfil in order to execute contracts between EPSPs and respective banks, and when executing contracts with EPSPs, banks must not unfairly discriminate between them.
  • Banks will be required to set out and make public their policies regarding cooperation and collaboration with EPSPs within nine months from promulgation of the proposed amendments.
  • Banks will also be required to make efforts to put in place a system to enable EPSPs to provide electronic payment services without obtaining IDs and passwords from the users within two years from the implementation of the proposed amendments. Although this obligation is only to make efforts, many banks will feel strong pressure to establish these systems.

Proposed amendments to the Banking Act are expected to come into effect within one year of promulgation, though existing AISPs will then have a period of six months from the date the amendments come into effect during which they must complete their registration with the prime minister or delegated authorities.

Details of how a foreign person or entity can apply for registration as an EPSP will be set out in a later cabinet order.

To date, in Japan, there have been very few cases of PISP-type services where transfer instructions are communicated to a bank. The JFSA's aim in establishing the new system under the proposed Banking Act amendments referred to above is to promote open API by setting up a registration system to regulate EPSPs, while requiring banks to at least endeavour to make API connections with EPSPs possible.

The JFSA is also beginning to look at formulating new guidelines for bank agents to further promote the uptake of banking API.

Introduction of a registration system for PSPs under amendments to the Instalment Sales Act

In Japan, a traditional credit card transaction is based on a tripartite transaction (on us transactions) between merchant, card holder and credit card company. The regulations under the Instalment Sales Act relating to credit card transactions are based on the assumption that they are on-us transactions. However, with credit card transactions through international card brands becoming more common, transactions are increasingly using an off us format in which the roles of issuer (providing a credit line and issuing credit cards to users) and acquirer (entering into merchant agreements with merchants and advancing the transaction payment) are handled by different companies. These factors, an increase in credit card theft and the use of unauthorised credit cards, and expected inroads into the payment service business by fintech companies by intermediating between acquirers and merchants, have prompted amendments to the Instalment Sales Act.

The amendments will come into effect no later than June 9 2018 and will require:

(i) either acquirers or PSPs to be registered with the Minister of Economy, Trade and Industry of Japan or its delegated authorities (to be determined) - (a foreign entity wishing to be registered as such must have a business office in Japan);

(ii) merchants to take appropriate measures for the secure handling of credit card information, such as credit card numbers; and

(iii) registered acquirers or registered PSPs to scrutinise the eligibility of merchants they will execute an agreement with.

Fintech companies are expected, as one option, to be involved in credit card transactions as PSPs via mobile terminals, and will be subject to these amendments if they are.

These legal developments will both help fintech companies to do business in Japan (particularly cash or alternative settlement businesses through the use of apps using banking APIs, and operating as VC exchanges) and enhance the protection of customers using such services. However, the ultimate success of the developments will largely depend on how they are implemented by the regulators, and we await the detail of the relevant regulations and orders.

By Atsumi & Sakai partners Yuri Suzuki and Takafumi Ochiai, and of counsel Kenichi Tanizaki (Tokyo)