Uroš Čop of Miro Senica overviews the regulatory environment for fintechs in Slovenia, a jurisdiction that has been touted as a European fintech hub
In 2015, Slovenia was emerging out of the financial crisis. A lot of companies were seeking financing, however, banks and other financial institutions, having a bad experience from the previous five dark years, imposed stricter conditions for loans. Small and new companies turned to other means of financing. They were not merely looking to get financing, but they were also looking for services that would help them to better manage their financial operations and processes by using software and algorithms. They turned to fintech.
In a time when terms like blockchain, ICO, sandbox and others were still far from household names, a group of Slovenian start-ups performed initial coin offerings (ICO) and collected over $20 million. ICOs as a new form of fundraising that allowed start-ups to raise capital directly from investors became a solution for these companies that were seeking alternative financing. All of them were among the most successful crowdfunding campaigns of that time. Since good news travels fast and everyone loves a success story, others followed and in 2017, approximately $43 million was collected through ICOs. Slovenia was on its way to becoming a fintech hub.
Many viewed Slovenia as a potential blockchain innovation hub and some even named it "blockchain heaven". The prime minister stated that he wanted "to position Slovenia as the most recognised blockchain destination in the European Union", with the president adding that regulation must exist, but it must not stifle Slovenian blockchain companies.
This has so far mostly been the case. In a country that tends to overregulate, the fintech sector has remained relatively free from regulation. The government developed an action plan entitled 'Slovenia – the land of innovative start-ups', along with an action plan for blockchain. Both envisioned various policy proposals, though most of them have not yet been implemented.
The question of regulation in the field of fintech is an important one, since financial services are among the most heavily regulated sectors in the world. So far in Slovenia, fintechs have mostly to adhered to certain rules that govern the banking sector, the classification of financial instruments, the prevention of money laundering and rules of general application, such as personal data protection and tax legislation.
Banking sector and financial instruments
Companies offering payment services – including enabling cash deposits and withdrawals to and from a payment account, enabling the execution of payment transactions and the execution of money remittance – are bound by the Payment Services Act, which implemented the EU rules embodied in the Payment Services Directive 2 (PSD2) and the E-Money Directive. The Act also lists payment service providers and regulates the issuance of electronic money. Providers of mobile and contactless payments, as well as various forms of e-wallets, fall into the scope of the Act.
Despite these warnings, the issuing, trading and storing of cryptocurrencies so far all remain unregulated
Companies offering financial services, such as the granting of loans, financial leasing (lease or rent) of assets, the issuing and managing of other payment instruments (for example, travellers' cheques and bankers' drafts), the issuing of guarantees and other sureties, and the trading of accounts or client accounts, are bound by the Banking Act. It is worth noting that banks, e-money institutions, payment institutions and waived payment institutions are required to obtain authorisation to provide payment services from the Bank of Slovenia (BS), if established in Slovenia. This is not the case for other such companies that are not banks or are established in the EU and have obtained authorisation in another EU member state, unless specifically stated otherwise.
In the Slovenian banking sector, the biggest questions have revolved around cryptocurrencies, since fintech and especially ICOs, are poorly regulated and have become a sandbox for scams and frauds. At the end of 2017, when the number of ICOs was at an all-time high, the Financial Stability Board (FSB) warned consumers about the risks associated with cryptocurrencies and ICOs, highlighting the lack of regulation and supervision.
The Slovenian Securities Market Agency (ATVP), followed up with a consultation paper focused on ICOs and identified the areas where regulation was needed. It also questioned the appropriateness of local legislation in cases that go beyond the Slovenian jurisdiction and have an expressly cross-border character. The paper warned potential investors about the risks of ICOs and branded them "a speculative investment". The ATVP also opined that ICOs represented a phenomenon that differed from existing financial instruments on the market which posed many new challenges and issues. It concluded that sui generis regulation would be much more suitable, while also taking into account the principles that are applied in the field of financial instruments.
BS, the regulatory body for ICO transactions, issued a statement explaining that the trading of virtual currencies was not systematically regulated and supervised and also published a Q&A on virtual currencies, again emphasising the lack of regulation and the risks associated with that lack.
Despite these warnings, the issuing, trading and storing of cryptocurrencies so far remain unregulated, and there are no real plans underway to change that soon.
Other applicable regulations
Globally, the tendency to adopt stricter rules for the prevention of money laundering has increased drastically in recent years, and Slovenia has followed this trend. The Prevention of Money Laundering and Terrorist Financing Act (AML Act) is one of the rare pieces of Slovenian legislation that explicitly mentions "virtual currencies" and sets out the obligations of companies that issue, manage or exchange virtual currencies. Such companies are therefore required to carry out checks of their clients (know-your-customer – KYC), monitor suspicious activities and report all of that to the competent authorities. The scope of this Act is broad enough to cover most of the fintechs operating in Slovenia. The current AML Act prescribes very strict conditions for the verification of the client and rarely allows for video identification. There has been an unsuccessful initiative by the Blockchain Think Tank Community in Slovenia to amend the AML Act and remedy this.
The lack of regulation also means a lack of support from the government for such technologies
The AML Act implemented the EU AML Directives but has so far failed to transpose the Fifth AML Directive, which introduces even stronger requirements for the financial sector. Among others, the scope of the Fifth Directive extends to new sectors, such as cryptocurrencies and custodian wallet providers, and requires greater transparency to prevent individuals from hiding behind sophisticated networks of corporate structures. Following the failure to transpose the Fifth Directive in time, the European Commission has already sent a letter to Slovenia and seven other member states that have also so far failed to implement the new rules. The letter highlights the recent money laundering scandals that have revealed the need for stricter rules at an EU level and stressing that legislative gaps in one member state have an impact on the EU as a whole.
The Slovenian Financial Administration (FURS) issued a statement in June 2018 explaining that virtual currencies were neither monetary assets nor financial instruments. Consequently, the taxation of profits made by trading them depends on various circumstances and must be decided on a case by case basis. The decision is based on who receives the income (an individual, an individual performing a business activity or a legal person) and on what basis (income from creating virtual currencies, from buying and selling virtual currencies, payout of another income in a virtual currency, payment for performing a service etc.). The explanation also includes concrete examples of different scenarios. According to FURS, the income related to the sale of tokens (in the context of ICOs) and virtual currencies are usually subject to corporate tax but not to VAT.
As in other EU countries, the collection, processing and transmission of personal data has been regulated by the General Data Protection Regulation (GDPR) since May 2018. Some aspects of personal data protection, such as the personal data of employees, are regulated by the Personal Data Protection Act, which is in the process of being amended.
GDPR applies to all companies, including fintechs, and requires them to give individuals access to their personal information, with rights of correction, deletion and to be forgotten. The regulation also limits the processing of data and contains rules on the international transfer of data. It is important to note that GDPR applies extraterritorially to any entity processing personal data of individuals residing in the EU, regardless of where it is located.
Lack of regulation means lack of support
All of the above shows that Slovenia has taken a rather relaxed approach to regulating financial technologies and has instead left the industry to self-regulate. In the fast-changing and complex environment that is fintech, such an approach might be more appropriate. However, the lack of regulation also means a lack of support from the government for such technologies, as these are consequently left to fend for themselves.
While relying on the existing financial sector rules and on the regulations and directives coming from the EU may suffice for certain aspects of fintech, it will not be enough for others. The automation of processes, digitalisation of data and vulnerability to attacks from hackers can only be adequately dealt with by specific regulation. But because of the diversity of offerings in fintech and the various industries it impacts, formulating a single and comprehensive approach will be a challenge.
The adopted action plans and the general interest shown by the government is a start, but all the progress made so far will likely be disrupted by the current lack of an efficient government in place. Slovenian Prime Minister Marjan Šarec has announced he is stepping down in a bid to push for a snap election. As of January 29 2020, the Slovenian government is performing only its regular duties. This will have a significant impact on fintech regulation and will prolong it indefinitely. It seems that, once again, Slovenia will miss its chance to be a global innovative leader. Or, who knows, maybe this time it will be different.
|About the author|
Uroš Čop is a specialist in the areas of criminal law (white-collar), regulatory and data protection, administration law, fintech, intellectual and industrial property law and constitutional law. He also represents foreign clients and cooperates at cross-border transactions. He is a manager of Adriatic Legal Network, which has been co-founded by Law firm Miro Senica and Attorneys, Ltd.