Fintech 2022 – Technology – United States

Law and Practice

1. Fintech Market

 1.1 Evolution of the Fintech Market

“Fintech” refers generally to the financial services
industry’s emerging use of sophisticated software, including
machine learning and artificial intelligence (AI), and other modern
technologies to enhance financial services and their delivery to
consumers. Fintech encompasses a range of different technologies
and subsectors of the financial services space, including the use
of mobile payment apps and the incorporation of blockchain

Fintech Investment Rebound 

With the ongoing emergence of COVID-19 variants, COVID-19 is
generally becoming accepted as the new social norm. The
broader US economy appears to have shifted its focus from COVID-19
response to recovery, which has been accompanied by a correlated
increase in fintech investments overall. Unsurprisingly, at
the outset of the pandemic in the first half of 2020, fintech
venture investment experienced a significant decrease with
correspondingly poor outlooks. However, investment volume
rebounded substantially in 2021, with fintech venture investments
reaching USD134 billion, marking year-over-year growth of 177% and
substantially greater growth compared to global venture capital
investment in 2021 generally. 

This substantial growth was attributable to significant funding
rounds of at least USD100 million, which suggests institutional
investors’ continued intention to capitalise on the fintech
trend. Start-ups seem to have benefited in particular, with a
sizable number of investors seeking new growth opportunities
through early-stage funding. In 2021, early-stage deals accounted
for 63% of total deals, and the average deal size increased from
USD2 million to USD3 million. Similar to 2020, fintech
investment in 2021 was led by corporate and venture capital
investors, arguably in response to downstream investor pressure for
more fintech exposure. Adoption of fintech in the financial
services industry is expected to increase, and fintech investment
is expected to reach approximately USD324 billion by 2026.

The growing attention to fintech M&A merits special
attention. Fintech M&A allows banks, among others, to
acquire digital capabilities without expending the substantial
resources necessary to build their own fintech solutions
internally. Payments continue to be a key theme in fintech M&A,
with buy-now, pay-later (BNPL) platforms experiencing substantial
growth during the pandemic. BNPL offers an alternative to
traditional consumer credit options, seeking to expand the consumer
base to include, for example, those without credit
cards. Fintech firms have dominated the BNPL market in recent
months, with 61 BNPL acquisitions made in August and September 2021
alone, with five deals exceeding USD2 billion. This trend may hold
in the coming years as the focus on payments continues. 

Growing Consumer Adoption of Fintech 

Consistent with the significant growth in fintech investment, US
consumers’ adoption of fintech has increased
substantially. This adoption is partially attributable to the
pandemic, which increased the need for seamless and convenient
digital services that obviate the need for in-person interaction
and businesses’ corresponding need to shift to digitised online
platforms. In 2021, 88% of US consumers used some form of
fintech (such as mobile banking, mobile payments, and
retail/e-commerce applications), compared to only 58% in 2020. This
uptrend is likely to continue, as the ongoing effects of the
pandemic continue to place pressure on brick-and-mortar businesses
and other in-person commerce.

Heightened Regulatory Scrutiny 

Fintech is an emerging component of a broad range of financial
services, which are subject to diverse laws and regulations that
are generally not designed to address the challenges posed by
technological advances. Fintech involving blockchain
technology, cryptocurrencies and other digital assets is
particularly subject to regulatory scrutiny and is subject to the
potential for significant, fast-moving legal developments. Fintechs
in this space should be prepared for enhanced scrutiny under the
Biden administration with regulation of cryptocurrencies and
stablecoins specifically expected to increase in 2022. For
example, during Treasury Secretary Janet Yellen’s nomination
hearing, she expressed concerns about the cryptocurrency market and
resolved to establish rules limiting “malign and illegal
activities” without inhibiting fintech innovation. In
March 2022, the Biden administration issued an Executive Order on
Ensuring Responsible Development of Digital Assets (the
“Executive Order”), which sets forth a government-wide
strategy to regulate cryptocurrencies, including a detailed outline
of the administration’s key policy and regulatory objectives.
The Executive Order not only references regulatory issues such as
anti-money laundering (AML) but also emphasises the importance of
reinforcing the United States’ leadership and competitiveness
in global finance through “the responsible development of
payment innovations and digital assets” and the need to
“promote access to safe and affordable financial
services.” These positive statements have given some in the
digital assets space a sense of cautious optimism. In any event,
the Executive Order suggests that the White House intends to take
on a progressively more important role in the oversight of
cryptocurrencies and digital assets generally. In addition,
legislative developments and agency rulemaking are poised to effect
significant changes in the forthcoming regulatory landscape, as
discussed in 12.2 Local Regulators’ Approach to

2. Fintech Business Models and Regulation in General

 2.1 Predominant Business Models

Fintech business models span a range of different categories,
including banking, non-bank lending (eg, personal finance and
equity financing), investment management services, blockchain
technology and digital assets, and insurance. Within each of these
categories, there are a number of different business models with
varying operational designs and regulatory burdens.

As regulators clarify their positions on key issues, certain
business models and regulatory approaches have become settled and
arguably predominant in the space. For instance, fintech firms
operating as cryptocurrency trading platforms typically analogise
themselves to the money transmitter licensee model, which is
familiar to state regulators. Over time, several state
regulators have adapted their money transmitter regulations to
cryptocurrency businesses, which has hastened the adoption of the
money transmitter model as a default construct. On the legacy
banking side, fintech firms have sought state licences or
permissions to be able to act as service providers to unaffiliated
banking institutions under applicable state banking and other
relevant laws.

As fintech firms continue to engage with regulators, the authors
anticipate that additional business models will become predominant
over time. For example, there remains a pressing need for qualified
custodians for digital assets, and fintech firms have gravitated
towards either a state trust company licence or federal banking
charter, both of which authorise custodial functions. Time will
tell whether one or both of these models will become the

 2.2 Regulatory Regime

In the USA, the regulation of financial services (and thus
fintech) is fragmented across multiple federal authorities and
various state regulators. No single regulatory authority exercises
exclusive jurisdiction over the fintech industry, and jurisdiction
depends primarily on the business activity in question. While
federal law pre-empts certain state regulation where the Securities
and Exchange Commission (SEC), Commodity Futures Trading Commission
(CFTC) or Office of the Comptroller of the Currency (OCC) has
exclusive jurisdiction by statute, in most cases, there is no
pre-emption and fintech firms must consider whether they are
subject to more than one regulatory regime. Often multiple
regulatory authorities have overlapping jurisdictions, resulting in
ambiguity as to the scope of each regulator’s supervisory
authority. With fintech growing dramatically, US regulators
have realised the industry’s need for a consistent (or at least
clear) regulatory approach, but uniformity is impossible due to the
disparate laws and regulatory purposes driving federal and state
authorities. Fintech firms are likely to continue facing
substantial challenges in navigating diverse and sometimes
conflicting legal requirements.

 2.3 Compensation Models

A fintech firm’s business activity is the primary driver of
its compensation model. For example, a trading venue or dealer
that permits clients to buy and sell assets will typically charge
trade commissions. For a trading venue that is a
cryptocurrency trading platform (and is a state-regulated money
transmitter as opposed to an SEC- or CFTC-registrant), a key issue
tends to be the transparency of fee calculation and the adequacy of
customer disclosures. On the other hand, a fintech firm offering
advisory services will typically charge a base management fee and a
performance-based fee, and if the firm is an SEC-registered
investment adviser, its clients must meet certain eligibility
criteria for the firm to appropriately charge performance-based
compensation. The more particular details of a firm’s
compensation structure (eg, tiered fees based on transactional
volume and similar variations) depend on many factors, including
regulatory requirements, the firm’s maturity, market
conditions, industry competition and consumer demand.

 2.4 Variations between the Regulation of Fintech
and Legacy Players

The relevant regulatory framework depends on the fintech
firm’s business activity. To date, though a number of fintech
regulatory sandboxes have been put in place, federal and state
authorities have generally sought to regulate fintech firms through
interpretations of existing paradigms rather than through the
proactive adoption of new rules. This has placed some stress on
fintech innovation, as many fintech firms lack the resources and
experience of more traditional financial firms and, at least
initially, may be unable to satisfy the robust compliance, risk
management and other requirements imposed by applicable
laws. Any effective solution will require regulatory
creativity and a willingness to balance the need for oversight and
consumer protection with the potential benefits of innovation.

 2.5 Regulatory Sandbox

Several US regulators have developed regulatory sandboxes for
fintech. For example, the Consumer Financial Protection Bureau
(CFPB) issued a compliance assistance sandbox offering firms a
liability safe harbour from specified legal provisions while
testing new products for a limited period of time. The SEC,
CFTC and OCC have all formed offices dedicated to supporting
responsible innovation in the financial sector. A prominent example
is the CFTC’s LabCFTC, which facilitates collaboration and
information sharing between the fintech industry and
regulators. Some states have also formed their own regulatory
sandboxes. North Carolina’s NC Sandbox Act codifies an
agreement not to enforce specific regulations, permitting approved
applicants to make innovative products or services available to

Because of the fragmented nature of US financial services
regulation, no single US agency can, on its own, create an
effective, industry-wide regulatory sandbox. Importantly,
compliance with one regulator’s sandbox does not prevent
enforcement action from another federal or state regulator, and
fintech firms must exercise caution in this regard. 

 2.6 Jurisdiction of Regulators

The regulatory framework applicable to a fintech firm depends on
its business activities and a variety of other factors, including
its customer base. For example, banks are primarily regulated by
the OCC, the Federal Deposit Insurance Corporation and the Federal
Reserve. The SEC and, to the extent applicable,
self-regulatory organisations (SROs), such as the Financial
Industry Regulatory Authority (FINRA), regulate and supervise
financial services firms whose businesses involve securities,
including issuers, broker-dealers and investment managers. The
CFTC and, to the extent applicable, the National Futures
Association (FINRA’s counterpart SRO in the CFTC-regulated
space), maintains regulatory and supervisory authority over firms
whose business involves CFTC-regulated instruments such as futures
and certain other derivatives; these firms include, without
limitation, commodity pool operators, futures commission merchants
and designated contract markets. Other relevant agencies
include the Financial Crimes Enforcement Network (FinCEN)
(financial crimes), the Office of Foreign Assets Control (OFAC)
(economic and trade sanctions) and the CFPB (consumer
protection). States are also highly active in fintech
regulation, with most states requiring firms providing digital
wallet or cryptocurrency trading services to obtain money
transmitter licences.

Because fintech activities can easily cross lines from one
regulated space to another, firms should take a proactive approach
to assessing their regulatory obligations. Depending on its
business activities, a firm could easily be subject to the
simultaneous oversight of FinCEN, a state money transmitter or
lending authority, the SEC and/or CFTC. In many cases, fintechs
seek to isolate regulatory burdens and risks by utilising legally
separate but affiliated entities with different business activities
and thus regulatory statuses.

 2.7 Outsourcing of Regulated

Financial institutions in the USA commonly outsource regulated
financial services functions. A common fintech business model
is a partnership between a bank and a third-party fintech service
provider to support the bank’s provision of, for example,
mobile banking services. A properly structured partnership may
subject the firm to additional regulatory obligations and will
require the firm to contractually agree to comply with the bank
partner’s regulatory requirements and industry standards,
including, for example, cybersecurity and data protection policies
and procedures. There has been extensive guidance from the OCC, the
primary federal banking authority, with respect to third-party
vendor risk management and related practices. As further
discussed in section 2.12 Conjunction of Unregulated
and Regulated Products and Services
, a truly
“unregulated” fintech firm is few and far between. In any
event, whether a regulated or unregulated fintech firm is
preferable for outsourcing arrangements would be dependent largely
on the regulatory obligations, industry standards, and risk
management policies applicable to the outsourcing entity.

 2.8 Gatekeeper Liability

There is no information available in this

 2.9 Significant Enforcement Actions

Fintechs are regularly the subject of enforcement actions by US
regulatory agencies. In 2021, cryptocurrencies have been the
main focus of such actions, with additional pressure arising from
the Biden administration’s determination to make cryptocurrency
enforcement a priority. In 2021, the SEC brought 20
cryptocurrency-related enforcement actions. The CFTC was not
far behind, bringing a string of enforcement actions against
cryptocurrency trading platforms the same year. FinCEN is also
active in this space and works together with the SEC and CFTC to
enforce compliance with applicable AML laws.

Enforcement actions can result in significant monetary
penalties. For example, in August 2021, the CFTC and FinCEN jointly
imposed a USD100 million penalty against BitMEX, a cryptocurrency
trading platform, for violations of the Commodity Exchange Act
(CEA) and the Bank Secrecy Act (BSA). More recently, in
February 2022, the SEC charged BlockFi Lending LLC
(“BlockFi”) with unregistered offers and sales of its
retail crypto lending product; these charges (and parallel state
charges) were settled with an aggregate USD100 million penalty,
with USD50 million payable to the SEC.

 2.10 Implications of Additional, Non-financial
Services Regulations

A broad array of non-financial laws are potentially relevant to
fintech firms. In many cases, these provisions relate to
privacy, cybersecurity and related data and software-related laws,
because fintechs frequently collect, store and process consumer
personal information. Depending on the services they provide,
fintechs may be subject to general business laws, such as consumer
protection and fairness laws administered by the CFPB. In large
part, these laws predate the advent of fintech and do not make
substantive distinctions between fintechs and legacy
participants. Regulators continue to struggle to adapt these
rules to newer, more complex fintech business models. 

 2.11 Review of Industry Participants by Parties
Other than Regulators

Fintechs, like any other business, may be subject to diligence
review by their banks, auditors, interest holders and business
counterparties. For example, in M&A transactions, fintechs may
be subject to diligence by prospective investors, acquirers,
underwriters or financial advisers. The diligence review often
includes ensuring there is an appropriate plan in place to remedy
any issues discovered during due diligence, including any
regulatory compliance matters. Diligence reviews are also conducted
as part of many business arrangements, including, for example, when
a digital assets lender onboards borrowers onto its lending
platform or when digital assets issuers enter into listing
arrangements with a cryptocurrency trading platform. 

 2.12 Conjunction of Unregulated and Regulated
Products and Services

Many businesses that fall under the fintech umbrella are
regulated to some extent, and few fintech services are truly
unregulated. As an example, any activity that involves some
flow of cryptocurrency or fiat currency (including payments
services, lending, and exchange or transfer services) is likely to
be extensively regulated under federal and/or state
laws. Since fintech by definition straddles the cutting edge
of technology, fintechs can quite easily cross the line from
unregulated to regulated activity such as by providing investment
advice. Further, a fintech firm that engages in a regulated
activity and is therefore licensed by a state or federal authority
should also be mindful that, in many cases, the firm as a whole
– and its activities in the aggregate – may be subject
to regulatory supervision and oversight. Fintech firms are thus
advised to adopt a proactive approach towards regulatory

 2.13 Impact of AML Rules

A wide range of financial services providers (including banks,
brokers and money services businesses, among others) are subject to
AML laws and regulations imposed by the BSA and FinCEN rules, as
well as certain other regulatory regimes. A majority of fintech
firms fall into this regulatory classification, including
cryptocurrency trading platforms. The specific requirements
applicable to a fintech firm will depend on its business model and
the services it provides, its risk profile, and the types of
customers it serves. In most cases, applicable AML requirements
extend to the operations of the firm generally rather than strictly
to a specific type of regulated or unregulated activity. Finally,
as a practical matter, even if a particular fintech firm is not
subject to AML laws on its own, its business partners, including
banking partners, are likely to require proof of compliance with
applicable AML laws as a prerequisite to any business

3. Robo-Advisers

 3.1 Requirement for Different Business

The term “robo-advisers” generally refers to digitised
platforms that provide clients with automated financial planning
services based on algorithms or mathematical
formulas. Robo-advisers rely extensively on software, are
intended to minimise human interaction and involvement, and are
generally designed to provide a more cost-effective advisory
solution to a broader range of clients than traditional wealth
management services. Robo-advisers vary widely in their design
and functionalities, including the assets as to which they advise,
the degree to which the advice is personalised, and whether or not
the advice is provided on a discretionary or nondiscretionary
basis. Many robo-advisers offer advice with respect to
exchange-traded funds, which are low-cost and diversified compared
to other securities investments; this is consistent with the fact
that robo-advisers often target lower net worth clients seeking
lower cost and risk-controlled investment exposure. 

Regulation of robo-advisers depends largely on the assets as to
which they provide advice. Many robo-advisers advise as to
securities, which generally requires them to be SEC-registered
investment advisers. Advice about CFTC-regulated instruments
generally requires the firm to become a CFTC-registered commodities
trading advisor. If the firm advises exclusively with respect
to physical commodities, such as bitcoin, the robo-adviser would
not be subject to SEC or CFTC registration, although it would
remain subject to the CFTC’s anti-fraud and anti-manipulation
authority over spot commodities markets.

Robo-advisers’ activities may extend beyond investment
advice, such as executing transactions on behalf of clients, which
could increase regulatory burdens. For example, if executed
transactions involve securities, the robo-adviser may be subject to
broker-dealer registration under the Securities Exchange Act of
1934, as amended (the “1934 Act”). If the
robo-adviser also provides a facility for effecting trades, the
robo-adviser may be required to register as an exchange under the
1934 Act. 

 3.2 Legacy Players’ Implementation of
Solutions Introduced by Robo-Advisers

Many legacy investment advisers have formed new sister companies
to offer robo-advice to clients. Incorporating a robo-adviser into
a traditional firm’s advisory structure may adversely affect
revenue, as robo-advisers typically offer their services at lower
cost. A potential solution is for legacy advisers to actively
distinguish robo-advice from traditional advice and/or to offer the
products to different markets. Consequently, robo-advisers are
typically marketed to smaller investors who neither need nor can
afford personalised investment advice. Larger investors,
however, may desire personal, human interaction tailored to their
individual investment needs, which would justify the material
additional cost of traditional advice.

 3.3 Issues Relating to Best Execution of Customer

Robo-advisers frequently automate the execution of customer
orders in the interests of cost reduction and operational
efficiency. This approach raises two key regulatory

First, the robo-adviser remains obligated to obtain best
execution of client trades. An automated system, where every
order is routed a particular way, may not be consistent with best
execution. Some robo-advisers attempt to address this problem
through disclosure to the client about how trades will be executed
with warning that this order routing may not be consistent with
best execution. These disclosures are generally effective if
they are clear and the client consents to the

Automated trading creates an additional concern because the
absence of human verification can lead to rapid and very expensive
errors if the computer systems do not work as expected. There have
been cases, for example, where a software error caused orders to be
doubled, so that clients purchased twice as much on each order than
was intended. The robo-adviser is generally liable for the damages
caused by such errors. Firms generally seek to mitigate this
risk by carefully testing all computer software before deployment
and by including broad exculpation clauses that purport to limit
the adviser’s liability for trade errors. However, the SEC
has recently cautioned that such clauses are frequently ineffective
and may themselves violate federal law if overbroad. 

4. Online Lenders

 4.1 Differences in the Business or Regulation of
Loans Provided to Different Entities

Federal and state laws impose extensive requirements on non-bank
lenders related to the marketing, origination, servicing and
assignability of consumer and commercial loans. These
requirements vary significantly based on the lender’s business
as well as the domiciles and sophistication of its
borrowers. For example, different state licensure requirements
apply depending on the specific lending activity contemplated,
which may range from lending to loan brokering and differ depending
on the type of loan. Generally, licensed non-bank lenders are
subject to the licensing, reporting and other requirements under
applicable state lending law, as well as the examination and
enforcement authority of the relevant state lending
regulators. These requirements are substantially different
from the more onerous regulatory obligations imposed on traditional
bank lenders.

At a high level, non-bank lenders’ consumer loans are the
most heavily regulated loan type. For example, while an
extensive state-level licensing framework exists in connection with
the brokering and origination of consumer loans by non-bank
entities, fewer states license and examine non-bank commercial
lenders. Nonetheless, certain key states, including California
and South Dakota, require the licensing of non-bank lenders in
connection with commercial loans, and California also requires the
licensure of both commercial and consumer loan brokers. 

It should also be noted that there are certain state and federal
laws that apply to the provision of commercial and other types of
credit more broadly. These include state usury laws, fair
lending laws and data security requirements. At the federal level,
generally applicable requirements include the Equal Credit
Opportunity Act (ECOA) and Regulation B thereunder, which require
lenders to issue an adverse action notice to denied credit
applicants whether they are a commercial or consumer
entity. In addition, the Fair Credit Opportunity Act imposes
certain obligations on creditors in connection with personal credit
reports used in connection with guarantees provided in relation to
commercial credit. 

 4.2 Underwriting Processes

Both consumer and commercial credit providers are subject to the
prohibitions set forth in the ECOA, including a prohibition on
credit decisioning involving prohibited bases (eg, a discriminatory
basis). Non-bank consumer lenders are required to adhere to
any requirements imposed by the licence under which they operate
their business. For example, there may be certain state
requirements related to maximum loan amounts in relation to a
borrower’s gross monthly income. Non-bank commercial
lenders typically have fewer statutory requirements that affect
underwriting models. However, both California and New York
have enacted laws that will soon impose onerous disclosure
requirements on certain providers of “smaller” commercial
credit (as of the date of this submission, final regulations have
yet to be promulgated by either state). Other states also have
pending legislative proposals that, if passed, would affect the
disclosures provided to certain small business commercial credit

The underwriting processes for non-bank lenders differ
significantly depending on the borrowers targeted and the type of
loans contemplated. These processes thus take into account a wide
range of disparate data, including credit scores, bank
transactional data, income, and rent and employment
histories. Some lenders have sought to use AI to analyse and
process such data for their underwriting models. State and
federal laws generally do not expressly address non-bank
lenders’ use of fintech advancements, such as AI or blockchain
technology to facilitate, monitor or manage their underwriting or
loan management processes. Over time, regulations may evolve
to address the convergence of fintech and non-bank lending, but
prior developments in this space suggests that the evolution will
be incremental. In any event, non-bank lenders must be
cautious that their underwriting processes, whether or not
supported by fintech advancements, do not result in discriminatory
or unfair effects on certain classes of borrowers in contravention
of applicable law. 

 4.3 Sources of Funds for Loans

The sources of funds depend upon the entity making the
loan. US-insured depository institutions typically use
deposits to fund their lending programmes. They are heavily
regulated and supervised by applicable federal and state banking
authorities, which permit them to accept customer
deposits. Non-bank lenders, however, are not permitted under
US law to accept deposits and therefore typically fund loans with
lender-raised capital (including equity raises, debt obligations
and peer-to-peer funding) as well as securitisations of the
receivables generated through structured financial
agreements. The sources of funding for non-bank lenders thus
tend to be substantially more costly and raise complex regulatory
issues. Notably, however, peer-to-peer lending has developed
substantially, with many digital platforms permitting investors to
qualify as lenders and finance (and thus invest in) loans on a
streamlined online portal; this has made peer-to-peer lending more
cost-effective and less resource-intensive.

 4.4 Syndication of Loans

“Loan syndication” is a term typically reserved for
significant institutional borrowers where a loan is arranged by a
group of commercial or investment banks. In the non-bank
lending space, the best conceptual analogue may be loan
securitisations. Consumer and commercial loans originated by
non-banks are often securitised to increase available
capital. Typically, the lender designates a pool of
receivables that share certain characteristics to
securitise. The receivables are then transferred into an
affiliated special purpose entity (SPE) that borrows against those
receivables. The SPE then retains an entity to service those
receivables on an ongoing basis. Recourse against the
originator is typically involved such that, if any part of the
receivable portfolio fails to meet the predetermined eligibility
criteria, the ineligible receivables are removed from the
facility. The holding of such receivables by an SPE may be
affected by state laws relating to entities that are permitted to
be assignees of receivables originated under a particular state
licence. Federal securities laws also may be relevant to the
securitisation process. 

5. Payment Processors

 5.1 Payment Processors’ Use of Payment

Payment processors in the US typically use existing payment
rails to process customer-initiated payments, with most payments
within the US moved through credit cards, debit cards, ACH and the
Clearing House’s RTP Network. While fintech firms may
develop, and in some cases have developed, their own payment rails,
significant barriers to entry exist with respect to the creation of
new payment networks because they generally require substantial
input from US insured depository institutions as well as relevant
federal and state regulators. Consequently, banks and other
traditional financial institutions remain critical components of
the payments industry, and the development of new payment rails
depends largely on their adoption by such institutions and
integration with traditional payment flows. The advent of
stablecoins, specifically those designed for one-to-one parity with
fiat currencies, and the growing interest in government-backed
central bank digital currencies (CBDCs), have significantly
expanded the technological potential of payment
rails. However, beyond stablecoins’ current use as an
alternative to fiat for the purpose of facilitating cryptocurrency
transactions, stablecoins and CBDCs have yet to gain meaningful
acceptance in the US as a potential supplement to or replacement
for traditional payment rails.

 5.2 Regulation of Cross-Border Payments and

Money transmitters, payment processors and similar money
services businesses are regulated at both the federal and state
levels, and each level of regulation affects the cross-border
movement of funds. At the federal level, money services
businesses must register with FinCEN and must comply with extensive
AML obligations. At the state level, 49 states generally require a
money transmitter licence for entities engaging in funds transfers,
including international transfers, with substantive ongoing
compliance requirements. The specific regulatory restrictions
applicable to funds movements by a given money services business
depend on the controlling statutes as well as the business plan the
business submitted to regulators with respect to its anticipated

In addition to the foregoing, there are significant industry
requirements relevant to certain payment rails, particularly card
networks and the ACH system. These requirements affect all forms of
fund movement internationally and involve a complex set of
requirements to ensure compliance with AML and other
obligations. Firms involved in the business of funds movement
should be mindful of the myriad of federal and state regulations
and industry standards that may apply.

6. Fund Administrators

 6.1 Regulation of Fund Administrators

There is no information available in this jurisdiction.

 6.2 Contractual Terms

There is no information available in this jurisdiction.

7. Marketplaces, Exchanges and Trading Platforms

 7.1 Permissible Trading Platforms

Exchanges, trading platforms and trading venues (collectively,
“Exchanges”) may be subject to SEC, CFTC or state
regulation depending on the types of assets they
support. Exchanges for securities, including securities-based
derivatives, are subject to SEC registration and oversight, while
exchanges for futures and other CFTC-regulated instruments are
subject to those of the CFTC. Exchanges that permit trading on
digital assets that are neither SEC- nor CFTC-regulated instruments
are generally regulated under state money transmitter laws, state
laws specific to digital assets, such as the New York BitLicense,
and/or state trust laws. It is worth noting that digital assets
Exchanges typically are not regulated in the same manner or to the
same degree as SEC- or CFTC-regulated Exchanges, as state laws do
not have specific rules governing listing, quotes, order matching
or other Exchange operations. Exchanges that are
“decentralised” and, in theory, are not created and
operated by an identifiable firm remain subject to the same
regulatory classifications, although enforcement by the SEC and
CFTC is not yet as aggressive as other areas of the digital assets
market (such as the SEC’s enforcement actions against
unregistered offers and sales of securities).

 7.2 Regulation of Different Asset

Please see section 7.1 Permissible Trading

 7.3 Impact of the Emergence of Cryptocurrency

For information about digital assets Exchanges, please
see 7.1 Permissible Trading
. To the extent that a digital assets
Exchange is not subject to SEC or CFTC jurisdiction, the Exchange
typically must comply with the laws of each state in which it does
business. With the exception of recently implemented
regulatory regimes, such as the New York BitLicense and the
Louisiana Virtual Currency Business Act, the state money
transmitter, trust and other laws relevant to digital assets
Exchanges are many decades old and principally designed for much
older, conventional business models. These laws have been slow to
adapt to the technological complexities posed by digital assets
Exchanges, but the authors have seen notable growth in the
flexibility of state regulators in addressing novel regulatory
issues. Growing regulatory scrutiny in this area at both the
federal and state levels is likely to yield potentially significant
legal developments in the coming year. 

 7.4 Listing Standards

The SEC and CFTC do not establish listing standards for the
Exchanges they regulate. Instead, the Exchanges set their own
standards for initial and continued listing, including cash flow
and revenue thresholds, market capitalisation requirements, minimum
number of shareholders and disclosure obligations. These
listing requirements are intended to increase the likelihood that
listed assets are sufficiently liquid (with an adequate number of
shareholders), which mitigates the risk of manipulation and
fraud. Separate from listing requirements, Exchanges are
subject to extensive supervisory and regulatory oversight by the
SEC or CFTC, as applicable.

Similarly, state authorities (typically state money transmitter
regulators) do not generally impose listing standards for digital
assets Exchanges that are not SEC or CFTC registrants, which also
develop and implement their own standards. Generally, listing
standards for such digital assets Exchanges are far less
transparent and far less onerous than those of SEC- or
CFTC-registered Exchanges. In the US cryptocurrency market, one of
the common listing requirements is a legal opinion or memorandum
from the token issuer that the tokens proposed to be listed are not
securities for purposes of the US securities laws, which seeks to
minimise the risk that the digital assets Exchange would be subject
to registration as an exchange under the 1934 Act and thus
potential SEC enforcement action.

 7.5 Order Handling Rules

There is no information available in this jurisdiction with
respect to digital assets Exchanges.

 7.6 Rise of Peer-to-Peer Trading

Please see 12.8 Impact on Regulation of
“DeFi” Platforms

 7.7 Issues Relating to Best Execution of Customer

There is no information available in this jurisdiction with
respect to digital assets Exchanges.

 7.8 Rules of Payment for Order Flow

There is no information available in this jurisdiction with
respect to digital assets Exchanges.

 7.9 Market Integrity Principles

Please see 7.4 Listing Standards.

8. High-Frequency and Algorithmic Trading

 8.1 Creation and Usage Regulations

High-frequency trading (HFT) refers to a type of
mathematically-driven trading that relies on computerised
algorithms and a predetermined set of rules to execute large orders
at high speeds and with significant turnover. HFT strategies,
which often supplement traditional trading strategies, vary
significantly in their scope. They are used for both exchange-based
and OTC-trading in the equities, cryptocurrency and other markets.
Over the past decade, extensive advances in computer technology,
from algorithms to AI to hardware, have led to massive growth in
HFT, which today drives a substantial majority of trading volume in
the equities markets.

In the USA, the SEC, CFTC and other financial regulators do not
define HFT specifically for regulatory purposes and generally have
not enacted sweeping regulations targeting HFT firms in
particular. Instead, HFT activity is subject to general
regulatory oversight, including, as applicable, anti-manipulation,
anti-spoofing and anti-fraud provisions. In addition, HFT
firms are subject to certain rules designed to address certain of
the consequences or operational aspects of HFT, although such rules
are not necessarily specific to HFT and can apply to other firms
that rely on technology. For example, FINRA rules require member
firms to undertake a general risk assessment of the firm’s
trading activity, review software code testing/implementation, test
algorithmic strategies prior to implementation, and have in place
written supervisory procedures that ensure the member firm’s
algorithmic trading complies with FINRA rules.

 8.2 Requirement to Register as Market Makers when
Functioning in a Principal Capacity

There is no information available in this jurisdiction.

 8.3 Regulatory Distinction between Funds and

Funds that engage in HFT are subject to the same rules and
regulations as any other investment fund and, with respect to the
investment adviser, the regulatory oversight mentioned
at 8.1 Creation and Usage
. An HFT firm that acts as a market maker
is subject to specific rules of the SEC, FINRA and the exchange(s)
on which it acts in a market maker capacity. These rules are
diverse and complex. Certain broker-dealers rely on SEC Rule
15b9-1, which exempts them from the statutory requirement to become
a FINRA member and consequently from FINRA’s ability to enforce
compliance with applicable securities laws.

 8.4 Regulation of Programmers and

There is no information available in this jurisdiction.

9. Financial Research Platforms

 9.1 Registration

There is no information available in this jurisdiction.

 9.2 Regulation of Unverified

There is no information available in this jurisdiction.

 9.3 Conversation Curation

There is no information available in this jurisdiction.

10. Insurtech

 10.1 Underwriting Processes

“Insurtech” generally refers to insurance
companies’ efforts to incorporate technological advances in
modernising the insurer-policyholder relationship. This may
range from highly complex use cases, such as the employment of AI,
“big data,” wearables and other telematics in the
underwriting process, to simpler use cases such as mobile apps that
allow policyholders to submit and manage claims on smart phones.
Insurtech seeks to streamline the insurance purchasing process for
the consumer and to facilitate the use of smartphones and similar
platforms to extend e-commerce to the insurance industry.

Automated underwriting is a key area of insurtech. In the life
and health insurance sector, vast amounts of data must be analysed
for both genetic and epigenetic clues to guide the determination of
how much coverage should be offered and at what cost. Further, the
collection of genetic data through biological specimens (eg, blood
and/or saliva tests) has progressed to predictive models based upon
lifestyle and behavioural characteristics that may affect the
expression of genetic outcomes and accordingly be predictive of
risk. Whether to analyse this type of data or to verify the
work of the traditional underwriting, automated insurance
underwriting processes offer the potential for faster, more
accurate and more competitive underwriting. 

Insurtech, in whatever form it takes, must account for key
regulatory considerations. One of the fundamental principles
of insurance regulation is that the rate setting process must not
be discriminatory. This generally means there must be an actuarial
justification for a proposed rate. Regulators have promulgated
rules to protect otherwise healthy consumers from being classified
as manifesting symptoms of disease based upon predictive
algorithms. In the property and casualty sector, automated
underwriting also triggers regulatory scrutiny to prevent
discrimination against protected classes. Examples include the
use of credit scores, criminal histories and gender-based
underwriting, which may be inaccurate, reflect bias and/or systemic
sociological issues. 

Regulation of the US insurance industry is substantially driven
by state law, and insurance companies are subject to a diverse
array of regulations depending on the jurisdictions in which they
operate. For instance, the review and approval of an
insurer’s rates varies by state. Similarly, some states
may permit the use of genetic data to be used in the life and
disability space, while other states may specifically prohibit such
use. Therefore, while the insurance industry continues to pursue
insurtech, the process will be protracted and unlikely to be
susceptible to a one-size-fits-all approach. 

 10.2 Treatment of Different Types of

Regulation of the insurance industry varies depending on the
particular product being offered and the type of consumer to whom
it is being offered (eg, life versus property). Different
licences may be required and the regulatory requirements tend to
vary widely from product to product. Insurance companies must
therefore tailor their products and services to the commercial and
legal requirements of each jurisdiction in which they do
business. It should be noted, however, that while different
types of insurance necessitate different regulatory oversight for
practical reasons, at a high level, regulators demonstrate shared
concerns with respect to preventing discrimination, advancing
consumer protection and regulating reliance on actuarial

11. Regtech

 11.1 Regulation of Regtech Providers

There is no information available in this jurisdiction.

 11.2 Contractual Terms to Assure Performance and

There is no information available in this jurisdiction.

12. Blockchain

 12.1 Use of Blockchain in the Financial Services

Blockchain technology, or distributed ledger technology, refers
generally to a cryptographic protocol through which shared
transaction and other data are compiled and recorded into
“blocks” that are interconnected to each other and
secured by cryptography. A consensus protocol (generally
proof-of-work or proof-of-stake) is utilised to verify transactions
and produce blocks. The security offered by cryptography, the
potential speed and ease of transactions, and integration with
mobile applications and application programming interfaces (APIs)
has made blockchain technology increasingly influential in many
industries, including the financial services sector. 

Financial services firms continue to develop and use private,
“permissioned” blockchains for various applications,
including the recording and verification of financial transactions
or other data. Permissioned blockchains authorise
administrators to retain control over the rules of the
cryptographic protocol and therefore modify key functionalities
and/or restrict the rights of users or other participants.
Permissioned blockchains typically do not benefit from
cryptographic immutability where blocks (and the transactions they
record) are irreversible.

Financial services firms are simultaneously investing
substantially in various uses of public, “permissionless”
blockchains for more consumer- or client-facing initiatives where
the immutability of the protocol and pseudonymous publication of
all transactions are critical. These initiatives include
cross-border payments, clearing and settling, loan syndication,
trade finance and corporate governance. Given the utility of
these initiatives, fintech is not solely the province of start-ups
and emerging ventures. Traditional players such as banks are
exploring the potential benefits of fintech, including the
potential for mobile apps to streamline transactions with

 12.2 Local Regulators’ Approach to

Both federal and state regulators in the USA continue to grapple
with the application of existing laws and regulations to blockchain
technologies, digital assets and their market participants,
including trading platforms, intermediaries, issuers, users and in
some cases, technologists. Regulatory complexity is
exacerbated by the unique characteristics of certain blockchain
technologies. For example, the pseudonymous nature of blockchain
transactions generally and the decentralised governance of DeFi
platforms (as discussed below) make stakeholders and participants
less readily identifiable, challenging traditional notions of
liability. Regulation in this space is complex and continues to
rapidly evolve.

Notable Federal Developments 

The Infrastructure Investment and Jobs Act, signed into law in
November 2021, requires persons that receive more than USD10,000 in
digital assets to file a report with the Internal Revenue Service
(IRS), including details about the source of payment (or
potentially face felony charges). In addition, the Act
significantly expands the definition of “broker” to
likely include various participants in the cryptocurrency market,
subjecting such entities to various recordkeeping and reporting
requirements. As of the date of this guide, legislators are
considering a separate bill to narrow the scope of the Act’s
effects on such participants.

A provision in the Build Back Better bill would, if enacted,
subject cryptocurrency transactions to the IRS’ wash sale
rule. The wash sale rule prevents investors from claiming
investment losses when buying back into an asset that they sold
within a specified time period.

The proposed Digital Asset Market Structure and Investor
Protection Act seeks to implement sweeping changes to the
regulatory regimes currently governing digital assets. For example,
the Act proposes to add bitcoin and ether to the definition of
“commodity” under the CEA and authorise the SEC and CFTC
to jointly determine whether the top 25 digital assets are
securities or commodities. 

The President’s Working Group recently released a report on
stablecoins recommending that Congress enact new legislation to

  • stablecoin issuers to be limited to insured depository
    institutions that are subject to “appropriate supervision and
    regulation” at the depository institution and holding company

  • custodial wallet providers to be subject to federal oversight;

  • stablecoin issuers comply with “activities restrictions
    that limit affiliation with commercial entities.” 

In January 2022, the Federal Reserve released a report on CBDCs,
stressing that while no final decisions about a CBDC have been
reached, it would likely follow an “intermediated” model
because the Federal Reserve is not authorised to create individual
accounts. Under an intermediated model, banks or payments
firms would create accounts or digital wallets and facilitate the
management of CBDC holdings and payments. 

Notable State Developments 

Most states regard entities engaged in the business of
cryptocurrency transactions with customers to be subject to state
money transmitter laws. While money transmitter statutes vary,
most define money transmission as one or more of selling stored
value, receiving money or monetary value for transmission,
transmitting money and/or selling payment instruments or
checks. Outliers include New York and Louisiana, which
maintain distinct licensing regimes for cryptocurrency business

The SEC and many regulators have begun to take action against
cryptocurrency firms offering interest-bearing accounts and
programmes, on the theory that they are unregistered securities
offerings and sales. Please see the description of the BlockFi
settlement at 2.9 Significant Enforcement
. State money transmitter regulators are also
evaluating firms’ cryptocurrency lending activities under the
permissible investments and other compliance requirements under
state money transmitter laws.

SEC Developments 

On numerous occasions, SEC chairman Gary Gensler reiterated his
view that most existing digital assets fall under the definition of
a security and are therefore subject to SEC
regulation. Unsurprisingly, the SEC has continued its
aggressive enforcement posture in 2021 against prominent digital
asset developers and issuers for allegedly unregistered offers and
sales of securities. A notable example is the recent SEC
enforcement action against BitConnect, its founder, promoter and
affiliated company, in which the SEC alleged that the defendants
had defrauded investors worldwide of USD2 billion by conducting a
fraudulent and unregistered offering and sale of securities through
its bitcoin “Lending Programme.”

Not all developments involving the SEC have been adverse to the
digital assets space. In October 2021, the SEC approved the
first ever bitcoin futures ETF, the ProShares Bitcoin Futures ETF
(BITO). The SEC subsequently in short order approved two more
bitcoin futures ETFs, the VanEck Bitcoin Strategy ETF (XBTF) and
Valkyrie Bitcoin Strategy ETF (BTF). It should be noted, however,
that the SEC has continued to reject applications to list
spot-market based bitcoin ETFs, reasoning that applicants have
failed to demonstrate that they have entered into a comprehensive
surveillance-sharing agreement with a regulated market of
significant size, and in the alternative, failed to demonstrate
that the bitcoin market inherently possesses a unique resistance to

In November 2021, a jury found that four different
cryptocurrency mining-linked products were not securities, directly
contradicting the SEC’s previous characterisation of one of the
products as securities. It marked the first instance a jury
disagreed with the SEC on whether a digital asset constituted a
security under the US securities laws. 

CFTC Developments 

Under the CEA, the CFTC’s enforcement authority over spot
markets for commodities is limited to anti-fraud, anti-manipulation
and false reporting. The CFTC recently exercised this
authority when it fined Coinbase Inc. USD6.5 million in March 2021
for reporting false, misleading or inaccurate transaction
information. In contrast, the CFTC has full regulatory authority
over derivatives contracts on digital assets (eg, futures, swaps
and options), and for this reason, futures contracts on bitcoin and
ether currently offered on certain futures exchanges are subject to
the CEA. 

The CFTC takes the position that digital assets that are not
securities are commodities under the CEA. For example, the
CFTC found in a settlement order in October 2021 against Tether,
the company behind the stablecoin USDt, that the agency had
jurisdiction over USDt in addition to digital assets such as
bitcoin, ether and litecoin because USDt is a commodity used in
interstate commerce.

With newly appointed chairman Rostin Benham at the helm, the
CFTC is expected to continue the trend of regulation by
enforcement, shared by the SEC. So far the CFTC has focused
its enforcement efforts on protecting retail customers engaged in
unregulated spot transactions in digital assets. For example, the
agency fined the cryptocurrency exchange BitMEX USD100 million in
August 2021 for illegally “operating a facility to trade or
process swaps without regulatory approval and […] operating as [a
futures commission merchant (FCM)] without CFTC registration.”
Similarly, the CFTC fined a prominent digital trading platform
USD1.25 million in September 2021 for “illegally offering
margined retail commodity transactions in digital assets […] and
failing to register as [an FCM].”

As blockchain technology continues to evolve and embrace
decentralised trading in derivatives, the CFTC will face
increasingly complex questions with respect to the scope of its
jurisdictional reach over digital assets.

DOJ Developments 

The US Department of Justice (DOJ) has heightened its scrutiny
of cryptocurrency and other digital assets. In October 2020, the
DOJ published the Cryptocurrency Enforcement Framework, which
articulated the department’s approach to investigating and
prosecuting cryptocurrency-related crimes. In addition, in October
2021, the DOJ launched the National Enforcement Team (NCET), which
is designed to “tackle complex investigations and prosecutions
of criminal misuses of criminal misuses of cryptocurrency,
particularly crimes committed by virtual currency exchanges, mixing
and tumbling services, and money laundering infrastructure
actors.” The NCET reports to the Assistant Attorney
General in the Criminal Division. 

In October 2020, the DOJ collaborated on joint criminal and
civil enforcement actions with FinCEN and the CFTC against BitMEX.
The criminal trial is set to begin in March 2022. The DOJ also
brought a joint criminal and civil action with FinCEN against Larry
Dean Harmon in February 2020 for “mixing” and
“tumbling” bitcoin through his mixing service
Helix. Mixing and tumbling refer to techniques used to help
people anonymise their bitcoin. Harmon pleaded guilty in August
2021 to laundering more than 350,000 BTC. The DOJ is also
reportedly investigating executives of Tether Ltd. for possible
bank fraud. 

 12.3 Classification of Blockchain

See12.2 Local Regulators’ Approach to
 for information on classification of
blockchain assets. 

 12.4 Regulation of “Issuers” of
Blockchain Assets

See12.2 Local Regulators’ Approach to
 for information on classification of
digital assets. 

 12.5 Regulation of Blockchain Asset Trading

A digital asset trading platform or other intermediary
(including a dealer or a forum that facilitates peer-to-peer
trades) that permits transactions in security tokens may be subject
to SEC registration as an exchange under the 1934 Act, while a
platform that permits transactions in futures contracts or other
derivatives on digital assets may be subject to CFTC registration
as a designated contract market or swap execution facility under
the CEA. A platform or intermediary dealing strictly with the
non-leveraged purchase and sale of digital assets that are neither
SEC- nor CFTC-regulated instruments (ie, pure commodities)
generally need to consider applicable state money transmitter
regulatory regimes, although it remains subject to CFTC anti-fraud
and anti-manipulation authority. The legal and regulatory
requirements applicable to a blockchain asset trading platform or
other intermediary are highly complex and facts and circumstances

Generally, individuals that buy, sell and/or use digital assets,
including on a peer-to-peer basis, strictly for their personal use
or personal investment purposes are not subject to substantive
regulation. However, individuals whose activities extend to
some form of cryptocurrency business, including providing liquidity
or arranging or facilitating trades on behalf of others, are likely
to be subject to regulatory exposure in the same manner as a
digital asset trading platform or intermediary.

 12.6 Regulation of Funds

Private and public investment funds that invest in digital
assets (“Blockchain Funds”) are generally subject to the
same types of regulatory regimes as any other investment
fund. Blockchain Funds’ offering of their interests are
subject to the requirements of the US Securities Act of 1933, as
amended (the “1933 Act”), as well as state blue sky
offering laws. Private funds rely on exemptions from
registration under the 1933 Act, typically Regulation D thereunder,
while publicly registered funds must apply for approval with the
SEC (with the approval process and requirements dependent the
specific type of fund). To date, the SEC has not approved any
publicly registered investment fund of any type, with the exception
of a limited number of ETFs investing in regulated bitcoin futures
contracts (as noted in 12.2 Local Regulators’
Approach to Blockchain

Additional regulatory considerations apply depending on the
nature of the blockchain assets in which a Blockchain Fund invests.
If the fund’s portfolio includes security tokens, the fund
manager would be subject to the requirements of the Investment
Advisers Act of 1940, as amended, and in some cases, relevant state
investment advisory laws, and the fund must comply with the
requirements of the Investment Company Act of 1940, as amended, or
in each case, rely on an exemption or exclusion from registration
thereunder. If the portfolio includes CFTC-regulated
instruments, the fund manager would be subject to the relevant CEA
requirements. Blockchain Funds must also analyse the
application of the laws specifically relevant to digital assets.
For example, Blockchain Funds must assess whether one or more of
their investment activities may trigger state money transmission or
money services business licensing requirements or digital
asset-specific regulatory regimes, such as the New York
BitLicense. Blockchain Funds must be aware of the diverse
range of regulatory obligations to which they may be

 12.7 Virtual Currencies

See12.2 Local Regulators’ Approach to

 12.8 Impact of Regulation on “DeFi”

A non-DeFi or “centralised” platform typically takes
custody of customer assets in omnibus accounts, utilises order
books to match buy and sell orders, and acts as a principal in
respect of each trade (facing the buying and selling customers as a
counterparty). In contrast, DeFi platforms employ smart
contracts to provide financial services and other products on a
non-custodial basis that, in concept, does not require any
intermediary. DeFi exchanges often rely on automated market
maker smart contracts to enable users to exchange one token for
another directly with other users without a traditional order book
and without third-party intermediation. Another common
functionality of DeFi protocols is the pooling of assets by
investors in a liquidity pool (LP). Token holders who deposit
assets in an LP lock their assets in a smart contract and, on a
periodic basis, earn fees and/or automatically receive digital
assets in return for their deposit.

Generally, DeFi platforms are subject to the same regulatory
regimes and classifications as digital asset trading platforms
(see 7.1 Permissible Trading Platforms), with
the potential for regulatory oversight materially increasing where
the DeFi platform’s community appoints a human representative
to interact with real-world businesses or financial institutions,
although, at least as of today, DeFi platforms have not yet been
the target of concerted regulatory action. However, this is
likely to change in the near future. For example, in November 2021,
SEC chairman Gensler warned that the SEC will look beyond the label
of DeFi and consider the “economic realities” of a given
DeFi platform.

It should be noted that there have been notable enforcement
actions against purported DeFi platforms. In November 2018, the SEC
fined Zachary Coburn, the founder of the DeFi platform EtherDelta,
USD388,000 for illegally operating an unregistered national
securities exchange. In January 2022, the CFTC fined Blockratize,
Inc. (d/b/a Polymarket) USD1.4mm for offering event-based binary
options contracts without obtaining designation as a designated
contract market or registering as a swap execution facility. Of
note is that these actions against purported DeFi platforms
involved identifiable defendants, which reflects that DeFi
platforms range in their level of decentralisation and regulatory

 12.9 Non-fungible Tokens (NFTs)

An NFT is a digital asset that is designed to be
one-of-a-kind. Specifically, each NFT contains unique
information (coding and metadata) that prevents it from being
substituted with other NFTs or digital assets. This is the
fundamental difference between NFTs and other digital assets, such
as bitcoin and ether, whose units are identical and fungible and
therefore can be traded or exchanged at an equivalent
value. The non-fungibility of NFTs enables them to represent
real-world and digital objects, including, for example, art, music,
in-game items and event tickets. Certain NFTs may incorporate
enhanced coding that automates certain functions, such as
forwarding a portion of each resale price to the NFT creator (eg,
royalties for artists and musicians). 

To date, no US regulator has formally asserted jurisdiction over
NFTs or their platforms. However, NFTs vary widely in form and
function. Depending on the manner in which they are marketed,
created, traded or otherwise exchanged (or depending on the
financial arrangements created around them), NFTs, their creators
or others involved in the NFT marketplace may be subject to
regulation by the SEC, CFTC or other agencies. NFTs, like other
types of digital assets, remain susceptible to different forms of
market manipulation, such as front running and wash

13. Open Banking

 13.1 Regulation of Open Banking

Open banking generally refers to fintech where banks and other
financial institutions permit third-party service providers to
access banking, transactional and other financial data through
APIs. These service providers (typically financial services
vendors or technology start-ups) utilise such data to, among other
things, provide consumers with a range of banking services and
account functionalities.

The regulatory framework in which the US banking system operates
is not as advanced as its European counterpart in fostering and
supporting an open banking environment. While there are
certain signals offered by the executive branch of the US
government that indicate policy support for customer data access
and portability across financial institutions, the mechanisms by
which to offer open banking to customers have not yet been fully

 13.2 Concerns Raised by Open Banking

To date, banks and technology providers operating in the USA
have been subject to existing federal and state laws related to
data privacy and security generally. These requirements
include the development and use of an Information Safeguards
Programme as well as a comprehensive vendor onboarding and
oversight process to reasonably ensure the use of third parties
that present substantially minimised operational and reputational
risk. Data use, retention and sharing policies and procedures
are typically audited by state and federal banking regulators
during examination cycles. As open banking continues to
develop, key regulatory concerns will undoubtedly centre on the use
and preservation of customer data, including protection of consumer
data privacy and security, consumers’ rights with respect to
their own data, and regulatory requirements and best practices with
respect to data breaches.

Originally published by Chambers and

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

Next Post

3 Unstoppable Investments Everyone Needs in Their Portfolio | Smart Change: Personal Finance

Fri Apr 1 , 2022
(James Brumley) Some stocks are right for certain people, and other stocks are well suited for other types of investors. That’s why everyone’s portfolio looks at least a little different from anyone else’s. And that’s the way things should be. There are a few companies, however, that are so all-weather […]