Shearman & Sterling’s FinTech Foundry team is committed to fostering the growth of global FinTech and supporting our clients and the wider FinTech ecosystem. With six offices in the UK and Europe, we have a deep understanding of cross-border regulation, fundraising, M&A and capital markets, making us an ideal partner to support the expansion of FinTechs every step of the way.
In this section, we highlight some of the key considerations for FinTechs when setting up operations in the UK, along with additional information on the UK FinTech market.
Below are some key legal considerations for FinTechs that wish to scale their business to the UK. While this list is not exhaustive, and every factor may not be relevant to every business, the considerations below are intended to help direct your thinking and to focus your attention on potential issues that should be addressed.
To learn more about the FCA Regulatory Sandbox and other FinTech Regulatory sandboxes throughout the world, we invite you to visit our Global FinTech Regulatory Sandbox Map. The map includes helpful information for each sandbox, including launch date, governing commission, law & regulations, the environment and eligible products.
In 2015, the Financial Conduct Authority launched its regulatory sandbox program, which is open to authorized firms, unauthorized firms that require authorization and technology businesses seeking to innovate within the UK financial services market. The sandbox provides firms with:
Eligibility criteria include whether the product or service is intended for the UK financial services market, novelty of the product or service, consumer benefit, whether there is a genuine need to participate in the sandbox and readiness for testing. Sandbox participants are also required to have a significant UK presence (i.e., a certain level of staff presence or a head office located in the UK) and to secure any contractual agreements with third parties before testing, and may be required to have a UK bank account to be able to carry out testing.
For sandbox participants, the FCA may be able to offer the following:
Testing within the sandbox environment is intended for a limited duration, which has typically lasted between 3-6 months.
Contact sandbox@fca.org.uk to get in touch with a member of the FCA’s sandbox team
There are a number of regulators and government organizations that play a direct role in supporting and upholding the integrity of the FinTech and financial services industries. FinTechs scaling their business to the UK may look to these regulators and organizations for guidance and may be required to register their business with one or more of these entities, depending on the company’s activities.
One of the strengths of UK FinTech is the industry bodies underpinning the ecosystem. These industry bodies play a direct role supporting FinTech within the UK (or a respective region within the country), and often seek to fulfill their mission through industry events and education, collaboration with government and regulators and partnerships with financial institutions and other financial services firms.
In this section, we highlight some of the key considerations for FinTechs when setting up operations in the UK, along with additional information on the UK FinTech market.
This page includes information on a number of topics related to scaling a FinTech to the UK market. Click each section to learn more.
Key Considerations
UK FinTech Regulation
- Depending on a FinTech firm’s activities, a FinTech firm may be subject to a regulation in the UK.
- The key financial regulators in the UK are the Prudential Regulation Authority (prudential regulator of banks, building societies, credit unions, major investment firms and insurers), Financial Conduct Authority (conduct regulator of all firms and prudential regulator for smaller investment firms and insurers), the Payment Systems Regulator (regulates payment systems) and the Information Commissioner’s Office (data privacy regulator responsible for GDPR and other data privacy regulation administration and enforcement).
- The UK is known for its open markets, taking a principled risk-based approach to regulation, and has been at the forefront of creating an environment for competition and innovation in FinTech. This includes developing FinTech solutions through the Financial Conduct Authority’s (FCA) Regulatory Sandbox, allowing firms to test new products and services in a controlled environment, and then leading the initiative to create a global sandbox, allowing users to run tests across geographies simultaneously.
UK Tax Law
- How UK tax rules apply will depend on a variety of factors, including the type of entity used, means of capitalization and activities carried out. It is common to conduct business through a UK-incorporated company, but business can also be conducted through UK branches of non-UK companies.
- The UK's corporation tax rate, at 19%, is one of the lowest rates of tax in the G20, and applies to the worldwide profits of UK incorporated companies or, in respect of non-UK companies, to the profits attributable to its UK branches.
- The UK does not operate a group consolidation regime for corporation tax purposes but a similar result can be achieved through a group relief system permitting the transfer of losses between UK sub-group members.
- The UK does not generally impose withholding tax on dividends paid by UK companies. The UK imposes withholding tax of 20% on interest and royalty payments; however, such withholding tax may be eliminated or reduced under domestic law or the UK's extensive double-tax treaty network, or no withholding may be imposed if paid to certain EU affiliates.
- VAT, with a standard rate of 20%, is generally charged on supplies of goods and services, and credit for VAT incurred may be available. Certain goods and services, like supplies of financial services, may be exempt from VAT, but suppliers of such goods and services may be restricted in their ability to obtain credit for VAT incurred. UK members of the same corporate group may, by application to HM Revenue & Customs, be treated as a single entity for VAT purposes such that transactions between them do not give rise to a VAT charge.
Digital Banking and Nonbank Activities
- FinTech firms that accept deposits in the UK are subject to UK regulatory requirements and regulatory oversight as a bank.
- The Open Banking Implementation Entity creates software standards and industry guidelines for Open Banking.
- The PRA is responsible for granting authorization for all UK banks. Once authorized, a UK bank is supervised by the PRA for prudential requirements and by the FCA for conduct requirements.
- Where a FinTech firm partners with a UK regulated firm, depending on the involvement of the FinTech firm, the FinTech firm may need to obtain authorization too.
- Regulatory authorization may be required if a FinTech firm engages in nonbank financial activities, like money transmission, credit broking or certain digital asset transactions.
- Firms that engage in digital nonbank activities should be cognizant of whether additional UK laws or regulations apply, for example, the e-money regulations, consumer credit rules, rules relating to payment services, market abuse regulations and anti-money laundering requirements.
Digital Assets and Tokenization
- Regulation of digital assets depends on the nature of the assets and the type of activity involved, with decisions as to the regulation that applies being made on a case-by-case basis.
- Certain activities carried out in relation to digital assets that are within the UK regulatory perimeter will require a firm to be authorized and/or be subject to regulation, including:
- Firms issuing or creating digital assets. Capital-raising activities generally are subject to FCA (UKLA) rules and regulations. Initial coin offerings and other token issuances may be considered securities. Rules relating to collective investment schemes may also be relevant;
- Firms advising on or buying and selling digital assets;
- Firms and platforms that facilitate transactions between participants;
- Firms that provide secure storage for or that hold tokens; and
- Firms marketing digital asset products and services.
- Firms that engage in digital asset activities should be cognizant of whether additional UK laws or regulations apply, for example the e-money regulations, rules relating to payment services, market abuse regulations and anti-money laundering requirements.
Data Privacy
- UK law currently reflects the EU GDPR, and this is likely to continue after the UK completes its exit from the EU.
- There are seven principles that apply to all forms of processing personal data, which include being transparent, minimizing the collection of data and keeping data safe.
- FinTech firms need to be able to demonstrate their data protection compliance, which requires an understanding of the issues and keeping records of decisions made.
- The fines for non-compliance can be the greater of €20 million and 4% of worldwide turnover.
- GDPR gives individuals significant rights to access personal data, have data rectified/erased and 'rights to be forgotten' and to receive compensation for damages suffered as a result of non-compliance.
IP Protection
- IP in the UK is generally protected by a combination of patents, copyright, trademarks and confidentiality.
- Copyright and confidentiality arise automatically, but patents and trademarks have to be applied for.
- FinTech firms must enter into proper agreements with contractors, consultants, and other service providers to secure ownership of IP developed for them.
- FinTech firms should keep records of their development of works, such as software and databases, as evidence of their ownership of the unregistered IP.
Regional UK FinTech Hubs
The UK is widely considered to be one of the leading countries in FinTech throughout the world. When scaling a FinTech to the UK, companies have the option of setting up operations within a number of different regions, each with their own distinct characteristics, strengths and talent pools. The map below provides a description and some defining traits of each of these regional FinTech hubs within the UK.
Interact
Click on each location to learn more.
FCA FinTech Regulatory Sandbox
In 2015, the Financial Conduct Authority launched its regulatory sandbox program, which is open to authorized firms, unauthorized firms that require authorization and technology businesses seeking to innovate within the UK financial services market. The sandbox provides firms with:
- the ability to test products and services in a controlled environment;
- reduced time-to-market at a potentially lower cost;
- support in identifying appropriate consumer protection safeguards to build into new products and services; and
- better access to finance.
Eligibility criteria include whether the product or service is intended for the UK financial services market, novelty of the product or service, consumer benefit, whether there is a genuine need to participate in the sandbox and readiness for testing. Sandbox participants are also required to have a significant UK presence (i.e., a certain level of staff presence or a head office located in the UK) and to secure any contractual agreements with third parties before testing, and may be required to have a UK bank account to be able to carry out testing.
For sandbox participants, the FCA may be able to offer the following:
- Individual guidance on how certain of the FCA’s requirements apply in the context of the specific test;
- Waivers or modifications to existing FCA rules for the purpose of the testing period, although national and international law still applies;
- No enforcement action letters given that participants deal with the FCA openly, keep to the agreed testing parameters and treat customers fairly; or
- Informal steers on potential regulatory implications of a new product or service.
Testing within the sandbox environment is intended for a limited duration, which has typically lasted between 3-6 months.
Contact sandbox@fca.org.uk to get in touch with a member of the FCA’s sandbox team