The Japanese government has embarked on a string of legislative amendments and other measures aimed at enabling fintech to contribute to the development of Japan's economic and financial environment, with the expectation that promoting innovation will lead to improved convenience for users and strong growth for companies.
Fintech companies, including start-ups, are also actively engaged in initiatives such as making policy recommendations and setting up self-regulation by forming industry associations and pursuing dialogue with existing financial institutions and the government. In fact, recent legislation in response to fintech (such as amendments to the Banking Act) shows government policy aims to promote the development of fintech, with minimal regulations for consumer protection, while the allocation of responsibilities between start-ups and financial institutions is left as a matter to be governed by private contracts or industry standards.
On the other hand, early 2018 revealed the fragility of cryptocurrency businesses where operators' management systems have not adequately caught up with rapid business growth, so the government was forced to resort to stronger regulations. Specific examples include the Financial Services Agency's (FSA) re-inspection of the operations of cryptocurrency exchange operators, and progression towards revising the regulatory framework to meet the upsurge of initial coin offerings (ICOs). The FSA published a study group's report at the end of 2018, and submitted bills to strengthen existing regulations governing cryptocurrency exchange operators to the Diet in March 2019, and to introduce new regulations for cryptocurrency custody services and ICOs.
As a general reference resources about fintech in Japan, the Fintech Association of Japan (an industry association composed of fintech companies, financial institutions and other related parties) provides a broad introduction to Japanese fintech companies on its English website.2
i Licensing and marketing
Like other jurisdictions, the legal framework of financial regulations in Japan is fragmented. Specifically, there are: (1) for the products and services layer, licences for designing and providing the products and services, such as banking, insurance, settlement, and remittance; (2) for the sales and marketing layer, licences for selling and marketing the corresponding products and services; and (3) for the infrastructure layer, regulations such as on money laundering regulations and personal information protection.
|Products/ services layer||Banking services||Prepaid payment instruments; credit; credit- purchasing intermediaries||Fund transfer services||Crypto-
|Moneylending businesses||Type I/II financial instruments businesses; investment management services;||Insurance businesses|
|Sales/ marketing layer||Bank agency services; electronic settlement agency services||Crypto-
|Moneylending businesses||Financial instruments brokerages||Insurance agents or brokers|
|Infrastructure layer||Money laundering regulations and personal information protection regulations|
In principle, the FSA grants and supervises licences for fintech enterprises (e.g., crowdfunding operators, cryptocurrency exchange operators, and electronic settlement agents) in addition to traditional financial institutions (e.g., banks, insurance companies and financial instruments business operators).
However, for credit card issuers (instalment sales), acquirers and payment service providers (PSPs), licensing and supervision is performed by the Ministry of Economy, Trade and Industry.
It is necessary to obtain a banking services licence to engage in accepting deposits together with lending funds or discounting bills as a business, or to engage in fund transfer transactions as a business.
Bank agency services
For operators to engage in agency or intermediary services for banking transactions as a business as entrusted by a bank, they must obtain permission to engage in bank agency services.
Electronic settlement agency services
Until 2017, when the Banking Act was amended, Japan did not have any regulations in place for services where operators, as entrusted by customers, instruct banks to perform fund transfer transactions, or conduct services to obtain account information and provide it for clients (known as 'account aggregation'). Since 1 June 2018, the Banking Act requires registration as electronic settlement agents for them to conduct these services as entrusted by customers.
This is a regulatory framework established to cover operators as equivalent to the payment initiation service providers and account information service providers under the EU Payment Services Directive 2 (PSD2).
Payments (settlement and remittance)
Registration or notification is necessary for non-banks to engage in certain types of payment services, including: fund transfer transactions; issuances of prepaid payment instruments (e.g., electronic money and gift vouchers); credit purchase intermediation (e.g., issuance of credit cards); and acquirer or PSP operations. See Section IV.
In 2016, the Payment Services Act (PSA) was amended to include new regulations on cryptocurrency exchange businesses. Buying and selling cryptocurrencies or exchanging them with other cryptocurrencies is regarded as cryptocurrency exchange business, for which cryptocurrency exchange operators must obtain registration from the local finance bureau. The revision of these regulations is now under discussion. See Section V.
To provide moneylending and intermediary services as a business, such businesses must obtain registration as moneylending businesses. As described in Section IV below, registration as a moneylending business is also required to operate loan-type crowdfunding (crowd-lending or peer-to-peer lending).
The Financial Instruments and Exchange Act (FIEA) applies to investments in securities and derivative transactions.
Type I/II financial instruments businesses
Under the FIEA, securities are classified as highly liquid 'Paragraph 1 securities,' such as stocks and share options, or 'Paragraph 2 securities,' such as fund equities. Broadly speaking, registration as a type I financial instruments business is necessary to purchase and sell Paragraph 1 securities or to act as an intermediary, broker or agent for the sale and purchase of such securities, and to register as a type II financial instruments business is necessary to trade Paragraph 2 securities or to act as an intermediary, broker, or agent for the sale and purchase of such securities.
The amendment of the FIEA in 2014 resulted in some deregulation, and it became sufficient to obtain a more relaxed licence if the operator is only engaged as a business in crowdfunding in which a certain small amount of funds are gathered via the internet (see Section IV).
Investment management services
Under the FIEA, operators must obtain registration as investment management services operators in order to manage assets by executing discretionary investment contracts with investors who entrust them with the discretion to make investment decisions. Investment management business operators assume a fiduciary duty and duty of loyalty toward investors, and are subject to regulations regarding conduct, such as an in-principle prohibition on engaging in conflict-of-interests transactions, and prohibition on compensating investors for losses.
Investment advisory and agency services
To provide advice on investment decisions as a business without being entrusted by clients with the discretion to make the actual investment decisions, operators must obtain registration to provide investment advisory and agency services.
Financial instruments brokerages
In addition, business operators entrusted by type I financial instruments business operators or investment management services operators to act as intermediaries or the like to trade in securities or market derivatives transactions are required to obtain registration as financial instruments brokerages.
Operators must obtain a licence as an insurance business operator to engage in underwriting insurance as a business.
Insurance agents or brokers
In order to solicit and sell insurance as a business as entrusted by insurance companies, registration as an insurance agent must be obtained. Conversely, to negotiate with insurance companies and act as intermediaries for the conclusion of insurance contracts as entrusted by clients, registration as an insurance broker must be obtained.
iii Cross-border issues
Applicability of Japanese regulations to foreign business operators
Since the purpose of Japan's financial rules is to protect Japanese consumers, operators are in principle subject to the application of Japanese laws and must obtain a Japanese licence when seeking to provide financial services.
In addition, under Japanese financial rules, in principle, a licence cannot be obtained unless the company is governed by the laws of Japan (for licences permitting individuals to perform services, the individual must be a resident of Japan) when providing various types of financial services to Japanese consumers.
However, examples of foreign corporations with business establishments in Japan that are permitted to obtain Japanese licences include type I and II financial instruments business operators, investment management service operators, investment advisers and agents, third-party prepaid payment instrument issuers, acquirers and PSPs.
In addition, examples of foreign corporations that have a foreign licence corresponding to a Japanese licence for financial services, by obtaining a licence in Japan under certain conditions, and are allowed to provide financial services in Japan include banks, insurance companies, fund transfer service providers and cryptocurrency exchange operators. However, to obtain a licence in Japan, they must satisfy certain requirements, such as having a business office in Japan and a representative in Japan (who is a Japanese resident).
Regulations on foreign ownership
Foreign companies are not prohibited from owning shares or equity in financial-related businesses, including fintech companies. If a foreign company acquires shares or equity in a financial-related business operator, including fintech companies, it is required to submit a report to the authorities through the Bank of Japan in accordance with the Foreign Exchange and Foreign Trade Act.
In addition, other individual laws regulate shareholders (major shareholders) who own more than a certain percentage of their equities. Shareholders holding at least 20 per cent of the equity of a bank or insurance company (in certain cases, 15 per cent) are required to obtain authorisation under the Banking Act or Insurance Business Act. In addition, shareholders holding 20 per cent or more of the shares of financial instruments business operators (in certain cases, 15 per cent or more) are required to file a notification in accordance with the FIEA, and the eligibility of major shareholders is also examined in the registration of financial instruments business operators. In the event that a foreign company is a shareholder, the authorisation of major shareholders and registration examination of financial instruments business operators will include examinations into whether the influence of the foreign company will harm the soundness of Japan's financial services business operators and its financial system.
III DIGITAL IDENTITY AND ONBOARDING
i Digital identity
In Japan, the Public Identity Verification Act provides a structure for personal authentication using e-certificates. In order to use the public identity verification service, individuals must apply at a local government office to receive an individual number card (a 'My Number' card). My Number is a 12-digit number assigned to all people (including non-Japanese) who are registered with their local governments as residing in Japan. It is an individual number introduced to improve the efficiency of administration and convenience for the public by managing personal information in different administrative areas, such as social security and tax, using a common number.
The use of this service was formerly limited to administrative procedures such as tax returns and registry applications, but recent amendments to the Public Identity Verification Act have made it possible for private businesses certified by the Minister of Internal Affairs and Communications to use the service. This may expand the use of the public identity verification service to online account services such as online shopping and banking.
However, at present, the service is not widely used in the private sector due to the lack of widespread use of My Number cards and the need for users to prepare IC card readers or similar devices for reading e-certificates.
ii Digitised onboarding of clients
Until 2018, in order for financial service business operators to confirm their clients' identity through non-face-to-face transactions, such as those conducted online, they were required to adopt one of the following methods. Mailing procedures were necessary in most cases and therefore know-your-customer procedures were not completed by the digital method alone.
Mailing a copy of identity confirmation documents
A copy of the identity confirmation documents is sent by the client (not limited to post) and the transaction-related documents are mailed by registered post to the client's residence.
Use of personal receipt post
Transaction-related documents are mailed to the client's residence by personal receipt post. In this case, the postal service provider confirms the client's residence and receives a document to confirm the client's identity.
Use of electronic signatures
Although confirmation of a person's identity by authentication using an electronic signature is permitted, it has not been widely adopted since the user must obtain a digital certificate in advance and prepare an IC card reader or other similar device.
Use of public identity verification service
Formerly limited to use by administrative agencies, the public identity verification service is now available to private businesses and accepted as a method of identification by financial institutions. However, it is not generally popular since the user must obtain a My Number Card in advance and prepare an IC card reader or other similar device.
Introduction of eKYC procedures
The FSA, together with industry associations, established a working group to examine online transactions in June 2017. The working group discussed ways to realise a more efficient digitised onboarding of clients. Based on the results of such discussions, Japanese anti-money laundering laws and regulations were amended in 30 November 2018 to make customer identity verification methods more flexible through electronic methods for non-face-to-face transactions. New KYC procedures that were introduced include:
- transmission of the picture of the identity confirmation documents (attached with a face photo) and the picture of the customer's appearance; and
- transmission of the IC information and the picture of the customer's appearance.
IV DIGITAL MARKETS, FUNDING AND PAYMENT SERVICES
i Payment services
Registration or notification is necessary for non-banks to engage in certain types of payment services, including: remittances (fund transfer transactions); issuances of prepaid payment instruments (e.g., electronic money and gift vouchers); credit purchase intermediation (e.g., issuance of credit cards); and acquirer or PSP operations.
ii Funds transfer services
To mitigate the significant burden of obtaining a banking services licence, the PSA, established in 2010, made it possible to make small-amount fund transfers of ¥1 million or less through a single remittance instruction by obtaining registration as a fund transfer service provider without obtaining a banking services licence. As of 28 February 2019, there are 64 businesses registered as fund transfer service providers in Japan. In early 2019, the government announced its direction to introduce new licence in 2020, under which the maximum amount of fund transfer would not be limited.
On a separate note, in relation to the payment of compensation for goods and services, 'billing agency services' (whereby a business operator receives payment of such consideration on behalf of a goods or service provider (a payee) and delivers the received funds to such payee) are not considered to fall under the definition of 'funds transfers' in Japan and thus do not require registration as fund transfer service providers. Many businesses, such as convenience stores, provide these services.
Issuances of prepaid payment instruments
The PSA regulates issuers of prepaid payment instruments to protect consumers and help establish safe and sound payment and settlement systems. Issuers distributing prepaid payment instruments used to pay for goods or services offered by the issuers and third-party merchants ('third-party type' prepaid payment instruments) must register with the local finance bureau having jurisdiction over the issuer.
If the prepaid payment instruments are used only to pay the issuer ('own business type' prepaid payment instruments), the issuer must file a notice with the local finance bureau when the unused balance of the prepaid payment instruments exceeds ¥10 million on a reference date (each of 31 March and 30 September).
Furthermore, all issuers of prepaid payment instruments must reserve at least 50 per cent of the total amount of the issuance once the unused balance exceeds ¥10 million as of either reference date. Except for certain cases, the issuer may not redeem or buy back the instruments.
Under the PSA, prepaid payment instruments must have all of the following three elements: record of value; issuance in exchange for consideration; and use as payment or demand. If the instrument satisfies certain exception criteria, such as having a usage period limited to six months or less, it will not constitute a prepaid payment instrument and will be exempt from application of the PSA.
Acquirers and PSPs
Japan requires credit card issuers to be registered as 'comprehensive credit purchase intermediaries'. The amendment of the Installment Sales Act came into force in June 2018, by which (1) acquirers that acquire and manage the merchants who use credit cards; or (2) certain types of payment service providers (PSPs) that enter into contracts with merchants to permit the handling of credit cards, became required to be registered. PSPs are not required to be registered if the acquirers have the final decision to conclude merchant agreements and the PSPs' operations are limited to only the first stage examination of whether to conclude the agreements.
iii Collective investment schemes
The FIEA lists specific forms of instruments as securities. If a product or service (including tokens) falls within any of these securities, then the FIEA regulations apply. In addition to this list, the FIEA also comprehensively defines what is called a 'collective investment scheme' (CIS) in order to regulate various types of funds (including foreign funds), regardless of their legal form. CIS arrangements must have all of the following elements:
- monetary contribution (or monetary equivalent) from investors;
- business using the contributions; and
- investors' entitlement to the distribution of profits arising from the business or of assets relating to the business.
As described below, investment equity interests in investment-type crowdfunding (crowd-lending or peer-to-peer lending) and tokens may be considered CIS equity interests.
For CIS equity interests, subject to some exceptions, registration under the FIEA is required for solicitation for acquisition of the equity interests and management of the assets invested.
Issuers of CIS equity interests are, in principle, required to be registered as type II financial instruments businesses in order to solicit the acquisition of such equity interests.
To manage the assets invested in the fund by the CIS equity interest holders, the issuer must obtain registration as an investment management business in principle.
In Japan, crowdfunding is classified into 'donation-type', 'purchase-type', 'loan-type' and 'investment-type' crowdfunding. A licence is not required to engage in crowdfunding as a business in cases such as 'donation-type' crowdfunding (where users donate funds without receiving any consideration in exchange) or 'purchase-type' crowdfunding (where users receive products or services in exchange for their funds).
Loan-type crowdfunding (crowd-lending and peer-to-peer lending)
Loan-type crowdfunding (crowd-lending or peer-to-peer lending) involves crowdfunding business operators who intermediate between users and parties seeking funds, and such operators must obtain registration as moneylending businesses. The business operators typically solicit funds for loans from the public in the form of investments in fund vehicles and lend such funds to fund users. In order to engage in loan-type crowdfunding, as a general rule, the operators must register as type II financial instruments businesses to solicit investments in the fund, and they must also register as moneylending businesses to provide loans.
Investment-type crowdfunding is divided into investments in (1) more highly liquid 'Paragraph 1 securities', such as stocks and share options, and (2) 'Paragraph 2 securities', such as equity interests in funds.
Prior to the FIEA amendment in 2014, operators had to obtain registration as type I financial instruments businesses in order to trade in or perform brokerage, intermediary, and agency services to trade paragraph 1 securities, and registration as type II financial instruments businesses in order to conduct brokerage and agency services for the sale and purchase of paragraph 2 securities, irrespective of whether a crowdfunding transaction, in which only a small amount of funds is collected, was conducted.
Following the FIEA amendment in 2014, the regulations were relaxed so that operators who only engage in crowdfunding where a certain small amount of funds are collected through the internet can obtain a more relaxed registration as a 'small-amount electronic public offering business'. However, at present, there are few advantages to being registered as such a business, so many businesses registered as type I or type II financial instruments businesses engage in crowdfunding businesses in conjunction with other businesses.
If a fund intends to invest in real estate, additional rules under the Real Estate Specified Joint Enterprise Act have applied, which made it difficult for funds to invest directly in real estates. In December 2017, the revised Act came into force, which mitigated the regulations, such as allowing for funds to provide online disclosure documents. Real estate investment crowdfunding is expected to boom following this revision.
V CRYPTOCURRENCIES (Cryptoassets) AND INITIAL COIN OFFERINGS
i Types of cryptocurrencies (cryptoassets) and initial coin offerings
Under Japanese law, businesses that issue, sell and exchange tokens, including token issuances through initial coin offerings (ICOs), may fall under the regulations of the PSA or FIEA depending on how they are structured. Businesses involved in ICOs should adequately fulfil their duties required by related laws and regulations, such as registration when their services are regulated by those Acts.
Under current Japanese law, tokens are likely to fall under the regulatory categories of cryptocurrencies under the PSA, prepaid payment instruments and securities (especially CIS). As mentioned below, these categories will be reorganised and new regulations will be introduced in the near future.
ii Cryptocurrency exchange businesses
Amendments to the PSA to define cryptocurrency and regulate cryptocurrency exchange businesses came into effect on 1 April 2017.
Definition of cryptocurrency under the PSA
The PSA defines cryptocurrency as an electronically recorded proprietary value other than legal currency and assets denominated in any legal currency that either:
- can be used to pay unspecified persons for goods and services, can be mutually exchanged into fiat currencies with unspecified persons, and is transferrable through an electronic network (type I cryptocurrency); or
- is mutually exchangeable with a type I cryptocurrency between unspecified persons and is transferable through an electronic network (type II cryptocurrency).
A 'cryptocurrency exchange business operator' means one that engages in the business of: (1) selling and purchasing cryptocurrency or exchanging cryptocurrency with another cryptocurrency; (2) acting as intermediary, broker, or agent for the services in item (1); or (3) managing the monies or cryptocurrencies of users in connection with items (1) or (2).
Cryptocurrency exchange operators must manage the funds and cryptocurrencies deposited by users separately from the operators' own funds and cryptocurrencies. As of 25 March 2019, there are 19 companies registered as cryptocurrency exchange operators in Japan. The FSA did not accept registration of the applicant exchanges and strengthened its role in supervising and inspecting cryptocurrency exchanges in 2018, but has gradually restarted the examination process. In 2018, two major cryptocurrency-related businesses industry groups merged and set up strict self-regulations to restore public and regulatory confidence in cryptocurrency business.
iii Revision of the PSA and FIEA
The environment surrounding cryptocurrency faced several issues in 2018, including multiple cases of theft of customer assets from cryptocurrency exchanges, the realisation that internal control at cryptocurrency exchanges was not keeping pace with the sudden increase in transactions, cryptocurrencies becoming a source of speculative trading owing to wildly fluctuating prices, and the appearance of new types of transactions using cryptocurrency such as ICOs and margin trading. Based on these issues, the FSA released a report examining the future direction of cryptocurrency regulation in Japan, and revisions to the PSA and FIEA based on such report were submitted to the Diet in March 2019.
The bills propose that the legal term 'cryptocurrencies' be replaced by 'cryptoassets'. It also proposes imposing obligations on cryptoasset exchanges to address the risk of cryptoasset theft (such as requiring exchanges to maintain both net assets and cryptoassets in an amount equal to or greater than customer cryptoassets stored in 'hot wallets', to ensure that the customer right to claim return of cryptoassets is not subject to subordination, and to disclose financial statements), and seeks to strengthen regulations aimed at ensuring appropriate operations (such as requiring public disclosure of transaction price information, prohibiting advertisement or solicitation that encourages speculative trading, and requiring exchanges to notify the regulator before changing which cryptoassets they handle).
Similar to regulations governing the shares of listed companies, the bills also propose introducing regulations against unfair spot transactions of cryptoassets. These regulations would prohibit behaviour such as improper activity on cryptoasset transactions, the spreading of rumours and market manipulation, and impose obligations on cryptoasset exchanges to screen transactions. They would also prohibit cryptoasset exchanges from engaging in transactions for the purpose of obtaining a profit based on information that has not been made public.
The bills propose widening the scope of cryptoasset management regulations and anti-money laundering regulations to also cover custody services for cryptoassets, requiring them to be registered. It also proposes requiring registration for exchanges engaged in margin trading of cryptoassets and introducing restrictions on such activities, as in the case of foreign exchange margin trading.
Regarding ICOs, the bills propose establishing different regulations for security tokens and exchange tokens. When soliciting 50 or more persons to purchase security tokens, the issuer would be required to file regulatory disclosures at the time of issuance and on a continuous basis thereafter. Brokers of security tokens would be subject to the same operational restrictions as traditional securities brokers. ICO transactions would be subject to regulations concerning unfair transactions equivalent to those governing traditional securities. Exchange tokens would be required to be exchanged on registered cryptoasset exchanges, in the same way as current regulations. Cryproasset exchanges would be required to provide proper information such as feasibility of the businesses using such exchange tokens.
The revisions to the PSA and FIEA are scheduled to be deliberated by the Diet as early as 2019, and may be entered into force in 2020 at the earliest.
VI INTELLECTUAL PROPERTY AND DATA PROTECTION
i Intellectual property
In principle, the ideas themselves that pertain to business models are not protected by intellectual property rights such as patent or copyright. However, inventions in which such ideas are realised using information and communication technology may enjoy patent protection in certain cases. In regard to software, the Patent Act defines 'products' as a concept that includes 'programs, etc.', which means that software is subject to patent protection and can be copyrighted. In addition, information that companies manage as trade secrets will be protected under the Unfair Competition Prevention Act.
There have also been patent-related disputes that have attracted attention such as a patent infringement suit in which two leading venture companies in the fintech industry battled over an accounting software algorithm that automatically determines the category of accounting items (Tokyo District Court case of 27 July 2017).
For inventions created by employees, the right to obtain a patent may be assigned to or originally acquired by the employer in accordance with its internal rules. Such employers shall compensate their employees in accordance with such rules; provided, however, that if the rules are found to be unreasonable, the court may decide the compensation in light of the profits arising from the exclusive rights and employer's contribution to an invention.
The right to file patent applications on inventions made by independent contractors is held by the contractor, unless otherwise agreed between the parties.
ii Data protection
As in other industries, compliance relating to data protection and security is an important issue for fintech businesses. In regard to data protection, the Act on the Protection of Personal Information (APPI) imposes certain obligations on private businesses that use personal information to, for instance: undertake necessary and appropriate measures to safeguard personal information; not use personal information except to the extent necessary for the purposes disclosed to the subject individuals; not disclose personal information data to any third party (subject to certain exemptions); and conduct necessary and appropriate supervision over employees and contractors.
The first significant amendment to the APPI came into force on 30 May 2017 to eliminate ambiguity in the scope of personal information and facilitate the proper use of anonymised data. The fintech industry is also subject to the application of the 'Guidelines for Personal Information Protection in the Financial Field'.
In regard to security, the FSA supervisory guidelines governing financial institutions emphasise the importance of matters such as being aware of system risks and enhancing cybersecurity, and operators are required to appropriately follow the PDCA cycle of 'Plan, Do, Check and Act'.
VII YEAR IN REVIEW
The following events that occurred from 2018 to present in relation to the development of regulations and legal approaches regarding fintech in Japan are of particular importance.
|November 2017||A financial system study group was established by the FSA, which began studies into changing the legal framework relating to the financial system into one that is functional and cross-sectional (see Section IX below).|
|March 2018||Policies are being announced by various banks relating to coordination and collaboration with electronic settlement agents aimed at open APIs (application programming interfaces).|
|June 2018||The amended Banking Act came into force, with provisions concerning a registration system for electronic settlement agents and how such system relates to banks. Banks and electronic settlement agents started to enter into agreements for using API provided by banks, required by the amended Banking Act. The amended Installment Sales Act also came into force, with provisions concerning a registration system for acquirers and certain PSPs. The financial system study group of the FSA released a white paper about revision of the legal framework relating to the financial system.|
|September 2018||The FSA released 'Strategic Directions and Priorities' and 'Progress and Assessment of the Strategic Directions and Priorities'.|
|November 2018||The anti-money laundering regulations were amended, by which e-KYC was introduced.|
|January 2019||The financial system study group of the FSA released a white paper, based on which the revision bills will be proposed that allow financial institutions to utilise data that they obtain and introduce a new approval system for 'insurance business innovation companies' to be held as subsidiaries of insurance company.|
|March 2019||Bills to amend the PSA and FIEA were proposed in March 2019, in accordance with the white paper released by the cryptocurrency exchanges study group of the FSA.|
VIII OUTLOOK AND CONCLUSIONS
The following are some of the major legal and regulatory initiatives and developments that are expected in Japan based on the latest financial administrative policy announced by the FSA.
i Studies into revising the legal framework to make it functional and cross-sectional
From November 2017, sessions of a financial system study group have been convened at the FSA to examine revising the legal framework relating to the financial system (which, as described in Section II above, is currently differentiated by 'business' type) to one that is cross-sector and differentiated by 'function'.
Based on the content of its interim report published in June 2018, the study group has been engaged in discussing the following matters:
- how to promote appropriate utilisation of information;
- how to design a legal framework for the payment services area;
- how to address the emergence of platform businesses under a functional and cross-sectional financial regulatory system; and
- revising the regulations that govern banks and banking groups.
The study group issued a report in January 2019 summarising the results of issues discussed thus far, including a proposal that banks, insurance companies and Type I financial instruments business operators be permitted to provide services that utilise data obtained from customers. From the perspective of improving sophistication and user convenience in the insurance business, the report stated that it would be appropriate for 'insurance business innovation companies' to be held by insurance companies as subsidiaries, as in the case of 'banking business innovation companies' that banks are allowed to own as their subsidiaries. Legislation is scheduled to be proposed in line with these proposals, and the remaining discussion points will continue to be examined by the financial system study group.
ii Policy to enable fintech to lead development of Japan's innovation environment
With the view that pursuing open innovation (collaboration and coordination) between financial institutions and fintech companies is important to promoting innovation, the Japanese government has been reviewing various systems, such as: developing environments aimed at the adoption of open APIs; strengthening support for starting new financial businesses and services through initiatives such as a fintech support desk and fintech proof-of-concept hub; and revising methods of customer identity verification for non-face-to-face transactions and examining bank agency service issues.
On 9 March 2018, a cabinet office ordinance was released prescribing detailed rules concerning the amended Banking Act in relation to electronic settlement agents and open APIs, and a guideline was also released indicating the government's interpretation as to whether such activities constitute bank agency services. Hundreds of banks and other financial institutions are going to promote open APIs at the time of writing and this is anticipated to help promote open innovation between financial institutions and fintech companies in Japan.
In November 2018, amendments to the Japan's anti-money laundering regulation introduced new e-KYC methods for remote transactions, permitting the use of video chat and facial recognition as well as the use of APIs for verifying financial institution details. It is anticipated that these changes will promote the adoption of e-KYC and lead to frictionless procedures when opening accounts.
From 2018 to 2019, several projects have been selected as the first projects to receive assistance through the FSA's fintech proof-of-concept hub and approved under the newly introduced regulatory sandbox in Japan. The government also plans to actively work on providing sandbox infrastructure in the future.
iii IT governance and cybersecurity at financial institutions
The Japanese government is working to accumulate insight on IT governance in the financial and non-financial industries and further examine better methods of IT governance. In order to further enhance the stability of the financial system as a whole, the government is also seeking to strengthen the cybersecurity measures of financial institutions and working with authorities in various countries to contribute to the formulation of detailed cybersecurity policies.
iv Cryptocurrencies (cryptoassets) and ICOs
In June 2018, the FSA released a report examining regulations surrounding cryptocurrency transactions. Draft amendments to the FIEA based on such report were submitted to the Diet in March 2019. See Section V for details.