How to Navigate Your Entry into Regulatory Sandboxes in the UAE

How to Navigate Your Entry into Regulatory Sandboxes in the UAE 

Thought Leadership

By Salim Akil, co-founder of Be Venture Partners

We explored the role and importance of regulatory sandboxes here. Now, let's look at how innovators looking to join them can prepare for an application process that involves demonstrating how their innovations align with the sandbox’s focus areas, providing detailed documentation, and undergoing thorough evaluation. Successful applicants gain entry into a structured testing phase where they refine their products under regulatory guidance, paving the way for eventual market deployment.

What a Typical Journey Looks Like

Stage 1: Pre-Application (1-2 months)

  • Self-Assessment: The startup evaluates its technology, business model, and regulatory readiness.

  • Sandbox Selection: The startup chooses the most suitable sandbox based on focus area and eligibility.

  • Preliminary Consultation: The startup may seek initial guidance from sandbox administrators or experienced entrepreneurs.

Stage 2: Application Submission (2-4 weeks)

  • Document Preparation: The startup compiles detailed documentation, including business plan, technical specifications, risk assessment, and compliance strategy.

  • Formal Application: The startup submits the application through the designated sandbox portal.

Stage 3: Evaluation and In-Principle (Conditional) Approval (1-3 months)

  • Regulatory Review: Sandbox administrators evaluate the application based on criteria such as innovation, viability, and risk mitigation.

  • Clarification Requests: They may also seek additional information or clarification from the startup.

  • Approval Decision: Sandbox administrators notify the startup of the approval or rejection of their application.

Stage 4: Fulfilling the In-Principle Conditions

  • Legal Structure: The startup sets up the legal structure and associated documentation.

  • Compliances and Auditors: The startup signs up compliance and AML consultants and external auditors, both of which may be mandatory requirements of the regulator. 

  • Completing the Process: The startup makes its final submission to the regulator following which the Financial Service Permissions are granted. 

Stage 5: Testing Phase (6-12 months)

  • Sandbox Onboarding: The approved startup is onboarded into the sandbox environment.

  • Testing and Iteration: The startup conducts live tests of its products or services in a controlled setting, under regulatory supervision.

  • Regulatory Feedback: The startup receives regular feedback and guidance from regulators to refine its offerings.

Stage 6: Graduation and Market Entry (Variable)

  • Sandbox Exit: The startup successfully completes the testing phase and demonstrates regulatory compliance.

  • Licensing or Approval: The startup may apply for relevant licenses or approvals to launch its products in the wider market.

  • Post-Sandbox Monitoring: Regulators may continue to monitor the startup’s activities for a specified period.

 

Case Study 1: Insights From a B2B2C FinTech’s Journey

I recently had the opportunity to meet the founder of a B2B2C startup that empowers individuals to achieve their financial goals without compromising their lifestyle. Initially launched as a B2C model, it pivoted to a B2B2C model during the sandbox period to better serve its clients. Categorised as a 3C entity (providing money services), it underwent a complex regulatory process. Here’s a detailed breakdown of their experience.

Regulatory Journey

1. Capital: The startup required $500,000 in capital for its activities but obtained waivers for the Innovation Testing Licence period, depending on its business plan. The process included:

  • Initial Approval: 19 months

  • Operational Licence: 6 months

  • Graduation Period: 1 to 1.5 years

This timeline was longer than a typical one as the startup was exploring and learning the process in 2021.

2. Legal Assistance: The startup collaborated with lawyers to process their application, which included:

  • Business Plan: Comprehensive documentation outlining the startup’s objectives and strategies.

  • Risk Assessment: Evaluating potential risks and mitigation strategies.

  • Workflow Diagram: Detailed transaction process, which proved challenging and required meticulous planning.

  • Financials and Financial Soundness Indicators: Ensuring compliance with capital requirements and regulatory standards.

  • Compliance Documentation: Necessary for approval and operation, including KYC (Know Your Customer), AML (Anti-Money Laundering), terms and conditions, and appointing a compliance officer.

3. Operational Setup:

  • Licence Setup: Establishing the necessary licences.

  • Staffing: Hiring full-time compliance officers, risk officers, and finance professionals, with the option to outsource some roles.

  • Regular Meetings: Monthly meetings to share updates on business and risk, with DSFA sending notices to senior executives and compliance officers. They could audit any minutes and request changes if needed.

Key Challenges and Learnings

1. Regulatory Requirements: Keeping up to date with regulatory requirements was a significant challenge. Understanding the exact scope of the licence and its operational implications was crucial.

2. Rule Books: Navigating the rule books to track necessary actions and compliance requirements was not straightforward.

3. Operational Flexibility: The startup discovered later in their journey that they could launch cards, demonstrating the need for flexibility and adaptation.

4. Business Model Pivot: Startups need to continuously assess and validate their business models. The startup’s pivot from B2C to B2B2C aimed to add more value.

5. Partnerships: The founder emphasised the importance of seeking partnerships to aid with regulatory compliance, such as banking-as-a-service providers, which can offer APIs or financial services.

Advice for Entrepreneurs

  • Prepare Thoroughly: Before applying for regulatory approval, ensure you have a clear operational plan without testing the model excessively. Here is an example of a successful flow chart diagram:

  • Leverage Partnerships: Partner with entities that can assist with regulatory processes and provide necessary services.

  • Understand Compliance: Stay informed about the regulatory requirements and what your licence permits.

  • Maintain Regular Communication: Communicate regularly with regulatory bodies and update them on your progress and any changes.

 

Case Study 2: Insights from Cregor Janssen, Head of Legal at Wio Bank

In my quest to gain insights into effectively navigating these regulations, meeting Cregor Janssen, Head of Legal at Wio Bank, a pioneering digital bank in the UAE, was a true turning point. 

Wio Bank did not officially participate in a regulatory sandbox, but its initial phase resembled one. It started with no customers and then tested its model with a small group before a full launch. This “private sandbox” approach allowed the team to refine their model and demonstrate compliance progressively and 18 months.

Wio Bank’s Regulatory Journey

Wio Bank is a commercial bank fully licensed by the Central Bank of the UAE (CBUAE), operating under the same regulations as other banks in the country. As a digital bank, it adheres to all CBUAE regulations, demonstrating that innovative banking models can successfully operate within the existing regulatory framework. The bank offers a diverse range of products that extend beyond traditional banking, including Banking as a Service (BaaS) and embedded finance solutions. These offerings have been carefully developed to meet all regulatory requirements while pushing the boundaries of innovative financial services. By working closely with CBUAE, Wio Bank has managed to introduce these forward-thinking products while maintaining full compliance.

One notable aspect of Wio Bank’s operations is its fully digital nature. Unlike traditional banks, Wio Bank doesn’t maintain physical branches, instead leveraging digital channels to serve customers. This includes communication via email, WhatsApp, phone calls, and active engagement on social media platforms. This approach aligns with modern customer preferences while still meeting CBUAE’s strict requirements, and even exceeding them in some areas, demonstrating that it’s possible to combine innovation with regulatory compliance in the banking sector. Wio Bank’s ability to offer a wide range of services through digital channels showcases how banks can evolve to meet changing customer needs while operating within the established regulatory framework.

As Janssen highlighted, ongoing, proactive, and transparent communication with regulators is crucial. Wio Bank continuously informs them about new product launches to ensure ongoing compliance depending on the topic. This approach helps build trust and ensures that the bank stays aligned with regulatory expectations.

Cregor Janssen’s Tips For Startups

When it comes to navigating the complex world of fintech regulations, Janssen’s found a few key strategies that can make all the difference.

  • First and foremost, adopt a “compliance by design” approach. This means weaving compliance into the very fabric of your business from day one. Don’t treat it as an afterthought – make it an integral part of everything you do, from developing products to communicating with customers. 

  • Next, focus on building the right team. You’ll need people with expertise in compliance, legal matters, risk management, and customer due diligence. Having these specialists in-house can be a game-changer when it comes to meeting regulatory requirements effectively.

  • Lastly, don’t skimp on legal advice. I know it can be costly, especially for a startup, but engaging with a lawyer early in the process is an investment that pays off. It can help you navigate complexities more efficiently and manage your advisor effectively: the right questions get the right answers. Trust me, it’s worth every penny in the long run.

Remember, in the world of Fintech, compliance isn’t just about following rules – it’s about building trust and setting yourself up for sustainable success.

Leverage Guidance From Experts 

Navigating the application process to UAE regulatory sandboxes was an intricate and time-consuming experience for me. So, to optimise your journey and help you avoid potential pitfalls, I’ve approached experienced professionals - the right lawyer ready to share free advice, which was challenging until I met Rohi Ghai, Founder of 10 Leaves, as well as entrepreneurs who had successfully navigated the regulatory landscape themselves and whose firsthand insights provided invaluable insights. Here is how you can benefit from their expertise.

  • Understand the Requirements: Gain clarity on the specific guidelines, eligibility criteria, and focus areas of each sandbox without spending extensive time on conducting initial research yourself.

  • Prepare the Documentation: Learn from their experience on how to compile and present necessary documentation effectively, minimising the need for costly legal advice. 

  • Streamline Your Application: Receive practical advice on completing the application process efficiently, ensuring that your submission meets the standards and expectations of the evaluators.

By leveraging the expertise of those who have already walked down this path, you can significantly reduce legal expenses and avoid the common pitfalls associated with regulatory compliance. This proactive approach not only saves time and money but also enhances your chances of a successful application, allowing you to focus on refining and testing your innovative solutions.

Create Your Account Now

Sign up now to stay connected to the UAE ecosystem, access exclusive content & market news, and discover initiatives to unlock opportunities.

You might also like