Search This Blog

Tuesday, 31 March 2015

Need To #Crowdfund Your US Launch? Try Reggae...

... er, that should read "Reg A". 

I'm indebted to Anna Pinedo and Jim Tanenbaum for pointing out that the SEC has finally done its job under Title IV of the JOBS Act. As they carefully explain in a recent Mofo Alert, the amendments to Regulation A that take effect in about 90 days time will enable private US and Canadian companies to raise up to $50 million in a 12 month period. That entity could be the holding company for a UK start-up, for example, or possibly the US subsidiary of a UK start-up, so long as it has a genuine US establishment - you know, real people and office equipment and a decent coffee machine. 

Existing shareholders may also sell reasonable amounts of stock as part of the offering. 

And eligible investors include 'the crowd' - provided they each limit their purchases to no more than 10% of the greater of their annual income or net worth (with a similar limit for non-accredited corporate entities). 

It should also be possible to combine a Reggae Reg A offering with private offering, if you really, really need the extra money.


Sunday, 29 March 2015

Mobile Consumer Rights

The mobile operators have finally agreed a code of practice on consumer billing

It does not state a standard cap on the customer’s liability for charges incurred as a result of unauthorised use of the device after it has been lost or stolen, or the notification period for the customer to report a device lost or stolen in order to qualify for the cap. But I understand that there is agreement on a £100 cap on the basis for notification to both the operator and police within 24 hours

That's a higher cap than for payment services (which have a cap of 50 euros) and an additional report to the police seem a little onerous, and just more admin for customers and police. However, the code leaves it open for providers to compete over this issue...

Tuesday, 24 March 2015

Big Day For Providers Of #AlternativeFinance To #SMEs

This morning, the British Business Bank began the process of creating a market for small business loan applications that the banks decline to fund, as well as opening up the banks' credit data to improve credit scoring for small business borrowers. 

Specifically, the BBB has called for expressions of interest from firms wishing to become either a designated finance platform, to whom banks must offer to refer any small businesses whose loan applications are rejected.

In addition, the BBB is seeking information from credit reference agencies that would like to receive credit data held by banks on small businesses to increase the reliability of SME credit scoring for non-bank lenders.


Saturday, 21 March 2015

UK Plans For #VirtualCurrencies and #Blockchain Technologies

The Treasury has published its response to the recent call for evidence on virtual currencies. The plan is to apply anti-money laundering regulation to virtual currency exchanges and ensure effective enforcement related to the criminal use of the currencies themselves, including seizure. It will also foster the development of standards for consumer protection in conjunction with the British Standards Institute. The government will also invest £10m to address 'research opportunities and challenges'.

In addition to addressing the risks, the report also explores the benefits of digital currencies as methods of payment, including uses beyond the retail scenarios, as well as other applications of blockchain technology; as well as barriers to suppliers setting up in the UK and how the government can help clear the way.

Alternative uses for the “distributed ledger” technology (i.e. beyond retail payment services) that the Treasury identified were:
  • transfer of title to digital assets, with inherent authentication, digital ‘signing’ and time-stamping and record-keeping e.g. recording and transferring the ownership of bonds, shares, securities and other financial instruments; passports, driving licences, criminal records, land registry and digital voting; 
  • ‘smart contracts’ and smart payments, whereby users encode requirements into a payment instruction or other message in order to achieve autonomous, self-executing payments and contracts that adjust for specific conditions. 
  • decentralised data storage solutions (using blockchain technology to store files securely and efficiently);
  • encrypted peer-to-peer messaging networks; and 
  • links with ‘smart property’ and the Internet of Things, whereby devices (including autonomous vehicles) communicate with each other and maintain and update themselves semi-autonomously.
Great news for the everyone that the government is positively engaging with this technology.


FCA Goes Social

The Financial Conduct Authority has made a huge effort to shrug off the image of its predecessor, and its latest guidance on social media and customer communications is another case in point. The FCA goes to far greater lengths than the FSA to understand the activities that it's regulating, and it has properly recognised the benefits to firms using the social media, not just the risks. There are some big concerns in here. But overall it's a helpful steer on how to market financial services in the social media, rather than just another regulatory minefield.

Now, about those 'big concerns'...

The word "consent" does not appear in this document. Nor do the words "data protection". The word "privacy" appears once, however, in a footnote which helpfully refers to the Information Commissioner's guidance on Direct Marketing. That's really the only nod to the many other requirements that application developers need to consider when producing financial services - something we've been focusing on intently at the Society for Computers and Law, for example. That's a particular concern, when section 1.8 of the guidance recommends "the use of software that enables advertisers to target particular groups very precisely" without so much as a footnote. If this is a tip to use Big Data tools, cookies and so on to engage in behavioural targeting of advertising, then firms will need a lot more help if they are to expected to do so appropriately.

Of equal concern is the FCA's decision to 'gold-plate' its guidance to the level of compliance required by the European directives on consumer credit and mortgages - another example of the European "regulatory creep" that blights the UK's landscape and is the source of so much talk of a "Brexit":
"The same constraints do not exist in other areas, but we think it is important to adopt a common approach across all the sectors we regulate, and across all media. To do otherwise would create a more complex and less certain regime, which would impose additional costs and which firms and consumers would find more difficult to navigate."
The problem with this approach is that not only do UK officials have a tendency to over-comply in this fashion, but they also take a literal approach to the interpretation of European law, rather than the purposive approach that European law itself dictates. So the UK invariably implements European edicts far more restrictively than, say, Greece or even France (historically the country most sued for failing to implement European laws, but here's the league table). 

Another problematic area is the guidance on using an image to convey a risk warning where a character limit would make it impossible to include it as text. While appearing to recommend this approach, the FCA then points out (on page 8) that Twitter settings, for example, allow users to ensure that images appear as a link, rather than being automatically displayed. So, risk warnings or other required information cannot appear solely as an image where such user features are present. This is explained a little more in section 7 of the Annex, which also mentions that some social media services limit the amount of text in images or crop them in unpredictable ways... In other words, images are not really much of a solution, even though they feature heavily throughout the FCA's examples.

Retweets and other sharing of financial promotions by customers and employees is another area for firms to consider a bit more carefully. There is some discussion of that (under "Other regulatory issues" on page 11), but it's obviously at the core of why firms would use the social media over traditional advertising channels. Basically, you can't rely on your employees to do the dirty work for you, at least not in the course of their employment (a slippery slope); and just because they or your customers are prepared to make a claim, doesn't mean that the firm can share it with impunity.

While it's refreshing that the FCA does not consider a tweet, for example, to be a real-time promotion, it doesn't mention the use of instant messaging features, or direct messaging. Although the guidance does mention that a customer 'following' a firm's account or 'liking' its material does not amount to an express request to receive real-time promotions to get around the ban on 'cold-calling'.

Finally, record-keeping is a key concern here. As the FCA points out (on page 14), you can't rely on the social media platforms to retain a copy of your promotional material. So firms need to have their own records of tweets etc., and the related compliance sign-offs.

No doubt the FCA's guidance will evolve in the light of these concerns over time - not to mention the guidance from the Information Commissioner!


Saturday, 7 March 2015

Artificial Intelligence, Computer Misuse and Human Welfare

The big question of 2015 is how humans can reap the benefit of artificial intelligence without being wiped out. Believers in 'The Singularity' reckon machines will develop their own superintelligence and eventually out-compete humans to the point of extinction. Needless to say, we humans aren't taking this lying down, and the Society for Computers and Law is doing its bit by hosting a conference in June on the challenges and opportunities that artificial intelligence presents. However, it's also timely that the Serious Crime Act 2015 has just introduced an offence under the UK's Computer Misuse Act for unauthorised acts causing or creating the risk of serious damage to "human welfare", not to mention the environment and the economy. Specifically, section 3ZA now provides that: 
(1) A person is guilty of an offence if—
(a) the person does any unauthorised act in relation to a computer;
(b) at the time of doing the act the person knows that it is unauthorised;
(c) the act causes, or creates a sign ificant risk of, serious damage of a material kind; and
(d) the person intends by doing the act to cause serious damage of a material kind or is reckless as to whether such damage is caused.

(2) Damage is of a “material kind” for th e purposes of this section if it is—
(a) damage to human welfare in any country;
(b) damage to the environment in any country;
(c) damage to the economy of any country; or
(d) damage to the national security of any country.

(3) For the purposes of subsection (2)(a) an act causes damage to human welfare only if it causes—
(a) loss to human life;
(b) human illness or injury;
(c) disruption of a supply of money, food, water, energy or fuel;
(d) disruption of a system of communication;
(e) disruption of facilities for transport; or
(f) disruption of services relating to health.
I wonder how this has gone down in Silicon Valley...


Thursday, 5 March 2015

EBA Sees #Payments Regulation As Best Model For #P2Plending - Updated

When the UK peer-to-peer lending industry began calling for proportionate regulation in 2011, we pointed to payments regulation as the ideal model. By the end of 2012, about 30 firms from across Europe signed an open letter calling for that approach to the regulation of crowdfunding generally. And that was the thrust of my response to the EC consultation on the topic. After all, these marketplaces are all basically payment platforms that enable the wallet-holders to agree to lend or invest money rather than just pay it. They have far more in common than there are differences.

Unfortunately, the UK authorities were determined to apply the existing investment rules to the P2P model, with consumer credit rules adapted to cover loans to individual borrowers and some small businesses. So instead of a dedicated set of regulations dealing with common operational risks among all platforms, with some extra rules to cover different types of instruments, we ended up with rules sprinkled all over the giant FCA Handbook.

Since then, however, the French have opted to apply payments regulation to P2P lending, and last week the European Banking Authority suggested a similar approach.

Of course, the additional attraction to payments regulation is that it is the subject of a 'maximum harmonisation' directive that allows for passporting throughout the EEA far more easily than under investment regulation.

If I were a betting man, I would put good money on the EBA's approach eventually winning out, with the real battle being fought over whether there should be any restriction on the amount that individuals should be able to lend [see update below]. The UK, France and Spain have each taken different approaches to this question. I'm glad to say that the UK has been the most pragmatic in recognising that platforms will struggle to generate enough liquidity without the possibility for some individual investors to lend significantly more than others to any one borrower, particularly in the SME lending markets. As I mentioned in the context of the recent European crowdfunding conference, my sense is that French and Spanish platform operators will realise this problem as they try to scale...

[updated as follows on 18 March 2015]

The battle over the restrictions around who should lend on P2P lending platforms, and how much, seems to flow from the mistaken belief by some authorities (the EBA included) that 'loans' are somehow 'debt securities'. Ironically, in its discussion of why investor type restrictions might be extended to simple loans, the EBA opinion underscores why that should not be the case - and indeed isn't the case in the UK.

For instance, in summarising the risks to lenders involved in P2P lending, the EBA, states (at para 28) that "the assessment of an investment opportunity requires a profound analysis as well as a thorough understanding of the project or business of a potential borrower." Yet making a loan does not equate to an 'investment' opportunity (and you would have thought that a banking regulator could fully elucidate the difference).

A loan is just a debt - which is a simple enough concept for anyone to grasp. It chiefly involves 'credit risk', not 'investment risk'; unlike bonds, for example, which are typically held for investment purposes rather than simply to earn interest (hence the focus on bond 'yields' rather than the interest rate or 'coupon').

The EBA later refers to the need for "explanations about a project, financing mechanisms and other investor education material", which also seems to misunderstand the straightforward nature of credit. Later still, the EBA states that P2P lending "usually means that lenders enter into loan agreements with a borrower which is, in many cases, a start-up enterprise." But that is certainly not the case in the UK, where such companies typically turn to equity investors who are looking for a share in the growth of a business, rather than simply the repayment of their capital plus interest. A subsequent discussion of "investment advice" and "investment recommendations" also highlights the EBA's mistaken assumptions about the essence of P2P lending. It's almost as if someone simply substituted "loan" for "equity" in a section about equity-based crowdfunding platforms.

This mistaken classification of lending as an investment is doubly ironic, given that the EBA is responsible for policy related to payments, banking, savings and loans and not securities (which is ESMA's territory). In fact, were it not for the EBA's view that payments regulation is the best fit for regulating the common operational risks of P2P lending, I would suspect the it of trying to limit competition with the banking sector by pushing P2P lending into the investment world. Yet, somewhat weirdly, when it comes to the section on credit risk the EBA suggests that platforms might be "required to cooperate with a bank, either in the way that the bank processes the assessments [of creditworthiness] on a professional basis or takes over any credit risk by contracting with each borrower directly." Which also ignores the fact, of course, that banks are busy walking away from the markets now served by the P2P lending platforms!

The EBA is also being somewhat disingenuous in suggesting that P2P lending platforms should carry out criminal records checks on borrowers - an extremely time-consuming, personally intrusive and costly process that not even banks are required to undergo when making loans. Compliance with anti-money laundering regulations, PEP/sanctions screening and membership of industry anti-fraud databases are adequate and proportionate controls for screening borrowers. Likewise, P2P lending platforms do not represent any greater source of risk to a lender's personal data than many other types of business, and data protection law should govern this type of risk, as it already requires appropriate IT and information security controls.

Overall, one is left with a nagging concern that, while it has made the best choice of regulatory frameworks for controlling the common risks associated with P2P lending, the EBA has not really engaged properly with the concept or the sector. Let's hope that changes soon.