Article 23a of the Financial Market Authority Act (FMABG; Finanzmarktaufsichtsbehördengesetz) confers the FMA with the necessary competence for and establishes the framework for the sandbox. The FMA is only allowed to act on the basis of this law, and not allowed to use free discretion to decide about a participant in the sandbox. Criteria for admission to the sandbox have been determined and requirements finalised for how the test operates. For example, services that require a licence may never be allowed to be provided “on a test basis” without a licence. The sandbox opens up a new pathway towards a licence for FinTechs, but no “stripped down licence”. Supervisory requirements are only adapted within the scope of the principle of proportionality for supervision depending the business model, where supervisory laws permit this.
It is therefore significant to consider the circumstance about future activity under supervision:
- does an activity that requires a licence exist at all? If anything is unclear, this should first be clarified by submitting a FinTech enquiry through the FinTech Point of Contact.
- Is the scenario of being a credit institution/investment service/insurance company/payment service provider etc. one that your entity strives for on a permanent basis?
A browse through the respective supervisory law provides important guidance! (Austrian Banking Act (BWG), Securities Supervision Act 2018 (WAG 2018), Payment Services Act 2018 (ZaDiG 2018), Electronic Money Act (E-Geldgesetz 2010), Insurance Supervision Act (VAG 2016), Alternative Investment Fund Managers Act (AIFMG), Financial Markets Anti-Money Laundering Act (FM-GwG), Capital Markets Act 2019 (KMG 2019)).
The sandbox procedure is an administrative procedure under the General Administrative Procedures Act (AVG; Allgemeines Verwaltungsverfahrensgesetz). Several several administrative decisions are issued during the course of the procedure.