The first survey conducted in January 2018, sought to identify potential gaps and issues in the existing EU regulatory framework, assess how the existing national regimes diverge and, if identified, propose recommendations to adapt EU legislation to the emerging innovations. The second, launched in January 2019 attempted to identify the ways in which NCAs employed the concepts of ‘proportionality’ and ‘flexibility’ when licensing FinTech firms.

The Surveys confirmed that NCAs do not typically distinguish between FinTech and traditional business models in their authorisation and licensing activities since they authorise a financial activity and not a technology. ESMA’s key findings from the surveys are:

1. The primary area where regulatory gaps and issues have been identified by NCAs and where FinTech firms do not fit neatly within the existing rules is related to crypto- assets, ICOs and DLT. NCAs called for more clarity at the EU level with respect to the definition of financial instruments and the legal nature of crypto-assets. The NCAs’ responses served to confirm ESMA’s Crypto Asset Advice that certain tokens are financial instruments and subject to the full attendant regulation, while those tokens that are not deemed financial instruments should be subject to some minimal level of regulation;

2. The Surveys also identified the need for greater clarity around the governance and risk management processes associated with both cyber security and cloud outsourcing. The Joint ESA Advice on the need for legislative improvements relating to Information and Communication Technology risk management requirements in the EU financial sector and the Joint ESA Advice on the costs and benefits of a coherent cyber resilience testing framework for significant market participants and infrastructures within the EU financial sector address many of these issues;

3. There is a direct link and interdependencies between the innovation facilitators and authorising approaches for innovative FinTech business models. Innovation facilitators play a central role in mapping approaches applied to FinTech and in identifying the areas where the legislation and licensing requirements need changes and adaptation. Moreover, innovation facilitators, especially regulatory sandboxes, may have an impact on the licensing regime for FinTechs and may allow for divergence from other jurisdictions. In response, ESMA jointly with the EBA and EIOPA published the Report on FinTech: Regulatory Sandboxes and Innovation Hubs in January 2019 . In addition, the European Forum of Innovation Facilitators established in April 2019 aims at fostering convergence in this area;

4. Finally, there is an ongoing discussion as to the need for an EU wide holistic crowdfunding regime, particularly for crowdfunding based on non-MiFID II instruments. The regulation of crowdfunding service providers is under scrutiny by the European Parliament and the Council and is expected to facilitate a the level playing field for cross-border service providers.

The Report addresses one of the five action points of the European Commission FinTech Action plan, namely ESMA’s mandate ‘to map current authorising and licensing approaches for innovative FinTech business models in Europe’.

ESMA concludes that, based on the evidence gathered, that at present most innovative business models can operate within the existing EU rules, and reinforces its conclusions made in the recent reports on crypto-assets/ICOs/DLT, cyber security and innovation facilitators, but does not make additional recommendations for changes in EU regulation at this stage, in line with the EBA and EIOPA conclusions in their respective reports. ESMA also continues to foster supervisory convergence on the topic of crypto assets across Member States