Answer ... (a) Crowdfunding, peer-to-peer lending
Generally, four types of crowdfunding platforms can be distinguished: donations, (non-financial) rewards, lending and equity based platforms. All of these platforms are subject to Dutch civil laws, in particular resulting in information requirements and pre- and post-contractual obligations. Only the financial returns-based platforms (ie, crowdlending and crowdinvesting) are subject to Dutch financial regulatory laws.
Most of the crowdfunding platforms active in the Netherlands are crowdlending platforms focused on lending to small and medium-sized enterprises (SMEs). The operator of the platform is considered an intermediary in relation to repayable funds (the loan) which the SME borrower attracts through the platform. The operator of the platform must, as an intermediary, obtain dispensation from a regulatory prohibition from the Netherlands Authority for the Financial Markets (AFM) if the loans are financed by ‘the public’, including retail investors. If the borrower of the loan is a consumer rather than an SME, the operator of the platform is also required to obtain a financial services provider licence for offering consumer credit, due to its involvement in administering and managing consumer credit loans made the platform. The AFM has published crowdfunding rules with which operators of a crowdlending platform must comply. These include a requirement to conduct investor tests from retail investors and to cap the aggregate investments that a retail investor can make in crowdlending projects via the platform (the maximum is €80,000 per retail investor).
Operators of equity-based platforms generally require a Markets in Financial Instruments Directive (MiFID) licence, as they are considered to provide brokerage and placement activities in respect of financial instruments. Issuers of securities are subject to the Prospectus Regulation. An issuer of securities to the public in the Netherlands is exempt from the obligation to publish a prospectus that is approved by the regulator if the total offering size is less than €5 million per category of security (debt versus equity), taking into account all group companies affiliated to the issuer and all offerings of securities in the European Economic Area within a period of 12 months. However, any such exempt issuers must publish and submit to the AFM an information memorandum drawn up in a prescribed format.
(b) Online lending and other forms of alternative finance
Dutch civil laws apply to online lending and other forms of alternative finance.
Direct online lending from a lender to a business borrower does not trigger the application of specific financial regulatory laws, unless there are multiple lenders which are considered to be part of ‘the public’. In that case, a business borrower could be subject to the prohibition against attracting loan from the public in the Netherlands. A lender financing at least €100,000 at once is considered to be a professional market party and not part of ‘the public’. An exception to this prohibition may also be available to business borrowers that attract repayable funds from the public by means of the issuance of securities in accordance with the securities laws (as briefly described under question 4.1). A specific exemption to this prohibition was introduced for business borrowers that attract loans from the public via a crowdlending platform that has obtained the necessary dispensation (as briefly described under question 4.1).
Direct online lending to consumer borrowers is regulated, unless the lender is also a consumer. A ‘consumer’ is considered to be a natural person not acting in the course of his or her business or profession. If a consumer loan is concluded between consumers via a platform or another intermediary, this platform or intermediary is subject to a licence obligation (as briefly described under question 4.1).
(c) Payment services (including marketplaces that route payments from customers to suppliers (eg, Uber and AirBnb)
The second Payment Services Directive (PSD2), as implemented in the Dutch Financial Supervision Act and the Dutch Civil Code, regulates payment services providers. PSD2 was implemented in a harmonised manner in Dutch law. However, the Dutch Central Bank (DNB) maintains a relative narrow reading of the scope of the licence obligation, clarifying that it considers that a party pursues the business of a payment services provider only if “it provides a payment service for a payer’s or payee's expense as a separately identifiable activity. This means the activity must be separate and not indissolubly linked to another activity unrelated to payment services” (www.dnb.nl/en/news/dnb-nieuwsbrieven/nieuwsbrief-betaalinstellingen/NieuwsbriefBetaalinstellingenfebruari2019/dnb382349.jsp). DNB wishes to ensure that certain entities that temporarily hold third-party funds are not considered payment services providers if this is not their core business.
In this regard, DNB has also clarified that operators of crowdlending platforms that assist (via a separate entity, for reasons relating to the segregation of assets) in the fund flows relating to loan agreements concluded via the platform are not considered payment services providers.
On the other hand, DNB has also emphasised that e-commerce platforms that facilitate payments from buyers to sellers are considered to provide payment services (https://www.toezicht.dnb.nl/en/3/51-236584.jsp). If platforms offer such services as a separate identifiable activity, such platforms shall be subject to the obligation to obtain a licence unless an exemption applies.
Forex trading is one of the biggest trading markets globally. Cash currency exchange services with settlement in tangible or physical delivery of one currency against the receipt of another currency can be offered only by an exchange institution (wisselinstelling) with a licence from DNB. Banks and payment services providers are exempt from this licence obligation (and can therefore offer such exchange services under their existing banking or payment service provider licence).
Most of the large forex trading market consists of forex derivatives. These derivatives (eg, currency options, currency futures, forex swaps, forex forwards and forex spot transactions) are financial instruments within the meaning of MiFID II and trading in such derivatives is subject to MIFID II and the Markets in Financial Instruments Regulation (MiFIR). As a result, among other things, a MiFID II licence obligation and product governance requirements apply to the manufacturer and distributor(s) of forex derivatives.
In April 2019 the AFM prohibited the offering of binary options and limited the possibility to offer contracts for difference to retail investors in the Netherlands (www.afm.nl/en/nieuws/2019/apr/binaire-opties-cfds-interventies). As a consequence, the forex derivatives market in the Netherlands is generally limited to professional investors only.
Although crypto currencies generally do not (yet) qualify as (geldmiddelen) within the meaning of the Dutch Financial Supervision Act, derivatives with crypto currencies as the underlying value will qualify as derivatives, resulting in the application of the abovementioned regulatory implications to crypto-related forex transactions.
Intermediaries involved in trading in financial instruments (within the meaning of MiFID II as implemented in the Dutch Financial Supervision Act) are subject to a licence obligation as an investment firm (beleggingsonderneming). Execution-only brokers generally require a licence to offer investment services of receipt and transmission of orders in financial instruments (investment service ‘A’) and the execution of orders in financial instruments on behalf of their clients (investment service ‘B’).
If an intermediary is involved in the initial offering and placement of financial instruments with investors, the intermediary also requires a licence for the services of underwriter and/or placement agent (investment services ‘E’ and ‘F’).
Offering a digital secondary trading market generally results in the AFM taking the view that the operator/offeror of such trading venue requires a licence. This is either a licence for operating a regulated market or a licence for operating a multilateral trading facility (MFT) or an organised trading facility (OFT) (which is an investment activity and regulated under MiFID II as implemented in the Dutch Financial Supervision Act). The AFM is not in favour of bulletin boards; it therefore comes to the conclusion relatively quickly that a party offering a mere bulletin board must also have a MiFID licence for operating an MTF or OTF. The AFM takes this position even though MiFIR and the proposed EU Crowdfunding Regulation allow the option of offering a secondary market via a mere bulletin board without an MTF or OTF licence being required.
Brexit has resulted in an increase in the number of trading platforms that are licensed and located in the Netherlands.
(f) Investment and asset management
Collective investment schemes and asset management activities are governed by either the Alternative Investment Fund Managers Directive (AIFMD) or the Undertakings for Collective Investment in Transferable Securities (UCITS) Directive V, while individual and portfolio management is generally governed by MiFID II. Managers of collective investment schemes are generally required to obtain a licence for managing or marketing units in investment institutions in the Netherlands. Portfolio managers are generally required to obtain a licence as an investment firm for the investment service of individual asset management.
Collective investment institutions in the Netherlands can take the form of a company either with legal personality or without legal personality. An example of the latter is a fund for joint account (fonds voorgemenerekening, an ‘FGR’). An FGR is a special agreement between the manager, the legal owner of the assets of the FGR and the participants. If properly structured, an FGR is tax transparent, meaning that no corporate income tax is levied on the FGR.
Dutch managers of AIFs (ie, not UCITS) may opt for a light registration regime instead of a full AIFM licence. Pursuant to Dutch law, this light regime is available only for Dutch AIF managers:
whose aggregate assets under management remain below either:
- €100 million; or
- €500 million on an unleveraged basis, subject to no units being redeemable within five years upon issuance; and
that comply with at least one additional condition by either offering the units:
- to professional investors only;
- to fewer than 150 investors in total; or
- against a value of at least EUR 100,000 per investor.
(g) Risk management
Risk management as such is not a regulated activity pursuant to Dutch law. However, naturally, compliance and risk management is an imminent part of the business operations of each company – in particular, those companies that fall under the scope of financial regulatory laws and regulations. As a general rule, all financial undertakings must have controlled and sounds business operations, and must have internal procedures and processes in place to safeguard the same and mitigate operational and compliance risks as much as possible.
The Dutch regulators distinguish four elements relevant to risk management:
- the risk management system and the risk management function;
- the risk management policy and the risk management strategy;
- internal procedures and processes that implement the risk management system; and
- monitoring, reporting and evaluation of the risk management system.
Key functions, such as compliance, internal audit and risk management, must generally be fulfilled independently; however, for regulated fintech companies that are still relatively small in size, the Dutch regulators tend to accept it if some of these key functions are combined under the responsibility of one or several persons.
Given the tech basis and the platform-driven business model of fintech companies, a shift in risk strategy and risk management may be identified. Cybersecurity risks and privacy risks are graver for fintech companies than for other ‘regular’ companies.
In mid-2016 a draft regulation was published in which requirements were introduced for automated advice, including a requirement to appoint one skilled natural person who can be held accountable. Ultimately, however, these suggested requirements were not included in the relevant Dutch decree; it was thought that it was still too early to attempt to regulate this form of innovation. This came as no surprise, given the European Supervisory Authorities have since reached a similar conclusion in a joint report on automation in financial advice (https://esas-joint-committee.europa.eu/Pages/News/European-Supervisory-Authorities-publish-conclusions-on-automation-in-financial-advice.aspx).
As briefly mentioned in question 3.5, roboadvice has attracted the interest of the Dutch financial regulators. The AFM published its views on roboadvice in March 2018. According to the AFM, this form of fintech can enhance the accessibility and quality of financial advice. However, irrespective of how advice is provided to a client, a duty of care still applies and the applicable laws and regulations must be complied with (www.afm.nl/en/nieuws/2018/mrt/doorontwikkeling-roboadvies). This results in a potential obligation to obtain a licence as a financial services provider for providing advice to consumers on financial products such as consumer credit, or a licence as an investment firm (MiFID II) for providing advice on financial instruments such as securities and derivatives.
Thus far, it is thought that the existing legal framework is sufficient to safeguard the security of the financial markets and to adequately protect consumers. However, this form of technical innovation does need to be monitored. In the meantime, roboadvice should follow the ‘SAFEST’ guidelines of DNB (see question 3.5).
As in other sub-sectors within the fintech industry, insurtech players are currently regulated in the same manner as the incumbents. The point of departure is technological neutrality. The main laws and regulations applicable to insurance companies in the Netherlands are laid down in the Dutch Civil Code and the Dutch Financial Supervision Act. In addition to the general distinction between life insurers and non-life insurers, a third, less common type of insurer is active in the Netherlands: funeral expenses and benefits in kind insurers. From a financial regulatory law perspective, a distinction is made between:
- the larger insurers, which are subject to the Solvency II Directive;
- smaller insurers and the aforementioned funeral insurers, which are governed by a local Solvency II Basic regime; and
- the smallest insurers, which are exempt from financial regulation.
As insurance is a financial product, both offering insurance products and services and advising or intermediating in respect thereof are subject to financial regulatory laws.
The AFM and DNB recently published a report describing the 10 key focus areas when using artificial intelligence (AI) in the insurance sector, in which the technical aspects of the use of AI are considered (www.afm.nl/nl-nl/nieuws/2019/jul/verkenning-ai-verzekeringssector). In line with the European Insurance and Occupational Pensions Authority’s recent report, the Dutch regulators emphasise the fact that the fast-evolving insurtech market should be monitored closely (https://eiopa.europa.eu/Publications/EIOPA%20Best%20practices%20on%20licencing%20March%202019.pdf). The regulators will pay special attention to the ethical aspects involved in insurtech solutions. The effects of AI (and other types of technology) on solidarity and insurability are important areas of focus.