Fintech 2022 Comparisons

New Areas of Focus

In Belgium, while the first fintech initiatives (2014–2015) focused on alternative financing solutions such as crowdfunding platforms, the sector really gained traction with the development of payment solutions. These include retail payment platforms, with a fair share of money remitters, but also B2B payment services such as professional foreign exchange (FX) payments for small and medium-sized enterprises (SMEs). As a result of Brexit, a few very high-profile UK payment service providers have selected Brussels as their base to continue serving the continent. The arrival of these players has added a lot of maturity to this sector in Belgium.

In the last few years, Belgium has seen an increased focus on full-digital banks and fintech-driven investments solutions as well as a significant number of infrastructure and enabling technology service providers offering regtech, data, identification and accounting solutions.

The most recent trends now include initiatives in insurtech, blockchain and cryptocurrencies.

Belgium as a Launch Pad

A recent trend is the choice by international entities (both inside and outside the Brexit context) to launch their fintech initiatives and conquer the European continent from Belgium. International investors appear to be attracted by the professional, tech-savvy Belgian regulator; the fact that licence applications are accepted in English; the central location of Belgium in Europe; the highly skilled and multilingual workforce; and the fact that Belgium, being at the crossroads of different cultures and with a very international population, is an interesting test market for their products and services.

The predominant fintech business model in the Belgian fintech industry remains the payment vertical, which is populated by both incumbents and fintech entities.

Payment Services

The Belgian regulator is quite extensive in its interpretation of payment services. Therefore, regulated payment service institutions also include business models such as electronic invoicing platforms and invoice trading platforms. The retail client acquisition cost remains high for most entities and there is thus important activity on the B2B side, notably in the field of professional FX payments and acquiring services for merchants. Also on the retail side, there is a small concentration of high-profile FX payment service providers, making it safe to say that this has become a market particularity. Following Brexit, several international money remitters have located their EEA headquarters in Belgium, as they are looking for a level regulatory playing field and, therefore, wish to be supervised by the same authority as many of their important competitors.

PSD2

Finally, most Belgian banks have seen the Second Payment Services Directive (PSD2) as an opportunity rather than a threat. Next to local fintech start-ups, major retail credit institutions have started offering account information services, and it can be expected that payment initiation services will follow. The four major Belgian retail banks have also joined forces through the Payconiq by Bancontact application, allowing clients to perform easy peer-to-peer payments and pay with their smartphone in stores and online.

Cryptocurrencies and Decentralised Finance

Beside the payment vertical, the Belgian fintech industry has recently seen a surge in new projects related to cryptocurrencies and decentralised finance ("DeFi").

PSD2

The payment vertical is obviously dominated by the Belgian transposition of the PSD2. This transposition has been very straightforward under Belgian law and does not have any significant gold plating. While the legal texts are generally a copy-paste of the European legislations, their interpretation by the relevant Belgian regulator (the National Bank of Belgium or NBB) may differ from other European jurisdictions. For instance, the regulator interprets the notions of "payment services" and "payment accounts" quite broadly.

This broad interpretation of payment services raises some questions for non-payment companies that develop new types of services that are not related to the business of payment services as such, but could eventually fall within the scope of PSD2.

E-money

The Belgian regulator also reserves the qualification of “e-money” to very specific prepaid products, and does not automatically qualify all solutions which provide for wallets/accounts as e-money. In practice, this interpretation has no real impact and business models developed under an e-money licence abroad are pursued in Belgium under a payment institution licence. This has led to only a few institutions being licensed as e-money institutions in Belgium, while there are over 30 licensed payment institutions.

Compensation models in the payments industry vary significantly depending on the actual application. Personal payment applications are often offered free of charge for the user (or included in the general services if offered by an incumbent bank). On B2B and especially in FX service provision, compensation models are often inspired by the (anticipated) volumes of FX payments generated by the clients.

In both cases, regulated market players are subject to certain pre-contractual information requirements, including a disclosure obligation on the pricing of their services. However, the extent of such requirements will depend on the customers (consumers or others).

Most financial regulations originate from European legislations, which do not differentiate between fintech and legacy players. However, when applying these, European regulators should do so in a proportionate manner, which allows for some differentiation in practice. The Belgian regulator follows this and applies a "same business, same risks, same rules" principle which, taking into account the "proportionality" principle, provides for a strict but generally pragmatic approach.

In Belgium, there is no regulatory sandbox. However, the NBB and the Financial Services and Markets Authority (FSMA) have set up a joint and unique Fintech Contact Point, allowing fintech entrepreneurs to enter into direct contact with them and openly discuss the regulatory aspects of their products or services. Representatives of the Belgian regulators have stated in the past that this approach should be seen as a "sound box" (ie, a possibility to speak with the regulator outside any concrete licence application), rather than an actual sandbox. In general, Belgian regulators have a pragmatic approach towards fintech companies. They are open to innovation and to organising informal meetings with fintechs to discuss their project prior to launching any formal demands. Foreign fintechs tend to be pleasantly surprised by the level of tech awareness and the personal approach of the Belgian regulators.

There are two main regulators in Belgium for the financial services sector at large, which are of course also relevant for fintech companies.

The NBB

The NBB is the competent supervisor for the prudential requirements applicable to credit institutions (banks), insurance undertakings, e-money institutions, payment institutions and large stockbroking companies.

The FSMA

The FSMA is the competent supervisor for the prudential regime applicable to smaller investment companies, regulated credit providers, insurance intermediaries, crowdfunding platforms and financial intermediaries. The FSMA is also in charge of oversight of the conduct of business rules on insurance and investment services (in addition to more general authority over public offers, listed companies and the financial markets). Furthermore, in its role of surveillance of the financial markets and supervision of financial information, the FSMA closely follows evolutions such as crypto-assets and ICOs, mostly by issuing very general warnings on the risks attached to them. The FSMA also analyses local initiatives to ensure that they do not fall within existing regulations under its supervision, such as public offerings or investment services. The FSMA is finally expected to supervise crypto wallet and exchange service providers, following the provisions of the Belgian transposition of the Fifth Anti-money Laundering Directive 2018/843 (AMLD5) of 30 May 2018. Its role will also most likely evolve in light of the upcoming regulation on Markets in Crypto-assets (MiCA).

The FPS Economy

Next to these two main supervisors, the Federal Public Service Economy ("FPS Economy") has very specific powers regarding the conduct of business rules of regulated credit and payment services. 

Regulated functions can only be outsourced to parties which are regulated for these functions. Also, unregulated, more operational functions can be outsourced to third parties.

For banks, investment firms, payment institutions and e-money institutions, the NBB has entirely integrated the European Banking Authority (EBA) guidelines on outsourcing into its supervisory practice. Under these guidelines, regulated entities are required:

• to perform a substantive risk assessment before deciding on the outsourcing itself;
• to conduct thorough due diligence on the potential partner and the services before selecting the outsourced partner;

• to always remain liable towards their own clients, irrespective of the outsourcing arrangement;
• to have a written outsourcing policy in place, containing a minimum set of mandatory provisions; and
• on an ongoing basis, to supervise and control the outsourced activities (including through audits), record all outsourcing arrangements in a specific register and inform the NBB beforehand of critical or important outsourcing arrangements.

The NBB and the FSMA generally apply the same principles to other regulated entities, with some differences depending on their activities and the risks they pose for the market.

There is no specific “gatekeeper” liability regime established in Belgium for fintechs regarding the activities on their platform. In practice, this will mainly depend on who is actually/legally providing the services to customers through the platforms.

The Belgian regulator mostly opts at the first stage for a pragmatic/soft approach where it will contact unregulated entities providing services that it deems to be regulated. It will usually work with the entity concerned to make sure that it either becomes regulated or adapts/terminates its activities. When it comes to the payment vertical, the NBB is known to use a high-quality and pragmatic team that is close to its industry.

Certain additional non-financial regulatory regimes may be of particular importance to fintech companies, given the greater susceptibility to certain abuses or exposure to certain risks.

Data Protection Regulations

With regard to privacy laws, the most important regulations are the General Data Protection Regulation 2016/679 of 27 April 2016 (GDPR) and Directive 2002/58/EC of 12 July 2002 (the "ePrivacy Directive") and the provisions transposing this directive into Belgian law. The Belgian legislator also adopted the Belgian law of 30 July 2018 on data protection, partially incorporating the generally applicable GDPR provisions as well as providing for complementary provisions.

Anti-money Laundering Laws

Belgian anti-money laundering (AML) laws, transposing the AMLD5 of 30 May 2018, are applicable to fintech companies that carry out regulated activities (such as banks, e-money institutions and payment institutions).

Cybersecurity

Regarding cybersecurity, Directive 2016/1148 of 6 July 2016 (the "Networks and Information Security Directive") was transposed into national law by the Belgian law of 7 April 2019 on the establishment of a framework for the security of network and information systems of general interest for public security. This law requires financial institutions to take appropriate and proportional technical and organisational measures to manage the risks to the security of the network and information systems on which these institutions' financial services depend. Furthermore, there is the (slightly outdated) law of 28 November 2000 on computer-related crime and the international Budapest Convention of 23 November 2001 (including its Protocol) and the Lanzarote Convention of 25 October 2007, to which Belgium is a party. These regulations do not make a distinction between fintech companies and legacy players. However, again, the digital environment of fintechs goes hand in hand with increased cybersecurity risks. This is why the EBA issued its Guidelines EBA/GL/2019/04 of 29 November 2019 on information and communications technology (ICT) and security risk management, prescribing how financial institutions should manage ICT and security risks, and what the supervisory authorities’ expectations of ICT and security risk management are.

The topic of cybersecurity in the financial sector is becoming a growing concern for public authorities in Belgium and all other European countries. This is why the European Commission made digital operational resilience one of the main topics in its last Digital Finance Package, which includes a proposal for the Digital Operational Resilience Act (DORA) in the financial sector.

Marketing and Communications

Advertising, documents and any other type of communication (including verbal communication) distributed within the context of professional marketing of financial products (eg, relating to all types of savings, insurance and investment products) to retail clients in Belgian territory, is regulated by the Royal Decree of 25 April 2014, regardless of the media channels through which these communications take place. These are subject to information requirements relating, on the one hand, to the provision of an information sheet and, on the other hand, to the advertising of financial products.

The general information requirements (“correct, easily understandable and in clear, concise and comprehensible terms”) apply as well to all communications, whether through social media or other media. These requirements are stricter with regard to highly regulated products and services (eg, consumer credit).

Other than by regulators, a review of industry participants’ activities is to a certain extent also performed by accounting and auditing firms. Their well-aligned tasks are set out in the prudential framework of each of the regulated entities, and auditors must be certified by the competent regulator prior to servicing regulated companies.

There is no general prohibition under Belgian law against regulated financial entities providing unregulated products and services. In certain cases, the Belgian regulator will, however, assess the impact of these unregulated services on the regulated activity and may impose certain requirements, or even demand that these services or products are offered through a separate legal entity. This is notably the case for certain payment institutions and e-money institutions offering unregulated services. The combination of regulated services with crypto-services has garnered particular attention from the Belgian regulator. It is expected that the upcoming MiCA Regulation will be a game-changer in this respect.

As a recent trend, an increasing number of financial institutions – mainly (digital) banks – are offering so-called “beyond banking” products, which are non-financial services and products, in an attempt to attract more and new clients to their current financial services and products.

With the exception of the registration rules for crypto-wallet and exchange service providers (which are expected shortly), Belgium has transposed all EU AML requirements into its AML Law with a few limited gold-plating measures. They apply to all types of regulated entities providing their services in Belgium through a physical establishment.

For now, the most important impact of AML rules for regulated fintechs is the lack of full harmonisation at the EU level, which makes it complicated for international businesses to comply with each of the local AML regimes. This is, however, a challenge for the whole EU rather than a particular feature of the Belgian market.

Depending on the specific circumstances, the services provided through robo-advisers qualify as order execution, investment advice or portfolio management within the meaning of the Markets in Financial Instruments Directive II (MiFID II) regime and the Belgian transposing law of 2 August 2002 on the supervision of the financial sector and financial services. Therefore, companies offering these robo-advisory services directly to investors should be licensed as investment firms.

In Belgium, there are two types of investment firm licences:

• portfolio management and investment advice companies (PMIACs) supervised by the FSMA; and
• stockbroking firms supervised by the NBB. 

A stockbroking firm can provide all the investment services regulated under MiFID II. By contrast, a PMIAC is seen as having a lighter licence enabling it only to provide services of reception and transmission of orders, order execution, portfolio management and investment advice services, but not dealing in own account, operating a multilateral trading facility (MTF) or an organised trading facility (OTF), underwriting financial instruments or placing such financial instruments (with or without firm commitment basis).

Finally, robo-advisers are sometimes also used as pure IT technology tools (under a user licence agreement) by regulated firms legally able to provide investment services. In such a case, the company merely offering the technical tool does not need to be licensed – the licence of its client (eg, a bank or an investment firm) suffices.

The emergence of robo-advisers has put pressure on legacy players, as they were expected to soon become a core product for many investors. As a result, multiple legacy players now internally manage their own robo-advisers (eg, BNP Paribas Fortis, Keytrade Bank, Aion Bank), or totally or partially outsource their investment services to a robo-adviser (which in this case has to be regulated), or enter into a licence agreement with a technical provider in order to use the robo-adviser as a purely technical tool.

The best execution rule of MiFID II and its transposing regulations applies equally to robo-advisers, as the services provided by these are qualified as investment services (see 3.1 Requirement for Different Business Models). An issue that might arise with regard to the fulfilment of best execution by robo-advisers advising consumers and businesses could be the malfunctioning of the automated tool (eg, through manipulation or mistakes resulting from being too fast or too focused on some aspects). For consumers in particular, issues may arise as to the processing of (personal) information and the (mis)understanding of the advice by the consumer.

In any case, the investment services providers remain ultimately responsible for the execution of the orders and cannot hide behind the use of robo-advisory technology to avoid their liability vis-à-vis investors.

Legal Regimes Applicable to Loans/Credits

Schematically, there are four different legal regimes applicable to loans/credits in Belgium.

Mortgage credits offered to consumers by credit institutions or other licensed lenders

These credits are subject to a highly regulated regime in Book VII of the Code of Economic Law – see Articles VII.123–147/38 (rules of conduct) and VII.148–216 (prudential requirements).

This legal regime sets out compulsory rules for aspects of the contractual relationship, such as:

• pre-contractual information;
• content of the agreement;
• security interests;
• rules for termination;
• maximum interest rates;
• joint offer of insurance products; and
• extrajudicial management complaints.

Lenders are subject to an obligation to obtain prior validation by the FPS Economy of the model contracts that will be used.

Consumer credits offered to consumers by credit institutions, other licensed lenders or indirect peer-to-peer consumer lending platforms

Consumer credits are subject to a highly regulated regime in Book VII of the Code of Economic Law – see Articles VII.64–122 (rules of conduct) and VII.148–216 (prudential requirements).

This regime sets out compulsory rules for aspects of the contractual relationship, such as:

• pre-contractual information;
• content of the agreement;
• security interests;
• rules for termination;
• maximum interest rates;
• joint offer of insurance products; and
• extrajudicial management complaints.

Lenders are subject to an obligation to obtain prior validation by the FPS Economy of the model contracts that will be used.

It should be noted that a new proposal for a directive on consumer credits is currently under discussion at the European level. This proposal aims at removing legal uncertainty and further harmonising the European consumer credit regulatory framework, in particular, regarding new credit products developed in the online environment. These upcoming changes are expected to have a particular impact on (currently unregulated) Buy Now Pay Later (BNPL) products.

Peer-to-peer lending between consumers is not regulated and is only subject to general contract law (see directly below). However, it should be noted that peer-to-peer consumer lending may not result in a public offering. For this reason, consumer peer-to-peer lending practices  in their purest form (where consumers lend directly to other consumers through a matchmaking platform) are not allowed in Belgium. Alternative (indirect) peer-to-peer models are, however, present.

SME credits offered by credit institutions, other lenders or licensed crowdlending platforms

The regime applicable to loans to SMEs is less regulated than the one applicable to loans to consumers. The regime applies not only to Belgian companies (to the extent that they do not exceed the thresholds of SMEs), but also to organisations and individuals who do not act for private purposes.

The Law of 21 December 2013 on the financing of SMEs notably sets out:

• pre-contractual information obligations;
• an obligation to the lenders to adopt a code of conduct in relation to the granting of loans to SMEs; and
• specific rules for early reimbursements.

The Law of 21 December 2013 on the financing of SMEs is not applicable to loans granted through crowdfunding platforms.

Crowdfunding platforms are regulated under the Law of 18 December 2016 on crowdfunding. These platforms must be licensed in order to operate (ie, to provide online matchmaking services between companies and investors) in Belgium. The crowdfunding regulatory framework leans towards European harmonisation and a major step in this direction has been made with the adoption of EU Regulation 2020/1503 of 7 October 2020 on European crowdfunding service providers for business. In particular, since it came into force on 10 November 2021, this regulation has been enabling crowdfunding platforms to rely on the licence of their home country authority to carry out their activities across Europe on a cross-border basis. This important regulatory change is likely to generate the development of various crowdfunding projects, in Belgium and abroad.

Other loans and credits offered by credit institutions or other lenders to enterprises other than SMEs

Usually these loans/credits are not offered online.

If a credit/loan does not fall in one of the three above-mentioned categories, the applicable regime is regarded as unregulated. General contract law applies and only a few specific provisions (Articles 1905–1914) of the Belgian Civil Code must be taken into account.

The most important of these provisions is Article 1907bis of the Belgian Civil Code, which provides for a limitation of funding loss indemnities for loan agreements.

The underwriting processes will mainly depend on the type of credit and customer.

AML Obligations

The common feature of all underwriting processes is that all lenders (or crowdfunding platforms) are subject to the Belgian AML Law which transposes AMLD5.

Classic AML obligations are therefore applicable (ie, identification and verification of the identity of the borrower/ultimate beneficial owners, risk-based assessment, ongoing surveillance, reporting of suspicious transactions, etc). An increasing number of market participants make use of innovative means for identification in a remote environment (eg, facial likeness detection, video-conference or other biometric data, Belgian eID (electronic identity card) or other qualified signature as specified by the electronic identification and trust services or eIDAS Regulation).

Code of Economic Law Obligations

Besides the AML obligations, the online onboarding of clients must also respect the specific obligations laid down in the Code of Economic Law, the Law of 21 December 2013 on the financing of SMEs, and the Law of 18 December 2016 on crowdfunding.

These pieces of legislation usually impose that specific information about the lender and the credit be provided to the customer (usually on a "durable medium"). These obligations have an important impact on the onboarding of clients, especially in a B2C context.

Signature Obligation

Lastly, it must be noted that credit contracts concluded with consumers require a written or a qualified electronic signature. This obligation also has a significant impact on the conclusion of online credit agreements with consumers.

Belgians can easily sign electronic contracts with their Belgian eID, or even completely electronically through a mobile application of qualified trust service providers such as itsme®. These signatures by use of the eID, or based on the eID, are qualified electronic signatures under the eIDAS Regulation.

The source of funds for loans will depend mainly on the nature of the lender rather than on the nature of the credit:

• credit institutions create the money that they lend (money multiplier), provided that they keep sufficient deposit reserves at the European Central Bank or ECB (see EU Regulation (2021/378)) and respect the fourth Credit Requirements Directive (2013/36/EU) and the Capital Requirements Regulation (575/2013);
• other lenders, licensed or not (which are not credit institutions) cannot receive refundable deposits under Belgian law (Article 28 of the Belgian Law of 11 July 2018 on the offer of investment instruments to the public and the admission of investment instruments to trading on a regulated market) and cannot create money ex nihilo – therefore, they can only lend their own funds; and
• lenders who operate through crowdfunding platforms obviously lend their own funds and, from a legal point of view, the borrower issues debt instruments (which qualify as "investment instruments" under Belgian law). 

Syndication of online loans is not a current market practice in Belgium. This is mainly because loan syndication is reserved to the biggest borrowers and the biggest funding transactions. The largest financing contracts are generally not concluded online.

There is no specific regulation in this respect; only a set of market practice documentation.

However, the crowdlending process presents certain similarities to the syndication mechanism.

In Belgium, there are two main payments systems: (i) CEC (Centre for Exchange and Clearing), a retail payment system for retail payment instruments, based on multilateral netting and settlement; and (ii) TARGET2-BE, the Belgian component of TARGET2 for real-time gross settlement. Both systems are operated by the NBB. These two payment systems are currently the only ones covered by the Belgian Law of 28 April 1999 which implements the Settlement Finality Directive 98/26/CE of 19 May 1998. The Belgian government can extend the list, however.

Payment processors can in principle create new private payment systems which do not fall under this law.

PSD1 and PSD2

By adopting the First and Second Payment Services Directives (PSD1 and PSD2), the European Commission wanted to create an efficient and integrated market for payment services, so that cross-border payments and remittances are regulated in the same way throughout the EU.

SEPA

Belgium is part of the Single Euro Payments Area (SEPA), a system that establishes a single set of tools and standards that make cross-border payments in euros as efficient and easy as national payments. Since 2011, the SEPA programme has allowed European businesses, consumers and governments to make and receive credit transfers, direct debit payments and card payments under the same conditions.

The "Cross Border Payment Regulation"

In addition, EU regulation 2021/1230 of 14 July 2021 on cross-border payments in the Union (the “Cross Border Payment Regulation”) requires banks to apply the same charges for cross-border electronic payment transactions in euros within the European Union.

Fund administrators do not have a legal definition as such under Belgian law. Traditional actors of the investment funds business include the management company and the depositary bank, which are both highly regulated.

However, traditional fund administration services such as legal services, accounting management, compliance, etc, are listed by both alternative investment fund (AIF) and undertakings for collective investment in transferable securities (UCITS) Belgian regulations and can only be provided subject to compliance with several requirements.

The provision of these services is generally shared between the fund management company and the depositary bank. These services may also be outsourced (often within the same group) subject to strict requirements, which can include (depending on the delegated service) the need for a licence as an investment firm or credit institution.

There do not appear to be any specific terms (eg, dictated by regulation or industry custom) between fund administrators and fund advisers. Generally speaking, liability clauses are often one of the key points in negotiations.

There are essentially three different kinds of trading platforms: regulated markets, MTFs and OTFs.

MiFID II provisions pertaining to trading platforms are implemented in Belgian law mainly through the law of 21 November 2017 on the infrastructures of markets for financial instruments (Law on Trading Platforms). The Law on Trading Platforms is divided into two sections, the first one covering regulated markets and the second being dedicated to MTFs and OTFs.

Regulated Markets

Regulated markets must obtain a licence from the minister of finance, assisted by the FSMA. This agreement is subject to many prudential requirements, such as the fitness and properness of the management and the shareholding, and the implementation of adequate organisation and control processes.

OTFs and MTFs

OTFs and MTFs can only be exploited by specific licensed entities – ie, credit institutions, stockbroking firms and market operators. In addition to the requirements applicable to their existing licence, these entities are subject to an extra layer of requirements set out in the Law on Trading Platforms.

Generally speaking, assets are subject to equivalent regulatory regimes.

However, the FSMA has adopted two regulations (confirmed by royal decree) limiting and/or prohibiting the marketing of certain categories of investments.

• The regulation of 3 April 2014 prohibits the professional marketing of so-called "non-conventional assets" to retail clients. Prohibited non-conventional assets include financial products, the return of which depends directly or indirectly on cryptocurrencies.
• The regulation of 26 May 2016 prohibits the distribution of certain financial derivatives among Belgian retail clients, as well as a number of aggressive or inappropriate distribution techniques and forms of professional marketing of derivatives on electronic trading venues.

The rise of cryptocurrencies has not heavily affected the regulation of trading platforms at this stage.

However, it is worth noting that the FSMA regulation of 3 April 2014 prohibits the professional marketing of financial products, the return of which depends directly or indirectly on cryptocurrencies. This regulation seriously limits the distribution schemes and structuring of crypto-assets. It also has to be noted that the FSMA regularly issues warnings concerning cryptocurrency trading platforms on which it has identified signs of fraud. Furthermore, entities providing crypto-wallet and currency exchange between fiat and crypto-assets with a physical presence in Belgium are subject to AML requirements due to the Belgian transposition of AMLD5.

This situation is, however, expected to change when the proposal for an EU regulation on MiCA is adopted, introducing a prudential regime for cryptocurrency exchanges.

Article 30 of the Law on Trading Platforms of 21 November 2017 requires regulated market operators to ensure that the regulated markets they operate and/or manage adopt clear, non-discriminatory, objective and transparent listing standards. These standards must also allow the markets to ensure that the issuers comply with the information requirements under EU law (initial, periodic and occasional information).

With respect to derivatives, these listing standards must ensure that the characteristics of the derivatives allow for an orderly rating and efficient settlement.

Regulated market rules are subject to the prior approval of the FSMA and must be published on the market operator’s website.

OTFs and MTFs are also required to adopt transparent and non-discriminatory listing standards. Generally speaking, OTFs and MTFs are subject to softer requirements than regulated markets.

Market rules must allow for the efficient handling of orders.

In addition, MiFID II rules of conduct and their delegated regulations apply in Belgium.

Articles 27quater and 28 of the law of 2 August 2002 on the supervision of the financial sector and financial services further specify that regulated entities executing clients’ orders must ensure that these are handled quickly, fairly and efficiently. They must also take sufficient measures to ensure that the best possible result is achieved, taking into consideration the price, cost, speed, probability of the execution, the size, nature and any other relevant criteria pertaining to the order (the "best execution" principle).

Taking into account some legal obstacles, the Belgian market is not yet mature in respect of peer-to-peer trading platforms. Therefore, at this stage, no impact can truly be observed.

A change in this respect may, however, be expected in the future due to the fact that EU Regulation 2020/1503 of 7 October 2020 on European crowdfunding service providers for business came into force on 10 November 2021, and the existence of a European passport for crowdfunding platforms.

When it comes to best execution of customer trades, Article 27 MiFID II has almost literally been transposed into Article 28 of the law of 2 August 2002 on the supervision of the financial sector and financial services.

Generally speaking, the Belgian legislator and regulators follow the EU recommendations on the matter and have not adopted Belgian-specific recommendations. In addition, no specific fintech initiatives currently exist in this field in Belgium.

There is no Belgian specificity in payment for order flow. The European Securities and Markets Authority (ESMA) has stressed the fact that MiFID II limits the possibility for brokers to receive any remuneration, discount or non-monetary benefit for routing client orders to execution venues, resulting in a clear onus on firms to ensure that the execution quality achievable at a venue is the driver for sending client orders to such a venue, and not any payment for order flow. Due to a lack of any further specific guidelines on the matter from the FSMA, it can be anticipated that the FSMA will follow ESMA’s position and take a rather reluctant stance regarding payment for order flow out of consideration for best execution policies.

In the absence of any specific regulation, payment for order flow would be assessed in the light of inducement requirements, which prevent regulated entities from paying or receiving benefits from third parties unless:

• it enhances the quality of the service;
• it does not affect the general duty of acting honestly, fairly, professionally and in the client’s best interest; and
• the client is adequately informed.

Regulation (EU) 596/2014 of 16 April 2014 on market abuse (MAR) and the various Implementing and Delegated Regulations in this respect are directly applicable in Belgium. The Belgian legal framework on principles regarding market integrity and market abuse governing trading is further complemented by Article 25 and Sections 8 and 9 of Chapter II of the law of 2 August 2002 on the supervision of the financial sector and financial services, which lays down the competencies of the FSMA as the supervisor in this respect and the applicable sanctions. In addition, in its Circular of 18 May 2016, the FSMA provides practical instructions, resuming the ESMA guidelines accompanying the MAR.

Under the applicable rules, market manipulation, insider dealing and unlawful disclosure of non-public information are considered forms of market abuse which are subject to administrative and/or criminal sanctions.

Regulated firms engaged in algorithmic trading should have adequate and effective internal controls appropriate to their business activity in place, to ensure that trading systems cannot be used for any purpose contrary to the EU MAR. Alternatively, they should have a connected trading venue, to ensure that their trading systems are resilient and have sufficient capacity, and are subject to appropriate trading thresholds and limits, and to prevent erroneous orders from being sent or otherwise operated in such a way that they could lead or contribute to the creation of a disorderly market. Furthermore, they are expected to have effective arrangements to deal with business continuity and should ensure that their systems are fully tested and properly supervised.

In general, the FSMA is wary of algorithmic and high-frequency trading entities and there is no tendency to encourage this sector from the regulator’s perspective.

A regulated company that is engaged in algorithmic trading, as a member of or participant in one or more trading platforms when trading for its own account, is deemed to be implementing a market-making strategy if its strategy consists, among other things, of simultaneously publishing a firm bid and offer prices of a comparable size and at competitive prices for one or more financial instruments on one or more trading platforms, with the result that the entire market is regularly and freely advertised on one or more trading platforms.

Duties and Requirements

There is a prior notification duty to the FSMA and the NBB, as well as to the competent authorities of the trading venue where the regulated company engages in algorithmic trading as a member or participant of the trading venue. The FSMA may require these firms to provide specific information on their activities.

Up until now, only regulated companies engaged in algorithmic trading are targeted by the applicable regulation. No further rules or distinctions are made.

Up until now, only regulated companies engaged in algorithmic trading are targeted by the applicable rules of the Belgian Royal Decree of 19 December 2017 and the EU Commission Delegated Regulation 2017/589 of 19 July 2016 with regard to RTS specifying the organisational requirements of investment firms engaged in algorithmic trading. Therefore, no provisions apply specifically to the programmers developing and creating trading algorithms and other electronic trading tools.

In this respect, the upcoming EU regulation on digital operational resilience might provide food for thought as under its current proposal, ICT third-party providers are (among others) made subject to reporting obligations, and those designated as critical third-party providers (CTPPs) by the European Supervisory Authorities (ESAs) may even be subject to an oversight framework.

The provision of an investment research service or a financial analysis service is considered as an ancillary service (to other investment services) in MiFID II and in Article 2, 2° of the transposition, the Belgian Law of 25 October 2016 on investment firms. Platforms which provide ancillary services only are not subject to any registration duty, except if they also provide other investment services (Article 6, § 4, of the Belgian Law of 25 October 2016 on investment firms).

Investment firms which provide investment research services or financial analysis services are subject to the "rules of conduct" in accordance with the EU Commission Delegated Regulation 2017/565 of 25 April 2016 (see Recital 17). In particular, they must ensure that the public is at all times provided with clear, accurate and non-misleading information.

Irrespective of the regulatory status, spreading unverified information is prohibited pursuant to Article 12 of the EU MAR, and this may lead to administrative and/or criminal sanctions.

There is currently no apparent institutional platform active in Belgium allowing users to post any kind of financial content or information, which also qualifies as an investment research service or financial analysis service.

As mentioned in 9.2 Regulation of Unverified Information, the spreading of rumours and unverified information is forbidden under the MAR.

Numerous underwriting processes are available to industry participants and each comes with a different set of regulations.

Actors creating their own insurance products will most likely need a full insurance company licence from the NBB in accordance with the law of 13 March 2016 on the status and control of insurance and reinsurance companies (“Law of Control”).

In practice, insurtechs most often act as distributors or business introducers.

Insurtechs as Distributors

When they act as distributors, insurtechs need to be registered as insurance intermediaries with the FSMA. The regulations applicable to insurance intermediaries are mainly centralised in the law of 4 April 2014 relating to insurances (“Insurance Law”).

In 2019, the Belgian legislator created a new status of insurance intermediary: the mandated underwriter (“souscripteur mandaté/gevolmachtigde onderschrijver”). This status was inspired by the UK status of managing general agent (MGA), which was more or less unknown to the Belgian market. It was introduced in Belgium with a view to attracting "brexiteers" and providing them with legal certainty as to the validity of their existing distribution model in Belgium.

Insurtechs as Business Introducers

Mere business introducers do not need any licence or registration, but must carefully design their business model as they can provide only strictly limited services, thereby reducing their potential added value.

Additional Rules and Obligations

Whichever distribution and operation structure they opt for, insurtechs will need to comply with the rules of conduct contained in the Insurance Law, as well as the circulars and recommendations issued by the NBB and the FSMA.

Furthermore, the provision of online services, as well as B2C provision of services, leads to the application of additional obligations, mostly organised by the Code of Economic Law.

In addition to general common principles, each type of insurance (life, annuities, property, etc) is subject to its own set of regulations under the Insurance Law.

Industry players often tend to specialise in one or more specific markets. At the very least, they tend to focus either on life or non-life products. As a matter of fact, the Law of Control prohibits the provision of both life and non-life services to insurance companies (Article 222).

Investment and savings life insurance products are among the most regulated products. Their distribution leads to the application of strict diligence obligations (appropriateness and suitability tests).

As such, regtechs are not specifically regulated (with the exception of eID and trust service providers which are regulated under the EU Regulation 910/2014 on electronic identification and trust services for electronic transactions, which are often regarded as regtech providers). However, as they serve the industry players with products/tools facilitating compliance with prudential regulations (eg, Solvency II, Banking Law, etc) or rules of conduct (eg, MiFID II, the Insurance Distribution Directive (IDD), PSD2, AML), regtechs need to have a comprehensive understanding of these regulations.

Contractual arrangements between regtechs and regulated entities are, as such, not addressed in a specific regulation. However, regtech services often fall within the scope of the notion of "outsourcing”, triggering specific obligations for regulated entities. Those obligations vary depending on the type of entity concerned, but they generally include the obligation to have an agreement in place, containing specific mandatory provisions – among others, terms to assure performance and accuracy.

Obligations Imposed on Regtech Service Providers

Pursuant to the outsourcing rules, before entering into outsourcing arrangements, regulated entities must conduct a thorough due diligence on potential outsourcing service providers to ensure their suitability. Furthermore, regarding contractual obligations, regulated entities are required to impose multiple obligations on regtech providers, such as agreed service levels, reporting obligations, continuity plans, termination assistance, audit obligations, etc. The audit clause generally allows regulated entities as well as their regulator(s) to control or request key information from their provider.

Cryptocurrencies based on blockchain technology were initially thought of as a huge threat to traditional banking players.

However, the optics have now changed and legacy players are enthusiastic about and willing to implement further blockchain applications, developing their ideas in relation to a whole range of activities and services (from internal administrative organisation to client onboarding processes, crowdfunding set-ups and even broader market integration).

Alongside the adoption of blockchain technology by incumbents, a new trend of “web3” and decentralised finance projects developed by start-ups is currently emerging.

The NBB

The NBB has stated in the past that although the technology looks promising, actual use cases for distributed ledger technologies (of which blockchain is only one particular type) are still relatively limited in number and in scope. According to the NBB, attention is particularly required concerning the use of distributed ledger technology or blockchain technology, as institutions should be aware of the legal value of smart contracts or the information contained in the distributed ledger, the possible governance complications and the security or resilience threats that may exist at different nodes in the network.

The FSMA

The FSMA has only warned about practices involving virtual currencies, by publishing an official communication at the end of 2017 and regularly updating its list of websites suspected of cryptocurrency fraud.

Fintech Contact Point

So far, no concrete legislative initiatives have been taken on a national level. Furthermore, neither the NBB nor the FSMA has come up with new proposals or interpretations. However, given the importance of these evolutions, the NBB has taken various steps to enter into a dialogue with both new and established players in the market. In this context, it has set up, in co-operation with the FSMA, a central Fintech Contact Point, which deals with fintech-related questions (see 2.5 Regulatory Sandbox).

There are currently no regulations or other authoritative documents in place which incorporate rules on blockchain assets. The regulated financial instruments are to be found in Article 2, 1° of the Law of 2 August 2002 on the supervision of the financial sector and the financial services. If (and in so far as) a certain blockchain asset displays some of the same characteristics as one of the financial instruments from the list of Article 2, 1° of the aforementioned law on financial supervision, this particular asset may be considered a regulated financial instrument.

In its 2017 communication on the risks of ICOs, the FSMA assessed the similarities between the tokens that are created and offered via distributed ledger technology and:

• investment instruments (given that they may provide rights, offer the prospect of revenues or returns, or involve a pooling of funds with a view to investment in tokens);
• a means of storage, calculation and exchange (given their convertibility into other tokens, cryptocurrencies or fiat money); and/or
• a utility token (given the access the token provides to the product or service).

As opinion remains divided on whether cryptocurrencies qualify as a financial instrument, the legal doctrine seems to prefer their legal qualification as a financial instrument as regards investment tokens, at least in so far as a right is obtained by the issuer.

The upcoming proposal for a regulation on MiCA is expected to cover new categories of crypto-assets that are not already subject to traditional EU regulations, and to introduce a prudential regime for both crypto-asset issuers and service providers.

Based on the aforementioned 2017 FSMA communication on ICOs, the following (unlimited) overview of possible applicable regulations should be taken into account by issuers of ICOs.

EU regulations:

• the Prospectus Regulation;
• Markets in Financial Instruments Directive (MiFID);
• Alternative Investment Fund Managers Directive (AIFMD);
• Market Abuse Regulation (MAR);
• Fourth Anti-money Laundering Directive (AMLD4); 

• Fifth Anti-money Laundering Directive (AMLD5); and

• the e-money directive (EMD2).

Belgian regulations:

• the FSMA Regulation of 3 April 2014 on the ban on distribution of certain financial products to retail clients;
• the Law of 11 July 2018 on public offers of investment instruments and on the admission of investment instruments to trading on regulated markets; 
• the Law of 18 December 2016 regulating the recognition and definition of crowdfunding and containing various provisions on finance; and
• the Law of 11 March 2018 on the legal status and supervision of payment institutions and electronic money institutions.

This list serves only as provisional guidance and in no way constitutes the full legal framework on blockchain assets and it should be seen in light of the specific circumstances at hand.

Finally, the proposal for a regulation on MiCA will create a legal framework for the issuance of crypto-assets that currently fall outside the scope of existing legislations, as well as for entities providing crypto-related services. This proposal notably foresees introducing a common licensing regime for crypto-asset providers across the EEA member states.

Since July 2020, cryptocurrency exchanges (offering crypto/fiat conversion) are theoretically required to register with the FSMA before offering their services in Belgium. However, this registration process is not yet effective, as both the process and requirements must be implemented in an act which has still not been adopted, although it is expected to be adopted very soon. Once implemented, this registration process will be subject to requirements that go beyond what is required under AMLD5, such as the verification of the quality of the persons in charge of the effective management and other potential conditions to be specified by the future act.

Besides that regime, blockchain asset-trading platforms, as well as secondary market trading in blockchain assets, currently remain unregulated. However, a proposal to extend the scope EU Regulation 2015/847 of 20 May 2015 on information accompanying transfers of funds (the “FTR2”) to transfers of virtual assets is currently being reviewed as part of the upcoming EU Commission Sixth Anti-money Laundering package. If adopted, the revised regulation will include additional requirements to ensure the traceability of any type of “virtual asset” transfer or transaction. This modification is likely to have a significant impact on any entity providing crypto-related activities, including crypto-exchanges.

Funds investing in blockchain technology (such as Amplify Transformational Data Sharing ETF and Reality Shares Nasdaq NextGen Economy ETF) currently remain unregulated.

FSMA Definiton

Article 1, 6° of the FSMA Regulation of 3 April 2014 on the ban of distribution of certain financial products to retail clients, defines virtual currency as “any kind of digital currency which is not regulated and is not a legal tender”. Blockchain assets are not defined in Belgian regulation or regulators’ instruments, although they seem to contain a broader scope of assets.

AMLD5 Definition

Although the definition used in the 2014 FSMA Regulation is the only existing “Belgian” definition of virtual currency, both financial supervisors and/or the courts would be more likely to use the more recent AMLD5 definition of virtual currency in their assessments (ie, “a digital representation of value that is not issued or guaranteed by a central bank or a public authority, is not necessarily attached to a legally established currency and does not possess a legal status of currency or money, but is accepted by natural or legal persons as a means of exchange and which can be transferred, stored and traded electronically”).

NBB Definition

Furthermore, in a circular of July 2019, the NBB indicated that cryptocurrencies are not comparable to money issued by a central bank or a public authority, due to the fact that cryptocurrencies are not considered to be legal tender. For the NBB, the term crypto-assets refers to all of those instruments that have an inherent or perceived value primarily dependent on cryptography, distributed ledger technology or similar technologies.

Decentralised finance is a broad notion that refers to different types of services being delivered through decentralised platforms (often based on the blockchain). DeFi platforms generally allow users to undertake financial transactions without traditional intermediaries (such as banks or brokerage firms). Such services cover different types of activities, eg, lending or borrowing, “yield farming” services, stablecoin networks, etc.

There is no general consensus as to whether DeFi platforms fall within the scope of traditional financial regulations.

This will have to be assessed on a case-by-case basis depending on the type of tokens/crypto-assets used on such platforms, their general structure and the type of activities that are being conducted.

The upcoming regulation on MiCA is expected to have a significant impact on DeFi platforms, as it aims to capture assets and services that were previously beyond the scope of traditional regulations.

NFTs are subject to the same rules as any other crypto-related initiative. Hence, depending on the characteristics and purposes of the NFTs, they could fall within the regulatory parameter.

The same goes for NFT platforms, which will fall within the scope of traditional financial regulations depending on the characteristics of the NFTs traded through them, their general structure and the type of activities they provide. The upcoming extension of FTR2’s scope to transfers of virtual assets could also potentially have a significant impact on their activities.

The prudential rules of PSD2 were transposed into Belgian law by the law of 11 March 2018, while the conduct of business rules was inserted in the Code of Economic Law. The open banking aspect of PSD2 has come into force in Belgium along with the Regulated Technical Standards 2018/389 of 27 November 2017 on Strong Customer Authentication (RTS SCA) in September 2019.

Consequently, credit institutions are required to provide a so-called "dedicated interface" (an application programming interface or API) for the sharing of customer data from their payment accounts, pursuant to the open-banking principle.

Effects of RTS and PSD2

As the RTS only impose limited requirements and finalities on the dedicated interface and the contingency matters, without indicating how these results should be obtained, many credit institutions were left to decide how to implement proper technical solutions. However, PSD2 has also fostered innovation as it has prompted incumbents to either innovate internally, or to enter into partnerships with new fintech players. In this way, open banking under PSD2 has opened up the field to new financial services providers and third-party payment service providers (TPPs), such as, account information service providers and payment initiation service providers. Also, new customer authentication methods have been developed or further implemented in existing applications following the RTS SCA, paving the way to a simpler and smoother user-friendly atmosphere in financial services offerings.

EBA review

The EBA is currently reviewing the application of a particular rule in the RTS, the so-called 90-day exemption (which provides for an exemption from applying SCA when accessing limited payment account information for a period of 90 days), in order to fix some specific issues and potentially extend the exemption to a 180-day period.

Certain concerns have been raised due to the open banking requirement, such as concerns about data protection risks, security measures and the risk of cyber-attacks on third party applications and/or APIs. These concerns have also raised the question of liability should something go wrong regarding any of the above aspects (liability of the bank or of the relevant TPP).

Regarding data privacy and data security concerns, it is generally agreed that the PSD2 and the GDPR are jointly applicable regulations. Furthermore, a high level of security of financial and operational systems has become a key element. Regulation has also placed some liability with the payment initiation service providers, who are subject to an obligation to insure themselves.