Asia Law Network Blog

The legal advice that AI and fintech startups need

Photo credit: Sergey Soldatov / 123RF

Reading Time: 6 minutes

This article is part of Asia Law Network’s partnership with Tech in Asia where we publish articles written by lawyers on their advice for startup founders.


Previously, we shared with you some legal advice that startups in e-commerce, sharing economy, and virtual reality need to know.

In this article, two professionals share some legal insights (based on Singapore’s legal system) that detail the importance of regulations and compliance in the fields of artificial intelligence and fintech.

Artificial intelligence

 

By Samuel Ng, counsel at BlackOak LLC

Artificial intelligence (AI) is not yet fully regulated, but existing legal concepts can still apply to its problems—at least for the most obvious areas of concern.

One such area is that of data collection and usage. AI relies on big data to make many types of predictions. But the truth is that once a machine is taught to learn, it can be difficult to comprehend why it reacts a certain way to a particular set of data inputs. These mystifying inner workings of the AI are the reason machine learning models are referred to as “black boxes.”

In the face of such opaqueness and the trial-and-error nature of big data analytics, can any binary yes-or-no consent given by consumers still truly be meaningful and compliant with existing personal data regulations?

A possible solution, as sometimes raised in other circles, may lie in graduated consent. Instead of a binary option at the outset, consumers are given the option to agree or disagree with various uses of their personal data. But for the most part, it may just be prudent to have a comprehensive, well-drafted terms of use, and be upfront with the exact known purposes for which data is being collected, stored, and used.

Who should bear the blame? Who should be liable for decisions that AI makes without human intervention?

Another issue is that of liability. For example, in October 2016, while out on a test drive, a self-driving car got into a collision with a lorry. Although no one was hurt in this experiment, the risk of autonomous ambiguity resulting in human injury (or even death) remains very real. Who should bear the blame? Who should be liable for decisions that AI makes without human intervention?
Perhaps, the situation can be more complex as the insurance industry is just about to play catch up. But between a business peddling AI and its customers, liability may in the meantime be managed through a good understanding of contract law and the scope of exclusion clauses. After all, a significant chunk of contract law is about the allocation of risk in business relationships, and many legal pitfalls occur because of a lack of foresight and planning.

Closely related to this is the ethics of machine learning. Machine learning can produce decisions that may be strategically correct but ethically wrong. In 2017, we learned with horror through Microsoft’s Twitter chatbot, Tay, that machines can turn racist, sexist, and otherwise prejudiced in less than 24 hours by picking up the same tendencies in human data inputs.

The chatbot was abruptly shut down, with Microsoft apologising profusely for the fiasco. Some may laugh this off as a joke, but it is not inconceivable that AI may make decisions that are inherently discriminatory or even defamatory. Intervention at the AI’s design level is expected, but prudent businesses should also plan for an unexpected violation of consumers’ rights.

Fintech

 

By WanHsi Yeong, director at ArrowGates

This section focuses on regulations that fintech companies should be aware of and the potential consequences of non-compliance.

Initial Coin Offerings in Singapore

To avoid heavy regulatory compliance when holding an initial coin offering (ICO), companies should ensure that their digital tokens do not fall within the definition of securities under the Securities and Futures Act (SFA). Otherwise, the offer must be made in or accompanied by a prospectus prepared in accordance with the SFA and is registered with Monetary Authority of Singapore (MAS).

In a 13-page document published in November last year, MAS clarified that they will examine the structure and characteristics of a digital token to determine whether it is a type of capital markets products under the SFA. If a token is considered as a capital markets product, it may be regulated by the MAS. (Capital markets products include any securities, futures contracts, and contracts or arrangements for purposes of leveraged foreign exchange trading.)

Companies should then be careful to clarify that their tokens are strictly virtual currencies to be used on their blockchain networks and do not represent ownership of the company or entitle holders to any monetary rewards.

Stored value facilities

A startup offering stored value facilities (SVF) may fall under the purview of the Payment Systems (Oversight) Act. For a total outstanding stored value below US$30 million, the approval of the MAS is not required and any entity can issue such SVFs. Single- purpose SVF schemes do not require MAS’ approval as well.

Notwithstanding, such SVFs are still regulated under certain sections of the Act and may face certain penalties in case of non-compliance (i.e. providing false or misleading information which may result in a fine not exceeding S$50,000 or US$37,900, two-year imprisonment, or both).

Electronic payment facilities

Currently, companies that facilitate electronic payments through the provision of an internet-based stored value wallet are regulated under both the Money Changing and Remittance Business Act and the Payment Systems (Oversight) Act. However, in November 2017, MAS proposed the Payment Services Bill (PSB) which will regulate the following activities under a new licensing regime:

  • Account issuance services
  • Domestic money transfer services
  • Cross-border money transfer services
  • Merchant acquisition services Electronic money issuance
  • Virtual currency services
  • Money-changing services

Therefore, the activities of mobile applications like DBS Paylah would be regulated accordingly— account issuance (e-wallet) and e-money issuance (stored value in the wallet). However, a company conducting any number of regulated activities under the PSB would need to hold only one license.

While the proposed PSB is not yet final, there will be three classes of licenses that an entity can apply for under the bill—money-changing licensee, standard payment institution, or major payment institution. Only a major payment institution may carry out payment services above any of the following thresholds:

  • Accepting, processing, or executing a monthly average of transactions (including all payment transactions) above S$3 million (US$2.2 million) in a calendar year
  • Holding an average daily e-money float above S$5 million (US$3.7 million) in a calendar year

Insurance tech

It is important for insurance tech (insurtech) startups to first identify which category they belong, as the regulatory requirements will vary according to the type of business. Here are the three most common categories of insurtech businesses:

Insurtech aggregator

Unlike an intermediary, aggregators do not originate, underwrite or issue any insurance policy but merely provide a platform to facilitate transactions.

Startups that sell, issue, originate, or underwrite insurance policies must first obtain the applicable licenses under the Insurance Act. If advice is part of the service provided (this of course includes digital advice), then a financial advisory license will need to be obtained, as it will fall within the scope of the Financial Advisers Act (Cap. 110).

Insurtech intermediaries (aka brokers or agents)

Pursuant to the Insurance Act and Insurance Intermediaries Act (Cap. 142A), even if an insurtech company is a licensed insurer or insurance broker, it must still ensure that there is a written agreement in place with each of its representatives/agents to authorize them to arrange any contract on behalf of the company.

Full-stack insurtech

These companies, which provide complete, end-to-end products or services, are also required to be licensed insurers. Generally, there are two different classes of licenses:

  • Direct life insurance business license
  • General insurance business license

Capital markets services license

Companies that carry out activities regulated under the SFA are required by the MAS to hold a capital markets services (CMS) license. Fintech companies, including those that offer crowdfunding and P2P lending services, are no exception.

Activities regulated under the SFA include:

  • Dealing in securities
  • Trading in futures contracts
  • Leveraged foreign exchange trading
  • Advising on corporate finance
  • Fund management (above US$1 billion)
  • Real estate investment trust management (REIT) securities financing
  • Providing custodial services for securities

Converted from Singaporean dollars. US$1 = S$1.32.


Looking for legal advice for your business?

If you require legal advice for your business, you can get a Quick Consult from a lawyer and expect a call back within 1-2 days on the phone to get legal advice for a flat and transparent fee and have your questions answered.


This article is edited by Charmaine de Lazo, Community Editor from Tech in Asia.

This article does not constitute legal advice or a legal opinion on any matter discussed and, accordingly, it should not be relied upon. It should not be regarded as a comprehensive statement of the law and practice in this area. If you require any advice or information, please speak to practicing lawyer in your jurisdiction. No individual who is a member, partner, shareholder or consultant of, in or to any constituent part of Interstellar Group Pte. Ltd. accepts or assumes responsibility, or has any liability, to any person in respect of this article. 

Keep reading related posts