HOW TO PLAY IN ARIZONA’S FINTECH SANDBOX – PART III
By Michael Rolland
The Arizona legislature recently signed into law the nation’s first fintech regulatory sandbox, which started accepting applications on August 3, 2018. Participants in the sandbox will enjoy a reprieve from many of the licensing and regulatory burdens of companies in the financial sector, so the program offers a great incentive for financial technology (aka, “fintech”) companies to settle and operate in Arizona. This is the last of a five part series on how to apply and participate in the sandbox. If you are new to the series, go back and read the first four parts, which discuss the history of sandbox programs, the benefits of participation in the Arizona sandbox, eligibility requirements, and the application process. This part five will explain the rules you will be subject to once in the sandbox. The official website for the fintech sandbox was recently launched and can be viewed HERE, and the full text of the law can be viewed HERE.
Who Can Apply?
The statute is very inclusive right from the start: “Any person may apply to enter the regulatory sandbox to test an innovation.” (Emphasis added). This includes not only startups or other new entrants to the Arizona market, but also established companies already licensed in the state. In fact, I expect that a sizable percentage of sandbox participants will be legacy banking institutions, as they will benefit equally from the opportunity to use Arizona as a testing ground for new products and services.
A Place for Innovators
The sandbox is limited to the testing of financial products or services—meaning consumer lending, motor vehicle sales financing, insurance, or investment management—that are deemed “innovative,” which is defined to mean:
the use or incorporation of new or emerging technology or the reimagination of uses for existing technology to address a problem, provide a benefit or otherwise offer a product, service, business model or delivery mechanism that is not known by the attorney general to have a comparable widespread offering in this state.
We will have to wait and see how broadly the attorney general applies the requirement that the product or service be innovative. However, every formal statement by the attorney general’s office about the sandbox leads me to believe that it will be a very loose and inclusive assessment.
Must be in Arizona
To participate in the sandbox, the person will also need to be subject to the (1) jurisdictional authority and (2) oversight of the attorney general. Specifically, under A.R.S. § 41-5603(C), the applicant must demonstrate that it both:
Is an entity or individual that is subject to the jurisdiction of the attorney general through incorporation, residency, presence agreement, or otherwise.
Has established a location, whether physical or virtual, that is adequately accessible to the attorney general, from which testing will be developed and performed and where all required records, documents and data will be maintained.
Subject to Jurisdiction in Arizona
Under the text of the statute, the jurisdictional requirement can be satisfied a few different ways. However, based on the following language in the recently released sandbox application, it appears that admitted applicants will uniformly be required to satisfy the jurisdictional requirement by executing a written acknowledgment:
If accepted into the Sandbox, Applicant agrees to be bound by the requirements of Chapter 55 of Title 41 of the Arizona Revised Statutes and understands that Applicant and Active Managers will be required to acknowledge they are subject to the jurisdiction of the Arizona courts with respect to any action arising out of or relating to Applicant’s Testing.
This language relates to the “presence agreement” option listed in A.R.S. § 41-5603(C)(1). The attorney general has not publicly released the presence agreement that will be used, so it is worth taking a quick look at the three other statutory prongs available to satisfy jurisdiction: “incorporation,” “residency,” “or otherwise.”
First, incorporation simply means that the company is formed under the laws of Arizona. It could be argued that use of the term “incorporation” was meant to refer only to “corporations” formed under Title 10 and not limited liability companies under Title 29 (LLC’s are “organized” or “formed” rather than “incorporated”). However, given the otherwise inclusive language of the sandbox bill, which is open to any “person,” I don’t think the legislature intended to limit jurisdictional eligibility under the incorporation prong to Title 10 corporations, especially given that LLC’s organized in Arizona are generally subject to Arizona’s jurisdiction in other circumstances.
“Residency” generally means exactly what you would expect: if you are an individual that lives in Arizona full time, or if you are a company incorporated or organized in Arizona or whose principal place of business is in Arizona, then residency should be clearly satisfied. However, if you split time between Arizona and another state, or if you simply have some, but not all, business operations in Arizona, then determining your state of residence may involve a more complex legal analysis.
The final provision, “or otherwise,” is simply a catch-all provision that recognizes the many other ways people can become subject to the jurisdiction of a state. For example, if you are a foreign business, but you obtained a license to conduct certain business in Arizona, then by doing so you may have agreed to be subject to Arizona jurisdiction. Similarly, if you conduct significant ongoing business in Arizona, or if you have a significant presence in Arizona in the form of employees and/or offices, you may also be generally subject to jurisdiction in Arizona.
Location Must be Available to the Attorney General
The second element requires the applicant to designate a specific place to develop and perform testing and to maintain all records, documents and data. This element is interesting in that it allows the applicant to designate a “physical or virtual” place – a savvy drafting decision by the legislature because it recognizes that many of these companies are going to be operating exclusively online.
It is not clear whether this element requires companies to give the attorney general access to original records and/or the exact same development and testing platform used by the company, or whether the company can simply create a copy for the attorney general’s use. In either case, it must be “adequately accessible” to the attorney general, and although that phrase is not specifically defined, I would expect that it will involve some measure of unfettered administrative access. I am including this component in our discussion of eligibility, but in actuality it is a requirement that can likely be satisfied after admission to the sandbox by coordinating with the attorney general to provide access.
Criminal History May be a Barrier
The text of the fintech sandbox statute does not prohibit the admission of applicants with a criminal history, but it does require prior criminal convictions of the applicant or the applicant’s key personnel to be disclosed in the application. This suggests that criminal history will have some impact on the attorney general’s evaluation, but exactly how much is unknown. My guess is that applicants who have been convicted of financial or other white collar crimes may have difficulty getting admitted to the sandbox, particularly if that crime relates to the same financial sector the applicant’s fintech innovation would serve.
The attorney general will also evaluate applications in consultation with any agencies the innovation are or would be subject to, so if you already have a history of censures, investigations, or other negative agency actions, then your application may get rejected.
Whatever your background, applications should be completed thoroughly and carefully, which I will explore further in part four of this series.
About the Author
Michael Rolland is a member of the civil litigation and commercial transactions practice groups with the law firm of Engelman Berger, P.C. Michael has a special interest in the intersection of technology and the law, and writes on tech law issues.
Disclaimer: This blog is not legal advice and is only for general, non-specific informational purposes. It is not intended to cover all the issues related to the topic discussed. If you have a legal matter, the specific facts that apply to you may require legal knowledge not addressed by this blog. If you need legal advice, consult with a lawyer.
