EGYPT Law and Practice Contributed by: Dina Kamel, Helal El Hossary, Omar Fouda and Kareem Hashem, Zaki Hashem
• the total amount due. 2.4 Variations Between the Regulation of Fintech and Legacy Players In Egypt, regulation of fintech participants differs from that of banks in ways that are structural, not cosmetic. The key is the regulatory perimeter; banks are super - vised as systemic deposit takers, while most fintechs and NBFS models are supervised as payments or credit providers, with a heavier focus on operational and conduct risks. Regulation Overview Legacy banks are regulated under the CBE licensing regime (the Central Bank and Banking System Law). Fintechs providing payment services or operating payment systems also fall under the supervision of the CBE, but under a payments framework that is dis - tinct from the banks. Fintech-enabled NBFS models typically fall under the FRA and the relevant NBFS sector law, with a fintech overlay for fintechs engaging in non-banking financial activities. A central distinc - tion for fintechs is how customer funds are provided, protected and audited, often via electronic integration with the FRA, safeguarding, guarantees and opera - tional controls rather than deposit protection (as with banks). Operational Emphasis Banks are regulated primarily with respect to bal - ance sheet risk, capital, liquidity, credit risk and sta - bility. However, many fintechs are regulated more with respect to resilience, cybersecurity, governance, outsourcing risk and fair customer outcomes, even where licensing is required (governed by the Central Bank and Banking System Law, Law No 10 of 2009, the Consumer Finance Law and the Law Regulating and Developing the Use of Financial Technology in Non‑Banking Financial Activities). Customer Protection is Handled Differently For CBE-licensed entities, the general Consumer Pro - tection Law is not applicable, and customer protection is administered through the CBE’s regime – including complaints handling and related requirements. NBFS firms are generally subject to the consumer protection laws and regulations, as well as FRA conduct rules
and sector laws (Law No 10 of 2009 and the Con - sumer Finance Law). AML/CFT Obligations: Same Goal, Different Supervisory Track Banks typically encounter AML/CFT obligations through CBE supervision and banking onboarding standards, while NBFS and some fintech models are commonly supervised through their sector regulator’s framework alongside the general AML statute (Law No 80 of 2002 – the “Anti-Money Laundering Law”). Outsourcing and Critical Tech Providers Fintechs outsourcing service providers are regulated either by the CBE or the FRA, depending on the ser - vice provided, because banks and regulated firms can only outsource certain critical services to licenced providers (either via the CBE or the FRA, depending on the service provided) that meet regulator-imposed requirements, and with the regulated firm remaining responsible (governed by the Central Bank and Bank - ing System Law and the Law Regulating and Develop - ing the Use of Financial Technology in Non‑Banking Financial Activities). Data Protection and Bank Secrecy Beyond Law No 151 of 2020 (the “Personal Data Protection Law” – PDPL), banks are bound by statu - tory bank secrecy requirements, restricting sharing or monetising customer data and covering accounts, deposits, valuables and transactions. Disclosure is allowed only in case of customer consent or a judicial order, or if necessary in relation to regulatory sharing, AML/CFT, credit information frameworks, disputes, limited M&A due diligence and controlled access by outsourced providers. Fintech and NBFS entities remain subject to the PDPL with respect to cross-border transfers and direct mar - keting. Many are contractually held to bank secrecy standards when handling bank customer data. 2.5 Regulatory Sandbox Egypt operates two main regulatory sandboxes: • the CBE’s FinTech Egypt sandbox for banking and payments; and • the FRA’s sandbox for NBFS.
221 CHAMBERS.COM
Powered by FlippingBook