ESTONIA Law and Practice Contributed by: Yuliya Barabash, Ivan Nevzorov, Daria Lysenko and Nikita Prokopenko, SBSB FinTech Lawyers
7.4 Regulation of Programmers and Programming
product life cycles, less stringent requirements and generally simpler automation.
In Estonia, developers of algorithmic trading soft - ware are not directly regulated. Finantsinspektsioon focuses on regulated businesses. At the same time, one can talk about indirect regulation, since, ulti - mately, the requirements imposed on businesses are imposed by the businesses themselves on developers directly, and it is they who must implement the regula - tor’s requirements. Responsibility, of course, remains with the regulated business, while the responsibility of developers may arise within the framework of con - cluded software development agreements. Insurtech market participants in Estonia most often use digital and automated underwriting processes based on data analysis, integration with external sources and algorithmic models. This includes auto - mated risk assessment, the use of behavioural or big data, artificial intelligence tools to determine customer risk profiles, and other aspects. Assessment methods must comply with the require - ments of the Solvency II Directive applicable in the country, but the regulations do not contain clear underwriting processes. 8. Insurtech 8.1 Underwriting Processes 8.2 Treatment of Different Types of Insurance Although insurance in general in the EU and Estonia in particular is subject to a single regulatory framework, in practice it is used differently and regulated differ - ently. In Estonia, supervision is also carried out by Finantsinspektsioon . Life insurance and annuities are subject to stricter requirements for disclosure, long-term reserves and risk management, as they are directly related to capi - tal accumulation and investment components. At the same time, property and casualty insurance has a shorter risk horizon, so the focus is on pricing, claims management and efficiency. Insurtech companies are more likely to implement digital solutions in the non-life segment due to shorter
9. Regtech 9.1 Regulation of Regtech Providers
Regtech providers in Estonia are not usually subject to direct financial regulation, as their activities are focused on providing technological solutions. These may include tools for AML/KYC, transaction monitor - ing, risk management, or compliance analytics. For their activities, they are technology service providers and, as mentioned earlier, the main responsibility will remain with the regulated entity. At the same time, the requirements may be partially transferred to regtech providers, not through direct regulation, but through the provisions of agreements with customers who are subject to regulation and order the product. Regtech companies may be subject to regulation if their activi - ties are not limited to the technical component, but also include payment processing or customer asset management, which are financial services and require authorisation from the regulator. 9.2 Contractual Terms to Ensure Performance and Accuracy Since financial services firms must strictly comply with applicable regulations in Estonia and general regulations in the EU, they seek to transfer some of the requirements that can be fulfilled by regtech companies to their contracts. Note the compliance of services with the requirements of DORA, GDPR and EBA guidelines, which is related to the obligation of licensed companies to ensure control over critical IT providers. It should also be noted that it has become industry practice to include high penalties in contracts with regtech companies, as the regulator may impose fines and the licensed company may be unable to continue its activities. 10. Blockchain 10.1 Use of Blockchain in the Financial Services Industry Estonia is rightly considered one of the leading coun - tries in the implementation of blockchain technolo -
252 CHAMBERS.COM
Powered by FlippingBook