AUSTRIA Law and Practice Contributed by: Oliver Völkel and Philipp Ley, CERHA HEMPEL
industry participants and regulators because of their distinct risk profiles, product structures and legal obli - gations. Life and annuity insurers face stricter capital, disclo - sure and consumer protection rules because of the long-term nature and savings element of their prod - ucts. Meanwhile, property insurers are regulated in terms of solvency and pricing but have more flexibility in product design. Regulatory frameworks like Solvency II, VAG 2016 and the IDD apply across all types of insurance but with different provisions depending on the line of business. Regtech providers are not directly regulated merely for offering technological solutions. However, they may become subject to regulation depending on their activities: • if they perform regulated functions – eg, if a regtech company conducts customer due diligence (eg, KYC checks) on behalf of a financial institution, they may need to register or obtain authorisation; • if they handle sensitive data – providers must com - ply with data protection laws like the GDPR, ensur - ing the secure processing and storing of personal data; and • if they offer services that fall under financial regu - lations – if a regtech solution crosses into areas that are considered financial services, the provider might be required to obtain appropriate licences or authorisations. 9.2 Contractual Terms to Ensure Performance and Accuracy Financial services firms typically require technology providers to agree to strict contractual terms covering performance, accuracy, compliance and risk. These include: • service level agreements; 9. Regtech 9.1 Regulation of Regtech Providers
• warranties; • audit rights; • liability clauses; and • data protection obligations.
While many of these terms reflect industry custom and risk management standards, specific provisions, par - ticularly those related to outsourcing, data protection and regulatory compliance, are mandated by regula - tions such as MiFID II, PSD2 and the GDPR. 10. Blockchain 10.1 Use of Blockchain in the Financial Services Industry Traditional financial institutions, including banks, are cautiously exploring blockchain integration within the financial services sector. Under MiCA, banks are rec - ognised as traditional players and are permitted to issue ARTs and EMTs, provided they obtain the neces - sary authorisations. Despite this regulatory clarity, many banks remain hesitant to fully embrace crypto-assets because of concerns over volatility and the need for further regu - latory guidance. The FMA has noted that institutional investors are awaiting more comprehensive regulatory frameworks before making significant investments in this area. Erste Group Bank collaborated with ASFINAG to execute Europe’s first fully digital issuance of a debt financing instrument using a blockchain platform. This EUR20 million “ Schuldscheindarlehen ” was issued entirely through a permitted blockchain, streamlining the process and reducing operational risks. These developments indicate a growing interest among traditional financial institutions to integrate blockchain solutions to modernise operations. 10.2 Local Regulators’ Approach to Blockchain The FMA has engaged in regulating blockchain and crypto-assets through the implementation of MiCA. To facilitate compliance, the FMA has published detailed information on its website for CASP applicants, outlin -
45 CHAMBERS.COM
Powered by FlippingBook