Introduction
Brazil has gained distinction as one of the major Fintech markets in Latin America. Nowadays, investments in the country already surpass 150 million dollars a year and some of the investee companies have received several rounds of investment. The local market has been growing to the extent of becoming attractive to foreign investors, traditional banks, and, mainly, as shown in 2016, to regulators as well as to the judiciary.
The following are some of the reasons the domestic market has become attractive to Fintechs:
- The financial crisis: The crisis the country is still going through has had a direct impact on the search for alternatives which may bring solutions to old-time problems, at a lower cost and in a more efficient manner;
- The extremely high interest rates and banking costs: the Brazilian financial market is still one of the most expensive in the world, with very high interest rates and elevated levels of market concentration. Such reality encourages the search for cheaper and competitive solutions which, even with a lower spread, can still become attractive business models;
- The complex regulatory scenario: the scenario for the regulation of the domestic financial market is highly complex and difficult to understand. Although this context may provide more legal certainty, it has yet to be completed, as it leads to occasional shortcomings which in turn may encourage innovation and the creation of new business models that are neither forbidden nor regulated by the legislation in force;
- Denied credit: a large part of the population no longer qualifies for credit. This fact makes it difficult to obtain new credit through traditional structures. Such reality allows for new business models to offer these consumers opportunities to credit which large banks deny as they rely on risk calculation methodologies that go beyond the mere payment record;
- Problems with digital education: Most of the traditional banking services can be difficult to use, that is, not user-friendly, particularly, solutions through the Internet and applications. User-centred models aiming to facilitate experience of use have gained a considerable share of the market; considering the fact that Brazilians are early adopters of new technologies.
Below are some relevant 2017 issues impacting on Fintechs that were discussed by Baptista Luz Advogados during the year.
Angel investment and the regulation of the matter by the Secretaria da Receita Federal
In July, the Receita Federal do Brasil (the Brazilian Federal Revenue Agency, “RFB”) published Normative Instruction no. 1719/2017[1] (“IN 1719”), for the regulation of taxation of income and profit earned by Angel Investors from their investments made in micro-companies (“ME”) or small companies (“EPP”) by means of participation agreements, provided for in Complementary Law 123/2016[2] [2] (“LC 123”). IN 1.719 has both positive and negative aspects which will show along their implementation and practice.
At the outset, RFB made it clear that the adoption of the “Simples Nacional” by a company classified as ME or EPP as its taxation regime is not a precondition to qualify for contributions of Angel Investors. Such fact benefits entrepreneurs with the feasibility of creating structures that best suit their interests. Thus, the investee company is free to join other taxation regimes, such as the actual profit regime or the presumed profit regime, which fact turns out beneficial, depending on the case.
The bad news for the market is that IN 1719 determines that all income from Angel investing be subject to Withholding Income Tax (IRRF), with rates between 22.5% and 15%, depending on the term of the participation agreement. Such can be discouraging to investment or a cause for seeking other legal instruments.
This contractual model has yet to be consolidated in the Brazilian market. Despite its unappealing taxation, participation agreements can become an important benchmark for investment in technology, promoting the entrepreneurship market. Furthermore, the feasibility of assigning participation agreements, their obligatory nature and the possibility of granting their holders the right to join a tag along even without the conversion may make this instrument an interesting alternative within the context of the new regulation of investment-based crowdfunding, which we will see below.
Click here for our full study on the interpretation of the complementary law, and our presentation (in Portuguese) on the tax aspects of the participation contract.
New regulation of investment-based crowdfunding
In August, the CVM Superintendência de Relações com o Mercado e Intermediários (entity regulating relations of the market with intermediaries) issued official letter 588[3] which assists the managers of these platforms on lodging at the CVM requests for registration of electronic platforms and reports of the offers made pursuant to Normative Instruction 588.
The letter explains, for instance, the obligation to send annual reports containing information on the offers made. There are also guidelines on registering investors’ data, obtaining accredited certification in information technology auditing and update of registration.
Platforms that do not comply with the CVM regulations will be subject to a daily fine of R$ 500.00, without limitation to the penalties imposed by Law 6.385/76, which provides for the capital market in Brazil.
Click here for our instructions on how to structure an equity-crowdfunding operation.
BACEN Call for public consultation on online lending
In August, the Central Bank of Brazil (BACEN) issued a Public Consultation Call for contributions related to the resolution draft of the Conselho Monetario Nacional (domestic Monetary Committee) which provides for the incorporation and operations of direct credit companies and the loan operations between persons along with the discipline in lending operations between persons through an electronic platform”.
Such are: online lending and peer-to-peer lending, loans between individuals or legal entities through digital platforms. Online lending and peer-to-peer lending are nothing new. The United Kingdom, New Zealand and Sweden, for instance, have already regulated on these practices.
The draft presented by BACEN has some commendable objectives: to increase security in the operations and to democratize the credit segment, with the consequent reduction of interest rates. There are, however, important challenges for platforms willing to fall into the new categories created by CMN – Sociedade de Crédito Diretto (SCD) and Sociedade de Crédito entre Pessoas (SEP). The great risk is that the authorization process may become less transparent and time consuming, as it happened with payment institutions as disciplined in Law no. 12.865/2013.
BACEN Study on Blockchain
In September, BACEN published a study[4] on Blockchain and its prospective applications in the market, in a context of adoption and massive investment of this technology and regulatory attempts, including with public audiences in order to discuss it within the context of cryptocurrencies and other functionalities, such as smart contracts.
The document is not limited to discussing the use of blockchain by crypto coin structures. It also deals with other uses which are being promoted in the market, such as: identity management; negotiation and payment of credits; and alternative transaction systems.
CVM Statement on Initial Coin Offer (ICO)
In October, the Brazilian Securities and Exchange Commission (CVM) issued an official note on ICOs (Initial Coin Offerings). CVM informed that any and all initial offerings of currencies with public funding, which promote, in exchange, the issuance of virtual assets (tokens or coins), depending on the economic context of their issuance and the rights granted to investors, may represent an offer of Securities, thus classifying under the supervision of CVM.
In this regard, moreover, CVM has stated that, to this date, no ICO offer has been requested for exemption from registration or even registered. In spite of this, CVM admitted the existence of ICOs that are exceptions to its area of competence, since they are not considered public offerings of securities.
Regarding the platforms bound for virtual currency exchanges, as such currencies are considered securities, CVM stated that such activity is not legal “since these platforms are not authorized by CVM to provide trading environments for securities within the Brazilian territory “.
In the American context, SEC pointed out that the crypto coins, or virtual tokens, are now used as a means of raising funds; also bringing the information that such coins could give their buyer certain rights (the token, as a virtual means of representing the right). Therefore, depending on the characteristics of the token, these could be considered as securities.
Within this same regulatory context, we understand that the CVM note suggests a message in the sense that, despite any future definition of a crypto coin as an underlying asset, the public offering will be subject to CVM inspection and the negotiation will be restricted to organized and accredited environments when involving securities.
Click here for our firm’s informative note on the matter (in Portuguese).
CVM publishes study on cyber risks
In July, the CVM published a study with the “Perception of cyber risks in the activities of trustees and intermediaries”[5]. The work was based on a questionnaire applied by the Autarchy to the participants of the Brazilian capital market, on the perception of each over the cyber risks involved in their respective activities.
The document addresses the most common types of attackers, their motivations and manners of attack, as well as making a diagnosis about the sensitivity involved in customer registration processes and home broker systems.
With the results obtained from the research, CVM also drew some conclusions about the most common gaps in relation to good risk-management and its performance, as the regulatory body responsible for mitigating such problems.
Click here for our firm’s informative note on the matter.
BACEN Call for Public Consultation on Cybersecurity
In September, the Central Bank of Brazil (BACEN) announced the publication of Public Notice 57/2017[6] [6], which deals with “the cybersecurity policy and the requirements for hiring processing, data storage services and cloud computing, to be observed by financial institutions and other institutions authorized for operation by the Central Bank of Brazil. ”
This is a draft resolution on information security that addresses central issues related to the storage, sharing, transfer and security of data and information inherent to the effective operation of financial institutions and their account holders, imposing obligations not yet provided for in previous regulations, as those relating to information security incidents.
The proposal, the draft of which is open for review before November 21, will complement some of the demands that are already being placed on these institutions – for instance, those related to the digitization and storage of electronic documents. The idea is to list essential information security requirements within the digital environment, and on such basis, impose on institutions the obligation to implement and maintain a minimum security-policy upon dealing with the information they handle routinely.
Click here for our firm’s informative note on the matter (in Portuguese).
Labor Reform and Outsourcing and the impact on technology companies
On November 11, the labour reform entered into force, which makes flexible many rules that can facilitate hiring, reduce costs and charges as well as improve the conditions of negotiation with employees, variables essential for start-ups and Fintechs, which often maintain a lean payroll. The new rules deal with issues such as hour banks, work day compensation, mutually agreed dismissal, holiday splitting, and forms of remuneration.
For technology companies, perhaps the most interesting aspect is the possibility of outsourcing the end-activity of a company; the contracting of autonomous professionals with or without exclusivity, on demand, provided that all legal formalities are complied with; as well as part-time working hours.
Get acquainted with the labour reform by accessing our study (in Portuguese) on the matter.
Decision of STJ prohibiting the sharing of credit data:
In October, the Superior Court of Justice (STJ) ruled that generic contractual clauses in contracts of adhesion, such as those common in Internet services in privacy policies and in contracting of services, which authorize the sharing of data, protected or not by bank secrecy, with third parties are considered, based on the Consumer Protection Code, outrageous, therefore, null and void. For the court, such a clause violates the principles of transparency and trust, which should govern consumer relations.
Minister Rapporteur Luis Felipe Solomon stated that “In fact, the impossibility of contracting the credit card service, without the option of denying the sharing of consumer data, is only one of the problems. And, it is with the sharing of data, that consumer exposure makes it unquestionably vulnerable and, in this case, a vulnerability that cannot be measured nor projected.”
Therefore, the decision that has general effectiveness on the market could prevent common data sharing practices, especially for credit scoring, profile enrichment and even verification of data authenticity. The decision has not yet been published, so its final terms have yet to be released.
Discussions about a General Law of Personal Data Protection:
The current regulatory scenario of personal data protection in Brazil is sectoral, with rules that are sometimes flexible, sometimes more rigid. There are different rules for different sectors of the society, such as the financial, credit, health and Internet sectors. However, most of the different areas cannot be treated in isolation. For example, how could we dissociate health and financial services from services offered over the Internet?
That is why today the National Congress discusses several projects which aim to create a General Law that would be more consistent with the new ways of using personal data, affecting all and any company, private or public, online or offline, which use personal data in their operations and offer of products and services. Issues related to consent, limits on the use of personal data, user rights, such as data portability, international data transfer and information security standards, besides suggesting the creation of a new regulatory agency with cross-sectoral competence known as the Data Protection Authority.
It is estimated that one of the current bills under discussion will be approved by the end of this year or early 2018, which law should enter into force between three months to one year after execution.
Click here for some of the articles that we made on such bills.
Conclusion
The actions of regulators, legislators and the judiciary in 2017 make it clear that the ecosystem of Fintechs in Brazil is being closely monitored and possibly will still undergo many changes. It is necessary to always pay heed to the discussions in order for participation whenever appropriate as well as to observe the external market so as to identify the possible repercussions that the decisions and actions of other regulators can have at a domestic level.