Questions and answers

Cross-border testing aims to assist firms seeking to trial their innovative products, services, business models or delivery mechanisms in one or more EU Member State(s) (simultaneously or sequentially in case when two or more sandboxes are involved), to engage with national authorities on a multi-jurisdictional basis and to share test information/results with multiple financial supervisors.

In the EU financial supervisors have established innovation facilitators (including regulatory sandboxes) to promote greater engagement with firms involved in financial innovation and to facilitate firms’ understanding of regulatory and supervisory expectations. Both regulators and innovators increasingly recognise the benefits of such innovation facilitators in spurring innovation while staying alert to emerging risks.

The innovation facilitators operate on a national level in the EU and support financial innovation within their own jurisdictions. But what about firms who wish to expand their products, services, business models or technologies across the EU?

To respond to the industry’s need to scale up financial innovation across the EU, the European Forum for Innovation Facilitators (EFIF), a European network of innovation hubs and sandboxes, adopted the Cross-Border Testing Framework in 2021. It does not establish a single EU level sandbox but aims to facilitate communication and cooperation among the participating national authorities regarding regulatory sandbox testing. The Cross-Border Testing Framework was developed to increase accessibility and transparency of information to firms (enabled by the EU Digital Finance Platform) and let firms and supervisors gain time and resources through information sharing and coordinated procedures in exploring how the tested innovations can mature and operate safely in different markets. 

Not all financial supervisors participate in the European cross-border testing initiative. You can find out which of them are taking part by referring to the relevant map and listing on the EU Digital Finance Platform.

The European cross-border testing initiative covers banking, insurance and securities/markets.

The framework allows to indicate interest in participating in cross-border testing to all types of firms that:

1) have already successfully tested their innovation in at least one Member State; or

2) are in the process of testing their innovation in at least one Member State; or

3) just applied for admittance to testing in a regulatory sandbox in the EU.

A firm interested in cross-border testing shall let the relevant national authorities know about its interest by submitting a request to participate in a national sandbox of interest and filling in the standardised common form.

Information about the regulatory sandboxes at national level including information about eligibility criteria and the application procedure is available on the websites of the respective national authorities in charge of the relevant sandbox. A summary of this information and/or links to the relevant websites is available on the EU Digital Platform.

The Cross-Border Testing Framework does not affect national regulatory sandbox requirements including eligibility criteria. On the EU Digital Finance Platform, you can find information on all participating regulatory sandboxes, as well as information on eligibility criteria.

Firms interested in cross-border testing shall fill in and submit a standardised common form and thus inform the national competent authorities participating in cross-border testing of their interest. All national competent authorities indicated in the standardised common form are notified automatically. In addition, some high-level information about requests will be shared with all members of the European Forum for Innovation Facilitators. 

The Cross-Border Testing Framework provides a comprehensive overview of the content of the standardised common form in which the firm should specify:

1)    the type of testing it wants to apply for (multi sandbox testing; observing sandbox testing or sharing of test findings);

2)    general information about the firm;

3)    the regulatory sandbox in which the firm (i) has already tested, (ii) is testing or (iii) has applied to test its innovation on a national level;

4)    the national competent authorities and countries which the firm would like to participate in the testing;

5)    a preference for parallel or sequential testing;

6)    motivation for applying for cross-border-testing.

Interested firms should verify with the national supervisors which the firm wants to involve in the testing exercise which requirements would have to be met on a national level.

The standardised common form is not an application form nor an element of the formal application process to national regulatory sandboxes. Firms should refer to the national regulatory sandboxes of interest operating under national frameworks under national eligibility criteria if they would like to carry out testing in their respective markets.

This implies that in order to involve multiple national authorities in testing activities a firm should:

As step 1 submit: 

• two or more application forms to national regulatory sandboxes of interest according to respective national requirements (for multi sandbox testing) or; 
• an application form to a national regulatory sandbox of interest (in case when other authorities participate as observers and/or recipients of sandbox testing ) 

As step 2 submit the standardised common form to indicate interest in facilitating an information exchange between multiple national authorities about the testing. For national authorities, which are supposed to become observers or recipients of test findings, no additional application form is required.

Yes, this is possible and, in this case, other participating national authorities (i.e. those that are not the authority that runs the sandbox of testing) observe sandbox testing and/or receive test findings. There is no requirement to ask for involvement of multiple regulatory sandboxes. 

Once a standardised common form is submitted by a firm on the EU Digital Finance Platform, the national competent authorities explicitly named by the firm for participation will automatically be notified and will have access to the form. Each national competent authority indicated in the form shall consider the application and decide on participation individually, according to their national sandbox regulations. The concerned authorities shall get in contact with each other to discuss and make their decisions on the case. 

The national competent authorities participating in the Cross-Border Testing Framework but not mentioned by a firm in a particular application, will also be informed about the submission (only high-level information provided by a firm shall be shared). Based on this notification, supervisors not mentioned by the firm as an authority/country of interest, may propose to the firm to participate in the testing.  

“The national competent authority of first contact” (the one with which the firm engaged first on a national level, e.g. the sandbox where the firm (i) has already tested, (ii) is testing or (iii) is going to test its innovation) shall get in contact with the firm to inform it about a positive/negative decision on the testing. (If it is envisaged to carry out testing in multiple regulatory sandboxes (case 1), the determination of the national competent authority of first contact should depend on whether the firm is licensed or registered in any of these jurisdictions.)

If the decision is positive, further communication between the firm and the relevant authorities shall be established to elaborate on further steps and modalities of the testing. The testing plan will be decided between the participants based on the national regulatory sandbox rules and specific arrangements between the national competent authorities made for the case.

 

Submission of the standardised common form is free of charge for a firm. The applying firm should however prepare its submission appropriately considering that its application shall be assessed by relevant national competent authorities against national eligibility criteria; on its innovative nature, motivation and readiness of a firm to involve multiple national competent authorities in its testing. The national competent authorities shall also assess whether cross-border testing would be justified and appropriate (a project may enter a national sandbox on a national level, but the authority may refuse testing with other national authorities cross-border).

The Cross-Border Testing Framework does not establish any timeline or timeframe for cross-border testing because the modalities of testing and testing plans depend on national frameworks in place. Regulatory sandboxes in the EU follow different timeframes and, for example, sandboxes that test by “cohorts” (when applicants can apply for testing only during certain periods) may impact the timeline for cross-border testing. 

National competent authorities shall act in reasonable time (aligned with national requirements) and make every effort to assess the applications submitted, get in contact with the firm and relevant authorities, decide and act on the testing. 

 

Yes, this is possible, because each national supervisor indicated on the standardised common form will assess the submitted information against their individual criteria. Those national supervisors who are not indicated in the standardised common form but willing to participate, may propose to participate in the testing. The communication is then led by the national competent authority of first contact to discuss the way forward with the firm.

The authorities that participate in testing related cooperation shall comply with professional secrecy requirements and other data-related rules that may vary from Member State to Member State. The national competent authorities participating in testing may decide to introduce additional (more adapted) professional secrecy arrangements for information exchanges.

In any case the processing by the relevant national competent authorities of any personal data submitted by the firm for the purposes of the testing activities will be carried out in accordance with the General Data Protection Regulation (GDPR).

With regards to the testing preparation (preparation phase), the information provided by the firm in the standardised common form will be shared with the national authorities mentioned by the applicant in the form for a restricted use (not for publication). Other national competent authorities participating in the Cross-Border Testing Framework and the European Supervisory Authorities will only receive high-level information. 

As to the testing and post-testing, the data sharing arrangements would be decided on a case-by-case basis amongst participating national authorities. In some cases the applicable national regulation may not allow the authorities whose regulatory sandboxes are used for testing to provide all relevant information about the testing to observing supervisors (cases 1 and 2) or those who are receiving test findings (case 3). In this case, the national competent authority conducting the sandbox testing, may share at least some high-level information (complying with the national requirements) with the other participating authorities. 

The participating national competent authorities should agree on the amount of information to be shared with each other on a case-by-case basis. The information shared between participating authorities may differ depending on the status of the respective national competent authorities (regulatory sandbox used for testing/observer/recipient of test findings).
 

A national competent authority that has not established a regulatory sandbox in its jurisdiction can participate in cross-border testing either as an observer or as a recipient of testing results while a national competent authority with a sandbox can participate in any of the 3 roles (sandbox for testing, observer or recipient of testing results).

An authority that participates in testing as observer can get timely relevant information and insights on the tested innovations and firms that would potentially expand into their jurisdiction. The observer status is less resource- and time-intensive compared to a role of a national competent authority who engages its sandbox for testing that includes reviewing and assessing applications, selecting firms, establishing and maintaining a testing plan, endorsing stages of the testing, regular communication with the firm, etc.

Observers can express their views regarding the development of a testing plan (although they are not entitled to get involved in the design of testing parameters for a testing conducted in another jurisdiction). Compared to the status of a recipient of information, an observer can look at testing on an ongoing basis and raise questions, concerns or any other relevant queries with the participating national competent authorities or with the firm during the testing and thus play a more active role. 

The application procedure and timelines are the same for observers as for other cross-border testing participants, i.e. a firm submits a standardised common form where it mentions which national competent authorities it would like to involve in testing.