Fintech 2024 Comparisons

Israel, often dubbed as a “start-up nation” still boasts one of the world’s highest number of start-ups per capita, with fintech being a significant component of its innovation portfolio. 

In 2023, the Israeli fintech landscape experienced a general downturn in investments and establishment of new start-ups. However, amidst this trend, there was a slight uptick in the workforce within the fintech sector, which might suggest a stabilisation trend after two years of incredible growth (which saw about USD7 billion investments in start-ups in the fintech sector alone). 

Regulatory advancements played a pivotal role during this period, with the adoption of a new law ‒ the Regulation of Payment Services and Payment Initiation Law, 2023. This new Lawaligns the payments industry with the PSD2 standard; the issuance of new licences to cryptocurrency service provider companies; and an easing on the requirements applicable to fintech companies accepting deposits from the public.

Other key trends in the Israeli fintech sector include:

• growing initiatives in Blockchain, cryptocurrency and NFTs, despite limited implementation due to regulatory constraints, market size, and banking system hesitancy; 
• enhanced collaboration between traditional banks and fintech entities, open banking activities;
• technological advancements in payments and micro-payments, driven by both local and international players like Apple and Google, and the forthcoming opening of the major payments settlement systems to non-banking participants are reshaping the industry;
• AI-based tools have emerged, hinting at the potential for more efficient fintech solutions, though their full realisation is yet to be seen; 
• the emergence of new players in the field of financial data (aggregation and consultancy); and
• inter-agency consultations with regards to the use of AI tools in the financial sector. 

As these trends continue to unfold, their lasting impact on the Israeli fintech market is expected to be seen over the next 12 months.

Israeli fintech companies are active in a wide range of verticals. The most prominent ones are:

• payments (including mobile payment apps, micro-payments, b2b, b2c);
• trade and investment apps, and systems including algo-trading;
• blockchain and cryptocurrency;
• crowdfunding platforms;
• lending and crowdlending;
• insurtech;
• data and analytics, including financial information and big data;
• personal finance, personal planning and management;
• customer engagement and onboarding;
• credit scoring, accounts aggregation, data analysis and management tools for financial service providers;
• finsec (security, fraud detection, identity checking and identification, including biometric and other authentication);
• finsec over the blockchain (including chain detection, asset recovery, attack prevention); and
• regtech (during the last year or so, more regtech tools have been made available and implemented).

In general, the mere development of technology and the licensing of such technology is not subject to regulation, except with respect to certain encryption technology which is subject to permit requirements.

Nonetheless, the actual provision of services in the fintech industry may be subject to comprehensive regulations, depending on the relevant vertical. The regulatory regime applicable to the different types of participants includes the following.

• Banking – service providers involved in taking deposits while extending credit require a banking licence and are subject to extensive regulations relating to all aspects of the licensee’s operation, including capital adequacy, fit and proper review of the holders, and consumer protection matters. Banks which obtain services from fintech companies are subject to regulatory requirements relating to outsourcing, cybersecurity, data security, cloud computing and others. While this applies to banks, it also affects fintech companies wishing to transact with banks. As part of the regulations applicable to banks, they are subject to a local version of the Basel II and Basel III requirement.
• Insurance, pensions and long-term savings – services which involve the provision or distribution of insurance and savings arrangements, including pension schemes, require an insurance licence, pension management licence, insurance brokerage licence or pension advice/marketing licence. Licensed entities are also subject to extensive regulations relating to all aspects of their operation, including capital adequacy, investments policies, outsourcing, cybersecurity, data security, cloud computing and others.
• Lending – lending is subject to licence requirements (except for some exclusions). Operation of peer-to-peer lending platforms is also subject to licence requirements, under the same law. Both activities are subject to certain regulations, which are currently relatively simple. Licensed banks, insurance companies and certain regulated entities are exempt from credit licence requirements. Lenders cannot accept deposits from 30 persons or more, as such activity will subjugate them to banking licence requirements.
• Trading – peer-to-peer trading platforms (exchanges) are subject to licence requirements, if the platform allows trading of securities or certain types of financial instruments, including derivatives. A trader arena (where the operator thereof is the counterparty to the transaction) are subject to licence requirements, if the arena allows trading of securities or certain types of financial instruments, including derivatives. Trading of binary options and marketing of such trade are prohibited. The operation of such platforms and arenas are subject to certain regulatory requirements, which are relatively simple. Trading of other types of assets is generally not subject to licence requirements, but the clearing and settlement of payments is.
• Payments, currency and other financial assets services – any services which include the holding, keeping, management, conversion or transfer of funds, virtual currency or certain types of cash-equivalents are subject to licence requirements and to certain regulatory requirements, including in connection with anti-money laundering/terror financing. Accordingly, payment services are subject to such licence requirements and regulations, while banks, insurance companies and certain regulated entities are exempt from such licence requirements. 
• Currently, most payment services are considered transfer of financial assets and are regulated as such, but on June 2024 the regulation of such services will be subject to the new Regulation of Payment Services and Payment Initiation Law, 2023, which is based on EU’s PSD2. 
• Financial assets service providers which hold funds are not allowed to extend loans, as such activity will impose a banking license requirement. but the new law will allow non-banking companies to offer interest on deposits up to NIS20,000. 
• Investment advice, marketing and portfolio management – provision of advice relating to tradeable securities and certain derivatives and structured products (eg, index products), or management services in connection therewith (portfolio management) is subject to licence requirements and regulations (mainly in connection with proper disclosure, conflict of interest and AML/CFT and subject to certain exemptions). Usually, the provision of technological tools which provide similar services (eg, API-based algo-trading) is not considered regulated activity. Nonetheless, if the service provider is involved in such process and exercises discretion, has received a power of attorney from the investors, or if the assets are held by the service provider, such activity may be subject to such licence requirements and regulations.
• Joint investment funds – management of mutual investment funds of more than 50 non-accredited investors is subject to licence requirements and to regulations dealing (among other things) with disclosure requirements and the duty to:
1. publish investment policies and comply with such policies;
2. hold assets in escrow (with a regulated trustee); and
3. operate an investment committee and a risk committee.
• Hedge funds – joint investment funds which are limited to no more than 50 non-accredited investors/35 non-accredited offerees every 12 months are not subject to the regulations applicable to joint investment funds.
• Credit data – the Bank of Israel operates a national credit information database. Transfer of information to the database and the use of credit information are subject to regulations.
• Regtech and robo-advisers – these and similar consulting services, which are provided as automated services and are self-operated by the client, are not directly subject to regulations. Nonetheless, many potential users of such services (institutional investors) are regulated entities, which are subject to regulations which may limit or affect such use.
• Blockchain and cryptocurrency – issuance and distribution of tokens which are classified as security tokens under the Israeli equivalent of the US “Howey” test (ie, where the anticipated profit is dependent on the effort of a third party) are subject to regulation as securities. Issuance of tokens in a decentralised blockchain environment, where such are classified as utility tokens or payment tokens (eg, Bitcoin) is not regulated per se, but may be regulated under securities regulations if such issuance and the expectations of the investors participating therein meet the Howey test (as is the case with many ICOs, TGEs, etc). Certain types of tokens may be classified as derivatives (eg, stablecoins based on a coin basket) and therefore the trade thereof may be subject to the regulations applicable to trading platforms, trading arenas or portfolio management, as the case may be. Holding, keeping, conversion or transfer of tokens is subject to currency services regulations. The mere provision of technological tools which are then independently used by the user is not regulated. The Israeli Securities Authority has published a new draft legislation which attempts to adopt a new category of Financial Instruments (which are regularly subject to the supervision of the Israeli Securities Authority), called "digital investment assets", to be applied to certain types of cryptocurrencies. (See below for further details).
• Open banking – banks and other financial institutions are required to allow service providers to receive financial information, subject to the relevant client’s consent. The Bank of Israel, the Israeli Securities Authority and the Capital Market, Insurance and Savings Authority regulate the open banking services provided by the entities that are under their respective supervision, in accordance with the relatively new Financial Information Service Law 2021 and its issued directives.
• Privacy – any activity which involves the holding or processing of personal information (relating to individuals) is subject to regulations, including data security regulations. Transfer or holding of personal information in databases located outside Israel is also subject to regulatory requirements.
• Territorial applicability – the application of the various regulations on activities which are performed (wholly or partially) outside the area of the State of Israel is somewhat different with respect to each regulation. In a nutshell, Israeli regulations usually apply when:
1. the recipient of the services resides in Israel;
2. the agreement with the service provider is in Hebrew or applies Israeli law; and
3. the service provider performs marketing/solicitation activity in Israel, in Hebrew or in channels that are designated for Israelis.

Please note that these guidelines do not apply to all regulations equally.

In most cases, industry participants enjoy a high level of flexibility in the compensation models they employ. There are some limitations, as follows.

• With many types of services, it is required (or at least advisable) that the compensation model will not create an inherent conflict of interest. In the regulations applicable to outsourcing of services by banks and insurance companies, this requirement is compulsory. This rule sometimes prevents kickbacks and other forms of compensation.
• With some regulated financial service providers (eg, banks, insurance companies), it is not permitted to bill the end users for services provided by such banks’ or insurance companies’ suppliers or service providers.
• For pension advice, the compensation that the adviser receives from the pension funds must be uniform and identical across the board, in order to prevent the risk of biased advice. This applies to fintech services that provide a similar function.
• For credit services (lending) to individuals, the maximum rate of interest/arears interest is limited, but the maximum allowed rate is above common banking interest rates (currently, the maximum rate is approximately 19.5 per annum).

In view of the aforesaid, it seems that most common compensation models are allowed, including fixed fees, percentage of the service amount and periodical fees, and various types of success fees.

In most cases, proper disclosure is required. In general, fintech services provided to the end user (consumer) usually require a written agreement (which can be digitally provided and approved) and such agreement should specify the compensation for the services. In many cases, the agreement is in the form of online “terms of service”.

Fintech services provided to regulated entities (eg, banks, insurance companies) require an agreement. In other cases, there may be no such regulatory requirement; nonetheless, signing an agreement with fintech providers is common practice and advisable.

There is no distinct and direct difference between regulations applicable to legacy players and to fintech industry participants, but the different business model and characteristics of the service do often result in the application of different regulations, which may be materially different. Furthermore, usually the mere provision of technological services is not directly subject to regulations.

For instance, while banks are subject to extensive banking regulations with respect to their lending activity, private fintech lenders are subject to different regulations, which are much less strict. This difference is not because the latter are fintech players, but rather because they only provide credit services and do not hold deposits. In addition, banks are subject to the directives issued by the Bank of Israel (“Proper Conduct of Banking Business Directives”) that do not apply to non-banking entities.

Due to the different scope and nature of services and other technical and material differences, fintech businesses are usually not comparable to those of legacy players, and fintech companies are not comparable to legacy players.

In January 2021, the Israeli government published a legislative proposal for the promotion of development of financial technology. This legislation encompasses all the regulators relevant to financial technology:

• the Bank of Israel;
• the Israeli Securities Authority (which initiated this process);
• the Capital Market, Insurance and Savings Authority;and
• the Innovation Authority.

Should this bill be accepted, it will allow:

• “tailor-made” regulatory reliefs and partial exemptions to fintech companies which are subject to licence requirements; or
• guidance and assistance from regulatory bodies.

In both cases, fintech companies will have the benefit of interacting with one regulator only (depending on the relevant field of operation), which will co-ordinate its actions with other relevant regulators. Although this proposal was published roughly three years ago, the legislative process has barely advanced.

Nonetheless, the Israeli Securities Authority and the Innovation Authority launched a pilot programme relating to data technology and have allowed a few fintech companies to participate. The Israeli Securities Authority has also demonstrated willingness to allow fintech companies to apply for limited regulatory reliefs within a sandbox environment.

Subject to certain exceptions, the jurisdiction of each regulator relevant to fintech companies is as follows.

• The Bank of Israel – banks, market-leading credit card issuers and acquirers. Open banking certificates and credit data are also under Bank of Israel’s jurisdiction.
• The Israeli Securities Authority – publicly traded companies; any entity which offers securities to the public; stock exchange; stock exchange members; trading platforms, trading arenas, crowdfunding (equity), joint investment funds, investment advisers and marketing agents; portfolio managers; financial information service providers; payment institutions (from June 2024); issuance, offering or trading of crypto security tokens and derivatives.
• The Capital Market, Insurance and Savings Authority – insurance companies, pension funds, provident funds, credit providers, credit card issuance, currency exchange, and other financial assets service providers, peer-to-peer lending, credit and deposit co-operative associations (“social banks”), as well as service providers relating to blockchain/crypto-assets. Jurisdiction over payment institutions will be transferred to the Israeli Securities Authority in June 2024.

Banks, insurance companies and pension funds may not outsource their core activities, including the exercise of discretion over such core activities, but may outsource other activities. Other regulated financial service providers may outsource activities. Prior to outsourcing activities, the management of each regulated entity must formulate a policy and analyse the risks associated with outsourcing of each activity. Regulatory directives require regulated entities to check the outsourcing provider and ensure that the agreement therewith will address certain matters, including:

• allocation of responsibility, risk and liability;
• disaster recovery planning (DRP);
• monitoring and supervision; and
• handling of data.

Regulations do not require a specific arrangement or allocation but do require that the agreement will cover these matters and be compliant with the regulated entity’s policies and procedures regarding outsourcing, mitigation of risks, etc.

In general, the mere development of technology and the licensing of such technology does not impose any “gatekeeper” liability or responsibility on the developer/provider of such technology.

• Fintech companies which provide regulated services are usually subject to AML/CFT regulations, which require them to identify their clients, perform KYC/CDD processes, keep records, monitor the relevant activity and report large transaction or irregular ones.
• In platforms, the operator is responsible to check the compliance of the types of assets traded in the platform, the types of transactions or the types of users.
• When fintech providers allow users to post messages or publish information, they are required to comply with the rules applicable to any social media provider, including the duty to remove offensive messages upon request.

Significant enforcement actions by regulators include the following.

• The Bank of Israel:
1. scrutiny of AML/CFT compliance;
2. checking consumer complaints; and
3. administrative penalties against regulated entities.
• The Israeli Securities Authority:
1. prosecution of unlicensed issuance of securities;
2. operation of platforms;
3. claims and investigations of insider trading;
4. prosecution and investigations of fraud;
5. scrutiny of AML/CFT compliance;
6. checking consumer complaints; and
7. administrative penalties against regulated entities.
• The Capital Market, Insurance and Savings Authority:
1. prosecution of unlicensed provision of services;
2. claims and investigations of fraud;
3. scrutiny of AML/CFT compliance;
4. checking consumer complaints; and
5. administrative penalties against regulated entities.

In addition, all the said regulators perform audits and instructs the regulated entities in the event of incompliance with regulations.

For example, in 2023, The Capital Markets Authority imposed sanctions on nine dealers for granting loans without complying with the provisions regarding minimum equity stipulated in the Supervision of Financial Services (Regulated Financial Services), 2016. Also in 2023, the Israeli Securities Authority sanctioned a trading arena for misleading investors about required collateral and for violating advertising and marketing rules.

There are several non-financial services regulations which affect the activities of fintech companies.

• The Privacy Authority – any entity which operates, manages or holds a database which includes personal information is subject to legal restrictions regarding the collection of such information and the use or transfer thereof. The regulations (which holders of sensitive information are required to employ) also relate to data security and cybersecurity measures. The Privacy Authority also serves as the Registrar of Databases. 
• Furthermore, in some cases fintech companies need to comply with applicable foreign regulations (eg, GDPR).
• The National Cyber Headquarters issues guidelines and recommendations, and also provides ongoing information which assists IT managers. Although these publications are probably not binding, they are generally followed and may serve as a standard benchmark in the case of investigations resulting from a security breach.
• The Competition Authority – many arrangements (ie, co-operation among fintech players and legacy players), including exclusivity provisions (which are relatively common in such arrangements), are subject to self-assessment or to the scrutiny, approval and/or exemption of the Competition Authority. Some arrangements may be considered a “merger” for the purpose of the Economic Competition Law, 1988, and will require approval.
• Encryption – the manufacturing or use of encryption technology may require a permit from the Ministry of Defence. This requirement is not unique to fintech companies but may affect them more than those in other fields, due to the importance of high-level encryption in many fintech products and services. Most encryption shelf products are approved by the Ministry of Defence and, once approved, no additional permit is required for their use.
• The Israel Money Laundering and Terror Financing Prohibition Authority – this authority directs and guides the relevant regulators but does not directly regulate the regulated entities.
• The Innovation Authority – start-up companies which obtain government grants are subject to the supervision and regulation of the Innovation Authority. Usually, such supervision and regulation focuses on the use of the grants, reporting and the transfer or licensing of the technology outside Israel.

Besides regulators, the following are the main entities which review the activities of industry participants.

• Accountants – almost all corporations in Israel are required to have their financial reports audited by certified public accountants.
• Banks and financial institutions – as part of their KYC procedures and their AML/CFT obligations and policies, banks and financial institutions sometimes require review and inspection of fintech companies, prior to providing services to such companies. In many cases, such banks and financial institutions do not independently perform such review, but rather instruct the fintech companies to obtain such review from third parties.
• The stock exchange – currently, there is only one stock exchange in Israel (the Tel Aviv Stock Exchange). All stock exchange member and listed corporations are subject to the rules and procedures of the stock exchange. These rules and procedures are supplemental to those of the Israeli Securities Authority.
• Law firms – in many cases, fintech companies obtain legal opinion from law firms, which review their activity and opine regarding any regulatory requirements, including licence requirements, compliance with applicable law and other duties. Although such legal opinion is not required by law, it may provide the fintech company and its officers and shareholders with protection against certain criminal liability. Furthermore, such opinion is sometimes required by banks and financial institutions, and by investors where the regulatory regime is not clear.
• Payment hubs/payment facilitators – in Israel, the infrastructure for the credit card payment system is provided by one entity, SHVA, which is a services company jointly controlled by several banks. Fintech companies in the payment vertical often need to interact with SVHA or with some of the payment facilitators already connected to SHVA’s infrastructure. The Bank of Israel promotes expansion of the payment switches, hubs, clearing and settlement systems, which allows fintech companies to directly connect to such networks. The authors expect that fintech companies will benefit from this endeavour within a year or so.
• Compliance service providers – there are several service providers which assist fintech companies in the analysis of their AML/CFT requirements, the preparation of policies and procedures and ongoing management and reporting duties.      

Banks, insurance companies and pension/provident funds are only allowed to provide certain types of services, which are expressly detailed in the relevant legislation. These requirements are designed to limit their risks and liabilities (and not to distinguish between regulated and unregulated activities). Please note that although most of the activities permissible to such entities are regulated activities, there are some minor activities which may be unregulated. It is interesting to note that in September 2023, Israel’s High Court of Justice decided that banks are allowed to offer trading services in cryptocurrencies for its clients (HCJ 7364/22 Bits of Gold v Bank of Israel).

As a general rule, other types of regulated entities can provide additional services, which may include unregulated ones. There are a few important exceptions, as follows.

• Stock exchange members are required to obtain the consent of the stock exchange prior to engaging in activities which are not related to their ordinary activities.
• Credit and deposits co-operative associations are limited in the other businesses they can conduct.
• Most regulated entities are required to employ risk-management plans and to ensure that other occupations do not impose unreasonable risks.
• In some cases, the terms of the licence granted to regulated entities by the various regulators list the allowed activities and require the regulated entities to inform the regulator prior to engaging in new occupations.
• Credit providers (lenders) cannot accept deposits from 30 persons or more (except for very limited activities exempt from the definition of deposits, such as supplier’s credit), without a bank license. Similarly, fintech companies which hold or manage funds for their clients cannot engage in lending of any type (except for very limited activities exempt from the definition of lending, such as customer’s credit). Operators of peer-to-peer lending platforms are not regarded as entities which extend credit, and therefore are not subject to banking license requirements.

Anti-money laundering rules materially impact on fintech companies that independently provide services that are subject to AML/CFT duties, including provision of credit, accepting deposits, payment services, operation of trading platforms or exchanges, provision or brokerage of insurance, investment advice and management (discretionary or non-discretionary)

As a rule, AML/CFT duties are not imposed on unregulated entities (with the exception of lawyers and accountants, which are subject to certain limited AML/CFT duties). The mere provision of technology does not impose AML/CFT duties where the provider does not operate any financial services of the types detailed above.

Any entity subject to AML/CFT duties is required to check international sanction lists relating to terror. Other international sanction list are usually not directly applicable in Israel but are nonetheless checked and usually upheld due to risk management requirements. In a recent case, the Bank of Israel supported the decision of an Israeli bank to deny services to a citizen due to his inclusion in EU/US sanction lists relating to the Russian-Ukrainian conflict. The district court overruled the bank’s decision and the said decision was appealed. The appeal is still pending.

Except for certain limitations regarding fees, there are no requirements for the specific business models applied to different asset classes.

Currently, there is little publicly available information regarding the use of robo-advisers by institutional players in Israel. It seems that most players have developed their own internal tools, though it could be that some players obtain advice from the robo-adviser tools of other vendors.

Some robo-adviser services are available to the public, mainly in the insurance field and with respect to car insurance, elementary insurance for residential houses and travel insurance. Some comparison tools are available for investment houses and pension/provident funds.

Robo-advisers that can also effect transactions usually require the same licences as legacy players acting in the same field. Accordingly, a robo-adviser service which allows direct procurement of insurance will usually require an insurance brokerage license. Similarly, a robo-adviser service which allows direct performance of investments will require a licence for investment advice/marketing/portfolio management.

The compensation for pension advice is limited in regulations; in order to prevent conflict of interests, a pension advisor has to set identical compensation terms with all the pensions funds they advise on.

As stated in 3.1 Requirement for Different Business Models, there is little publicly available information regarding the use of robo-advisors by institutional players in Israel. Many legacy players use robo-adviser tools, but it is unclear whether these tools were independently developed by each player or whether they were developed or supplied by fintech companies.

With respect to investment and pension advice, legacy players are required to implement discretion in their advice. This means that they can only implement robo-advisers in the process if they are aware of the considerations taken into account by the robo-adviser models, and they are required to take responsibility for the recommendations made by the robo-advisers. Proper disclosure of the use of robo-advisers may mitigate liability issues.

On a related issue, in August 2023, a draft directive was published by the Israeli Securities Authority, introducing changes for licence holders providing investment advice through technological means, mainly trading signals and social trading. The directive emphasises the need for engagement agreements, transparency, and documentation. 

In most cases, the same rules would apply to legacy players and robo-advisers in connection with best execution of trades. Consequently, robo-advisers must provide proper disclosure as to their best execution policy.

The Fair Credit Law, 1993 provides protective provisions to borrowers who are individuals, as opposed to corporations. Said protection includes enhanced disclosure requirements, limitation of the maximum interest rate (applicable to all types of compensation which the lender collects), limitations on acceleration of the loan, and other protections. Such protection is usually not granted by law to corporations. Proper disclosure is required for any borrower, but the requirement applicable to individual borrowers is stricter.

The regulator has announced its intention to expand said protection to corporate borrowers which are categorised as “small businesses”; however, such amendment has not thus far been legislated.

Peer-to-peer lending is a regulated activity, and operators of peer-to-peer lending platforms are subject to the same disclosure and regulatory requirements applicable to other licensed credit providers.

There are certain regulations for loans secured by mortgages over residential houses, which limit the ability to realise such a mortgage, allow prepayment and redemption of the mortgage and limit the charges for refinancing of such mortgage-backed loan.

Limitations on bank fees are sometimes applicable to services granted to individuals and small businesses but not to large businesses.

Common underwriting processes include a review of the borrower, and of their financial condition, sources of income, assets, other debts and liabilities, insolvency and other legal proceedings and credit scoring (if available). The underwriting process also includes a check of the purpose of the loan and of the collateral available to the lender.

The regulations applicable to banks and institutional entities (insurance companies, pension funds, etc) require them to perform underwriting processes, but do not dictate specific processes. Capital adequacy requirements also incentivise good underwriting processes, which may be required in order to apply CRM measures to the capital adequacy assessment. Non-bank/non-institutional lenders are required to present their underwriting mechanism in their licence application.

The law prevents discrimination of clients with respect to the provision of financial services, including loans, and therefore prohibits considering non-relevant factors such as gender, religion and ethnic group.

Pursuant to the Credit Data Law, 2016, the Bank of Israel operates a database containing credit data of individuals. The information stored in the database is available to licensed credit data bureaus, which offer detailed data reports as well as credit-indicative information. Access to a borrower’s detailed data report is subject to such borrower’s consent. Credit providers are not compelled to seek credit data reports or credit-indicative information in the underwriting process, but many creditors voluntarily do so.

There are no restrictions regarding the source of funding for lenders, which are unique to online lenders, and they are subject to the same restrictions and limitations applicable to all lenders. It is important to note the following.

• Extension of credit while accepting deposits from 30 persons or more or issuing debentures to the public requires a banking licence. The aforesaid does not apply to peer-to-peer lending, provided that the operator is licensed and employs a truly peer-to-peer service. Certain types of peer-to-peer lending platforms may be subject to quantitative limitations regarding the aggregate sum provided be each lender and the maximum amount extended to each borrower.
• Issuance of securities to the public, including the offering of securities to 35 non-qualified (accredited) persons in any given 12-month-period required a permit of the Israeli Securities Authority. Subject to the aforesaid, lenders can raise funds by (i) issuing shares or options (for shares), or (ii) according to certain exemptions in the Banking (Licensing) Law, 1981, issuing debentures which are either designated to specific lending or meet certain quantitative limitations. The said exemptions are used by some large non-bank credit providers.

Syndication of loans is allowed with respect to online lending, but is rarely used in such activity. The processes are as follows:

• in peer-to-peer platforms, syndication may deviate from the peer-to-peer structure and hence affect the classification of the platform; and
• institutional investors (eg, insurance companies, pension/provident funds) are subject to certain limitations with respect to syndication of loans, which makes syndication less appropriate for online lending.

There is no legal requirement to use only existing payment rails, and payment processors are legally allowed to create new ones. From a practical point of view, it could be difficult to create new rails and convince local counterparties or processors to use such new rails, as banking and other financial players currently use the same common rails (mainly the local credit card infrastructure, ZAHAV system (Israel’s RTGS system) and MASAV system (Israel’s inter-banks ETF system)). Moreover, the Bank of Israel recently defined the existing local rails as controlled payment systems subject to rules based on Principles for Financial Market Infrastructures (PFMI) recommendations.

The Bank of Israel further promotes new ACH rails (“faster payments”, “R2P”) and the authors expect the implementation of the said rails in the near future.

• Cross-Border payments and remittance are regulated in the same manner applicable to local ones, including with respect to licence requirements, AML/CFT duties, etc, but subject to certain changes. Until June 2024, licensed payment institutions incorporated and licensed in the US, EU or the UK are exempt from licence requirements (passporting); from June 2024, such payment institutions will be under licence requirements subject to certain decreased requirements (fast track).
• Foreign payment service providers do not require an Israeli licence if (i) their clients are not Israeli; or (ii) they do not direct their services to Israelis, including by using Hebrew in its communication, offered services in Israeli currency or allowed the client to use an address in Israel.
• The threshold for AML reporting with respect to cross-border payments is significantly lower than the one applicable to local payments. 

The regulation of fund administrators depends on the method such funds employ.

In general, the administration of a fund engaged in securities or in derivatives (including derivatives of other securities, currency, commodities, index, interest rates) requires a licence pursuant to the Joint Investment Trust Law, 1994 and is regulated pursuant to said Law.

That Law exempts funds which are limited to 50 non-accredited investors and in which the investors are members in the fund (usually in the form of limited partners within a limited partnership which serves as the vehicle for the fund) and provided that the fund is established with no public offering (namely, offering to more than 35 non-accredited offerees in any given 12 months). This structure is mainly used for hedge funds.

For funds that are regulated pursuant to the Joint Investment Trust Law, 1994, the Law requires certain disclosures (including any potential conflict of interest) and determines certain matters that must be addressed in the fund’s contract, including the fund’s investment’s policy. The contract cannot exempt the administrator or the trustee from the responsibilities set forth in the Law. The contract has to be published as part of the fund’s documents. Nonetheless, the commercial terms of the contract are not regulated (subject to certain restrictions – eg, prevention of certain kickbacks).

There are certain terms that are customary, but said terms are not dictated by law or regulations and rather are driven by market conditions and competition. The above-mentioned also applies to a contract with a trustee.

There are no regulations applicable to contracts used by non-regulated funds but here, too, there are common arrangements, disclosures and provisions driven by market conditions and competition.

The law distinguishes between three types of trading marketplace: trading platform (exchange/peer-to-peer), trading arena and marketplace.

• Trading platform (exchange/peer-to-peer) – in this type of marketplace, the operator of the platform is not the counterparty to any of the transactions executed in such platform. The operator operates the arena and allows buyers and sellers to trade among themselves. The operator may be involved in the clearing and settlement of the transaction but is not a party thereto.

When a trading platform allows trading of tradeable securities or certain financial instruments (derivatives, participation units in certain joint investment funds), and if the platform automatically matches purchase and sale orders or allows clearing and settlement of such transactions, it requires a stock exchange licence. To date, there is only one stock exchange licensed in Israel (TASE).

Trading platforms which only allow trading of other types of assets (eg, foreign currency) are not regulated.

Trading platforms which do not automatically match transactions, so that the users have the discretion to approve each and every transaction, are also currently not regulated.

• Trading arena (for trader’s accounts, Zirat Miskhar) – here, the operator of the platform is the counterparty to the transactions performed in such platform.

When a trading arena allows trading of tradeable securities or certain financial instruments (derivatives, participation units in certain joint investment funds), such activity requires a trading platform licence.

Trading arenas in this model are prohibited from allowing the trade of binary options.

• Marketplace – this only allows users to communicate with each other, but trading is performed directly between the relevant users and is not performed within the marketplace. There are no specific regulations applicable to a platform which only operates as a marketplace where:
1. the operator is not a counterparty to the transactions performed in the marketplace;
2. transactions are agreed upon only with the discretion of the participants; and
3. the platform does not perform the clearing and settlements of such transactions.

Communication within a marketplace can sometime fall within the definition of investment advice (which may lead to application of regulatory requirements, as well as civil liability).

The following classes of asset are considered as “financial instruments” for the purpose of the Securities Law, 1968, and are therefore regulated with respect to trading platforms and trading arenas:

• securities (as defined in the Securities Law, 1968);
• securities (debentures) issued by the State of Israel or the Bank of Israel;
• derivatives – any arrangement in which the value of such arrangement is derived from the value of currency, commodities, interest rates, exchange rates, index or the value of another financial instrument; and
• participation units in a “close” joint investment fund pursuant to the Joint Investments Trust Law, 1994.

A new endeavour by the Israeli Securities Authority may classify digital investment assets as financial instruments and subjugate such digital assets to the supervision of the Israeli Securities Authority. This endeavour has not yet been posted as a legislative proposal.

There are only a few active cryptocurrency exchanges in Israel, probably mainly due to the small market size and the reluctance of the banking system to provide banking services to entities engaged in cryptocurrency trading. Recently, the Bank of Israel issued guidelines to banks which may change this approach.

Cryptocurrency exchanges are regulated as providers of “services in financial assets”. The regulation applicable to exchanges and trading platforms has not been customised to cryptocurrency assets.

Some cryptocurrency assets are classified under Israeli law as securities or as derivatives (which are “financial instruments”), and therefore exchanges allowing the trade of such cryptocurrency assets are subject to the same regulations applicable to exchanges and platforms that trade securities or financial instruments. In view of the aforesaid, the few cryptocurrency exchanges operating in Israel currently do not allow the trading of security tokens or tokens which may be classified as “financial instruments”.

A new proposal promoted by the Israeli Securities Authority may classify digital investment assets as financial instruments and subjugate trading platforms offering those to the supervision of the Israeli Securities Authority (as an “exchange”, when the operator is not a counterparty to the transaction, or as a trading arena, when the operator is also the counterparty). This proposal has not yet been adopted as a legislative proposal.

The Tel Aviv Stock Exchange has clear listing standards for any securities traded therein.

There are no listing standards for trading platforms and trading arenas, which are not regulated.

There are no listing standards for regulated trading platforms, except for the few restrictions set forth in the Securities Law, 1968 or by the Israeli Securities Authority (eg, no trading of binary options). The Israeli Securities Authority is authorised to confirm the assets traded in regulated trading platforms.

Each trading platform/arena/marketplace establishes its own rules for listing of assets.

The Tel Aviv Stock Exchange has clear order handling rules, to which all participants in a trade are subject.

Regulated portfolio managers are subject to certain order handling rules promulgated by the Israeli Securities Authority (and to the rules of the Tel Aviv Stock Exchange).

Trading platforms and non-regulated trading arenas or marketplaces are not subject to order handling rules, but they are required to provide proper disclosure as to the mechanisms which they employ.

The authors have seen little impact on regulation caused by the rise of peer-to-peer trading platforms.

Moreover, the volume of trade in peer-to-peer trading platforms does not yet seem to impact on traditional players. Although there are Israeli users who trade at local or foreign trading platforms, it seems that typical users of such platforms are not necessarily users of similar services by traditional players.

There are fintech players who focus on peer-to-peer trading platforms, either as operators of such platforms or as providers of services and tools for such operators. Such focus is undoubtedly derived from the rise of said peer-to-peer trading platforms. This is significantly noticed with cryptocurrency.

Some players provide trade tools to their customers, which allow their customers to trade directly with the Tel Aviv Stock Exchange. Nonetheless, this is not regarded as peer-to-peer trading but rather as API access to trading with the stock exchange.

Players engaged in trading related to the Tel Aviv Stock Exchange are subject to best execution requirements.

Other players, including those of non-regulated activities, are not subject to best execution requirements.

Please note that some players do employ similar practices, due to commercial considerations (building reputation, avoiding claims based on negligence, etc).

For regulated players in trades relating to the Tel Aviv Stock Exchange, payment for order flow is generally allowed, subject to proper disclosure and certain restrictions designed to prevent conflict of interest or abuse.

Investment advisers and portfolio managers are required to disclose arrangements with third parties which may impact their services and create a conflict of interest, such as payment for order flow.

There are no restrictions relating to payment for order flow by other players or in other types of trading. Nonetheless, some types of payment for order flow may create inherent conflicts of interest, which will require disclosure (and which without such disclosure may lead to a breach of fiduciary duty).       

For trading at the Tel Aviv Stock Exchange, the stock exchange publishes detailed and comprehensive rules relating to market integrity and market abuse.

Some violations of market integrity (insider trading, etc) and some forms of market abuse are criminal and are subject to the supervision and enforcement of the Israeli Securities Authority.

For investment advisers and portfolio managers, the Israeli Securities Authority publishes rules relating to market integrity and market abuse.

Regulated trading platforms are subject to the supervision and enforcement of the Israeli Securities Authority, which partially relate to matters concerning market integrity and abuse.

There are no rules relating to market integrity and abuse for non-regulated activities.

There are no regulations applicable to the creation of high-frequency and algorithmic trading technologies, or to the use of such technology by end users, for their own benefit.

Services which employ high-frequency and algorithmic trading technology and also provide portfolio management services are subject to the same regulations applicable to portfolio management. The use of such technologies will require proper disclosure and check of the logic employed by technology tools and the level of risk assumed by such tools.

Regulated funds may use high-frequency and algorithmic trading only in accordance with the fund agreement and subject to the compulsory trade committee and risk committee.

There are no restrictions on the use of high-frequency and algorithmic trading by non-regulated hedge funds.

According to circulars of the Israeli Securities Authority, a trading platform can allow its users to use independent algorithmic trading tools subject to certain conditions, which are meant to ensure that the trading platform is not involved in recommending or suggesting specific investment strategy. 

The Tel Aviv Stock Exchange requires registration for market makers. Such registration should include the details of the relevant securities and an undertaking to act as market maker for a period of at least one year (subject to certain exemptions). The market maker is required to disclose the compensation to which it is allowed and the identity of the payer of such compensation.

A market maker is required to perform its actions from the market maker’s account (and not from the accounts of its clients).

There are no similar registration requirements with respect to similar functions in other platform or trading activities, although such functions may require disclosure.

Regulated funds which engage in high-frequency and algorithmic trading can do so only if such use was disclosed in the fund agreement and subject to the inspection and authorisation of the fund’s investment committee and risk committee.

Portfolio managers and regulated brokers are also required to provide proper disclosure as to the use of high-frequency and algorithmic trading.

There are no specific regulatory requirements with respect to non-regulated funds, dealers or players.

There are no specific regulations applicable to programmers and to the creation of trading algorithms and other electronic trading tools (as opposed to the use thereof by some players). Compensation models for programmers or programming that are based on the results of using the programme may in some cases turn the said services into investment advice.

The regulatory landscape for decentralised finance (DeFi) in Israel, like in many other jurisdictions, is still evolving. There is no specific regulation related to Defi, yet rules related to traditional finance could apply to DeFi in certain cases based on the substantial components of the type of each transaction traded therein. Therefore, it is likely that such transactions will be classified as lending, investments or otherwise. To date, there is no case law or known enforcement decision involving Defi-related activity.

There are no registration requirements for financial research platforms, as long as their activity is not classified as investment advice.

The term “investment advice” is defined as “giving advice to others on the profitability of investing in, holding, acquiring or selling (tradeable) securities or financial assets; for this purpose, ‘advice’ – whether direct or indirect, including by means of publication, in circulars, in professional opinions, by use of mail, facsimile or any other medium [...].”

The term “financial assets” is defined in the law as local and foreign funds and options, futures, structured products and index products.

Financial research platforms considered as providing advice will be subject to licence requirements if such advice relates to tradeable securities or “financial assets”.

Spreading of rumours and other unverified information with respect to activity regulated pursuant to the Securities Law, 1968 may be considered as fraud pursuant to Section 54 of said Law, which relates (among other things) to any attempt to influence the market or the decision of any person to buy securities, sell securities or refrain from doing so, based on information which such person knew or had to know was false or misleading.

There are no similar regulations directly applicable to other areas. In the event that the spreading of rumours and other unverified information was intended to accumulate profits to the person spreading such information, such actions may be regarded as deceit for the purpose of the Penal Law, 1977.

Any person exploiting a platform for market manipulation strategies, such as pump and dump schemes, spreading of inside information, or other types of unacceptable behaviour, is personally responsible for such actions and is subject to the relevant sanctions and liabilities.

Platforms avoid such actions by prohibiting them in such platforms’ terms of service, by employing technological measures to trace such activity and by banning users who exploit the platforms in such manner.

Some platforms block the ability to spread information among the participants in such platforms, in order to entirely prevent any such banned activities.

Insurance companies are subject to the Supervision of Financial Services (Insurance) Law, 1981 and the regulations promulgated thereunder. The said regulations require insurance companies to have underwriting processes and procedures but do not dictate the exact processes. Some of the underwriting requirements are connected to the similar requirements of the international co-insurers.

The underwriting process is adjusted to the type of insurance. There are specific requirements for different types of insurance.

Different types of insurance (eg, life, annuities, property and casualty) are treated differently by industry participants and by regulators.

• Automobile insurance – there is a compulsory insurance requirement for body damages and the scope and terms of such insurance are dictated by the regulator. Property damages are not subject to this requirement, but the terms thereof are practically standardised. Most car owners acquire an insurance policy which includes all these covers.
• Elementary insurance for residential houses and for small businesses – there are no special regulatory requirements, but there are common terms which are widely used.
• Travel insurance – there are regulatory requirements relating to this type of insurance, aimed at allowing proper disclosure and allowing the insured to compare between insurance proposals.
• Health insurance/nursing insurance – there are regulatory requirements relating to this type of insurance, aimed at allowing proper disclosure and allowing the insured to compare between insurance proposals.
• Life insurance – there are regulatory requirements relating to this type of insurance.
• “Manager’s insurance” – this insurance is basically a type of pension fund or long-term service combined into a life insurance product. There are regulatory requirements relating to this type of insurance.

Other types of insurance (eg, third-party liability insurance, employee liability insurance, construction works insurance, professional liability insurance) may have specific regulatory requirements but are unlikely to be offered by fintech companies, due to the specialised insurance coverage requirements.

There are no specific regulations applicable to regtech providers.

However, if the services require practices or include matters which are only allowed to be exercised by licensed professionals (eg, lawyers, accountants) then such activity may expose the regtech service provider to claims, unless it provides such services by duly licensed professionals. Furthermore, the use of regtech as a service sometimes raises privacy/data matters and questions regarding proper authorisation by end users.

The use of some regtech tools (eg, AML identification/authentication tools) by regulated entities sometimes requires approval of the regulator supervising such entities.

Banks and institutional investors are required to have an agreement with technology providers and to include contractual provisions which ensure performance and accuracy. Nonetheless, the regulations only require the regulated entity to check the compliance of the regtech provider and that the agreement will address certain matters but do not dictate specific contractual terms, so the actual terms are subject to negotiation.

In most agreements with technology providers, the financial service providers demand that the technology providers:

• undertake ongoing performance, including minimum downtime, service level agreement for customer support and tech support;
• ensure the accuracy of information and verify such information with the client;
• assume liability for all damages and indemnify the client;
• ensure confidentiality and cybersecurity; and
• comply with applicable regulations and standards.

While most traditional players have started to learn about possible implications of blockchain technology and consider implementing it, it seems there is slow implementation of blockchain technology in the financial services industry in Israel. 

The Bank of Israel has been actively exploring the use of blockchain technology to serve as a platform for the use of digital shekel (Israeli legal tender). In 2023, the Bank of Israel began forming working groups to examine certain aspects of the digital shekel, and released a document outlining several principles for the future token, as well as scenarios that might accelerate its adoption.

In September 2023, Israel’s High Court of Justice decided that banks are allowed to offer trading services in cryptocurrencies for its clients (HCJ 7364/22 Bits of Gold v Bank of Israel).

Blockchain itself is considered merely a vehicle or tool. As such, regulators do not address blockchain technology itself, but address the legal issues relating to the different uses of blockchain.

Thus far, the authors have seen some regulators expressly addressing the issue of blockchain.

• The Israeli Securities Authority issued a report, examining the various types of tokens and suggesting that while blockchain technology has advantages and should not be banned, the approval thereof for securities-related issues should be made on a case-by-case basis. The report addressed the classification of security tokens and introduced the intention to allow a regulatory sandbox for blockchain endeavours.
• The Capital Market Authority is the regulator responsible for regulating financial service providers relating to the holding, keeping, management, conversion or transfer of virtual currency for business purposes. The regulator issued an AML Order which determined the AML/CFT/KYC procedures applicable to such service providers. Recently, the Capital Markets Authority issued two drafts of circular related to requirements from financial service providers for the custody of financial assets, including special guidelines related to digital assets. 
• The Bank of Israel examined the implementation of blockchain activity by the Bank of Israel itself and has published circular which (i) allow banks to provide services relating to the blockchain industry, subject to risk analysis and mitigation and to a preliminary notice to the Bank of Israel; and (ii) guides banks providing financial services to customers engaging in cryptocurrencies regarding the checking of payments deriving from blockchain activity and the clients.

It should be noted that in 2018 the Israeli Tax Authority issued a circular regarding the taxation of cryptocurrency transactions. In December 2023, the Tax Authority initiated a pilot programme to facilitate tax payments when Israeli banks refuse to accept funds generated by cryptocurrency transactions.

A new proposal by the Israeli Securities Authority may classify digital investment assets as financial instruments and subjugate such digital assets to the supervision of the Israeli Securities Authority. This endeavour has not yet been published as a legislative proposal.

The regulation of blockchain assets is applied to “virtual currency” – a term which was not defined in the relevant legislation. This legislation is relatively new, and there is also no case law relating to the interpretation of the term. Recently, the AML Order issued to the regulated service providers defined “virtual currency” as “a digital unit of value which can be digitally traded or transferred, and which may be used for purposes of payment or investment”.

The Israeli Securities Authority and the Tax Authority adopted the distinction used in other jurisdictions, between:

• security tokens;
• utility tokens; and
• means of payment.

The Israeli Securities Authority follows the lines of the famous US “Howey” test, and has stated that it is not sufficient that a utility token will be used for certain utilities. Therefore, other factors need to be examined:

• the probable motivation of the buyers;
• the terms of the utility tokens and the implications thereof;
• the underlying obligations of the issuer; and
• the existence of secondary trade and the obligation of the issuer to promote such trade.

Currently, it seems that all types of cryptocurrencies are regulated as financial assets for AML/KYC purposes. Only security tokens are undoubtedly regulated by the Israeli Securities Authority. It is still unclear whether stablecoins will be regulated as financial instruments.

Although stablecoins have not been addressed in Israeli regulation, a recent paper by the Bank of Israel calls for monitoring and regulating the issuance of stablecoins in Israel by both the Bank of Israel and the Capital Market, Insurance and Savings Authority, and adopts some of the mechanisms set forth in the EU’s Markets in Crypto Assets Directive (MiCA) and the oversight framework for electronic payments (PISA).

A new endeavour of the Israeli Securities Authority may classify digital investment assets as financial instruments and subjugate such digital assets to the supervision of the Israeli Securities Authority. According to this initiative, NFTs and stablecoins are excluded from the definition of digital investment assets. This has not yet been adopted as a legislative proposal.

Issuers of blockchain assets are regulated by the Israeli Securities Authority as issuers of securities, if such blockchain assets are classified as securities in accordance with the tests employed by the regulator.

Issuers of utility tokens are not regulated, provided that such tokens are not classified as security tokens. For centralised blockchain, the issuer may be regarded as “holding” the tokens and as the entity which transfers tokens among holders, and in such event the issuer will be considered as a provider of “services in financial assets” and will be subject to regulation in this capacity.

Issuers of decentralised payment tokens (means of payment, eg, Bitcoin, Ethereum) are not regulated.

While the Bank of Israel has published a report calling for more oversight of stablecoins by both the Bank of Israel and the Capital Market, Insurance and Savings Authority, it seems that this proposal mainly applies to issuers of new asset stablecoins. There is no clear answer as to the regulation applicable to fully backed stablecoins, which are linked to foreign currency, although the current proposal excludes those from the definition of digital investment assets. The holding of the respective fiat currency will be regarded as provision of “services in financial assets”.

A new circular of the Securities Authority indicates that the issuance of tokens used for payments (eg, utility tokens) may be considered issuance of means of payment, which is regulated pursuant to the new Regulation of Payment Services and Payment Initiation Law, 2023, which will come into effect in June 2024.

Operators of blockchain asset trading platforms which do not classify as securities are regulated as providers of “services in financial assets” and are subject to licence requirements and to certain AML/CFT/KYC duties. This is applicable only if the platform holds, manages, keeps, converts or transfers crypto-assets (whether such actions are crypto-to-crypto or crypto-to-fiat, or vice versa). If the platform is the counterparty to the transactions or if it is involved in the clearing or settlement process, such platform will be regulated pursuant to the said classification of services.

A marketplace which only allows participants to directly trade crypto-assets, where the marketplace does not hold or transfer any blockchain assets, may not be regulated.

Blockchain asset trading platforms which allow trading of security tokens are subject to the same regulations applicable to trading platforms and trading arenas relating to securities or derivatives. Holders of securities trading licences are exempt from the need to obtain a “service in financial assets” licence.

Secondary market trading between individuals where there is no public offering is not regulated.

A new endeavour (not yet posted as legislation) may classify digital investment assets as securities or financial instruments and subjugate such digital assets to the supervision of the Israeli Securities Authority.

Investment in blockchain assets does not change the regulation applicable to funds. Where the activity of a fund is regulated, such regulation will apply to the investment in blockchain assets.

Blockchain assets not classified as securities or “financial instruments” will not trigger licence requirements pursuant to the Joint Investment Trust Law, 1994. Nonetheless, if the fund also invests in other assets, which are subject to regulations, the entire activity will be subject to regulations. This means that a fund which invests in one or more security tokens or tokens that are regarded as financial instruments will be required to obtain a licence, subject to the exemptions applicable to all funds (eg, fewer than 35 offerees/50 investors).

Israeli legislation currently only defines “virtual currency” (within secondary legislation – the AML Order) but there is no definition of other types of blockchain assets. According to the definition, virtual currency is any digital unit of value, which may be digitally traded or transferred and used for purposes of payment or investment. This broad definition will probably encompass all or at least most types of blockchain assets.

There is currently no definition of DeFi in Israeli regulations and no regulatory provisions applicable specifically to DeFi platforms. Therefore, such platforms will be classified according to the existing definitions. This means that DeFi platforms operating in Israel or offering services to Israelis will likely be subject to the regulations applicable to crypto-assets exchanges, as well as to the regulations applicable to lending.       

To date, there are no special regulatory treatments for NFTs. NFTs are classified according to their characteristics and are therefore likely to be categorised as either security tokens, utility tokens, digital assets (which are currently not regulated) or means of payment, although the current proposal excludes NFTs from the definition of digital investment assets. There is still no case law in Israel with regards to the classification of NFTs.       

In June 2022, the Financial Data Service Law, 2021 became effective. Said Law adopted an open banking standard similar to that of the PSD2, with respect to provision of financial information by banks and other financial institutions. Prior to the enactment of said Law, the Bank of Israel issued a directive which implemented the open banking standard both with respect to the provision of financial data services and to the initiation of payment instructions by banks. The Regulation of Payment Services and Payment Initiation Law, 2023, was enacted last May and will enter into force in June 2024, and allows non-banking payment operators to offer payment initiation services. That Law is also based on the principles of the EU’s PSD2.

Pursuant to the Financial Data Service Law, 2021 and the open banking directive of the Bank of Israel, banks and other financial institutions are required to grant licensed financial data service providers access to client information, at the client’s request. The licensing of financial data service providers is regulated by the Israel Securities Authority, except where such providers are already subject to the supervision of the Bank of Israel or the Capital Market, Insurance and Savings Authority.

The Financial Data Service Law and the Open Banking Directive of the Bank of Israel adopted the Berlin Protocol, which defines privacy and data security requirements. During the licensing process, service providers are required to demonstrate their compliance with such requirements. The transfer of information is performed at the instructions of the clients. Clients are allowed to choose among various “data baskets” and can limit the period of the authorisation granted to the service provider. The client can revoke the authorisation at any time.

Regulations relating to financial services and consumer protection legislation (when applicable) usually require proper disclosure to clients and prohibit false or misleading information. Incompliance (including fraud) may be subject to administrative penalties and may also be a ground for termination of a licence and criminal indictment.

The Torts Ordinance, which generally applies to any entity operating under Israel’s jurisdiction, defines fraud in a similar fashion to other common law jurisdictions, namely:

• false representation of fact;
• knowledge of falsehood and intent to deceive; and
• the plaintiff was deceived and suffered monetary damage.

Another form of fraud is securities fraud, which is strictly prohibited under the Securities Law, 1968.

The regulator in charge of preventing fraudulent behaviour relating to securities and investments (including in connection to crypto-assets classified as securities) is the Israeli Securities Authority, which has both administrative and criminal enforcement powers at its disposal. 

Civil enforcement is also very common in Israel, often engaged by class actions and sometimes also derivative proceedings. Plaintiffs and their lawyers are incentivised to bring such suits by receiving a significant percentage of the total remedy. These proceedings are particularly popular in claims involving securities fraud, consumer deceit, and violation of fiduciary duties, but can take place only in the event that the fraud affects many victims.