Fintech 2021

Last Updated March 18, 2021


Law and Practice


Yigal Arnon & Co. is at the forefront of the global fintech revolution. The fintech practice group of the firm consists of eight partners and eight associates. The banking, finance and hi-tech departments at the firm are among the leaders in their field in Israel, providing top-tier representation to all fintech clients, who require expertise in numerous areas. The collaborative teamwork of attorneys from these departments enables the provision of professional, comprehensive and complete solutions. Among the firm's highlights are the establishment of the first digital bank in Israel (the first bank to be greenlit in Israel in 40 years), representing the Paybox app and its licensee Discount Bank.

Israel is often regarded as a "startup nation", due to the fact that Israel produces more high-tech startups per capita than any other country, and fintech is an important part of the portfolio of Israeli start-up innovations.

During the past year, a evolution continued in the fintech market but there was no revolution. It is estimated that more than 400 fintech companies are operating in Israel. The scope of investments in Israeli fintech companies in 2019 was more than USD1.8 billion and it seems that 2020 does not fall short of that. According to publications by SNC, the scope of investments in fintech in Israel is the fifth largest in the world, in absolute terms.

The prominent trends include the following.

  • Additional endeavours and ventures involving Blockchain and cryptocurrencies, including new technologies and tools for the blockchain industry. Nonetheless, these technologies are scarcely implemented or operated in Israel, mainly due to  the relatively small scale of the Israeli market and the hesitancy, so far, of the banking system to provide banking services to any business which involves the use of cryptocurrency.
  • Improved interface with the banking system: Israel recently employed open banking activities, and banks are required to provide API access to third parties, which is mostly relevant to fintech companies. Moreover, there is more and more cooperation between banks and fintech companies, in mutual business, experimental utilisation of new technologies and investments.
  • Marketing and technological developments in the payments and micro-payments market (eg, EMV terminals implementation), following the forthcoming entrance of international players, like Apple.
  • Digital Bank: The Bank of Israel granted a banking licence to Israel’s first digital bank, which is expected to start operating by the end of 2021.
  • Regulatory changes: The Bank of Israel allowed additional flexibility to banks to utilise new technologies, including outsourcing and cloud computing (although banks are still subject to relatively rigorous restrictions); the Israeli Securities Authority published a circular regarding forthcoming sandbox environment which will allow important partial exemptions or reliefs to fintech companies (subject to pending amendment in the law); the Insurance and Capital Market Authority also expanded the flexibility of insurance companies, pension funds and financial service providers to interact with fintech companies.

It is estimated that these trends will also impact the fintech market in the next 12 months.

Israeli fintech companies are active in a wide range of verticals. The most prominent ones are:

  • payments (including mobile payment apps, micro-payments, b2b, b2c);
  • trade and investment apps and systems including algo-trading;
  • blockchain and cryptocurrency;
  • crowdfunding platforms;
  • lending and crowdlending;
  • insurtech;
  • data & analytics, including financial information and big data;
  • personal finance, personal planning and management;
  • customer engagement and on-boarding;
  • credit scoring, accounts aggregation, data analysis and management tools for financial service providers;
  • FinSec – security, fraud detection, identification, including biometric and other authentication tools.

In general, the mere development of technology and the licensing of such technology is not subject to regulation, except with respect to certain encryption technologies which are subject to permit requirements.


Nonetheless, the actual provision of services in the fintech industry may be subject to comprehensive regulations, depending on the relevant vertical. In a nutshell and subject to a more detailed description below, the regulatory regime applicable to the different type of participants includes:


Services providers which engage in taking deposits while extending credit are required to attain a banking license and are subject to extensive regulations relating to all aspects of the licensee’s operation, from capital adequacy, fit and proper scrutiny of the holders and up to consumer protection matters. As part of the regulations applicable to banks, they are subject to a local version of the Basel II and Basel III requirements. Banks receiving services from fintech companies are subject to regulatory requirements relating to outsourcing, cybersecurity, data security, cloud computing and other. Although the regulatory requirements apply to the banks, they also affect the fintech companies wishing to transact with banks.

Insurance, pension and long-term savings

Services involving the provision or distribution of insurance products, including pensions schemes, require an insurance licence or insurance brokerage licence. Insurance companies, which usually manage pension funds as well, are subject to extensive regulations relating to all aspects of their operations. Insurance companies receiving services from fintech companies are subject to regulatory requirements relating to capital adequacy, outsourcing, cybersecurity, data security, cloud computing and other. There are also limitations applicable to their investments in fintech companies.


Lending is subject to a licence requirement (subject to certain exceptions). The operation of peer-to-peer lending platform is also subject to a licence requirement. Both activities are subject to certain regulations, which are currently relatively simple. Banks, insurance companies and certain regulated entities are exempted from such license requirements. Please note that lenders cannot accept deposit from 30 persons or more, as such activity will subject them to the banking licence requirements.


Peer to peer trading platforms (exchanges) are subject to licence requirements, if the platform allows trading of securities or certain types of financial instruments, including derivatives. Trader arenas (where the operator thereof is the counterparty to the transactions) are subject to licence requirements, if the arena allows trading of securities or certain types of financial instruments, including derivatives. Trading of binary options and marketing of such trades are prohibited.

The operation of such platforms and arenas are subject to certain regulatory requirements, which are relatively simple. Trading of other types of assets is generally not subject to licence requirements but the clearing and settlement of payments is subject to licence requirements.

Payments, currency and other financial assets services

Any services which include the holding, keeping, conversion or transfer of funds, virtual currency or certain types of financial assets are subject to licence requirements and to certain regulatory requirements, mainly in connection with AML and Combating Financing of Terrorism. Accordingly, payment services are subject to such licence requirements and regulations. Banks, insurance companies and certain regulated entities are exempted from such licence requirements. Please note that if financial assets service providers hold funds, they are not allowed to extend loans, as such activity will impose a banking licence requirement.

Investment advice/marketing/portfolio management

Provision of advice relating to securities listed on an exchange and certain derivatives and structured products (eg, index products), or portfolio management services in connection therewith is subject to licence requirement and regulations (mainly in connection with proper disclosure, conflict of interest and AML/ CFT). Usually, the provision of an automatic technological tool which provides similar services (eg, API based algo-trading) is not considered regulated activity. Nonetheless, if the service provider is involved in the process and exercises discretion, receives a power of attorney from the investors or if the assets are held by the service provider, such activity may be subject to such licence requirement and regulations.

Joint investment funds

Management of mutual investment funds is subject to license requirement and to regulations, dealing (among other things) with disclosure requirements and the duty to:

  • publish investment policies and comply with such policies;
  • hold assets in escrow (with a regulated trustee); and
  • operate investment committee and risk committee.

Hedge funds

Joint investment funds which are limited to qualified investors and no more than 50 non-qualified investors (and 35 per annum), are not subject to the regulation applicable to joint investment funds. Qualified investors are institutional investors, large corporations and high-net worth individuals, as defined in the Securities Law 1968.

Credit data

The Bank of Israel operates a national credit information database. Transfer of information to the database and the use of credit information are subject to regulations.

Regtech, robo-advisers and similar consulting services

These are provided as automated services and are self-operated by the client, are not directly subject to regulations. Nonetheless, many potential users of such services are regulated entities, which are subject to regulations which may limit or affect such use.

Blockchain and cryptocurrency

The issuance or distribution of a token classified as security token (under the Israeli equivalent of the US “Howey” test, ie, the anticipation of the buyers for profits dependent on the work of others, the nature of the sale, the prospect of the tradability of the tokens etc.) are subject to regulation of securities. Issuance of tokens which are classified as utility tokens or decentralized payment tokens (eg, Bitcoin) are not regulated per se, but may be regulated under securities regulations if such issuance falls under the said criteria that demonstrates its "security" nature, as detailed above and in 12.3 Classification of Blockchain Assets (as is the case with many ICOs, TGEs, etc).

Certain types of tokens may be classified as derivatives (eg, stable coins based on coin-basket), and therefore the trade thereof may be subject to the regulations applicable to trading platforms, trading arenas or portfolio management, as the case may be.

Holding, keeping, conversion or transfer of tokens that are financial assts is subject to financial assets services regulations. The mere provision of technological tools which are then independently used by the user is not regulated

Open banking

Banks are required to allow service providers to receive information, subject to the relevant client’s consent. The Bank of Israel announced its intention to regulate such service providers, but as of February 2021 no such regulations have yet been published.


Any activity involving the holding or processing of identifiable personal information (relating to individuals) is subject to data protection regulation. The transfer or holding of personal information regarding Israeli resident individuals in databases located outside Israel is also subject to regulatory requirements.

Territorial Applicability

The application of the various regulations on activities which are performed (wholly or partially) outside Israel is somewhat different, with respect to each regulation. In a nutshell, Israeli regulation usually apply when:

  • the recipient of the services resides in Israel;
  • the agreement with the service provider is in Hebrew or applies Israeli law; or
  • the service provider performs marketing activities in Israel, in Hebrew or in channels that are mainly designated for Israelis.

Please note that the said rules of thumb do not apply to all regulations equally and the various regulators may have different approaches to the precise rules of territorial applicability.

In most cases, industry participants enjoy a high level of flexibility in the compensation models they employ.

There are some limitations.

  • With many types of services, it is required (or at least advisable) that the compensation model will not create inherent conflict of interest. In the regulations applicable to outsourcing of services by banks and insurance companies, this requirement is compulsory.
  • With some regulated financial service providers (eg, banks and insurance companies), it is not allowed to bill the end-users for services provided by such banks’ or insurance companies’ suppliers or service providers.
  • For pension advice, the compensation that the advisor receives from the pension funds must be uniform and identical across the board, in order to prevent the risk of a biased advice. This applies to fintech services that provide a similar function.
  • For credit services (lending) to individuals, there are restrictions as to interest rate and arrears interest rate. These restrictions apply to any type of compensation paid by the borrower in connection with the loan, regardless of the description thereof.

In view of the aforesaid, it seems that conceivable compensation models can be found, starting with fixed fees or percentage of the service's amount and ending with various types of success fees.


In most cases, proper disclosure is required. In general, fintech services provided to the end user (consumers) usually require a written agreement (which can be digitally provided and signed) and such agreement should specify the compensation for the services. In many cases, the agreement and the disclosure are part of the terms of services of the relevant software solution or online service.


Fintech services provided to certain financial service providers (eg, banks, insurance companies) require a written agreement (which may sometimes be in electronic form). In other cases, there may be no such regulatory requirement but nonetheless signing an agreement with fintech providers is the common practice.

There is no distinct and direct difference between regulations applicable to legacy players and fintech industry participants, but the different business model and different characteristics of the service does often result in application of different regulations, which may be materially different.

For instance, while banks are subject to extensive banking regulation with respect to their lending activity, private fintech lenders are subject to different regulations, which are much less strict. This difference is not due to the fact that the latter are fintech players, but rather because they only provide credit services and do not take deposits (or vice versa). In addition, banks are subject to the directives issued by the Bank of Israel (“Proper conduct of Banking Business Directives”) that do not apply to fintech companies.

A Bill proposal is designated to promote the development of fintech activities and simplify some of the bureaucracy and regulatory obstacles to which fintech companies are exposed. This proposal is in the preliminary stages of the legislation process and there is no certainty that it will be indeed accepted.

On January 2021, the Israeli government published a legislation proposal for the promotion of development of financial technology. This legislation encompasses all the regulators relevant to financial technology industry: the Bank of Israel, the Israeli Securities Authority (which initiated this process), the Capital Market Authority and the Innovation Authority.

Once this bill is accepted (and assuming that it will not materially change in the legislation process), it will allow:

  • "tailor made" regulatory reliefs and partial exemptions to fintech companies which are subject to license requirements; or
  • guidance and assistance from regulatory bodies.

In both cases, fintech companies will have the benefit of having to interact with one regulator only (depending on the relevant field of operation), which will coordinate its actions with the other relevant regulators.

In the meantime, the Israeli Securities Authority and the Innovation Authority jointly launched a pilot programme relating to data technologywith the participation of five fintech companies.

Subject to certain exceptions, this is the jurisdiction of each regulator relevant to fintech companies:

  • the Bank of Israel: banks, credit card issuers, credit card acquirers, financial service providers and other certain corporate entities controlled by them;
  • the Israeli Securities Authority: publicly traded companies and any entity which offers securities to the public, stock exchange, stock exchange members, trading platforms, trading arenas, crowdfunding, mutual investment funds, investment advisors, marketing agents and portfolio managers; and
  • the Capital Market Authority: Insurance companies, pension funds, credit providers, currency and other financial assets service providers, peer-to-peer lending and credit/deposit co-operative arrangements.

As a general rule, certain regulated financial institutions (eg, banks, insurance companies, pension funds) may not outsource their core activities, including the exercise of discretion over such core activities, but can outsource all other activities. Prior to outsourcing activities, the management of the financial institution must formulate a policy and analyse the risks associated with outsourcing of each activity. The agreement with the outsourcing provider must address certain matters, in order to ensure that the relevant risks are mitigated and that the activities of the service provider are monitored and supervised.

Other types of financial service providers can employ outsourcing without limitations.

In general, the mere development of technology and the license of such technology does not impose any “gatekeeper” liability or responsibility on the developer/provider of such technology.

  • In platforms, the operator may be liable for deviations from the terms of its licence, including with respect to the type of assets traded in the platform, the type of transactions or the type of users.
  • Fintech companies which provide regulated services are usually subject to AML/CFT regulations, which require them to validate the identity of their clients, perform KYC/CDD process, monitor the activity, report certain transactions and keep the relevant records. Failure to do so will expose them to liability.
  • In trading arenas in which the fintech company is a counterparty to each transaction, it is responsible for its activity in the arena, but not to the activity of the other parties.

The significant enforcement actions by regulators include:

  • the Bank of Israel: scrutiny of AML/CFT compliance; check of consumer complaints; administrative penalties against regulated entities;
  • the Israeli Securities Authority: prosecution of unpermitted public offerings of securities, operation of platforms; claims and investigations of insider trading; prosecution and investigations of fraud; scrutiny of AML/CFT compliance of portfolio managers; check of consumer complaints; administrative penalties against regulated entities; and
  • the Capital Market Authority: prosecution of unlicensed provision of services; claims and investigations of fraud; scrutiny of AML/CFT compliance; check of consumer complaints; administrative penalties against regulated entities.

There are several non-financial services regulations, which affect the activities of fintech companies.

  • Data Protection: any entity which operates, manages or holds database which includes personal information about individuals is subject to legal restrictions regarding the collection of such information and the use or transfer thereof. The regulations also relate to data security and cybersecurity measures, which holders of sensitive information are required to employ. The Privacy Authority also serves as the Registrar of Databases. Furthermore, in some cases fintech companies need to comply with applicable foreign data protection regulation (eg, GDPR). The National Cyber Headquarter issues guidelines and recommendations and also provides on-going information which assists IT managers. Although these publications are probably not binding, they are generally followed and might serve as a standard benchmark in case of investigation resulted from a security breach.
  • Competition: many arrangements relating to fintech may be subject to the scrutiny and approval of the Competition Authority. For example, co-operation among competitors may sometimes require approval or exemption from the Competition Authority. Furthermore, many arrangements between fintech companies and legacy players include exclusivity provisions or pricing matters, some of which may be subject to such approval or exemptions (or alternatively to self-assessment analysis). Some arrangements may be considered a “merger” for the purpose of the Economic Competition Law, 1988, and will require an approval.
  • Encryption: the manufacturing or use of encryption technology may require a permit from the Ministry of Defence. This requirement is not unique to fintech companies, but may affect them more than other fields, due to the importance of high-level encryption in many fintech products and services. Most encryption shelf-products are approved by the Ministry of Defence and once approved – no additional permit is required for using them.
  • Israel Money Laundering and Terror Financing Prohibition Authority: this authority directs and guides the other regulators but does not directly regulate the regulated entities.
  • Innovation Authority: start-up companies which voluntarily obtain governmental grants are subject to the supervision and regulation of the Innovation Authority. Usually, such supervision and regulation focus on the use of the grants, reporting and restrictions on the transfer or licence of the technology outside Israel.

Besides regulators, these are the main industry participants, which review the activities of industry participants:

Stock Exchange

Currently, there is only one stock exchange in Israel (the Tel Aviv Stock Exchange). Any stock exchange member and any listed corporations are subject to the rules and procedures of the stock exchange. These rules and procedures are supplemental to those of the Israeli Securities Authority.


Almost all corporations in Israel are required to have their financial reports audited by certified public accountants.

Banks and Financial Institutions

As part of their KYC procedure and their AML/CFT obligations and policies, banks and financial institutions sometime require review and inspection of fintech companies, prior to providing services to such companies. In many cases, such banks and financial institutions do not independently perform such review but rather instruct the fintech companies to obtain such review from third parties.

Law Firms

In many cases, fintech companies obtain legal advice from law firms, which review their activity and opine regarding any regulatory requirements, including licence requirements, compliance with applicable law and other duties. Although such legal opinion is not required under law, it may provide the fintech company and its officers and shareholder certain protection against certain penal criminal liability. Furthermore, such legal opinion is sometime required by banks and financial institutions and by investors where the regulatory regime is unclear.

Payments Hub/Payment Facilitators

In Israel, the infrastructure for the credit-card payment system is provided by one player – “SHVA” (which is a services company jointly controlled by several banks). Fintech companies in the payment vertical often need to interact with SVHA or with some of the payment facilitators who are already connected to SHVA’s infrastructure.

Compliance Service Providers

There are several service providers who assist fintech companies in the analysis of their AML/CFT requirements, the preparation of internal compliance policies and procedures and the on-going management and reporting duties.

As a general rule, regulated entities may provide additional services, which may include unregulated ones. There are a few important exceptions.


Banks, insurance companies and pension funds are only allowed to provide certain types of services, which are detailed in the relevant legislation. These requirements are designated to limit their risks and liabilities (and not to distinguish between regulated and unregulated activities).

Please note that although most of the activities permissible to such entities are regulated activities, they may engage in some minor unregulated activities.

Tel Aviv Stock Exchange

Stock exchange members are required to obtain the consent of the stock exchange prior to engaging in activities which are not related to their ordinary activities.

Credit Providers

Credit providers (lenders) cannot accept deposits from 30 persons or more (except for very limited activities which were exempt from the definition of deposits, like supplier’s credit), without a bank licence. Similarly, fintech companies which hold or manage funds for their clients cannot engage in lending of any type (except for very limited activities which were exempt from the definition of lending, like customer’s credit). Please note that operators of peer-to-peer lending platforms are not regarded as the lenders, and therefore are not subject to banking or lending licence requirements.

Ventures/Joint Ventures

There are many cases of ventures and joint ventures that offer both regulated and unregulated services and products. For example, in January 2021 Israel Discount Bank and Shufersal (Israel’s largest supermarket chains) announced a cooperation which upon its approval will merge the Bank's mobile payments app with the activity of Shufersal’s loyalty program (consumer club). 

Except for the limitations regarding the fees detailed above, there are no requirements for specific business models to be applied to different asset classes.

Currently, there is relatively little publicly available information regarding the use of robo-Advisors by institutional players in Israel. It seems that most players have developed their own internal tools, but it could be that some players obtain advise from robo-advisers tools of other vendors.

Some robo-advisers services are available to the public, mainly in the insurance field and specifically with respect to car insurance, elementary insurance for residential houses and travel insurance. Some comparison tools are available for investment houses and pension funds.

Robo-advisers which can also effect transactions usually require the same licence as legacy players acting in the same field. Accordingly, robo-Advisers service which allows direct procurement of insurance will usually require insurance brokerage licence. Similarly, robo-Advisers service which allows direct performance of investments will require a licence for investment advice/marketing/portfolio management.

As mentioned, there is relatively little publicly available information regarding the use of robo-advisers by institutional players in Israel. While many legacy players use robo-adviser tools, it is unclear whether these are independently developed tools or tools developed or supplied by fintech companies.

In most cases, the same rules would apply to legacy players and robo-advisers, in connection with best execution of trades. Consequently, robo-advisers must provide proper disclosure as to their best execution policy.

The Fair Credit Law provides certain protection to borrowers who are individuals, as opposed to corporations. The protection includes enhanced disclosure requirements, maximum interest rate limitation (applicable to all types of compensation which the lender collects), limitations on acceleration of the loan and other protections.

The regulator announced its intention to expand the said protection to corporate borrowers which are categorised as “small business”, but such amendment has not yet been legislated, so only small business which are owned by individuals and are not incorporated are protected.

Peer-to-peer lending became a regulated activity only recently, and it is believed that the regulator will issue directives and guidelines for the operation of such service in the near future.

There are certain regulations relating to mortgages in residential houses, which limit the ability to realise such mortgages, allows the resident to redeem the mortgage against the full payment of the loan at any point up to the actual sale thereof, and limit the charges for refinancing of such mortgage backed loans.

The common underwriting process include a check of the borrower, its financial condition, sources of income, other debt and liabilities, legal status, insolvency and other legal proceedings, credit scoring (if available), and assets. The underwriting process also includes a check of the purpose of the loan and of the collateral available to the lender.

The regulation applicable to banks and institutional entities (insurance companies, pension funds, etc) requires them to perform underwriting process, but does not dictate specific process. Capital adequacy requirements also incentivise good underwriting process, which may be required in order to apply CRM measures into the capital adequacy assessment.

The law prevents discrimination of clients with respect to the provision of financial services, including loans, and therefore prohibits considering non-relevant factors like gender, religion, ethnic group, etc.

There are no restrictions regarding to the source of funding which are unique to online lenders, and they are subject to the same restrictions and limitation applicable to all lenders.

  • Despite the fact that in peer-to-peer platform the funds are usually provided from many lenders (and much more than 30 different ones), such activity does not require a banking licence.
  • This exemption applies only when the platform is truly a peer-to-peer service, and such exemption may be inapplicable in the event of hybrid operation, when the same platform also allows non-peer-to-peer activity.
  • Peer to peer lending is allowed, but for certain types of platform operators there may be some quantitative limitations, regarding the aggregate sum provided be each lender and the maximum amount extended to each borrower.
  • There are no restrictions on the use of lender-raised capital for lending (except for limitation applicable to any equity raising).
  • Taking deposits from 30 persons or more, while extending credit, requires a banking licence. Please note that there are no limitations as to the amount of deposits, as long as there are no more than 29 depositors at any given time.
  • Please note that the term “taking deposits” is defined broadly in the Banking (Licensing) Law, 1981, and therefore a lender cannot effectively borrow funds from more than 29 persons, at any given time (regardless to whether such loans are defined as “deposits”).
  • Securitisations by lenders are allowed, but securitisation offered to the public may require a banking licence, subject to certain exemptions (which are indeed used by large credit providers) and to compliance with requirements applicable to the public offering of securities.

Syndication of loans is allowed with respect to online lending, but is rarely used in practice, mainly because:

  • in peer-to-peer platforms, syndication may deviate from the peer-to-peer structure and hence affect the classification of the platform; and
  • institutional investors (eg, insurance companies, pension funds) are subject to certain limitations with respect to syndication of loans, which makes syndication less appropriate for online lending.

There is no legal requirement to use only existing payment rails, and payment processors are legally allowed to create new ones. From a practical point of view, it can be difficult to find local counterparties or processors wish to use new rails, as the banking and other financial players currently use the same common rails (mainly credit card infrastructure, the ZAHAV system (Israel’s RTGS system) and MASAV (Israel’s inter-banks ETF system)).

Market players are expected, however, to adopt additional payment rails, like new implementations of ACH, in the near future.

Cross-border payment services are classified as “Services in Financial Assets” and are subject to license requirement. Additionally, cross-border remittance is subject to AML/CFT compliance, which requires identification/ KYC of the customer, obtaining information and documentation, monitoring of the activity, reporting of suspicions or large transactions (according to certain thresholds) and of suspicious one, and record keeping.

Payment service providers are required to employ risk-based approach in their AML/CFT policy and procedures.

Israel recently adopted the Payment Services Law, 2019, which is largely based on the EU’s PSD2.

The regulation of funds depends on the method such funds employ.

In general, administration of a fund engaged in securities or derivatives (including derivatives on other securities, currency, commodities, index, interest rates) requires a licence pursuant to the Joint Investment Trust Law, 1994 and is regulated pursuant to the said law.

There are no specific regulations applicable to an administrator of a fund, if the fund is not regulated. The Law exempts funds which are limited to qualified investors only plus up to 50 non-qualified investors. This structure is mainly used for hedge funds.

With respect to funds that are regulated pursuant to the Joint Investment Trust Law, 1994, the law requires certain disclosures and determines certain matters that must be addressed in in the fund’s contract. The contract cannot exempt the administrator or the trustee from the responsibilities set forth in the law. The contract has to be published as part of the fund’s prospectus.

Nonetheless, the commercial terms of the contract are not regulated (subject to certain restrictions, eg, prevention of certain kickbacks). There are certain terms that, although not mandatory, have become customary in light of the market conditions and competition. There are no regulations applicable to the contracts used by non-regulated funds. 

The law distinguishes between three types of trading marketplaces: trading platforms (exchange/ peer-to-peer), trading arenas and marketplaces.

Trade Platform (Exchange/Peer-to-Peer)

In this type of marketplace, the operator of the platform is not the counterparty to any of the transactions executed in the platform. The operator operates the platform and allows buyers and sellers to trade among themselves. The operator may be involved in the clearing and settlement of the transactions but is not a party thereto.

When a trading platform allows trading of tradeable securities or certain financial instruments (derivatives, participation units in certain joint investment funds), and if the platform automatically matches purchase and sale order or allows clearing and settlement of such transactions – it must have a stock exchange licence. Obtaining a stock exchange licence is particularly complex, to date, there is only one stock exchange licensed in Israel.

Trading platforms which only allow trading of other types of assets (eg, foreign currency) are not regulated. Trading platforms which do not automatically match transaction, so that the users have the discretion to approve each and every transaction, are also not regulated.

Trading Arena

For this type of platform, the operator of the platform is the counterparty to the transactions performed in such platform.

When a trading arena allows trading of tradeable securities or certain financial instruments (derivatives, participation units in certain joint investment funds), such activity requires a trading arena licence. Trading arenas acting in this model are prohibited from allowing the trade of binary options.


This type of marketplace only allows users to communicate with each other, but the trade is done directly between the relevant users and is not performed within the marketplace. There are no specific regulations applicable to a platform which only operates as a marketplace where:

  • the operator is not a counterparty to the transactions performed in the marketplace;
  • transactions are agreed upon only with the discretion of the participants; and
  • the operator does not perform the clearing and settlements of such transaction.

Please note that communication within a marketplace can sometime fall into the definition of investment advice.

The following classes of assets are considered as “financial instruments” for the purpose of the Securities Law, 1968, and are therefore regulated with respect to trading platforms and trading arena:

  • securities (as defined in the Securities Law, 1968);
  • securities (debentures) issued by the State of Israel or the Bank of Israel.
  • derivatives: any arrangement the value of which derives from the value of a currency, commodities, interest rates, exchange rates, index or the value of another financial instrument; and
  • participation units in a “closed” joint investment fund pursuant to the Joint Investments Trust Law, 1994.

The Minister of Finance is authorised to expand the classes of assets which are classified as financial instruments.

Please note that, regardless to the class of tradeable assets, a platform which is involved in the holding, keeping or transfer of financial assets will be subject to regulations as provider of “Services in Financial Assets”, if such platform is not regulated pursuant to other laws.

There are only few active cryptocurrency exchanges in Israel, mainly due to the reluctance of the banking system to provide any banking services to entities engaged in cryptocurrency trading. It is possible that the recent publication of AML order applicable to cryptocurrency service provider will change that.

Cryptocurrency exchanges are regulated as providers of “Services in Financial Assets”. The emergence of cryptocurrency exchanges has not changed the general regulation applicable to exchanges and trading platforms.

Please note that some cryptocurrency assets are classified as securities, pursuant to Israeli law, and therefore exchanges allowing the trade of such cryptocurrency assets are subject to the same regulation applicable to securities exchanges and platforms.


Some cryptocurrency assets may be classified as derivatives (eg, stable coin linked to a currency basket) and are therefore regarded as “financial instruments”, and exchanges allowing the trade of such cryptocurrency assets are subject to the same regulation applicable to exchanges and platforms for financial instruments.

In view of the aforesaid, the few cryptocurrency exchanges operating in Israel currently do not allow the trading of security tokens or tokens which may be classified as “financial instruments”.

The Tel Aviv Stock Exchange has clear listing standards, for any securities traded therein. There are no listing standards for unregulated trading platforms and trading arenas.

There are no listing standards for regulated trading platforms, except for few restrictions set forth in the Securities Law or by the Securities Authority (eg, no trade of binary options). Please note that the Israeli Securities Authority is authorised to approve (or limit) the assets traded in regulated trading platforms.

Each trading platform/arena/marketplace establishes its own rules for listing of assets.

The Tel Aviv Stock Exchange has clear order handling rules, to which all participants in the trade are subject.

Regulated portfolio managers are subject to certain order handling rules promulgated by the Securities Authority and to the rules of the Tel Aviv Stock Exchange as well.

Trading Platforms and non-regulated trading arena or marketplace are not subject to order handling rules.

There has been little impact on regulation caused by the rise of peer-to-peer trading platforms.

Moreover, the volume of trade in peer-to-peer trading platforms does not yet seem to impact traditional players. Although there are Israeli users who trade at local or foreign trading platforms, it seems that the typical user of the platforms is not necessarily a user of similar services used by traditional players.

There are fintech players who focus on peer-to-peer trading platforms, either as operator of such platforms or as providers of services and tools for such operators. Such focus is undoubtedly derived from the rise of the peer-to-peer trading platforms. This is significantly noticed with respect to cryptocurrency.

Some players provide trade tools to their customers, which allow the customers to trade directly on the Tel Aviv Stock Exchange. Nonetheless, this is not regarded as peer-to-peer trading but is rather API access to trading on the stock exchange.

Players engaged in trading for customers on the Tel Aviv Stock Exchange are subject to best execution requirements.

Other players, including those engaging in non-regulated activities, are not subject to best execution requirements, but they often do employ similar practices, due to commercial considerations (building reputation, avoiding claims, etc).

With respect to regulated players in trades on the Tel Aviv Stock Exchange, payment for order flow is generally allowed, subject to proper disclosure and certain restrictions designated to prevent conflict of interest or abuse.

Investment advisors and portfolio managers are required to disclose arrangements with third parties which may impact their services and create a conflict of interest, like payment for order flow.

There are no restrictions relating to payment for order flow by other players/in other types of trading. Nonetheless, some types of payment for order flow may create inherent conflict of interest, which requires disclosure to the customer (and absent such disclosure, may constitute a breach of fiduciary duty).

With respect to trading on the Tel Aviv Stock Exchange, the stock exchange publishes detailed and comprehensive rules relating to market integrity and market abuse. Some violations of market integrity and some forms of market abuse are criminal offences and are subject to the supervision and enforcement of the Israeli Securities Authority.

With respect to investment advisors and portfolio managers, the Israeli Securities Authority publishes rules relating to market integrity and market abuse. Regulated trading platforms are subject to the supervision and enforcement of the Israeli Securities Authority, which partially relate to matters concerning market integrity/abuse.

There are no rules relating to market integrity and abuse for non-regulated activities.

There are no regulations applicable to the creation of high-frequency and algorithmic trading technologies, or to the use of such technology by end-users, for their own benefit.

Services which employ high-frequency and algorithmic trading technology but also provide portfolio management services are subject to the same regulations applicable to portfolio management. The use of such technologies requires proper disclosure to the customers.

Regulated funds may use high-frequency and algorithmic trading only in accordance with the fund agreement and subject to the approvals of the mandatory trade and risk committees.

There are no restrictions on the use of high-frequency and algorithmic trading by non-regulated hedge funds.

The Tel Aviv Stock Exchange requires registration as market makers. Such registration should include the details of the relevant securities and an undertaking to act as market maker for a period of at least one year (subject to certain exemptions). The market maker is required to disclose the compensation to which it is allowed and the identity of the payer of such compensation.

A market maker is required to perform its actions from its own account (and not from the accounts of its clients).

There are no similar registration requirements with respect to similar functions in other platform or trading activities, although such function may require disclosure.

Regulated funds engaging in high-frequency and algorithmic trading can do so only if such use was disclosed in the fund agreement and subject to the inspection and authorisation of the fund’s investment and risk committees.

Portfolio managers and regulated brokers are also required to provide proper disclosure as to the use of high-frequency and algorithmic trading.

There are no specific regulatory requirements with respect to non-regulated funds, dealers or players.

There are no specific regulations applicable to programmers or to the creation of trading algorithms or other electronic trading tools (as opposed to the use thereof by some players).

There are no registration requirements for financial research platforms, as long as their activity is not classified as Investment advice.

The term “investment advice” is defined as “giving advice to others on the profitability of investing in, holding, acquiring or selling [tradeable] securities or financial assets; for this purpose, "advice" – whether direct or indirect, including by means of publication, in circulars, in professional opinions, by use of mail, facsimile or any other medium…”

The term “financial assets” is defined in the said law as local and foreign funds and options, futures, structured products and index products.

Financial research platforms which may be considered as providing advice will be subject to licence requirements if such advice relates to tradeable securities or “financial assets”.

Spreading of rumours or other unverified information with respect to activity regulated pursuant to the Securities Law, 1968, may be considered as fraud pursuant to Section 54 of the said law, which relates (among other things) to any attempt to influence the market or the decision of any person to buy or sell securities or refrain from doing so, based on information which such person knew or had to know to be false or misleading.

There are no similar regulations directly applicable to other areas. In the event that the intention behind the spreading of rumours or other unverified information was to generate profits or affect the trade, such actions may be regarded as criminal offences.

Any person exploiting a platform for pump and dump schemes, spreading of inside information, or other types of unacceptable behaviour is personally responsible to such actions and is subject to the relevant sanctions and liabilities.

Platforms avoid such actions by prohibiting them in the platform’s terms of service, by employing technologic measures to trace such activities and by banning users who exploit the platform in such manner.

Some platforms block the ability to spread information among the platform's participants in order to entirely prevent any such banned activities.

Insurance companies are subject to the Supervision of Financial Services (Insurance) Law, 1981 and the regulations promulgated thereunder. The said regulations require insurance companies to have underwriting process and procedures but do not dictate the exact process. Some of the underwriting requirements are connected to the similar requirements of the international co-insurers.

The underwriting process is adjusted to the type of insurance, and there are specific requirements with respect to certain types of insurance.

Different types of insurance (eg, life, annuities, property and casualty) are being treated differently by industry participants and by regulators. There are different treatments of the various types of insurance.

  • Automobile insurance: there is a mandatory insurance requirement for personal damages and the scope and terms of such insurance are dictated by the regulator. Property damages are not subject to this requirement, but the terms thereof are practically standardised. Please note that most car owners acquire an insurance policy which includes all the said covers.
  • Elementary insurance for residential houses and for small businesses: there are no special regulatory requirements but there are common terms which are widely used.
  • Travel insurance: there are regulatory requirements relating to this type of insurance, aimed to allow proper disclosure and to allow the insured to compare between insurance proposals.
  • Health insurance/Nursing Insurance: there are regulatory requirements relating to this type of insurance, aimed to allow proper disclosure and to allow the insured to compare between insurance proposals.
  • Life insurance: there are regulatory requirements relating to this type of insurance.
  • “Manager’s insurance”: this type of insurance is basically a type of pension fund with a life insurance component combined into an insurance product. There are regulatory requirements relating to this type of insurance.

Other types of insurance (eg, third-party liability insurance, employee liability insurance, construction works insurance, professional liability insurance) may have specific regulatory requirements but are unlikely to be offered by fintech companies, due to the specialised insurance coverage requirements.

There are no specific regulations applicable to Regtech providers.

However, if the services require practices or include matters which are allowed to be exercised by licensed professionals only (eg, lawyers, accountants, etc), then such activity may expose the Regtech service provider to claims, unless the Regtech provider provides such services by duly licensed professionals.

Banks and institutional investors are required to have an agreement with technology providers and to include contractual provisions which will ensure performance and accuracy. Nonetheless, the regulations only require that the agreement will address those matters and do not require specific contractual terms, so the actual terms are subject to negotiations.

In most agreements with technology providers, the financial service firms demand that the technology providers:

  • undertake on-going performance, including minimum down-time, SLA for customer support and tech support;
  • assure the accuracy of information and verify such information with the client;
  • assume liability for all damages and indemnify the client;
  • assume confidentiality and cybersecurity undertakings; and
  • assure compliance with applicable regulations and standards (eg, PCI-DSS).

While most traditional players have started to learn the implications of blockchain technologies and consider the adaptation thereof, it seems that it is still in the early stages of actual implementation of blockchain technologies in the financial services industry in Israel. Recently, Bank Hapoalim (one of the largest banks in Israel) announced its participation in the The Digital Guarantee Network promoted by TCS using blockchain technology.

In 2018, the Bank of Israel published a report examining the possibility of implementing blockchain technologies by the Bank of Israel. Its conclusion was, in a nutshell, that although such implementation in the future is not ruled out, the advantages thereof do not justify immediate implementation.

Blockchain itself is considered merely a vehicle or tool. As such, regulators do not address the blockchain technology itself but address the legal issues relating to its different uses.

Thus far, several regulators expressly addressed the use of blockchain technology mostly in the financial services industry.

  • The Israeli Securities Authority issued a report, examining the various types of tokens noting that while blockchain technology has advantages and should not be banned, the approval thereof should be made on a case-by-case basis. The report addressed the classification of tokens as securities, means of payment or as utility and recommended various policy measures and introduced the intention to allow a regulatory sandbox for blockchain ventures.
  • The Capital Markets Authority is the regulator responsible to regulate financial service providers which provide services related to the holding, keeping, management, conversion or transfer of financial instruments, including virtual currencies. Recently, this regulator issued an amendment to an AML order (scheduled to become effectice in the coming months) determining the AML/CFT/KYC procedures applicable to such service providers.
  • The Israeli Tax Authority was among the first governmental authorities to react, issuing two circulars addressing the taxation of transactions involving cryptocurrencies and Initial Coin Offerings (ICO).
  • The Bank of Israel refrained so far from issuing clear guidelines to the Israeli banks regarding providing banking services relating to cryptocurrencies. This luck of regulatory clarity has caused banks to be reluctant given concerns of high exposure to AML/CFT risks. Recently, the Bank of Israel partially backed this approach due to the high AML/CFT risk. Hopefully, the recent AML order amendment may be a significant step forward. 

While there is no designated regulation for Blockchain assets, recent years have witnessed the application of existing regulation to products based on blockchain technology, mainly "virtual currencies". . The recent amendment to the AML order defined “virtual currency” as “a digital unit of value which can be digitally traded or transferred and which may be used for purpose of payment or investment”. However, there is no case law relating to the interpretation of the definition.

The Israeli Securities Authority and the Tax Authority adopted the distinction used in other jurisdictions, between:

  • security tokens;
  • utility tokens; and
  • means of payment.

So far there is no clear regulatory position with regard to stable coins and the classification thereof (which were less known at the time such authorities issued their reports).

Distinguishing Security Tokens and Utility Tokens

While the Israeli Securities Authority acknowledges that the distinction between security tokens and utility tokens is not always clear, it has drawn several lines to guide the legal classification. The fact that a token is used to pay for certain utilities is not enough and other factors need to be taken into account:

  • the probable motivation of the buyers;
  • the terms of the utility tokens and the implications thereof;
  • the representation of the issuers and their underlying obligations issuer; and
  • the existence of secondary trade and the obligation of the issuer to promote such trade.

Currently, it seems that all types of cryptocurrency are regulated for AML/KYC purpose. Only security tokens are undoubtedly regulated by the Israeli Securities Authorities. It is still unclear whether stable coins will be regulated as Securities or “Financial Instruments”.

Issuers of blockchain assets are regulated by the Israeli Securities Authority as issuers of securities, if such blockchain assets are classified as securities in accordance with the above-mentioned tests.

  • Issuers of utility tokens are not regulated, provided that such tokens are not classified as security tokens. It should be noted that with centralised blockchain, the issuer may be regarded as “holding” the tokens and as the entity which transfers tokens among holders, and in such event the issuer is likely to be considered as a provider of “Services in Financial Asset” and therefore subject to regulation in this capacity.
  • Decentralised tokens which serve as means of payment (eg, Bitcoin) are not regulated.
  • It is still unclear whether issuers of stable coins will be regulated. It seems that stable coins that are not fully backed or that are linked to a currency basket are likely to be regulated as securities. There is no clear answer as to the regulation applicable to fully backed stable coins, which are linked to one currency (ie, USDC) that theoretically do not raise the "expectation for profit". Please note that the holding of the respective fiat currency will be regarded as provision of “Services in Financial Assets”.

Operators of blockchain asset trading platforms are regulated as providers of “Services in Financial Assets” and are subject to licence requirement and to certain AML/CFT/KYC duties. This is applicable only if the platform holds, manages, keeps, converts or transfers crypto-assets (whether such actions are crypto-to-crypto or crypto-to-fiat or vice versa). If the platform is the counterparty to the transactions or if it is involved in the clearing or settlement process, such platform will be regulated pursuant to the said classification of services.

A marketplace which only allows participants to directly trade crypto-assets, while the marketplace does not hold or transfer any blockchain assets, is not subject to regulation. Nonetheless, auxiliary services provided by marketplaces (eg, conversion) may subject them to regulation.

Blockchain asset trading platforms which allow trading of security tokens are subject to the same regulations applicable to trading platforms and trading arenas relating to securities or derivatives.

The investment in blockchain assets itself does not change the regulation applicable to funds. In the event that the activity of a fund is regulated, such regulation will apply to the investment in blockchain assets.

Blockchain assets which are not classified as securities or “financial instruments” do not trigger license requirements pursuant to the Joint Investment Trust Law, 1994. Nonetheless, if the fund also invests in other assets, which are subject to regulations, the entire activity will be subject to regulations. This means that a fund investing in one or more security tokens or tokens that are regarded as financial instruments will be required to obtain a license, unless one of the exemptions apply in connection with the number of non-Qualified investors.

Israeli legislation currently only defines “virtual currency” in an AML Order, but there is no definition for other types of blockchain assets. According to the said definition, virtual currency is any digital unit of value, which may be digitally traded or transferred and used for purpose of payment or investment. This broad definition of “virtual currency” will probably encompass all or at least most types of blockchain assets.

There is currently no definition for DeFi in Israeli regulation and no regulatory provisions applicable specifically to decentralised finance platforms. Therefore, such platforms will be classified according to the existing definitions.

On February 2020, the Bank of Israel partially adopted the open banking standard pursuant to PSD2, and issued a circular to the banks, which requires them to implement an interface for open banking. The circular only requires provision of information and does not currently require banks to allow the performance of transactions and instructions (although banks do allow that, in certain areas).

Due to the COVID-19 crisis, the Bank of Israel postponed the deadline for implementing this directive and it is expected to be effective, gradually, from October 2021 to March 2022.

The Bank of Israel is expected to issue an additional directive, for regulating the recipients of the information (which are likely to be fintech companies), but has not done that thus far.

Banks and technology providers have only started the implementation of the open banking architecture and raise many concerns regarding data privacy and data security. The open banking directive does require the consent of the client to any transfer of information, but this does not fully resolve such concerns. The lack of regulations and licensing for the service providers increases such concerns.

The transfer of information is performed at the instructions of the clients, but such instructions do not grant immunity to the banks. Moreover, such regulation will be essential when open banking is utilised for the performance of transactions.

Yigal Arnon & Co.

31 Hillel Street

(+972) 2 623 9239

(+972) 2 623 9234
Author Business Card

Law and Practice


Yigal Arnon & Co. is at the forefront of the global fintech revolution. The fintech practice group of the firm consists of eight partners and eight associates. The banking, finance and hi-tech departments at the firm are among the leaders in their field in Israel, providing top-tier representation to all fintech clients, who require expertise in numerous areas. The collaborative teamwork of attorneys from these departments enables the provision of professional, comprehensive and complete solutions. Among the firm's highlights are the establishment of the first digital bank in Israel (the first bank to be greenlit in Israel in 40 years), representing the Paybox app and its licensee Discount Bank.

Compare law and practice by selecting locations and topic(s)


Select Topic(s)

loading ...

Please select at least one chapter and one topic to use the compare functionality.