In 2024, the single biggest development in the digital assets space in Jersey has been the introduction of the Jersey Financial Services Commission (JFSC) Guidance Note on the Tokenisation of Real Words Assets (the “Tokenisation Guidance Note”), which relates to the representation of physical and traditional finance assets as digital tokens on a blockchain. Under the Tokenisation Guidance Note, Jersey issuers are required to meet specific requirements, including to be incorporated in Jersey, comply with AML legislation, and independent verification of underlying assets. The Tokenisation Guidance Note is an overlay to the existing Jersey regulatory regime, so – for example – if units in a Jersey fund are to be tokenised, the usual Jersey funds regime will apply to that fund before its units are able to be tokenised.

Stablecoins (which are tokens whose value is tied to a fiat currency such as one US dollar or one euro) were previously treated as cryptocurrencies by the JFSC but will now be viewed as tokenised real-world assets. The JFSC expects stablecoins to be fully asset-backed by low-risk assets such as money market funds, rather than algorithmically based.

Digital Assets

A variety of different digital asset businesses have been established, including:

• token issuances – see response to 2.2 Regulatory Regime;
• OTC digital assets trading platforms;
• crypto-backed exchange-traded note programmes;
• investment funds focused on investment into digital assets; and
• stablecoin issuance – see 1.1 Evolution of the Fintech Market and 10.3 Classification of Blockchain Assets;

Besides crypto, Jersey has also seen several businesses set up automated online exchanges and order matching platforms.

Exchanges/Investment Platforms

Jersey has seen the recent launch of several online exchanges (both for foreign currencies and for the trading of securities).

Overview of Jersey Regulation

A fintech business will need to be regulated by the JFSC if it is conducting “financial services business” under the Financial Services Law (ie, any of the classes listed therein by way of business), unless an exemption applies.

The most relevant classes of “financial services business” for the fintech sector under the Financial Services Law are:

• “investment business” – this includes dealing (or arranging for another to deal) in investments, undertaking discretionary investment management, or giving investment advice;
• “fund services business” – this includes acting as a manager, adviser or other service provider to certain funds;
• “trust company business” – this would be relevant for a custodian where it holds client assets on trust under the terms of an express trust; and
• “money service business” – this includes operating a bureau de change, or transmitting or receiving funds by wire or other electronic means.

Note that Jersey deliberately chose not to introduce digital-assets-specific legislation, but instead decided to regulate crypto/digital assets within its existing financial services legislation. Given the fast pace of development in this area, this has proven to be a wise decision.

Jersey also has an AML regime, primarily constituted by the Proceeds of Crime Jersey Law 1999 (the “Jersey POC Law”), the Proceeds of Crime (Supervisory Bodies) (Jersey) Law 2008 (the “Jersey POC SB Law”), and supplemented by the Handbook for the Prevention and Detection of Money Laundering and the Financing of Terrorism, issued by the JFSC (the “AML/CFT Handbook”) (together, the “Jersey AML Regime”). In short, if a person carries out certain activities listed in Schedule 2 of the Jersey POC Law, it may need to be registered under the Jersey POC SB Law, and comply with the requirements of the Jersey AML Regime accordingly.

Registration under the Financial Services Law and the Jersey POC SB Law can be an in-depth process, depending on the activity being undertaken. However, if a business is already registered under the Financial Services Law, a streamlined process of “deemed registration” is available under the Jersey POC SB Law.

Digital Asset Businesses

In 2023, Jersey introduced the virtual asset service provider (VASP) regime into  the Jersey AML Regime.

The FATF definition of a “VASP” has been incorporated verbatim into Schedule 2 of the Jersey POC Law. A VASP is defined by FATF as a natural or legal person or arrangement that carries on the business of conducting one or more of the following activities or operations to, for, or on behalf of another natural or legal person or arrangement:

• exchange between virtual (ie, digital) assets and fiat currencies;
• exchange between one or more forms of virtual assets;
• transfer of virtual assets;
• safekeeping or administration of virtual assets or instruments enabling control over virtual assets; and
• participation in and provision of financial services related to an issuer’s offer and or sale of a virtual asset.

Therefore, if a digital asset business falls within the definition of a VASP, that business is required to register with the JFSC under the Jersey POC SB Law.

Whether a digital asset business falls within the Jersey regulatory perimeter for “investment business” (see “Overview of Jersey Regulation”) depends on whether the relevant digital asset constitutes an “investment” as defined in the Financial Services Law. An “investment” includes a “security” – the relevant definition of which is set out in the JFSC’s Initial Coin and Token Offerings Guidance Note (the “IC/TO Guidance Note) for token issuance, which provides that a “security” would typically have characteristics usually associated with an equity or debt security in the traditional capital markets sense, including one or more of the following such characteristics (whether contractual or implied):

• a right to participate in the profits/earnings of the issuer or a related entity;
• a claim on the issuer or a related party’s assets;
• a general commitment from the issuer to redeem tokens in the future;
• a right to participate in the operation or management of the issuer or a related party; and/or
• expectation of a return on the amount paid for the tokens.

Tokenisation of Real-World Assets

In 2024, the JFSC published the Tokenisation Guidance Note, which relates to the representation of physical and traditional finance assets as digital tokens on a blockchain. Please refer to 1.1 Evolution of the Fintech Market for further details.

Investment Exchanges/Investment platforms

An investment exchange or an investment platform will require an investment business licence from the JFSC.

Online Foreign Exchange Platforms

Any online FX platform will require a money service business licence from the JFSC.

The compensation models used by industry participants to charge customers do not differ from traditional compensation models simply by reason of the fintech nature of their business.

As stated in 2.2 Regulatory Regime, Jersey has chosen not to introduce fintech-specific laws or regulations but instead to try and regulate fintech (including digital assets) within its existing financial services legal and regulatory regime.

Jersey does not operate a “sandbox” as such (unlike the UK’s Financial Conduct Authority). However, any Jersey company, limited partnership or unit trust is issued with a consent by the JFSC under Jersey’s principal regulation relating to the raising of capital in Jersey, the Control of Borrowing (Jersey) Order 1958 (COBO).

The JFSC are able to impose bespoke conditions on a newly incorporated entity’s COBO consent. This has the practical effect of imposing sandbox conditions on the entity – for example, the JFSC may decide that a new fintech business’ turnover may not exceed more than a stated amount without the JFSC’s prior consent, thereby limiting the business activities of the entity. In this way, the JFSC can impose sandbox-like conditions on a case-by-case basis, which is enormously helpful.

The JFSC is the principal relevant regulator in Jersey. For data protection, the Office of the Information Commissioner in Jersey has jurisdiction.

Regulations do not use no-action letters in Jersey.

Any Jersey business that is either regulated under the Financial Services Law or is registered with the JFSC under the Jersey POC SB Law needs to confirm whether the JFSC’s Outsourcing Policy will apply to any outsourced function. In summary, where a service provider performs outsourced activity as part of a business’ regulated activity or non-regulated activity and where the service provider’s inadequate performance of the outsourced activity would materially prevent, disrupt or impact upon the continuing compliance of that business’ regulated activity, such outsourcing activity is caught by the JFSC’s Outsourcing Policy.

The JFSC’s Outsourcing Policy sets out certain core principles as well as detailed guidance thereunder. The core principles are as follows.

• A business is responsible for and accountable to the JFSC for any outsourced activity.
• A business must ensure that any service provider performing outsourced activity is fit and proper.
• A business must put in place an outsourcing agreement with the service provider before the start of the outsourced activity.
• A business must maintain adequate capacity and resources to implement all necessary policies and procedures to ensure that a service provider continues to be fit and proper.
• A business must maintain suitable contingency plans in case a service provider’s performance suffers a material disruption or ends unexpectedly for any reason.
• Except for where the policy provides otherwise, a business must complete and submit an outsourcing notification to the JFSC before appointing a service provider.
• A business must ensure there is nothing in the service provider’s performance of the outsourced activity that would prevent or restrict the JFSC regulatory powers in respect of the business or the activity.

If the JFSC’s Outsourcing Policy does apply, the vendor needs to file an outsourcing notification with the JFSC.

There are no express regulations relating to fintech “providers” – although:

• if a fintech provider is subject to the Jersey AML Regime, that provider is required to ensure that activities on the platform comply with that regime (this includes carrying out KYC checks on customers); and
• if a fintech provider is carrying on any class of financial services business under the Financial Services Law, the provider is subject to the requirements of the applicable Code of Practice published by the JFSC.

There have been no significant enforcement actions by the JFSC in the fintech space.

As a small jurisdiction, Jersey has not seen a plethora of non-financial services regulations to deal with privacy, cybersecurity, social media content, or software development. Nonetheless, Jersey has implemented data protection legislation under the Data Protection (Jersey) Law 2018 and is deemed an “equivalent country” by the EU for the purposes of the EU’s data protection laws.

It should be noted that the JFSC has extensive investigation and enforcement powers. If it comes to the attention of the JFSC that a particular business’ behaviour is likely to cause reputational damage to Jersey, the JFSC will not hesitate to step in.

There are no express requirements placed on other vendors (such as lawyers and accountants) in relation to the activities of industry participants. However, such other vendors are keen to preserve Jersey’s reputation as a well-regulated financial services jurisdiction and will likely decline to act for marginal industry participants.

Generally, industry participants like to segregate their regulated business from their non-regulated business in a separate entity for a variety of reasons, including:

• calculation of regulatory capital requirements;
• reporting to the JFSC;
• accounting;
• segregation of assets and liabilities; and
• so that ancillary activities (eg, employing personnel and renting office space) can be undertaken by a non-regulated entity.

The JFSC have not issued any formal guidance on the preferred approach. However, such segregation makes the division of responsibilities clearer for the JFSC at the time of application and also makes ongoing regulatory supervision easier.

See response to 2.2 Regulatory Regime.

AML and sanctions rules in Jersey generally follow the standards imposed by FATF (see 2.2 Regulatory Response). Indeed, the MONEYVAL Fifth Round Mutual evaluation report, published on 24 July 2024, assessed Jersey against international standards (including the FATF Recommendations) to determine the effectiveness of its AML/CFT measures and concluded that Jersey’s effectiveness in preventing financial crime was among the highest level found in jurisdictions evaluated around the world.

There are no specific regulatory restrictions on the offering of otherwise regulated products and services from another jurisdiction in a reverse solicitation scenario, assuming these are non-Jersey products and any services are being provided from outside Jersey. In the event that any financial services are being marketed into Jersey then there are content requirements that may apply. If the products or services are to be advertised in Jersey or offered to Jersey investors (other than by way of reverse solicitation), then further advice is recommended.

See 2.2 Regulatory Regime. In addition the provision of “investment advice” by way of business in or from within Jersey (in summary, advising as to the merits of buying/selling any assets that are classified as “investments” under the Financial Services Law) will require an investment business licence (subject to any available exemptions). The definition of “investments” is widely drafted and includes various securities (including shares in companies and debentures) and derivatives, but not fiat cash or non-security cryptocurrencies.

In order to set up an investment business in Jersey, a company would need to have Jersey staff and premises, including at least two or three appropriately qualified and experienced local directors (depending upon whether or not the investment business will control client assets) and its own local compliance function.

The position is the same regardless of whether the investment advice is provided via a traditional investment advisory model or using an automated system such as a robo-adviser.

The authors’ experience in Jersey is that, although there are a small number of local investment platforms that deal in investments on an automated basis with little or no manual intervention, the use of robo-advisers is not widespread.

The JFSC has published an Investment Business Code of Practice (the “IB Code”), which contains a number of high-level principles with which all investment businesses must comply and then drills down into the specifics of the manner in which an investment business must comply with each principle. The IB Code covers matters such as corporate governance, systems and controls, minimum financial resources, and insurance – as well as integrity in dealing with clients – and is significantly less prescriptive than the equivalent regulations in many other jurisdictions (eg, the UK).

The IB Code requires that an investment business must have the highest regard for the interests of its client and, to that end, must execute any trades in a timely manner and following best execution principles – for example, by taking reasonable care to ascertain the result that is the best possible at the time for transactions of the kind and size concerned.

The regulatory regime applicable to a lender under Jersey law depends on the lender and the activity itself, not the status of the borrower. However, there is ongoing government consultation on such matters, and the authors recommend that the position is confirmed at the relevant time. All lenders should therefore be aware of the following.

• Lenders carrying on “deposit-taking business” (in summary, using deposits received from one person to lend to another or to otherwise finance its activities) “in or within Jersey” will need to comply with the Banking Business (Jersey) Law 1991, as well as its associated legislation and code of practice.
• By comparison, “pure lending” and the extension of credit is not itself an activity that is currently regulated by the JFSC. If lending “as a business” (which is subjective) in or from within Jersey, the lender will be required to be registered under the Jersey POC SB Law, potentially supervised, and required to comply with the Jersey AML Regime generally.
• Jersey tax-resident companies (including limited liability companies) and partnerships (including non-Jersey equivalents) are also required to comply with the Jersey economic substance regime. The activities of “banking business” (in summary, activity that requires it to be registered to carry on “deposit-taking business”) and “finance and leasing business” (in summary, providing credit facilities of any kind for consideration, with some exceptions) are activities to which the economic substance test may apply.
• Lenders that are Jersey-incorporated or Jersey-established vehicles raising funds by way of capital will need to comply with the terms of the consent issued to them under the COBO (see 2.5 Regulatory Sandbox for more on COBO).

Jersey law does not specifically provide for the regulation of the underwriting process, which usually takes place onshore. Lenders should therefore ensure they comply with the underwriting requirements of any relevant jurisdiction in which the underwriting process is being conducted.

Subject to the lender complying with the applicable regulatory regime, AML requirements, and Jersey law generally (see 4.1 Differences in the Business or Regulation of Fiat Currency Loans Provided to Different Entities), the source of its funding to make loans is not restricted. Accordingly, Jersey has a number of lenders who operate on a peer-to-peer basis by raising capital through issuing securities, by taking deposits, and by securitisations.

Jersey law does not specifically provide for the regulation of the syndication process, which usually takes place onshore. Lenders should therefore ensure they comply with the syndication requirements of any relevant jurisdiction in which syndication is being conducted.

There are no restrictions upon the use of existing payment rails vis-a-vis the creation or implementation of new payment rails, provided that payment processors obtain all necessary Jersey regulatory licences. The type of licence that is most likely to be required in this context is a money service business licence (see 2.2 Regulatory Regime) and an analysis would need to be carried out on a case-by-case basis as to whether any such licensing requirement would be triggered in the circumstances.

A limited exemption is available for companies that have a turnover of less than GBP300,000 per financial period. However, they would still need to notify the JFSC of their intention to rely upon that exemption.

See 2.2 Regulatory Regime and 5.1 Payment Processors’ Use of Payment Rails. If a payment processor will carry out any of the following activities by way of business  in or from within Jersey, it will generally require a money service business licence:

• bureau de change;
• providing cheque-cashing services;
• transmitting or receiving funds by wire or other electronic means; and
• engaging in money transmission services.

The JFSC has published a Code of Practice for Money Service Business, which covers broadly similar principles to the IB Code, and requires compliance with the Jersey AML Regime.

Please note that, as Jersey is not a member of the EU, the EU Payment Services Directive does not apply in Jersey.

Jersey-based operators of investment platforms will generally be required to obtain an investment business licence to deal in investments and operate an investment exchange (see 2.2 Regulatory Regime and 3. Robo-Advisers) and will therefore need to comply with the relevant sections of the IB Code. There are no restrictions upon the types of marketplaces and trading platforms that may be used, provided that those requirements are met in each case.

The Jersey regulatory regime generally depends upon the type of activity/investment vehicle, rather than the asset class.

However, the JFSC views involvement in digital assets such as cryptocurrencies as a “sensitive activity” for the purposes of its Sound Business Practice Policy (SBPP) and therefore applies greater scrutiny when issuing regulatory consents in relation to vehicles that invest or deal in such assets. See 2.2 Regulatory Regime for further detail regarding the manner in which digital asset businesses may need to be regulated and/or registered as a VASP under the Jersey POC SB Law.

See 2.2 Regulatory Regime and 6.2 Regulation of Different Asset Classes.

There are generally no Jersey-specific requirements regarding the investment exchanges/associated listing standards that must be used by Jersey-based exchanges and trading platforms. However, where a consent is sought from the JFSC, they would generally expect any such exchanges to be based in reputable FATF jurisdictions.

See 3.3 Issues Relating to Best Execution of Customer Trades. The IB Code requires investment businesses to treat their clients fairly and sets out the JFSC’s requirements regarding matters such as switching and churning, client order priority (including fair allocation), and best execution.

Historically, peer-to-peer trading platforms in Jersey have been highly competitive in comparison with traditional trading platforms. Also, they have typically charged lower fees.

In terms of regulation, the Financial Services Law expressly includes operating an investment platform (of any nature) as a class of “investment business” (see 2.2 Regulatory Regime).

There are no specific Jersey requirements beyond the (limited) rules set out in the IB Code.

The Financial Services Law sets out criminal offences for matters such as insider dealing and market manipulation. By way of example, it is a criminal offence for any person (regardless of whether or not they are regulated in Jersey) to make misleading, false or deceptive statements, promises or forecasts in order to induce another person to:

• enter into an arrangement that constitutes financial services business; or
• exercise/refrain from exercising any right conferred by an investment.

There is no specific regulation that exists for high-frequency and algorithmic trading platforms in Jersey.

Market makers who are dealing in investments are exempt from registration for carrying on investment business under the Financial Services Law. This exemption is made pursuant to the Financial Services (Investment Business (Restricted Investment Business Exemption)) (Jersey) Order 2001 (the “IB Exemption Order”).

If a fund is carrying on the activities in 7.2 Requirement to Be Licensed or Otherwise Register as Market Makers When Functioning in a Principal Capacity, the fund is not required to obtain a separate regulatory licence, provided that such activities are provided for and on behalf of the fund. However, if a dealer is engaged in activities in 7.2 Requirement to Be Licensed or Otherwise Register as Market Makers When Functioning in a Principal Capacity, then the dealer requires an investment business licence under the Financial Services Law.

Programmers who develop and create trading algorithms and other electronic trading tools are not themselves regulated.

Jersey does not have any material level of insurance businesses.

Insurance businesses are required to be regulated under the Financial Services Law for general insurance mediation business as principal or agent if they conduct any of the following activities:

• giving general insurance advice or arranging for persons to enter into contracts of general insurance;
• giving general insurance advice to a person in relation to particular contracts of general insurance;
• arranging for the entry of persons into contracts of general insurance with other persons;
• assisting in the administration and performance of contracts of general insurance; or
• agreeing to perform any of the above-mentioned activities.

A person classified as carrying on insurance business for the purpose of the Insurance Business (Jersey) Law 1996 is also required to be registered under, and comply with the requirements of, that law.

Jersey providers of regulatory technology known (“regtech”) may fall to be regulated under the Financial Services Law, depending upon their business model and whether or not they will conduct any of the activities referred to in 2.2 Regulatory Regime. If such providers will simply provide the software to enable other regulated businesses to properly conduct their own activities, they are unlikely to require to be licensed under the Financial Services Law.

The contractual terms would typically be a matter of industry custom and would cover the usual matters such as fees, indemnities, termination provisions, and scope of work. The JFSC’s Outsourcing Policy may require the contract to contain certain matters where the services are provided to entities that are regulated in Jersey – for example, to enable to the JFSC to access the records and premises of the regtech provider if needed in connection with the regulated entity’s activities.

Blockchain technology is being implemented by financial institutions such as banks and payment service providers by streamlining payment systems.

Banks and payment service provides use blockchain technology to:

• securely store customer information and transaction data;
• improve transaction speed, thus ensuring that customer transactions complete quicker;
• intercept suspicious transaction activity; and
• reduce error handling.

There are no specific rule proposals or interpretations for blockchain technology itself in Jersey.

Not all blockchain assets are regulated financial instruments. Blockchain assets such as cryptocurrencies and/or tokens are treated as another asset class within Jersey’s existing financial services legislation. The key factors are the underlying purpose of the tokens and whether they are tradeable or transferable. Please see 1.1 Evolution of the Fintech Market for the classification of tokens in Jersey.

As stated in 1.1 Evolution of the Fintech Market, stablecoins are now viewed as tokenised real-world assets. The JFSC will require the following information to be included in any application to launch a stablecoin (although it should be noted that this is not an exhaustive list of the required information):

• details of the assets being held as collateral (eg, cash and cash equivalents) and clear information on the short-term liquidity of those assets;
• collateral custody arrangements – for example, whether there are multiple custodians to reduce any concentration risk;
• information on who may directly purchase the stablecoins from the issuer (eg, authorised participants) and who can redeem their stablecoins for fiat currencies; and
• details of any de minimis threshold for issuance and/or redemption of the stablecoins.

The JFSC’s IC/TO Guidance Note and the Tokenisation Guidance Note require issuers of blockchain assets to comply with certain requirements in order to issue and tokenise blockchain assets such as cryptocurrencies, tokens and stablecoins.

As mentioned in 6.2 Regulation of Different Asset Classes, the JFSC views crypto as a “sensitive activity” under the JFSC’s SBPP. On that basis, any Jersey issuer of a cryptographic coin or token will need to comply with the requirements relating to the relevant category of token under the IC/TO Guidance Note (which will vary according to factors such as whether or not the token is a security token) or the Tokenisation Guidance Note and obtain a bespoke COBO consent from the JFSC.

Blockchain asset trading platforms that facilitate the trading of security tokens will require an investment business licence under the Financial Services Law. Even if the blockchain assets do not constitute security tokens and therefore would not trigger the above-mentioned requirement, the JFSC regards crypto as a sensitive activity (see 6.2 Regulation of Different Asset Classes), so the trading platform would still be subject to quasi regulation by the JFSC.

In the event that the operator of the trading platform may be considered a VASP, then it would be required to register for AML purposes in accordance with the Jersey POC SB Law. This is an in-depth process.

Generally, staking is unregulated in Jersey (provided that the staking activities do not involve establishing or operating an investment vehicle). Further advice is recommended.

Lending of cryptocurrencies is not a regulated activity in Jersey. However, as the JFSC views crypto as a sensitive activity (see 6.2 Regulation of Different Asset Classes), further advice is recommended if such activities are proposed.

A Jersey fund or exchange-traded note programme (“investment vehicle”) that invests in any type of crypto (including crypto derivatives) will need to comply with the usual Jersey legal and regulatory requirements applicable to the relevant type of investment vehicle. The JFSC is likely to apply additional scrutiny, given that the crypto-asset class is classified as “sensitive” under the SBPP (see 6.2 Regulation of Different Asset Classes).

If the cryptocurrency derivatives reference non-security tokens, then foregoing will apply. However, if a Jersey issuer intends to issue derivatives that are referable to security tokens, then – in addition to the foregoing – it will need to comply with the requirements of the JFSC’s Guidance Note on the Securities Issues by Jersey Companies (the “Securities Policy”).

The requirements may be varied at the JFSC’s discretion. The JFSC may apply additional requirements where considered appropriate – for example, if a securities issue is not clearly targeted at sophisticated investors.

In Jersey, there are no specific regulations governing DeFi.

The trading of security tokens or cryptocurrencies constitute an “investment” for Jersey purposes. Such activities would potentially require an investment business licence to be obtained under the Financial Services Law (subject to any available exemptions).

Funds that invest in blockchain assets are regulated within Jersey’s existing fund regime. During the past few years, Jersey has seen an increase in the number of Jersey private funds that invest in blockchain assets such as crypto-assets. The JFSC exercises more scrutiny over these funds, as crypto is a “sensitive activity” under the SBPP (see6.2 Regulation of Different Asset Classes).

Over and above the requirements applicable to Jersey funds, the JFSC generally expects funds that invest in crypto-assets to meet the following requirements.

• The fund needs to have a prospectus setting out all the details of the fund, including appropriate risk factors relating to the crypto-assets that the fund will be investing in.
• The fund needs to have credible and regulated service providers such as custodians.
• The fund needs to be strictly targeted at professional and institutional investors.

Jersey does not have the concept of a virtual currency or a blockchain asset. However, the Jersey POC Law defines a “virtual asset” as a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes.

The regulation of NFTs and NFT platforms depends on whether or not the issuer of the NFT is raising capital by issuing the NFT. If, for example, the NFT is issued purely on a reward basis and there is no remuneration for such issuance, then there is no need to obtain a bespoke COBO consent from the JFSC. However, if the issuer of the NFT is raising capital by issuing the NFT, then a bespoke COBO consent is required.

From an AML perspective, the issuer of the NFT may need to register as a VASP if the NFT is issued on behalf of third parties and is issued by way of business.

Jersey is a leading international finance centre and open banking is recognised by industry as an opportunity to help boost both competition and the variety of products in the banking, credit cards, and payments space. While there is no general open banking framework in Jersey, there are no barriers to banks negotiating individual open-banking style standards and contractual terms with third parties (subject to complying with Jersey law generally, including the data protection regime). A watching brief is currently being maintained by the Jersey government, Jersey Finance, Digital Jersey, the JFSC and wider industry on the success of open banking in the UK and local demand.

Jersey does, however, have various elements that are consistent with supporting open banking. By way of example, although not a member of the EU, Jersey has introduced the EU Legislation (Payment Services – SEPA) (Amendment) (Jersey) Regulations 2015, thereby enabling Jersey banks to participate in the Single Euro Payments Area (SEPA) and therefore make euro payments to and from EU banks subject to the protections and support of the SEPA rules. Jersey is also a recognised part of the UK payment system and, as such, offers the protections of that system.

Jersey has also developed a strong digital economy, becoming a world leader in connectivity and digital infrastructure. Its data protection regime and legislation has also been assessed as fully compliant by the EC for the purposes of the EU General Data Protection Regulation (GDPR), meaning that firms can rely on the free flow of data between Jersey and EU member states.

The Data Protection (Jersey) Law 2018 introduced a data protection regime in Jersey that is largely equivalent to the principles of the GDPR. As such, the issues faced by the EU in balancing the Second Payment Services Directive (“PSD2”) (which permits third parties to access account information and offer new financial services) with the requirements of the GDPR (which seeks to protect that information) will need to be similarly addressed in Jersey. To that end, the authors note that the European Data Protection Board published guidelines on balancing PSD2 with the GDPR (which include obtaining explicit consent from the consumer and taking responsibility for data breaches) and expect Jersey businesses to be under the same direction. Whether this balance is achieved by blockchain initiatives involving encryption or otherwise are all considerations that can be explored by stakeholders.

Jersey law recognises fraud (dol) as both a customary law crime and as a defect that can cause a contract to become voidable at the instance of the innocent party. Fraud (dol) is defined widely as any method by which one person might deceive another, including fraudulent misrepresentation. The principal element of fraud (dol) is dishonesty. The customary law crime of fraud (dol) must be proved beyond a reasonable doubt. A civil law (eg, contractual) claim based on fraud (dol) must be proved on a balance of probabilities, based on cogent evidence.

Regulated businesses (including those that are subject to supervised AML regulation – for example, VASPs) are required to apply systems and controls that effectively combat financial crime risk. The consequence of this regulatory regime is that, in practice, the crime of fraud (dol) is rarely charged in the financial services context (there are no criminal cases of fraud (dol) in the context of fintech). Equally, while contractual claims based on fraud (dol) do come before the Jersey courts from time to time, it is rare for these cases to arise in the context of financial services.

The regulator will be concerned where fraud occurs inside a regulated business (eg, where an employee of a regulated business has used their position to perpetrate a fraud) and where the regulated business has been the victim of fraud. Both situations could mean that there has been a failure of systems and controls within the regulated business and both situations have the potential to jeopardise Jersey’s reputation as a safe and reliable jurisdiction for financial services and fintech. As such, the regulator would want to understand whether systems and controls have failed and – if so – why have they failed and what will be done to ensure that such failure does not occur in future.

When a fraud has taken place, the regulator will usually place emphasis on whether customers have been adversely affected and – if so – how that will be remediated. Equally, given that the principal element of fraud (dol) is dishonesty, the regulator will be concerned about determining whether the incident places in issue the fitness and propriety of a regulated business or any person working within a regulated business.

The situations in – and the extent to – which a fintech service provider would be held responsible for losses suffered by a customer will be determined by the liability provisions set out in the agreement between the service provider and the customer. It is not possible for the service provider to exclude liability for its own fraud (including a fraud perpetrated by its employees or agents). It is possible, in certain circumstances, for the service provided to exclude liability for losses suffered by a customer that were caused by a fraud perpetrated by an external party.