Financial Technology – best known as Fintech – refers to the integration of technology in delivering of financial services to customers. In the wake of the technology era and the growth of the digital arena, Fintech is rapidly developing as an industry on its own in Kenya. It has stopped being a support tool, and is fast developing into a sector that requires regulation.

Fintech cuts across various sectors including asset management, digital credit provision, health, insurance, mobile payments and money remittance operations. Although the Central Bank of Kenya (CBK) is the primary regulator in the financial sector, the nature of Fintech leads to a multiplicity in its regulatory framework as herein outlined.

a) Asset Management

The Capital Markets Authority is mandated to develop a framework to facilitate the use of e-commerce for the development of capital markets in Kenya. The Authority has thus established Kenya’s Regulatory Sandbox framework in 2019 to allow companies in the sector to test innovative products, solutions or services that have the potential to broaden the capital markets.

b) Digital Credit Providers

The Central Bank of Kenya (Digital Credit Providers) Regulations were published in 2022 to regulate this sector. These regulations mandate any person who wishes to provide digital credit to consumers in Keya to apply for licensing from the Central bank of Kenya.

c) Mobile Payment Services

Mobile Payment services fall under the ambit of the National Payment Systems Act, 2011 and the Kenya Information and Communications Act (KICA), 1998. The National Payment Systems Act regulates the modes of payments and the payment service providers, while KICA regulates all mobile network operators in Kenya. Therefore, all telecommunications companies must be licensed in under KICA and authorized to provide mobile payment services by the Central Bank of Kenya.

d) Money Remittance Operations

Money Remittance operators are regulated by the Money Remittance Regulations of 2013 which stipulate that these operators must be incorporated as limited liability companies under the

Companies Act, must obtain approval from the bank for the proposed business name which must contain the words ‘money remittance’ or ‘money transfer’, and they must be licensed to provide money remittance services.

OTHER REGULATIONS

The above specific regulations notwithstanding, compliance in the Fintech sector requires adherence to other laws and legislations of general application in Kenya:

a) Consumer Protection Act, 2012

This law protects consumers in this sector and prevents unfair trade practices. The players in the Fintech sector have to be very careful to incorporate in their businesses and comply with the primary principles of consumer protection that include:

i) Provision of goods and services of reasonable quality;

ii) Disclosure of necessary information to enable consumers gain full benefit from goods and services;

iii) Ensuring protection of consumer health, safety and economic interests; 

iv) Compensation for loss or injury arising from defects in goods or services.

Although some regulations in the sector like the Central Bank of Kenya (Digital Credit Providers) Regulations, 2022 and the National Payments Service Regulations, 2014 address some of the consumer protection concerns, stakeholders in the Fintech sector must incorporate and comply with these principles or risk penalties from the Competition Authority of Kenya.

b) Data Protection Act, 2019

The Data Protection Act brought in various compliance requirements for all companies that process data of individuals in Kenya. The Act and its attendant regulations have specific risk and compliance requirements for companies in Kenya who are data controllers or data processors much like the stakeholders in the Fintech Sector.

Further the Office of the Data Protection Commissioner has released guidance notes for the players in various sectors including Digital Credit Providers, which serve as guidance on how stakeholders in these sectors can comply with the Act and the Regulations. The non-compliance

with the requirements of the Act and Regulations puts the stakeholders in this sector at risk of hefty penalties from the Office of the Data Protection Commissioner.

c) Proceeds of Crime and Anti-Money Laundering Act, 2009 (POCAMLA)

The growth of Fintech in Kenya has exposed consumers to the negative effects of fraud and money laundering. As such, the POCAMLA regulates activities of persons or entities conducting the business of issuing and managing means of payment, by requiring them to register with the Financial Reporting Centre and establish systems and procedures to combat money laundering.

Therefore entities in the Fintech space that conduct such business are required to Monitor and Report to the Financial Reporting Centre, verify a customer’s identity, establish and maintain customer records, and establish and maintain internal reporting procedures.

CONCLUSION

The upshot of this analysis is that the Fintech sector, being a fast-growing system, spreads across multiple sectors of the economy. The regulations are cast in various laws with different regulators depending on the industry in which an entity operates. It is, therefore, upon the stakeholders in the sector to keep a keen eye on the regulations and ensure compliance with the laws to continue providing their services in the country.