The Financial Services Commission (FSC) has issued a Consultation Paper in relation to the introduction of a regulatory framework for Robotic and Artificial Intelligence Enabled Advisory Services (hereinafter RAIEAS). RAIEAS was coined in the National Budget of 2019/2020 and the Finance (Miscellaneous Provisions) Act 2020 added RAIEAS as a financial business activity in Schedule 2 of the Financial Services Act requiring a licence from the FSC. The aim of the Consultation Paper, which is inspired from approaches and models implemented by other jurisdictions, is to invite views and comments from relevant professionals, the industry and the public at large. The said Consultation Paper contains a copy of the draft Financial Services (Robotics and Artificial Intelligence Enabled Advisory Services) Rules which the FSC intends to make under section 14 of the Financial Services Act.
RAIAES refers to the provision of digital and personalized (discretionary or non-discretionary) investment and portfolio management and advisory services through a fully automated computer program or artificial intelligence enabled algorithms with minimal human intervention. There is in fact no involvement of any individual in the entire advisory process. There may however be elements of human intervention to assist in the non-advisory services like technical support or information technology. This process can be easily distinguished from a traditional investment advisor who uses technological tools to merely assist its human advisers in providing advisory services to its clients.
RAIEAS has the potential of yielding numerous benefits both for the end customers and for the intermediaries. However, it also raises some specific challenges and risks which cannot be disregarded. The proposed regulatory framework should therefore cater for necessary safeguards to ensure the sound conduct of such business and at the same time protecting the end customers’ rights.
A licensee for RAIEAS must have a minimum unimpaired stated capital of MUR 600,000 and subscribe to a professional indemnity insurance policy against liability for the sum of at least MUR 2 million for any act, error or omission in respect of the conduct of the advisory services.
The licensee should establish an office and relevant infrastructure for the carrying out of its services in Mauritius and it shall employ officers with adequate competence, experience and proficiency to discharge its services. The licensee should be managed by a board of directors consisting of a minimum of three directors, one of whom shall be an independent director and a resident of Mauritius. It should have a code of conduct and ethics which will bind all its officers. Besides the implementation of internal controls, risk management and governance policies and procedures, the licensee is expected to ensure the robustness of its computer programs and its artificial intelligence algorithms. It also has to put in place a business continuity and disaster recovery plan. The licensee is further expected to conduct appropriate due diligence on its clients and is required to preserve the integrity and privacy of clients’ information in conformity with data protection laws. For the protection of the clients, the licensee is required to obtain from its clients a declaration to ensure that the clients understand the scope and nature of the RAIEAS together with the associated risks and limitations. The licensee is also expected to ensure that any investment advice given through the platform is suitable for the client.
The licensee has to develop its own internal cyber risk management framework. Under the draft rules, a licensee would be prohibited to outsource the key processes and management of its client-facing tools.
There are a number of disclosure requirements to enable the client to make an informed decision. As such the licensee is expected to provide clear, fair and non-misleading information to the client on the nature and scope of the services being offered. The licensee is also expected to explain to the client how it determines that these products being offered are suitable and would meet the investment objective of the client and the risks involved. The licensee is required to enter into a service-level agreement with its client before the provision any services to its clients. Moreover, to protect its clients it is required to display in a prominent place and in a visible manner in the service-level agreement , on its website and its platform a statement to the effect that the FSC does not vouch for the correctness of any information or statements published by the licensee on its robotic and/or artificial intelligence interface or platform and that clients engaging the services of the licensee are not protected by any statutory compensation arrangements in the event of the licensee’s failure.
The licensee also has record keeping obligations and reporting obligations as well. In addition to submitting its audited financial statements yearly, it shall also submit an independent evaluation report of its systems and controls mechanism prepared in accordance with the best industry practices and standards, at least once every two years or following a material change to its systems and controls.
Published in Mauritius Business Magazine on 18 November 2020