UK: Digital Securities Sandbox now in force

On 8 January 2024, the Financial Services and Markets Act 2023 (Digital Securities Sandbox) Regulations 2023 entered into force, creating the Digital Securities Sandbox within which certain Financial Market Infrastructures will be able to test the use of developing technologies subject to a modified legislative framework. The government has also published an Explanatory Memorandum which sets out the background and purpose of the Regulations.

What is the rationale behind the Digital Securities Sandbox?

The government touches on the rationale for the Digital Securities Sandbox (DSS) in the Explanatory Memorandum to the Financial Services and Markets Act 2023 (Digital Securities Sandbox) Regulations 2023 (the Regulations) creating the DSS, the first Financial Market Infrastructure (FMI) sandbox.  Due to the essential services provided and the important role played by FMIs in financial markets, and the ramifications their failure could have on the financial system, FMIs are highly regulated entities in the UK.  At the same time, FMIs need to be innovative and integrate new technologies into their systems and procedures so as to reduce costs, improve performance, and increase effective competition.  An example of such developing technologies is the use of distributed ledger technology (DLT) in relation to the digitalisation of financial assets to improve efficiency, resilience and transparency.

In order to enable the adoption of new technologies in connection with FMIs in a manner which is consistent with overall market functioning and stability, HM Treasury conducted a Call for Evidence in 2021 to assess (among other topics) the application of DLT to FMIs.  A key issue which was identified in the responses was that the UK legislative framework applicable to FMIs would need to be modified to support the use of these technologies.  For example, it was identified that the requirement under the UK Central Securities Depositories Regulation (Regulation (EU) No 909/2014) (the CSDR) for transactions in transferable securities to be settled in book entry form at a Central Securities Depository (CSD) may not be compatible with the use of DLT in the settlement of digital securities  Following the launch of a Regulatory Sandbox by the FCA in 2016 and various other legislative developments and reform measures, such as the Edinburgh Reforms which set out the government’s intention to implement the first FMI sandbox in 2023, the government published a consultation for the DSS in July 2023.

Section 13 of the Financial Services and Markets Act 2023 (FSMA 2023) confers a power on HM Treasury to make provision for the testing of FMI activities and assessing whether or how relevant legislation should apply in relation to such activities carried out with the use of developing technology.  The Regulations were laid before Parliament by HM Treasury on 18 December 2023 following the publication of the consultation response alongside the Autumn Statement in November 2023.  The Regulations entered into force on 8 January 2024.

What are the key objectives of the DSS?

The Regulations create the DSS, the first FMI sandbox created by HM Treasury in exercise of its powers under section 13 of FSMA 2023.  The DSS enables firms and regulators to test the deployment of developing technologies, such as DLT or technology that facilitates "digital assets" across financial markets. 

The Regulations provide for the application, modification and disapplication of existing UK legislation in order to facilitate the live testing of new FMI models and practices with developing technologies (technologies that would otherwise not be permitted or would be substantially more difficult to implement under the existing legal and regulatory framework).  The legislative provisions subject to modification under the DSS are set out in the Schedule to the Regulations, referred to as the "FMI sandbox arrangements" and represent an exhaustive list of legislation which will be disapplied or modified for the DSS. The legislation listed includes the UK CSDR (set out in Part 2 of the Schedule), the Financial Services and Markets Act 2000 (set out in Part 3 of the Schedule), the Companies Act 2006 (set out in Part 4 of the Schedule) and the Uncertificated Securities Regulations 2001 (set out in Part 5 of the Schedule).  Where modified legislation does not apply, it will be possible to perform non-DSS activities in relation to DSS entities and assets (for example clearing, custody and payments). All other legislation will continue to apply to participants in the DSS in its unmodified form.

The Regulations also create the framework within which the Financial Conduct Authority (FCA) and the Bank of England (BoE) will operate the DSS.  The FCA and the BoE will be able to make rules in relation to firms successfully applying to the DSS that will be designated as "Sandbox Entrants" and other participating entities, or to waive, modify or apply rules when otherwise they would not apply, where appropriate. Regulation 3(8) sets out which regulator will be the “appropriate regulator” for the purposes of certain FMI activities falling within the scope of the DSS as set out below.

What activities are within scope of the DSS?

Under Regulation 3(5), there are four main activities that involve the use of developing technology such as DLT which fall within the scope of the FMI sandbox arrangements and which may therefore be carried out subject to applied, modified or disapplied legislation in the DSS:

  • the activities of a central securities depository (CSD) and the DSS arrangements must relate to one or more of the following three activities: notary (the initial recording of a security in a securities settlement system), settlement (the operation of a securities settlement system), and maintenance (providing and maintaining securities accounts at the top tier level); (the appropriate regulator for these activities is the BoE); and
  • operating a trading venue, specifically  a multilateral trading facility (MTF), an organised trading facility (OTF), or a Recognised Investment Exchange (RIE) (the appropriate regulator for these activities is the FCA). 

The DSS will also allow CSD activities and the operating of a trading venue to be performed within a single entity (existing legislation requires these to be kept separate i.e. to be performed by separate legal entities). In these circumstances, Regulation 3(8)(c) sets out that the appropriate regulator will be both the FCA and the BoE.

Which instruments are in scope of the DSS?

As set out in Regulation 3(7), the Regulations are broadly drafted so that a wide variety of instruments are included and cover digital representations of certain financial instruments set out in paragraphs 1-3 and 11 of Part 1 of Schedule 2 to the Financial Services and Markets Act 2000 (Regulated Activities Order) 2001 (RAO), namely transferable securities, money market instruments, units in collective investment undertakings, and emission allowances (FMI sandbox instruments).  Derivatives (as defined by paragraphs 4-10 of Part 1 of Schedule 2 to the RAO) are specifically out of scope. 

The Explanatory Memorandum notes that a key principle of the DSS is that digital securities that are issued, traded, or settled via a Sandbox Entrant are the same as their traditional equivalents and so therefore, apart from where particular modifications to legislation are made as part of the DSS, they should accordingly be treated in the same way as their traditional equivalents from a legal and regulatory perspective. This would also mean that these instruments would be capable of being used across markets, for example as collateral or as part of repo transactions, where this can be done in compliance with existing laws and regulations.

Which entities can apply to participate as a Sandbox Entrant in the DSS?

Regulation 3(2) (Creation and operation of an FMI sandbox) sets out the entities that are eligible to participate in the DSS as Sandbox Entrants.  These entities are:

  • an RIE that is not an overseas investment exchange;

  • a recognised CSD;

  • an investment firm with Part 4A permission to operate an MTF under Article 25D of the RAO; and

  • an investment firm or an investment exchange with Part 4A permission to operate an OTF under Article 25DA of the RAO.

In addition, under Regulation 3(4), the appropriate regulator may determine that other firms established in the UK are permitted to apply to participate in the DSS in order to carry on activities that relate to the four permitted activities set out above.  

It is a specific requirement that to be eligible to apply to the DSS, the FMI must be established in the UK (Regulation 3(2)) (i.e. constituted under the law of any part of the UK or having, for the duration of the DSS, a registered office or head office in the UK).  This means that, for example, an overseas investment firm which operates a trading venue would not be eligible to apply to become a Sandbox Entrant, unless it establishes a UK legal entity to do the same.  However, the Regulations do not contain any specific limitation on an overseas firm from engaging with a Sandbox Entrant, thus an overseas firm could still use a platform operated by a Sandbox Entrant, or provide, or receive services from, a Sandbox Entrant.

Can other firms participate in the DSS?

The legislative modifications that will apply to Sandbox Entrants in the DSS can also be relied on by other entities which conduct activities in connection with the activities of the Sandbox Entrant.  For example, a person outside of the DSS who decides to issue or  transact in securities traded on a platform operated by a Sandbox Entrant as a "user" of that platform would also fall within the scope of the DSS framework.  Other in-scope entities include entities that provide services to, or receive services from, a Sandbox Entrant, or where they are carrying on activities or providing services in relation to an FMI sandbox instrument.

Sandbox Entrants and entities using or engaging directly or indirectly with the activities of the Sandbox Entrants will be able to carry out DSS activities in line with disapplied or modified legislation specified in the Schedule to the Regulations, and will be able to continue to perform non-DSS activities in relation to entities and assets covered under the DSS framework, provided that they comply with existing legislative and regulatory obligations.  Additionally, firms will be required to comply with all existing legislation which is not disapplied or modified by the Regulations, and will be given equal treatment as their traditional equivalents under such legislation. 

How to apply to the DSS

Under Regulation 4 (FMI sandbox application procedure and requirements), a firm which is eligible to participate in the DSS as a Sandbox Entrant or one which is permitted to participate in the DSS by the relevant regulator may apply to the FCA or the BoE for approval to participate (as set out above, the appropriate regulator will depend on which FMI activities the potential Sandbox Entrant is performing).  If the  application is successful, the firm will then be designated as a Sandbox Entrant.  However, in order to carry out CSD activities in the DSS, the firm will need to be designated as a "Digital Securities Depository" (DSD).  It will also be a precondition for a Sandbox Entrant which seeks to operate a trading venue in the DSS to have full authorisation to operate an MTF or an OTF, or to be exempt as an RIE.

The relevant regulator will specify the manner in which applications to participate in the DSS must be made.  It is anticipated that firms will need to provide information including the activities proposed to be carried out in the DSS, FMI sandbox instruments to be used on the applicant's platform when carrying out these activities, and details of existing legislative barriers to using developing technology if the activities proposed to be carried out inside the DSS are carried out in accordance with existing legislation.  Under Regulation 5(2), the relevant regulator will then either (i) approve the application; (ii) approve the application subject to variations or conditions; or (iii) reject the application.

The regulators may put in place limits on the overall activity conducted in the DSS, and on activity conducted by individual Sandbox Entrants. These limits will be set to minimise any impact on wider financial stability from the failure of a Sandbox Entrant. Under Regulations 5(5) and 5(6), firm-specific limits will be managed via the Sandbox Approval Notice (SAN) issued to each Sandbox Entrant by the appropriate regulator, which will set out the conditions under which DSS activities can take place. The Explanatory Memorandum notes that the “SAN will act as a “visa” detailing the permitted activities being performed and the restrictions in place, including what limits have been allocated to that entity.” Under Regulation 12, if a Sandbox Entrant breaches a requirement imposed on it by the Regulations, the appropriate regulator may modify, suspend or cancel the SAN imposing such limitations, conditions or restrictions as it considers appropriate.  In addition, under Regulation 6(4), HM Treasury may direct regulators to put in place further restrictions on the overall FMI activities or ancillary FMI activities within DSS by reference to a number, value or other metric.

Comparison of the UK DSS with the EU Pilot Regime

The comparable EU Pilot Regime came into effect on 23 March 2023 and allows FMI participants to test DLT-based innovations in a pilot environment.  Despite some similarities, the DSS compares favourably to the EU Pilot Regime given the wider application of the DSS which offers those participating in it with greater flexibility with the promotion of the use of ‘developing technology’ rather than focusing solely on promoting the use of DLT per the EU Pilot Regime.  The potential applicants to the DSS are also wider given its application is not limited only to FMIs, other unregulated service providers or other firms that HMT specifies could also participate.  Unlike the EU Pilot Regime, the DSS also creates the opportunity for a bespoke regulatory framework given that it allows the modification, disapplication, amendment and creation of rules by the BoE and FCA.  A benefit of the DSS over the EU Pilot Regime is that it allows successful legislative changes to be permanently implemented before its expiry.  It will be interesting to see if there will be a greater uptake to the DSS in comparison to the EU Pilot Regime.

Next steps for the DSS

The DSS legislative framework will last up to five years as the Regulations are stated to cease on 8 January 2029, subject to any extensions by HM Treasury who are empowered to extend the DSS if required.  HM Treasury must report to Parliament on the operation of the DSS and determine how UK legislation should be permanently amended to accommodate developing technology by 10 January 2028 (a year prior to the expiry of the Regulations).  Participants will then be able to exit the DSS either by continuing to operate under a permanently amended legislative framework, or by winding down their activities in the DSS. Sandbox Entrants which demonstrate their ability to carry out DSS activities in a manner which is consistent with regulatory outcomes will be eligible to apply to continue carrying out these activities under a new regime created from the amended DSS framework.

The government's aim is to adopt permanently into legislation any application, disapplication or modification implemented in the DSS.  The overall objective is to achieve an end result which addresses the concerns raised in the response to HM Treasury's 2021 Call for Evidence, that is, to avoid and remedy any existing legislative gaps which would otherwise be disruptive and costly for DSS participants to comply with when using developing technology. 

The operation of the DSS will be managed primarily by the FCA and the BoE, with HM Treasury maintaining close involvement.  The FCA and the BoE will issue guidance in due course on the operation of the DSS, and on the final timing of the application window.  In the meantime, potential applicants can register an expression of interest with HMT. Whilst waiting for the application window to be confirmed, interested firms should consider the details which are likely to be required for the application including those set out in Regulation 4.  These include the FMI activities to be carried out by the applicant, details of the relevant FMI sandbox instruments to be used on the applicant’s platform and the existing legislative barriers or obstacles to using developing technology.  This prior consideration will aide potential applicants in making a swift application once the application window and process is confirmed.   Given the potential posed by the DSS for permanent legislative changes to enable the use of innovative technology by FMIs, we could be on the cusp of a revolution in this area but it remains to be seen what the detailed requirements of the application will be and how extensive the uptake will be.  We would be very happy to discuss the detail of the DSS Regulations with interested potential applicants, so please do get in touch.  

Looking further ahead – The UK Digitisation Taskforce

Separately from the DSS, there are other initiatives underway with the ultimate goal of removing or reducing frictions in the current legislative framework that inhibit the adoption of new technologies in the capital markets.  The UK’s Digitisation Taskforce was established in 2022 with the aim of driving forward the full digitisation of the UK shareholding framework by eliminating the use of paper share certificates.  In July 2023, the Digitisation Taskforce published an Interim Report, which sets out a number of recommendations, including:

  • the bringing forward of legislation to stop the issuance of new paper share certificates;
  • the introduction of legislation to require the dematerialisation of all share certificates at a future date;
  • a requirement for intermediaries participating in clearance and settlement systems and offering shareholder services to use common technology for responding to ultimate beneficial owner requests; and
  • following the digitisation of shareholdings, the discontinuance of cheque payments and a requirement for dividend payments to be made directly to the bank accounts of ultimate beneficial owners.

The final report of the Digitisation Taskforce (including practical steps for implementing proposals and timescales for implementation) is expected early this year.

This note is for guidance only and should not be relied on as legal advice in relation to a particular transaction or situation. Please contact your normal contact at Hogan Lovells if you require assistance or advice in connection with any of the above.



Authored by Michael Thomas, Mark Orton, Rachael Koc, Melanie Johnson, and Isobel Wright.


This website is operated by Hogan Lovells International LLP, whose registered office is at Atlantic House, Holborn Viaduct, London, EC1A 2FG. For further details of Hogan Lovells International LLP and the international legal practice that comprises Hogan Lovells International LLP, Hogan Lovells US LLP and their affiliated businesses ("Hogan Lovells"), please see our Legal Notices page. © 2024 Hogan Lovells.

Attorney advertising. Prior results do not guarantee a similar outcome.