FINTECH 2024
DENMARK
Rasmus Mandøe Jensen, Jónas Már Torfason
(Plesner Advokatpartnerselskab)
FINTECH LANDSCAPE AND INITIATIVES
General innovation climate
- What is the general state of fintech innovation in your jurisdiction?
In recent years, the fintech sector has experienced significant growth in Denmark. This has been facilitated by:
- a highly educated and digitally literate population;
- a high degree of digitization of public sector systems;
- the support of specific government policies aimed at promoting fintech innovation; and
- the development of Copenhagen as an international fintech hub.
Under the auspices of Copenhagen Fintech, a dedicated fintech lab opened in Copenhagen in 2016 and has become a central hub for fintech activity in Denmark.
In the past few years, a number of partnerships between fintech start-ups and banks have been announced, which reflects the current trend of fintech companies seeking to partner and cooperate with existing financial sector bodies rather than attempting to be in competition with and in opposition to them.
While there has been significant activity in traditional fintech core areas such as payments and investment services, ancillary areas such as regtech and insurtech remain less developed, but are expected to grow in the future.
Government and regulatory support
- Do government bodies or regulators provide any support specific to financial innovation? If so, what are the key benefits of such support?
The government has specific policies aimed at promoting fintech business and investments and to support Copenhagen as an international fintech hub. Recently, this has resulted in increased funding for the Danish Financial Supervisory Authority (FSA), enabling it to dedicate resources to a specialized fintech office and create a regulatory sandbox. The FSA opened applications for its regulatory sandbox in 2018 and has published notes on projects examined in the regulatory sandbox as recently as September 2022, where a blockchain-based securities trading and clearing solution was examined.
In terms of purpose and eligibility criteria, the sandbox is similar to the existing one operated by the UK Financial Conduct Authority.
The FSA moreover operates a fintech forum where a wide range of industry interests are represented. The forum meets twice yearly.
FINANCIAL REGULATION
Regulatory bodies
- Which bodies regulate the provision of fintech products and services?
The main financial regulator is the Danish Financial Supervisory Authority (FSA), which also oversees compliance with anti-money laundering regulations.
Compliance with certain business conduct rules and other consumer and competition-oriented rules is overseen by the Competition and Consumer Authority.
The Data Protection Agency oversees compliance with data protection rules.
The Central Bank has limited oversight over systemically important payment and securities clearing and settlement infrastructures and similar systems.
Regulated activities
- Which activities trigger a licensing requirement in your jurisdiction?
Banking
Deposit-taking activities generally require a banking license under the Financial Business Act to legally operate in Denmark. There are no de minimis or similar exemptions available.
Lending does not require a license in Denmark, although a registration under the Act on Measures to Prevent Money Laundering and Financing of Terrorism may be required (as described below). However, under the FSA’s current guidance, EU banking institutions may have to passport their license into Denmark if they wish to perform lending activities there.
The Act on Consumer Loan Undertakings creates an exception to the license-free lending requirement in Denmark, to the extent that the loan constitutes consumer credit.
Payment services or e-money issuance
The performance of payment services, as defined in the Annex to the Payments Act implementing Annex I to revised EU Directive 2015/2366/EU (Payment Services Directive) (PSD2), requires a license under the Payments Act.
The Payments Act generally reflects the catalogue of exemptions to the license requirement in article 3 of PSD2 and article 1 of EU Directive 2009/110/EU (Second EU Electronic Money Directive) (EMD2), except that technical services covered by the exemption in article 3(j) of PSD2 are subject to certain fee regulations in the Payments Act.
Specifically, regarding the limited network exemption (article 3(k) of PSD2 and article 1(4) of EMD2), although limited network products are exempted from the license requirement, they must still comply with the disclosure, business conduct and fee rules of the Payments Act, as well as the regulation on issuance and redemption of e-money (corresponding mainly to Titles III and IV of PSD2 and article 11 of EMD2). However, the disclosure, business conduct and fee rules do not apply to e-money issued within a limited network if:
- the instrument cannot load a value of more than 3,000 Danish kroner;
- the instrument cannot be reloaded; and
- the issuer’s aggregate outstanding e-money liabilities do not exceed an amount equivalent to €5 million, in which case only the rules on redemption of e-money apply.
Denmark has not elected to use the options in article 32 of PSD2 and article 9 of EMD2 to exempt low-volume and low-value payment services or e-money from the licensing requirement; however, the Payments Act provides for a less burdensome licensing process for such providers and issuers, which are also exempt from the own funds requirements.
Foreign exchange
Unless performed by a licensed bank, foreign exchange activities require a license under the Act on Measures to Prevent Money Laundering and Financing of Terrorism. Exemptions from certain parts of the Act are available for entities whose foreign exchange activities are de minimis – including a requirement that the foreign exchange business does not account for more than 5 percent of the entity’s aggregate annual turnover – and purely ancillary to their main business.
In addition, providers of exchange services between virtual and fiat currencies are subject to regulation under the Act just as such operators are required to be registered under the Act.
Investment activities
The provision of ‘investment services’ and the carrying out of ‘investment activities’ – both as defined in EU Directive 2014/65/EU (Markets in Financial Instruments Directive II) (MiFID II) – as well as the provision of custody services trigger a licensing requirement under Danish law, pursuant to the Danish Act on Investment Firms and Investment Services and Activities, which implements MiFID II and EU Directive 2019/2034/EU (Investment Firms Directive).
The Danish implementation of the Investment Firms Directive narrowly follows the wording of the Investment Firms Directive, but also includes certain specific national rules including in respect of, inter alia, certain restrictions on the provision of ancillary services, a rule on ‘good business practices’, the requirement to include ‘Investment Firm’ in the legal name of the investment company and the applicability of non-disclosure agreements.
Investment advice
Undertakings that provide investment advice must be licensed as an investment adviser if they do not hold another license that permits them to provide investment advice. Investment advisers may also receive and transmit orders.
Financial advice
Undertakings that provide advice on financial products to consumers must be licensed as financial advisers. For this purpose, ‘financial products’ are credit agreements, excluding residential credit agreements, deposits, insurances, pension and investment products. ‘Investment products’ are transferable securities, units or shares in collective investment schemes, deposits in banks where the return depends on the performance of one or more underlying assets, guarantee certificates, cooperative certificates and mortgage deeds.
Residential credit intermediation
Undertakings that provide advice on or arrange or facilitate residential credit agreements to consumers must be licensed as residential credit intermediaries. Residential credit agreements essentially cover the granting of loans secured on real estate.
Alternative investment funds
The management of alternative investment funds triggers a registration or licensing requirement depending on the size of the assets of the managed investment fund. The threshold for authorization rather than registration is assets under management by the manager of €100 million (or €500 million if certain conditions are complied with). Authorized managers must comply with all of the requirements of the legislation implementing EU Directive 2011/61/EU (Alternative Investment Fund Managers Directive) (AIFMD), whereas a registered manager must comply with only a few limited requirements.
The definition of ‘alternative investment funds’ has been implemented from the AIFMD without material changes.
Insurances
Insurance activities generally trigger a licensing requirement. The Financial Business Act provides certain specific exemptions to the licensing requirement, none of which would be expected to be relevant for fintech businesses.
If the activity does not amount to being an insurer but involves insurance distribution, the activity will require a license if it constitutes insurance or reinsurance mediation. There are no exemptions to this requirement. On the other hand, intermediaries that perform only ancillary insurance intermediation must be registered.
In general, the Danish market has seen only a limited number of insurtech providers, including Undo, which has entered into a partnership with Danish insurance provider Tryg and Penni and has previously worked with the Danish insurance provider TopDanmark.
Anti-money laundering
Fintech businesses that are not otherwise required to have a license under any of the above regulations must be registered with the FSA if they perform any of the activities set out in Annex I to the Act on Measures to Prevent Money Laundering and the Financing of Terrorism, including:
- deposit-taking;
- lending;
- financial leasing;
- assistance in offering securities and services ancillary thereto; and
- the storage, administration and management of securities.
Additionally, providers of various cryptocurrency-related services, including the providers of crypto exchanges and cryptocurrency wallets, as well as issuers of cryptocurrencies, must be registered under the Act on Measures to Prevent Money Laundering and the Financing of Terrorism.
Consumer lending
- Is consumer lending regulated in your jurisdiction?
The Act on Consumer Loan Undertakings creates an exception to the absence of a requirement for a license to lend in Denmark. The Act applies to most types of consumer loan and credit agreements unless:
- they are provided by an already licensed bank or other financial business;
- the agreement is for a zero-interest and zero-fee loan; or
- the agreement is a leasing agreement without any obligation to purchase.
Under the Act on Consumer Loan Undertakings, consumer loan and credit in-scope providers must obtain a license from the FSA (during which, the management of the consumer loan undertaking will be subject to customary fit and proper requirements) and will be subject to ongoing conduct of business rules.
The Act includes a 35 percent cap on the annual percentage rate (APR) on consumer loans, including on peer-to-peer loans; a cap on expenses (e.g, interest, fees and reminder charges) over the life of the credit of 100 percent of the original principal amount; and a prohibition on marketing consumer loans with an APR of more than 25 percent as well as any marketing of consumer loans in connection with gambling or betting, or both (subject to limited exceptions, including marketing on the credit provider’s own website).
However, in respect of online marketing directed at consumers, the above-mentioned marketing prohibition will not apply to consumer loan undertakings located in other EU countries. To the extent that the marketing by these foreign consumer loan undertakings is carried out on television or on-demand services or in connection with gambling or betting, or both, the marketing prohibition will apply.
The Danish parliament recently passed a bill in which buy now, pay later (BNPL) credit will be regulated as consumer loans, with few exceptions. These exceptions include:
- deferral of payment by a vendor (without a third-party credit provider) for up to 90 days after delivery of the product or service; and
- payment cards with a credit line, where payment is settled within 50 days of the transaction.
The legislation entered into force on 1 July 2023.
Secondary market loan trading
- Are there restrictions on trading loans in the secondary market in your jurisdiction?
There are no restrictions on trading loans in the secondary market under Danish law.
Collective investment schemes
- Describe the regulatory regime for collective investment schemes and whether fintech companies providing alternative finance products or services would fall within its scope.
Fintech companies providing such financial products or services are not subject to any bespoke regulation. However, to the extent that their services constitute a regulated activity pursuant to the generally applicable regulatory regime, these companies fall within the scope of the relevant regulation.
Depending on the nature of the activity, fintech businesses may be subject to one or more of the following laws, each of which includes associated delegated regulations:
- the Payments Act (implementing PSD2 or EMD2), if the activity involves offering payment services or issuing e-money;
- the Investment Association Act (implementing EU Directive 2009/65/EU (Undertakings for Collective Investment in Transferable Securities), if the activity involves establishing or managing undertakings for collective investment in transferable securities;
- the Act on Alternative Investment Fund Managers (implementing the AIFMD), if the activity involves establishing or managing an alternative investment fund;
- the Capital Markets Act and EU Regulation No. 2014/596 (Market Abuse), to the extent that a crowdfunding scheme constitutes equity crowdfunding, thereby subjecting the fintech business to the rules regulating, among other things, offerings of securities and prospectus requirements; or
- Regulation (EU) 2020/1503) (European Crowdfunding Service Providers) if the activity involves the matching of business funding interests of investors and project owners through the use of a crowdfunding platform that consists of either:
- the facilitation of granting of loans; or
- placing without a firm commitment basis of transferable securities and admitted instruments for crowdfunding purposes issued by project owners or a special purpose vehicle as well as the reception and transmission of client orders in relation to those transferable securities and admitted instruments for crowdfunding purposes.
In respect of crowdfunding lending platforms, lenders engaging on the platform are – regardless of whether the lenders are professional lenders or acting in a private capacity – subject to a cap of 35 percent of the annual percentage rate on such loans, if the borrower is a consumer.
Alternative investment funds
- Are managers of alternative investment funds regulated?
As Denmark is an EU member state, the AIFMD applies.
The management of alternative investment funds triggers a registration or licensing requirement depending on the size of the assets of the managed investment fund. The threshold for authorization rather than registration is assets under management by a manager of €100 million (or €500 million if certain conditions are complied with). Authorized managers must comply with all of the requirements of the legislation implementing the AIFMD, whereas a registered manager must comply with only a few limited requirements.
The definition of ‘alternative investment funds’ has been implemented from the AIFMD without material changes.
Peer-to-peer and marketplace lending
- Describe any specific regulation of peer-to-peer or marketplace lending in your jurisdiction.
Such types of alternative financing are not subject to bespoke regulation in Denmark. However, whether they are professional lenders or acting in a private capacity, the lenders using the platform and the loans provided by them over the platform are subject to a cap of 35 percent of the annual percentage rate on these loans if the borrower is a consumer.
Crowdfunding
- Describe any specific regulation of crowdfunding in your jurisdiction.
If the crowdfunding scheme in question constitutes ‘donation-based crowdfunding’, the rules set out in the Danish Fundraising Act may apply. Additionally, depending on the structure of the crowdfunding scheme, the Danish Capital Markets Act and the EU Market Abuse Regulation may apply, to the extent that a crowdfunding scheme constitutes equity crowdfunding, thereby subjecting the fintech business to the rules regulating, among other things, offerings of securities and prospectus requirements.
The European Crowdfunding Service Providers Regulation applies if the activity involves the matching of business funding interests of investors and project owners through the use of a crowdfunding platform that consists of either:
- the facilitation of granting of loans; or
- placing without a firm commitment basis of transferable securities and admitted instruments for crowdfunding purposes issued by project owners or a special purpose vehicle as well as the reception and transmission of client orders in relation to those transferable securities and admitted instruments for crowdfunding purposes.
Non-bank lending or equity crowdfunding vehicles have a relatively limited market share.
Invoice trading
- Describe any specific regulation of invoice trading in your jurisdiction.
Invoice trading is not subject to bespoke regulation. However, to the extent that the relevant invoice-trading scheme constitutes a factoring arrangement, such factoring arrangements are subject to the Anti-money Laundering Act and would trigger a registration requirement with the FSA, as well as a requirement to comply with the other provisions set out in the Act.
Payment services
- Are payment services regulated in your jurisdiction?
The performance of payment services, as defined in the Annex to the Payments Act implementing Annex I to PSD2, requires a license under the Payments Act.
Open banking
- Are there any laws or regulations introduced to promote competition that require financial institutions to make customer or product data available to third parties?
No, except the rules implementing articles 65 to 68 of PSD2. The Payments Act contains rules that severely restrict the processing and use of payment data.
Robo-advice
- Describe any specific regulation of robo-advisers or other companies that provide retail customers with automated access to investment products in your jurisdiction.
Robo-advice is not subject to specific regulation in Denmark. In July 2019, the FSA published a regulatory note regarding best practice when using supervised machine learning.
Insurance products
- Do fintech companies that sell or market insurance products in your jurisdiction need to be regulated?
Insurance activities generally trigger a licensing requirement. The Financial Business Act provides certain specific exemptions to the licensing requirement, none of which are considered relevant for fintech businesses.
If the activity is not of a scale for the provider to be considered an insurer but involves insurance distribution, the activity will require a license if it constitutes insurance or reinsurance mediation. There are no exemptions to this requirement. On the other hand, intermediaries that perform only ancillary insurance intermediation must be registered.
Credit references
- Are there any restrictions on providing credit references or credit information services in your jurisdiction?
Credit information services and credit information bureaus must generally adhere to the rules set out in the EU General Data Protection Regulation and the Danish Data Protection Act. Credit information bureaus must seek a license from the Danish Data Protection Agency prior to the commencement of any data processing.
CROSS-BORDER REGULATION
Passporting
- Can regulated activities be passported into your jurisdiction?
Yes, to the extent that the entity is an EU or EEA entity and the underlying EU law provides for a passporting system.
Requirement for a local presence
- Can fintech companies obtain a license to provide financial services in your jurisdiction without establishing a local presence?
In general, obtaining a Danish license (as opposed to passporting an existing license) for financial services requires that the applicant be domiciled in Denmark.
SALES AND MARKETING
Restrictions
- What restrictions apply to the sales and marketing of financial services and products in your jurisdiction?
The laws and regulations that govern and restrict the sale and marketing of financial services and products in Denmark include:
- the Act on Alternative Investment Fund Managers (implementing EU Directive 2011/61/EU (Alternative Investment Fund Managers Directive);
- EU Directive 2014/65/EU (Markets in Financial Instruments Directive);
- the Consumer Contracts Act (implementing parts of EU Directive 2011/83/EU on Consumer Rights and EU Directive 2002/65/EU (Distance Marketing of Consumer Financial Services), which contains rules on pre-contractual information requirements, right of withdrawal, termination and binding periods; and
- the Marketing Practices Act (implementing EU Directive 2005/29/EU (Unfair Commercial Practices), which – in addition to the rules implementing the EU Unfair Commercial Practices Directive – contains rules on, among other things:
- unsolicited marketing;
- comparative advertisements;
- the marketing of consumer credit;
- Consumer Ombudsman activities; and
- how businesses must comply with good marketing practices.
The Marketing Practices Act also (subject to limited exceptions, including marketing on the credit provider’s own website) prohibits marketing of consumer loans with an annual percentage rate of more than 25 percent and all marketing of consumer loans in connection with gambling or betting, or both.
- The Payments Act (implementing EU Directive 2015/2366/EU (Payment Services), which contains rules implementing the disclosure, business conduct and fee rules set out in Titles III and IV of the Directive and corresponding provisions of EU Directive 2009/110/EU (Second EU Electronic Money Directive).
- The Credit Contracts Act (implementing parts of EU Directive 2008/48/EU (Consumer Credit Directive)), which applies to credit arrangements with consumers and that contains, among other things:
- mandatory disclosure requirements;
- rules on changes to interest rates;
- walk-away rights; and
- rules on term and termination.
- The Act on Consumer Loan Undertakings, which applies to certain forms of loan and credit to consumers provided by lenders that are not banks or other forms of licensed financial business.
- The Executive Order on Good Business Practices for consumer loan and credit providers issued pursuant to the Act on Consumer Loan Undertakings, which contains rules on duty of care to customers, a prohibition against aggressive or misleading market practices, marketing restrictions and restrictions on amending or terminating consumer loan and credit contracts.
- The Executive Order on Good Business Practices for Financial Businesses (implementing parts of EU Directive 2011/83/EU(Consumer Rights Directive), which contains rules on duty of care to customers, disclosure requirements, advising customers and restrictions on amending or terminating customer contracts and applies to, among others:
- banks;
- mortgage banks; and
- investment firms.
- The Executive Order on Good Business Conduct for Insurance Distributors (implementing parts of EU Directive 2016/97/EU (Insurance Distribution Directive)), if the activity involves insurance distribution.
CRYPTOASSETS AND TOKENS
Distributed ledger technology
- Are there rules or regulations governing the use of distributed ledger technology or blockchains?
Distributed ledger technology and blockchain are not subject to bespoke regulation in Denmark. The European Union, however, has passed a regulation comprised of a six-year pilot regime on distributed ledger market infrastructure, which sets out the requirement on multilateral trading facilities and securities settlement systems using distributed ledger technology (DLT) and amends the existing definition of ‘financial instruments’ pursuant to EU Directive 2014/65/EU (Markets in Financial Instruments Directive II) to include such instruments issued by means of DLT.
Cryptoassets
- Are there rules or regulations governing the promotion or use of cryptoassets, including digital currencies, stablecoins, utility tokens and non-fungible tokens (NFTs)?
Crypto assets and digital currencies are not subject to bespoke Danish regulation. Digital wallets and e-money are subject to the EU rules pursuant to revised EU Directive 2015/2366/EU (Payment Services Directive).
Providers of the following crypto-asset services are required to be registered with the Danish FSA pursuant to the Act on Measures to Prevent Money Laundering and the Financing of Terrorism:
- providers of exchange between cryptocurrencies and fiat currencies;
- custodian wallet providers;
- providers of exchange between different cryptocurrencies;
- providers of transfer services of cryptocurrencies; and
- issuers of cryptocurrencies.
In addition, the EU regulation of markets in crypto-assets (MiCA), which includes regulation specifically aimed at utility-tokens, stablecoins and e-money tokens, is expected to enter into force during the course of 2025 (with rules on stablecoins expected to enter into force in the second half of 2024).
Token issuance
- Are there rules or regulations governing the issuance of tokens, including security token offerings (STOs), initial coin offerings (ICOs) and other token generation events?
Issuers of cryptocurrencies fall under the Act on Measures to Prevent Money Laundering and the Financing of Terrorism and are required to be registered with the Danish FSA. The MiCA, which includes regulation specifically aimed at ‘crypto-asset service providers’, which includes digital currency exchanges and brokerages.
ARTIFICIAL INTELLIGENCE
Artificial intelligence
- Are there rules or regulations governing the use of artificial intelligence, including in relation to robo-advice?
Artificial intelligence (AI) is not subject to bespoke regulation in Denmark. In July 2019, the Danish Financial Supervisory Authority (FSA) published a regulatory note regarding best practice when using supervised machine learning. Further, on 21 April 2021, the European Commission published a proposal for a directive to regulate artificial intelligence that aims to promote the development of artificial intelligence and address the risks it poses to safety and fundamental rights.
On 17 May 2023, the FSA published for discussion a draft best-practices document for data ethics while using AI within the financial sector.
CHANGE OF CONTROL
Notification and consent
- Describe any rules relating to notification or consent requirements if a regulated business changes control.
In general, if a regulated business changes control, this triggers a notification or a consent requirement from the Danish Financial Supervisory Authority (FSA). This includes businesses and undertakings subject to the regulations set out in the Financial Business Act. Further, to the extent that a company must register with the FSA pursuant to the Anti-money Laundering Act, there would be a de facto consent requirement from the FSA in the event of a change of control, as the FSA can revoke a registration if it considers that the company or the management of the company no longer meets the requirements under the Anti-money Laundering Act.
FINANCIAL CRIME
Anti-bribery and anti-money laundering procedures
- Are fintech companies required by law or regulation to have procedures to combat bribery or money laundering?
Fintech businesses that require a license under the Financial Business Act, the Payments Act, the Alternative Fund Managers Act or the Act on Financial Advisers, Investment Advisers and Residential Credit Intermediaries or require a license to carry out insurance activities, investment services or the provision of investment or financial advice are subject to the rules set out in the Act on Measures to Prevent Money Laundering and the Financing of Terrorism. This also applies to fintech businesses carrying out activities as a foreign exchange and cryptocurrency-related services (and not otherwise subject to regulatory requirements under the Financial Business Act).
Guidance
- Is there regulatory or industry anti-financial crime guidance for fintech companies?
No guidelines have been made available at this time that specifically target fintech companies. However, the Danish Financial Supervisory Authority (FSA) has prepared and published guidelines to the Act on Measures to Prevent Money Laundering and the Financing of Terrorism, which can be found on the Danish FSA website.
DATA PROTECTION AND CYBERSECURITY
Data protection
- What rules and regulations govern the processing and transfer (domestic and cross-border) of data relating to fintech products and services?
EU Regulation (EU) 2016/679 (General Data Protection Regulation) (GDPR) and the Danish Data Protection Act (DDPA) apply to fintech products and services if personal data is processed. The regulations apply to all data processing relating to an identified or identifiable natural person (e.g, name, account and credit card information, other customer identification data and internet protocol address). The DDPA supplements the GDPR with national Danish rules, including special rules on the processing of national identification numbers (i.e, the Danish Central Person Registration number).
Fintech products and services that involve the processing of personal data on behalf of another company (i.e, the customer or data controller) require that a written data processing agreement is entered into. Further, if data is transferred outside the European Union, a legal basis for the transfer must be in place.
Cybersecurity
- What cybersecurity regulations or standards apply to fintech businesses?
Financial businesses (e.g, banks, investment firms and insurers), payment institutions and e-money institutions must generally have prudent IT and cybersecurity systems, procedures and policies. However, apart from these general regulatory requirements, there are no generally applicable statutory cybersecurity regulations or standards.
Further, particularly within payment services, there are a number of important IT and cybersecurity standards, including:
- the Regulatory Technical Standards on Strong Customer Authentication and Common and Commission Delegated Regulation (EU) 2018/389 (Secure Open Standards of Communication);
- the Guidelines on the Security Measures for Operational and Security Risks of Payment Services (promulgated under revised EU Directive 2015/2366/EU (Second Payment Services Directive); and
- the payment card industry (PCI) IT industry security standards, particularly the PCI Data Security Standard and the PCI Payment Application Data Security Standard.
Although these are widely accepted industry standards, they do not constitute public law regulations and as such are not directly enforced by the Financial Supervisory Authority.
OUTSOURCING AND CLOUD COMPUTING
Outsourcing
- Are there legal requirements or regulatory guidance with respect to the outsourcing by a financial services company of a material aspect of its business?
The Executive Order on Outsourcing of Material Areas of Activity (the Outsourcing Order) sets out the legal requirements relating to the outsourcing by a financial services company of a material aspect of its business. In addition to the Outsourcing Order, the Danish Financial Supervisory Authority (FSA) has published regulatory guidance on its requirements.
The purpose of the Outsourcing Order is, inter alia, to align the Danish outsourcing rules with the outsourcing guidelines of the European Banking Authority. The Outsourcing Order contains some national gold-plating provisions (e.g, regarding outsourcing to cloud service providers), which go beyond the outsourcing guidelines of the European Banking Authority.
The Outsourcing Order sets out specific requirements for the outsourcing of ‘critical or important’ areas, including detailed requirements for the outsourcing agreement between the company and the outsourcing provider (e.g, requirements for the description of the outsourced activity and whether the outsourcing provider may sub-outsource the activity to a third party). The Outsourcing Order also covers the outsourcing of capital and liquidity risk management, outsourcing of IT and security and outsourcing of key functions.
The Danish FSA has published official guidelines to the Outsourcing Order.
Cloud computing
- Are there legal requirements or regulatory guidance with respect to the use of cloud computing in the financial services industry?
In addition to the Outsourcing Order and the related FSA regulatory guidance on the Outsourcing Order, Danish financial services companies use the European Banking Authority guidelines on outsourcing as guidance.
INTELLECTUAL PROPERTY RIGHTS
IP protection for software
- Which intellectual property rights are available to protect software, and how do you obtain those rights?
Fintech innovations may be protected as inventions under patent law if they are patentable. This includes filing for a patent and meeting the requirements under Danish patent laws (e.g, patentable subject matter, novelty and inventive step). Fintech innovations may also be protected as utility models where the bar for protection is lower than that of a patent.
Further, if the innovation is embodied in software coding, copyright protection may be available to the author (in this case, the program) if the software coding has a sufficient degree of originality. In addition, fintech innovations may be protected as sui generis database rights if the conditions for protection set out in section 71 of the Copyright Act (incorporating EU Directive 96/9/EU (Legal Protection of Databases)) are met.
Although not intellectual property in the traditional sense, a fintech innovation may be protected as a trade secret under the Trade Secrets Act (incorporating EU Directive 2016/943/EU (Protection of Undisclosed Know-How and Business Information (Trade Secrets) (Trade Secrets Directive) if the innovation is kept secret.
IP developed by employees and contractors
- Who owns new intellectual property developed by an employee during the course of employment? Do the same rules apply to new intellectual property developed by contractors or consultants?
Copyright
The Danish Copyright Act stipulates that the person who creates a work owns the copyright to that work. This applies regardless of whether the person is an employee or a contractor or consultant.
In relation to copyright created during the term of employment, the general rule is that there is an automatic transfer of copyright from the employee to the employer by virtue of the employment provided certain criteria are met. The employer shall only be entitled to the parts of the employee’s copyright that were necessary for the employer’s usual activities at the time when the employee created the work. Further, it is a condition that the employment is of a permanent nature and that creating the work was part of the employee’s tasks.
Moreover, the copyright to computer programs developed by an employee, within the scope of his or her employment or as a result of the employer’s directions, automatically transfers in full to the employer.
Inventions (patents and utility models)
If a person (e.g, an employee or a consultant) has made a technical invention that can be patented or registered as a utility model, the starting point is that the employee or the consultant is entitled to this invention.
Pursuant to the Danish Employees’ Inventions Act, if the invention has been made as part of the employment, the employer is entitled to claim that the right to the invention be transferred to them if the use of the invention falls within the scope of the activities of the company.
The same applies if the employee’s invention relates to a specific task assigned to him or her by the employer. Even if the invention was made during off-duty hours, the employer could still be entitled to claim the right to the invention. The Danish Employees’ Inventions Act does not apply to consultants.
The Act on Inventions at Public Research Institutions regulates the right to inventions made by teachers and other scientific employees at universities. The Act stipulates that the employee is entitled to an invention that he or she has made him or herself; however, the Act also states that the institution has a right to claim that this invention be transferred to it, if the employee made the invention as part of his or her work.
Designs
The right to a design depends on whether it is a Danish design or a community design. The Danish Designs Act stipulates that the person who created the Danish design or the person to whom the designer’s right has been transferred has the right to acquire the exclusive right to the design.
The Danish Designs Act does not regulate the relationship between employer and employee. It is, however, assumed that under the Danish Designs Act, the design rights belong to the employer, unless the design is also protected by copyright. In the latter case, the design right follows the copyright and is determined based on an analogy of the rules on copyright for employees (see above).
According to article 14(3) of the Regulation on Community Designs, any rights to a community design shall vest in the employer unless otherwise agreed or specified under national law. This only applies to traditional employment relationships (employer–employee). For commissioned designs, the question of whom the rights belong to must be decided specifically.
Trademarks
The trader, and not the person who created the sign, owns the rights to the sign. If an employee owns the copyright or design rights to the sign, the employer can only use it if they have agreed on this or if it is otherwise justified under the copyright and design rules. Accordingly, it is important to determine whether the employee created the trademark as a part of his or her work or whether the exploitation of the trademark falls within the scope of the usual activities of the employer.
If a consultant owns the copyright to the sign, the trader will have a right of use only unless otherwise agreed.
Joint ownership
- Are there any restrictions on a joint owner of intellectual property’s right to use, license, charge or assign its right in intellectual property?
As the joint ownership of IP rights is commonly regulated on a contractual basis between the joint owners, restrictions on a joint owner follow from the contractual regulation thereof.
If an invention is made jointly, each person will own a proportionate share of the invention in the absence of a prior agreement. The joint ownership entails some restrictions on each person’s right to use, license, charge or assign the invention, even without an agreement.
In general, all joint owners of an invention must agree on substantial decisions regarding the jointly owned invention, including agreements on licensing. Each owner may individually sell or assign its own share in the invention unless otherwise agreed.
With regard to copyright, co-authors to a copyrighted work, where each contribution cannot be separated as independent works, enjoy joint co-ownership in the copyright of the work.
Trade secrets
- How are trade secrets protected? Are trade secrets kept confidential during court proceedings?
Confidential information and trade secrets are covered by the Trade Secrets Act (incorporating the Trade Secrets Directive and the Danish Penal Code.
With regard to the confidentiality of trade secrets (including confidential information) during court proceedings, the Trade Secrets Act stipulates that the duty of confidentiality to which the court’s staff (e.g, the judge), lawyers and others employed by the law firm are subject, implies that the unlawful use or disclosure of trade secrets that the person in question has learned about through involvement in or access to the legal proceedings is a punishable offence. This also applies to other persons involved in the legal proceedings, such as witnesses.
Branding
- What intellectual property rights are available to protect branding and how do you obtain those rights? How can fintech businesses ensure they do not infringe existing brands?
The most relevant IP rights protecting branding are set out in the Trademarks Act, the Marketing Practices Act and the Copyright Act.
The Trademarks Act protects signs used in branding, such as brand names, mottos or catchphrases and logos. The Marketing Practices Act protects certain commercial signs that have the necessary degree of distinctiveness. Copyright protection may in principle be afforded under the Copyright Act for user interfaces in software and website designs, which may enjoy copyright protection with regard to branding; however, in practice, this protection is difficult to obtain.
Trademark protection in Denmark may be obtained by way of both a community (EU) trademark and on the national level in Denmark as a Danish trademark. In Denmark, trademark protection may be obtained by way of both registration and use-based rights. To be registered as a trademark, the trademark owner must be able to reproduce the trademark in an appropriate manner by using technology that is generally available to determine the content of the trademark right clearly and precisely. Protection under the Marketing Practices Act is obtained by use, when the necessary degree of distinctiveness exists.
To avoid trademark infringement of existing brands, fintech businesses should perform appropriate freedom-to-operate analysis prior to launching brands, including checking both national and EU registers for potentially conflicting registered rights. As protection in some cases can be established by use, a market check is also necessary. Similarly, as regards the Marketing Practices Act, where protection is also established formlessly, a market check is necessary.
The Danish Patent and Trademark Office can, in connection with a trademark application, produce a search report showing rights with which the applicant may come into conflict. However, the owners of these prior rights are not automatically notified of this and, thus, it is up to each owner to stay informed and assess whether they believe their rights are infringed.
Remedies for infringement of IP
- What remedies are available to individuals or companies whose intellectual property rights have been infringed?
A number of remedies are available to individuals or companies whose IP rights have been infringed, including:
- financial compensation (e.g, damages and reasonable remuneration);
- injunctions (e.g, preliminary injunctions);
- corrective measures;
- the publication of judicial decisions;
- reasonable compensation for legal costs; and
- criminal penalties.
COMPETITION
Sector-specific issues
- Are there any specific competition issues that exist with respect to fintech companies in your jurisdiction?
The fintech nature of a product or service does not in itself give rise to particular competition law issues.
However, aspects of the fintech business model mean that certain competition law considerations – of general application – often become relevant in the context of fintech businesses.
One example of this is the widespread use of partnerships between fintech businesses and incumbent financial institutions that, depending on the nature of the partnership, may raise competition law questions about horizontal or vertical cooperation.
At the other end of the spectrum, where a fintech product or service requires the fintech business to access a financial institution’s systems or customer data and the financial institution is reluctant to provide this access, questions of anti-competitive behavior may arise in certain circumstances.
TAX
Incentives
- Are there any tax incentives available for fintech companies and investors to encourage innovation and investment in the fintech sector in your jurisdiction?
Danish tax law provides no specific fintech incentives, but there are specific incentive rules concerning R&D:
- a temporary – but expected to be permanent – regime provides for a 130 percent tax deduction of R&D costs, maximized within a group to 910 million Danish kroner annually; and
- a tax credit regime – whereby it is possible for smaller start-ups to convert a tax loss, to the extent it is created by R&D costs, into cash from the Danish state. It only applies to R&D costs of up to 25 million Danish kroner annually, namely, a maximum annual payout of 5.5 million Danish kroner.
Danish tax law also contains general tax incentives in the form of tax-favorable treatment on granting shares, options and warrants, where a company can grant up to 10 percent (or 20 percent – and even 50 percent for small businesses – if certain requirements are met) of an employee’s remuneration through such instruments. These favorable tax incentives have in part been introduced to promote start-up businesses in Denmark.
Danish tax law also includes an expat tax regime under which foreign employees may be taxed by 32.84 percent of their remuneration for up to seven years. The tax regime only applies if certain requirements are met. These are – among others – salary requirements (in excess of 72,500 Danish kroner (in 2023) per month after deduction of the Labor Market Supplementary Pension), not having been involved in the management of the employer company and not having been taxable in Denmark. The use of the expat tax regime requires registration with the Danish tax authorities. The expat tax regime is part of retaining and attracting highly qualified foreign employees.
On a broader scale, the Danish government published their political objectives on 14 December 2022. These included an allocation of 300 million Danish kroner to support the Danish entrepreneurial sector through a strategy with an emphasis on, for example, ease of access to foreign workforce, retaining the 130 percent tax deduction of R&D costs and regulations explained above and other initiatives to aid the Danish start-up ecosystem.
Increased tax burden
- Are there any new or proposed tax laws or guidance that could significantly increase tax or administrative costs for fintech companies in your jurisdiction?
There are no such proposed tax laws currently implemented or underway.
IMMIGRATION
Sector-specific schemes
- What immigration schemes are available for fintech businesses to recruit skilled staff from abroad? Are there any special regimes specific to the technology or financial sectors?
Citizens from other EU and EEA countries or Switzerland may work in Denmark under the EU rules on the free movement of persons and services. As a clear starting point, citizens from outside of the European Union, the European Economic Area and Switzerland must have a work permit to work in Denmark. Subject to certain conditions, such citizens may also work in Denmark under the EU rules on the free movement of services.
There are several immigration schemes aimed at the recruitment of skilled staff. However, none are specific to the technology or financial sector. The most relevant schemes for a fintech business are:
- the Pay Limit Scheme, which ensures that an employee is granted a work permit if their annual salary is over a certain amount (465,000 Danish kroner in 2023) and the employment terms correspond to Danish standards;
- the Supplementary Pay Limit Scheme, under which an employee is granted a work permit if the following conditions are met:
- their annual salary is over a certain amount (375,000 Danish kroner in 2023;
- the employment terms correspond to Danish standards;
- the offered job position has been posted on Jobnet and the EURES portal;
- the seasonally adjusted gross unemployment in Denmark does not exceed75 percent; and
- the employee has not received a fine of 3,000 Danish kroner or more under the Criminal Code or the Aliens Act; and
- the Positive List scheme, under which residence and work permits are granted to employees who have been offered jobs that are listed on one of the Positive Lists covering certain professions and fields that are currently experiencing a shortage of qualified professionals. The list contains more than 100 professions and is available on the Danish Immigration Service website; and
- the Fast-Track Scheme, which makes it faster and easier for certified companies to recruit foreign employees with special qualifications to work in Denmark.
Additional immigration schemes are available that may be relevant (e.g, for trainees or intra-group secondments).
UPDATE AND TRENDS IN FINTECH IN DENMARK
Current developments
- Are there any other current developments or emerging trends to note?
No.
* The information in this chapter was accurate as of May 2023.
If you need more consulting, please Contact Us at TNHH NT International Law Firm (ntpartnerlawfirm.com)
You can also download the .docx version here.
“The article’s content refers to the regulations that were applicable at the time of its creation and is intended solely for reference purposes. To obtain accurate information, it is advisable to seek the guidance of a consulting lawyer.”
LEGAL CONSULTING SERVICES
090.252.4567NT INTERNATIONAL LAW FIRM
- Email: info@ntpartnerlawfirm.com – luatsu.toannguyen@gmail.com
- Phone: 090 252 4567
- Address: B23 Nam Long Residential Area, Phu Thuan Ward, District 7, Ho Chi Minh City, Vietnam