Decree 94/2025/ND-CP on regulatory sandbox mechanism in the banking sector

DECREE

On regulatory sandbox mechanism in the banking sector

^{______________}

Pursuant to the Law on Organization of the Government dated February 18, 2025;

Pursuant to the Law on the State bank of Vietnam dated June 16, 2010;

Pursuant to the Law on Credit Institutions dated January 18, 2024;

At the proposal of the Governor of the State Bank of Vietnam;

The Government hereby promulgates the Decree on regulatory sandbox mechanism in the banking sector.

Chapter I

GENERAL PROVISIONS

Article 1. Scope of regulation

1. This Decree provides regulations on the regulatory sandbox mechanism in the banking sector (hereinafter referred to as the sandbox mechanism) for the deployment of new products, services, and business models through the application of technological solutions (hereinafter referred to as financial technology solutions).

2. Financial technology solutions (abbreviated as Fintech solutions) eligible for testing under the sandbox mechanism include:

a) Credit scoring;

b) Data sharing via open application programming interfaces (Open API);

c) Peer-to-peer (P2P) lending.

Article 2. Subjects of application

1. Credit institutions and foreign bank branches as prescribed in the Law on Credit Institutions (excluding those specified at Point c, Clause 2, Article 1 of this Decree).

2. Fintech companies.

3. Competent State authorities.

4. Customers and other organizations and individuals related to the sandbox mechanism.

Article 3. Interpretation of terms

For the purposes of this Decree, the terms below shall be construed as follows:

1. Financial technology company (abbreviated as Fintech company) means an organization other than a credit institution or a foreign bank branch, which has a valid establishment license or lawful business registration in the territory of Vietnam; independently provides Fintech solutions or provides Fintech solutions to the market in cooperation with credit institutions or foreign bank branches.

2. Organization participating in the sandbox mechanism means a credit institution, foreign bank branch, or Fintech company that has been granted a certificate of participation in the sandbox mechanism by the State Bank of Vietnam (hereinafter referred to as the State Bank).

3. Peer-to-peer lending solution means an information technology application solution provided by a peer-to-peer lending company to connect information and facilitate the conclusion of contracts on a digital platform between customers being borrowers and lenders. The currency used in the peer-to-peer lending solution is the Vietnamese dong.

4. Peer-to-peer lending company means a Fintech company that provides peer-to-peer lending solutions to customers.

5. Open Application Programming Interface (Open API) means a standardized set of APIs that can be used by the computer systems of multiple credit institutions, foreign bank branches, Fintech companies, and other third parties to send service requests to the systems of credit institutions or foreign bank branches that share such Open APIs.

6. Credit scoring means a solution applying the information technology systems of credit institutions, foreign bank branches, or Fintech companies to assess the creditworthiness of an individual or organization to support credit extension decisions of credit institutions or foreign bank branches.

7. Customer means an organization or individual that has a contractual relationship with and directly uses the Fintech solutions of an organization participating in the sandbox mechanism.

8. Customers using peer-to-peer lending solutions provided by peer-to-peer lending companies include: The lender, being a legal entity (including credit institutions and foreign bank branches) established in accordance with the laws of Vietnam, or an individual holding a Vietnamese citizenship; the borrower, being a legal entity (excluding credit institutions and foreign bank branches) established in accordance with the laws of Vietnam, or an individual holding a Vietnamese citizenship.

Article 4. Objectives of the sandbox mechanism

1. To promote innovation and modernization of the banking sector, thereby realizing the goal of financial universalization for people and enterprises in a transparent, convenient, safe, efficient, and low-cost manner.

2. To create an experimental environment to assess risks, costs and benefits of Fintech solutions; to support the formation and development of Fintech solutions in accordance with market needs, legal framework, and management regulations.

3. To mitigate risks to customers when using Fintech solutions provided by organizations participating in the sandbox mechanism.

4. To utilize the outcomes of the Fintech solution trials as practical grounds for competent state authorities to study, formulate, and improve relevant legal frameworks and regulatory provisions where necessary.

Article 5. Principles of consideration and approval of organizations participating in the sandbox mechanism

To ensure fairness, objectivity, publicity and transparency, the consideration and approval of organizations participating in the sandbox mechanism shall adhere to the following fundamental principles:

1. The process of consideration and approval of organizations participating in the sandbox mechanism must ensure transparency in terms of criteria, and conditions, as well as the evaluation and selection process.

2. Participation in the sandbox mechanism does not imply that the participating organization satisfies business and investment conditions as required by law, where applicable.

3. Credit institutions, foreign bank branches, and Fintech companies that do not wish to participate in the sandbox mechanism or have not been approved for participation shall operate and comply with the applicable laws on enterprises, investment, and other relevant laws.

Article 6. Sandbox testing period, geographical area, and scope

1. The sandbox testing period of Fintech solutions shall not exceed 2 years for each specific solution and field, calculated from the date on which the State Bank issues the certificate of participation in the sandbox mechanism. The sandbox testing period may be extended in accordance with Article 20 of this Decree.

The validity period of the certificate of participation in the sandbox mechanism shall not exceed the validity period (if any) of the establishment license or business registration certificate of the organization participating in the sandbox mechanism.

2. Geographical area of the sandbox testing:

The implementation of sandbox testing for Fintech solutions shall be restricted to the territory of Vietnam and shall not include cross-border testing activities.

3. Sandbox testing scope:

a) The organization participating in the sandbox mechanism shall only be permitted to provide Fintech solutions within the scope specified in the certificate of participation in the sandbox mechanism;

b) Depending on the Fintech solution and the specific proposal of the organization applying for participation in the sandbox mechanism as set out in the application dossier for participation in the sandbox mechanism, and based on the opinions of relevant ministries, the State Bank shall determine the sandbox testing scope of the Fintech solution in the certificate of participation in the sandbox mechanism;

c) Peer-to-peer lending companies shall only be permitted to provide peer-to-peer lending solutions within the sandbox testing scope specified in the certificate of participation in the sandbox mechanism issued by the State Bank in accordance with this Decree. Peer-to-peer lending companies participating in the sandbox mechanism are not allowed to conduct any business activities other than those specified in the certificate of participation in the sandbox mechanism, nor to provide their own collateral for customers’ loans, shall not operate as customers themselves, nor to provide peer-to-peer lending solutions to pawnshop companies.

Article 7. Principles for preparing and submitting the application dossier for participation in the sandbox mechanism, adjustment of the sandbox solution, suspension of the sandbox, extension of the sandbox testing period, and request for issuance of the certificate of completion of the sandbox

1. The application dossier must be prepared in Vietnamese. In case the document is granted, notarized or certified by a competent foreign agency or organization, it must be consularly legalized in accordance with Vietnamese law (except for cases exempted from consular legalization in accordance with the law on consular legalization) and translated into Vietnamese.

2. Copies of dossiers and documents must be certified true copies or copies issued from the master book or copies enclosed with the originals for comparison as prescribed by law, in case the dossier is submitted online, the regulations on administrative procedures on the electronic environment shall be followed.

3. The personal curriculum vitae must be self-prepared and the signature must be authenticated in accordance with the law.

4. Dossiers should be sent via postal mail (postal services) or submitted directly to the Single-Window Section of the State Bank, or submitted online via the State Bank's public service portal or the national public service portal.

5. The organization requesting the issuance of a certificate of participation in the sandbox mechanism, adjustment of sandbox solutions, suspension of sandbox, extension of sandbox testing period, or issuance of a certificate of completion of the sandbox shall be fully responsible before the law for the accuracy and truthfulness of the information provided.

Chapter II

REGISTRATION AND GRANT OF CERTIFICATES OF PARTICIPATION IN THE SANDBOX MECHANISM

Section 1

REGARDING FINTECH SOLUTIONS SPECIFIED AT POINTS A AND B, CLAUSE 2 OF ARTICLE 1

Article 8. Conditions and criteria to participate in the sandbox mechanism

1. Credit institutions not under special control as defined by the Law on Credit Institutions, and foreign bank branches, may be considered for the issuance of a certificate of participation in the sandbox mechanism when the Fintech solution meets the following criteria:

a) The solution contains technical and operational content for which the applicable legal regulations have not yet provided specific and clear guidelines for implementation and application;

b) The solution is innovative and brings benefits and added value to users of services in Vietnam, particularly solutions that support and promote the goal of financial inclusion;

c) The solution has designed and developed a risk management framework to minimize negative impacts on the banking system and banking-currency-foreign exchange activities; it includes plans for handling and mitigating risks that may arise during the sandbox process, as well as plans to protect consumer rights;

d) The solution has undergone thorough review and evaluation by the organization participating in the sandbox mechanism in terms of operations, functions, utilities, and effectiveness;

dd) The solution is feasible for market deployment upon the completion of the sandbox process.

2. A Fintech company may be considered for the issuance of a certificate of participation in the sandbox mechanism when the Fintech solution meets the criteria specified in Clause 1 of this Article and satisfies the following conditions:

a) The Fintech company is a legal entity established and operating legally within the territory of Vietnam; which is not in the process of division, separation, merger, consolidation, transformation, dissolution, or bankruptcy as per the law;

b) Its at-law representative and the General Director (or Director) must have at least a university degree in one of the following fields: economics, business administration, law, information technology, and must have at least 2 years of experience in management or executive roles within the financial and banking sectors, and must not fall under any categories prohibited by law.

3. Organizations participating in the sandbox mechanism shall be responsible for ensuring that they maintain the required conditions throughout their participation in the mechanism.

Article 9. Dossier for registration of participation in the sandbox mechanism

1. An application for the issuance of a certificate of participation in the sandbox mechanism, made according to Form No. 01 provided in Appendix I to this Decree, applicable to credit institutions and foreign bank branches; an application for the issuance of a certificate of participation in the sandbox mechanism, made according to Form No. 02 provided in Appendix I to this Decree, applicable to Fintech companies.

2. Documents describing the organizational structure and executive management in the implementation of the Fintech solution registered for sandbox.

3. A resolution of the Members’ Council, Board of Directors, General Meeting of Shareholders, or a document issued by a duly authorized representative of the owner, in accordance with the authority specified in the Charter, approving the Scheme describing the Fintech solution registered for participation in the sandbox mechanism.

4. A Scheme describing the Fintech solution registered for participation in the sandbox mechanism, including a model simulation of the solution or a demonstration version (Demo); a group of potential customers; and the fulfillment of all criteria specified in Clause 1, Article 8, as specifically guided in Appendix II to this Decree.

5. Sandbox testing plan, including: The anticipated sandbox testing period, geographical area, and scope; the estimated budget for sandbox activities; the resources involved in the sandbox; principles for communication and reporting with the State Bank during the sandbox phase; and the termination of the sandbox process in a manner that ensures the feasibility of fulfilling all obligations within a maximum period of 6 months from the date of the decision to suspend the sandbox.

6. Personnel dossier: Curriculum vitae (dated no more than 6 months prior to the submission of the dossier), and copies of diplomas or certificates evidencing the competence and professional qualifications of the at-law representative, General Director (Director), Deputy General Director (Deputy Director), and key personnel implementing the testing of the Fintech solution.

7. Copies of documents evidencing that the organization registering to participate in the sandbox mechanism has been legally established and is operating in compliance with the law, including establishment license or equivalent document; Charter; investment certificate of the foreign investor (if any).

Article 10. Order and procedures for registration of participation in the sandbox mechanism

1. In case the dossier is submitted by post (postal service) or directly to the Single-Window Section of the State Bank, the organization registering to participate in the sandbox mechanism shall submit 2 sets of dossiers and 6 CDs (or 6 USBs) containing scanned copies of the complete dossier for the issuance of the certificate of participation in the sandbox mechanism as prescribed in Article 9 of this Decree.

2. Within 5 working days from the date of receipt of the dossier, the State Bank shall issue a written confirmation of full receipt of a valid dossier or a written request for the organization registering to participate in the sandbox mechanism to supplement or complete the dossier. The time for supplementing or completing the dossier shall not be included in the dossier appraisal period.

Within 5 working days from the date on which the State Bank issues a written request for supplementation or completion of the dossier, if the organization registering to participate in the sandbox mechanism fails to resubmit the dossier or the supplemented dossier fails to meet the required components, the State Bank shall issue a written notice of return of the dossier to the organization registering to participate in the sandbox mechanism.

3. Within 90 working days from the date of sending the written confirmation of full receipt of the valid dossier, the State Bank shall coordinate with relevant ministries to appraise the dossier, including on-site inspection (if necessary).

On the basis of receiving the complete and valid dossier, the State Bank shall send a document to collect comments from relevant ministries. Within 15 working days from the date the State Bank issues a written request, relevant ministries shall send the State Bank written comments on the dossier.

In case an on-site inspection is necessary, the State Bank shall issue a written request for relevant ministries to assign officials to participate in the on-site inspection team; within 5 working days from the date the State Bank of Vietnam issues the written request, relevant ministries shall send written notices assigning officials to participate in the on-site inspection team to the State Bank. The on-site inspection must be notified to the organization registering to participate in the sandbox mechanism at least 3 working days prior to the inspection at the organization’s head office.

If the dossier requires explanation or clarification, the State Bank shall issue a written request for the organization registering to participate in the sandbox mechanism to provide explanation and complete the dossier. The organization registering to participate in the sandbox mechanism shall be allowed to submit explanation and complete the dossier once only.

After 30 working days from the date the State Bank issues the written request for explanation and dossier completion, if the organization registering to participate in the sandbox mechanism fails to resubmit the explanation and completed dossier, the State Bank shall issue a written notice of return of the dossier to such organization. The time for explanation and completion of the dossier shall not be included in the dossier appraisal period.

From the date of receipt of the supplemented and completed dossier from the organization registering to participate in the sandbox mechanism, the State Bank shall issue a written request for comments from relevant ministries. Within 10 working days from the date the State Bank issues a written request, relevant ministries shall send the State Bank written comments on the dossier.

4. After the appraisal period specified in Clause 3 of this Article ends, the State Bank shall issue the certificate of participation in the sandbox mechanism to the organization registering to participate in the mechanism whose dossier meets the conditions and criteria as prescribed in Article 8 of this Decree. In case of refusal, the State Bank shall issue a written reply, clearly stating reasons.

5. Within 90 days from the date the State Bank grants the certificate of participation in the sandbox mechanism, the organization granted with such certificate shall deploy Fintech solution within the scope stated in the certificate of participation in the sandbox mechanism.

Section 2

REGARDING PEER-TO-PEER LENDING SOLUTIONS

Article 11. Conditions and criteria to participate in the sandbox mechanism

1. A peer-to-peer lending solution may be considered for the issuance of a certificate of participation in the sandbox mechanism if it meets the criteria specified in Clause 1, Article 8 of this Decree, and satisfies the following conditions:

a) There are measures to identify and manage the maximum outstanding loan amount for a single borrower under the peer-to-peer lending solution provided by the organization, to report and extract real-time information about the borrower from the National Credit Information Centre of Vietnam to ensure compliance with the regulation on the maximum outstanding loan amount for a single borrower under the peer-to-peer lending solution provided by the organization and the maximum outstanding loan amount for a single borrower across all peer-to-peer lending solutions participating in the sandbox mechanism;

b) Disbursement and payment of loan, interest, and fees for customer transactions under the peer-to-peer lending solution must be carried out through the customer's payment account at a credit institution, foreign bank branch, or through the customer’s e-wallet at an intermediary payment service provider;

c) There are measures to ensure that the term of the contract between the borrower and the lender using the peer-to-peer lending solution participating in the sandbox mechanism does not exceed 2 years.

2. A Fintech company registering for the trial implementation of a peer-to-peer lending solution may be considered for the issuance of a certificate of participation in the sandbox mechanism when the solution meets the criteria specified in Clause 1 of this Article and satisfies the following specific conditions:

a) It is an enterprise lawfully established and operating within the territory of Vietnam; which is neither a foreign-invested enterprise, nor undergoing division, separation, consolidation, merger, transformation, dissolution, or bankruptcy as prescribed by law;

b) The at-law representative and General Director (Director) of the Company are Vietnamese citizens; have no criminal record; have not been administratively sanctioned in the fields of finance, banking, and cybersecurity; are not concurrently the owner or manager of an enterprise providing financial, banking, pawn services, or multi-level marketing services; are not the head of tontine, or members of the Board of Directors, Member's Council, Supervisory Board, General Director (Director), Deputy General Director (Deputy Director), or equivalent positions in credit institutions, foreign bank branches, or organizations providing intermediary payment services;

c) The Company's at-law representative and the General Director (or Director) must have at least a university degree in one of the following fields: economics, business administration, law, information technology, and must have at least 2 years of experience in management or executive roles within the financial and banking sectors, and must not fall under any categories prohibited by law;

d) It satisfies standards on human resources, physical facilities, and technical infrastructure for the digital platform implementing the peer-to-peer lending solution, ensuring at least the following minimum requirements:

The information technology system and information storage system must be located within the territory of Vietnam, must operate safely and continuously, and must have a backup technical system independent from the main system to ensure uninterrupted operation in case of incidents, especially technical or technological failures.

Data and information of all customers and relevant parties must be updated, stored, and shared on a digital platform with high security, ensuring transparency and openness among participating parties, while at the same time protecting participant information from unrelated parties in accordance with the law.

The information technology system must be tested and evaluated before being put into operation.

The technical staff must possess professional qualifications in their assigned fields to ensure safe and continuous operation of the system.

3. Peer-to-peer lending companies participating in the sandbox mechanism shall be responsible for ensuring the continued fulfillment of the conditions and criteria during their participation in the sandbox mechanism.

Article 12. Dossier for registration of participation in the sandbox mechanism

A dossier for registration of participation in the sandbox mechanism of a Fintech company registering for the trial implementation of a peer-to-peer lending solution must comprise:

1. An application for participation, made according to Form No. 03 provided in Appendix I to this Decree.

2. A document describing the management, administration and organizational structure in the deployment of the peer-to-peer lending solution registered for participation in the sandbox mechanism.

3. A resolution of the Members’ Council, Board of Directors, General Meeting of Shareholders, or a document issued by a duly authorized representative of the owner, in accordance with the authority specified in the Charter, approving the Scheme describing the peer-to-peer lending solution registered for participation in the sandbox mechanism.

4. A Scheme describing the peer-to-peer lending solution registered for participation in the sandbox mechanism, as specifically guided in Appendix III to this Decree.

5. Sandbox testing plan, including: The anticipated sandbox testing period, geographical area, and scope; the estimated budget for sandbox activities; the resources involved in the sandbox; principles for communication and reporting with the State Bank during the sandbox phase; and the termination of the sandbox process in a manner that ensures the feasibility of fulfilling all obligations toward customers and related parties after the decision to suspend the sandbox is issued.

6. Personnel dossier: Curriculum vitae, judicial record certificate (issued no more than 6 months prior to the submission date), and copies of diplomas and certificates evidencing the competence and professional qualifications of the at-law representative and General Director (Director); a written confirmation from the authorized representative of the entity where the at-law representative and General Director (Director) have held or are holding a position, certifying the title and the duration of holding such position, or a copy of a document evidencing the title and the duration of holding the position at the entity.

7. Copies of documents evidencing that the Fintech company has been lawfully established and is legally operating, including the establishment license or paper of equivalent legal validity, Charter.

Article 13. Order and procedures for registration of participation in the sandbox mechanism

1. In case the dossier is submitted by post (postal service) or directly to the Single-Window Section of the State Bank, the organization registering to participate in the sandbox mechanism shall submit 2 sets of dossiers and 6 CDs (or 6 USBs) containing scanned copies of the complete dossier for the issuance of the certificate of participation in the sandbox mechanism as prescribed in Article 12 of this Decree.

2. Within 5 working days from the date of receipt of the dossier, the State Bank shall issue a written confirmation of full receipt of a valid dossier or a written request for the organization registering to participate in the sandbox mechanism to supplement or complete the dossier. The time for supplementing or completing the dossier shall not be included in the dossier appraisal period.

Within 5 working days from the date on which the State Bank issues a written request for supplementation or completion of the dossier, if the organization registering to participate in the sandbox mechanism fails to resubmit the dossier or the supplemented dossier fails to meet the required components, the State Bank shall issue a written notice of return of the dossier to the organization registering to participate in the sandbox mechanism.

3. Within 90 working days from the date of sending the written confirmation of full receipt of the valid dossier, the State Bank shall coordinate with relevant ministries to appraise the dossier, including on-site inspection (if necessary).

On the basis of receiving the complete and valid dossier, the State Bank shall send a document to collect comments from relevant ministries. Within 15 working days from the date the State Bank issues a written request, relevant ministries shall send the State Bank written comments on the dossier.

In case an on-site inspection is necessary, the State Bank shall issue a written request for relevant ministries to assign officials to participate in the on-site inspection team; within 5 working days from the date the State Bank of Vietnam issues the written request, relevant ministries shall send written notices assigning officials to participate in the on-site inspection team to the State Bank. The on-site inspection must be notified to the organization registering to participate in the sandbox mechanism at least 3 working days prior to the inspection at the organization’s head office.

If the dossier requires explanation or clarification, the State Bank shall issue a written request for the organization registering to participate in the sandbox mechanism to provide explanation and complete the dossier. The organization registering to participate in the sandbox mechanism shall be allowed to submit explanation and complete the dossier once only.

After 30 working days from the date the State Bank issues the written request for explanation and dossier completion, if the organization registering to participate in the sandbox mechanism fails to resubmit the explanation and complete dossier, the State Bank shall issue a written notice of return of the dossier to such organization. The time for explanation and completion of the dossier shall not be included in the dossier appraisal period.

From the date of receipt of the supplemented and completed dossier from the organization registering to participate in the sandbox mechanism, the State Bank shall issue a written request for comments from relevant ministries. Within 10 working days from the date the State Bank issues a written request, relevant ministries shall send the State Bank written comments on the dossier.

4. After the appraisal period specified in Clause 3 of this Article ends, the State Bank shall issue the certificate of participation in the sandbox mechanism to the organization registering to participate in the mechanism whose dossier meets the conditions and criteria as prescribed in Article 8 and Article 11 of this Decree. In case of refusal, the State Bank shall issue a written reply, clearly stating reasons.

5. Within 90 days from the date the State Bank grants the certificate of participation in the sandbox mechanism, the organization granted with such certificate shall deploy peer-to-peer lending solution within the scope stated in the certificate of participation in the sandbox mechanism.

Chapter III

MONITORING OF THE SANDBOX PROCESS AND THE END OF THE SANDBOX TESTING PERIOD

Article 14. Supervision and inspection of the sandbox process

1. The State Bank shall supervise organizations participating in the sandbox mechanism through the following activities:

a) Monitoring the sandbox activities of organizations participating in the sandbox mechanism through:

Collecting documents, information, and data from the following sources: reports and information provided by the organization participating in the sandbox mechanism in accordance with Article 15 of this Decree; documents, information, and data collected through on-site inspection activities of the organization participating in the sandbox mechanism; information provided by other competent state authorities; information provided by organizations and individuals related to the sandbox mechanism; and other information sources as required by the State Bank to serve supervisory purposes.

Assessing the rationality of the documents, information, and data; in cases where the documents, information, or data are found to be missing, erroneous, inaccurate, or inappropriate, the State Bank shall request the organization participating in the sandbox mechanism to provide timely explanations and to resubmit accurate information.

Consolidating, and analyzing the collected documents, information, and data; conducting assessment and inspection;

b) Evaluating the sandbox activities of the organization and the Fintech solution participating in the sandbox mechanism

Based on the documents, information, and data collected under Point a, Clause 1 of this Article, the State Bank shall assess the sandbox activities of the organization and the Fintech solution participating in the sandbox mechanism;

c) Warnings and recommendations

In case potential risks are identified during the sandbox process, the State Bank shall issue a written warning or recommendation to the organization participating in the sandbox mechanism.

2. The State Bank shall coordinate with related competent state authorities to conduct an on-site inspection for the organization participating in the sandbox mechanism upon request for state management purposes or upon detection of issues related to risks requiring further collection of documents, information, and data.

In case an on-site inspection is necessary, the State Bank shall issue a written request for relevant ministries to assign officials to participate in the on-site inspection team; within 5 working days from the date the State Bank of Vietnam issues the written request, relevant ministries shall send written notices assigning officials to participate in the on-site inspection team to the State Bank. The on-site inspection must be notified to the organization participating in the sandbox mechanism at least 3 working days prior to the inspection at the organization’s head office.

Article 15. Reporting and information provision regime

1. The State Bank may request organizations participating in the sandbox mechanism to provide information related to the sandbox process on a periodic and irregular basis. Based on the assessment of necessity, the State Bank may request organizations participating in the sandbox mechanism to develop software and monitoring tools for reporting and information provision purposes.

2. Organizations participating in the sandbox mechanism shall periodically report and provide unscheduled information on the sandbox process, arising risks, and sandbox implementation results to the State Bank in accordance with regulations. Organizations participating in the sandbox mechanism shall develop software and monitoring tools as requested by the State Bank and set the reporting criteria corresponding to the characteristics of the Fintech solution participating in the sandbox mechanism in accordance with this Decree.

3. Reports shall be presented in electronic document format. Electronic reports shall be presented in the form of electronic data files or electronic messages transmitted via computer networks or sent via data storage devices, bearing the electronic signature of the lawful representative of the reporting organization, in accordance with the code, transmission method, and file structure as prescribed by the State Bank. Electronic reports shall be sent to the State Bank through one of the following methods:

a) Via email system;

b) Via the reporting information system of the State Bank (hereinafter referred to as the reporting information system);

c) Via software or monitoring tools developed by the organization participating in the sandbox mechanism as required by the State Bank.

4. Organizations participating in the sandbox mechanism shall be responsible for submitting quarterly periodic reports on the operational indicators of the Fintech solution participating in the sandbox mechanism in accordance with Appendix IV to this Decree via the reporting information system. The quarterly reporting period shall be calculated from the first day of the first month of the quarter to the last day of the last month of the quarter; the deadline for submitting the report shall be no later than the 15^th day of the first month of the following quarter.

5. Within 15 days from the date on which one-half of the testing duration specified in the certificate of participation in the sandbox mechanism or the document approving the extension of the testing period is implemented, the organization participating in the sandbox mechanism shall be responsible for submitting a preliminary evaluation report on the implementation results of the Fintech solution participating in the sandbox mechanism in accordance with Appendix V to this Decree via the reporting information system.

6. At least 90 days prior to the expiration of the testing period, the organization participating in the sandbox mechanism shall be responsible for submitting a report evaluating the testing results in accordance with Appendix V to this Decree via the reporting information system. In case the organization participating in the sandbox mechanism wishes to adjust the sandbox solution, suspend the sandbox, extend the testing period, or be issued with the certificate of completion of the sandbox, it shall submit the report evaluating the testing results in accordance with the regulations on the order and procedures for processing dossiers for adjusting the sandbox solution, suspending the sandbox, extending the testing period, or issuing the certificate of completion of the sandbox.

7. Upon detection of an incident causing operational disruption or the occurrence of a serious risk, the organization participating in the sandbox mechanism must immediately report to the State Bank via the email address [email protected] within 24 hours from the time of detecting the risk or incident, including information on the time of detection and a preliminary description of the risk or incident; and must submit a written report, made according to Appendix VI to this Decree, within 3 working days after the completion of the risk-handling measures or incident-remediation measures via the reporting information system of the State Bank.

8. In the event of any change in the at-law representative or the General Director (Director), a Fintech company participating in the sandbox mechanism shall be responsible for reporting in writing to the State Bank and providing supporting documents proving that the new at-law representative or General Director (Director) meets the eligibility conditions for participation in the sandbox mechanism as prescribed at Point b, Clause 2, Article 8 with respect to the solutions specified at Points a and b, Clause 2, Article 1 of this Decree, and Clause 2, Article 11 with respect to peer-to-peer lending solutions, within 30 days from the date of such change.

9. A peer-to-peer lending company shall be responsible for reporting customer credit information (including borrowers and lenders) to the National Credit Information Centre of Vietnam in accordance with the decision of the Governor of the State Bank. The National Credit Information Centre of Vietnam may use credit information from peer-to-peer lending solutions under the sandbox mechanism to develop a national credit information database to serve the management requirements of the State Bank and the business operations and risk management of credit institutions, foreign bank branches, peer-to-peer lending companies, and other organizations as decided by the Governor of the State Bank.

Article 16. Customer protection

To protect the legitimate rights and interests of customers during the sandbox process, organizations participating in the sandbox mechanism shall:

1. Issue and provide customers with guidelines and recommendations on risks when using the Fintech solution during the testing period.

2. Notify customers of the use of the Fintech solution under the sandbox process; ensure the provision of accurate, complete, and truthful information about the sandbox solution, service fees, and the rights and obligations of customers for each type of solution.

3. Ensure safety and confidentiality of customers' information during and after the process of using the trial Fintech solution, unless provided at the request of a competent state authority as prescribed by law.

4. Promulgate regulations on the protection of customer information during storage and transmission through security mechanisms, encryption, anonymization, and data masking. In cases where the organization collects, uses, or transfers customer information, the customer’s consent must be obtained, and the information may only be collected or transferred to third parties with the customer’s permission or upon request from a competent state authority; technical measures must be in place to verify the customer’s authorization for the provision of their information to third parties.

5. Develop and ensure compliance with internal processes and risk control measures to prevent unauthorized access to or use of personal data, fraud, and theft of customers’ personal information.

6. Conduct periodic risk assessments, ensure the implementation of risk prevention measures during the sandbox process, and promptly notifying customers in case of changes in the risk level of the Fintech solution under the sandbox mechanism.

7. Establish a mechanism and designate a focal point for handling customer complaints. In the event of disputes or complaints, organizations participating in the sandbox mechanism shall:

a) Receive and take measures to address all tracing requests and complaints submitted in writing, via telephone hotline, online platforms, or email from customers within 5 working days from the date of receipt of the request or complaint from customers;

b) Compensate customers for damages in accordance with the agreement and law.

Article 17. Adjustment of the sandbox solution

1. In case of any adjustment to the Fintech solution participating in the sandbox mechanism, the participating organization shall carry out the procedure for requesting an adjustment to the sandbox solution and may only implement such adjustment after obtaining approval from the State Bank.

2. Handling procedure

The organization shall submit to the State Bank a request for adjustment of the sandbox solution using Form No. 05 in Appendix I to this Decree, along with a Scheme describing the adjusted sandbox solution.

Within 30 working days from the date of receipt of the request for adjustment of the sandbox solution, the State Bank shall conduct an assessment of the sandbox process.

Where necessary, the State Bank shall issue a written request to consult relevant ministries for their comments. Within 10 working days from the date of receipt of the written request from the State Bank, the relevant ministries shall send their written comments to the State Bank.

In case the dossier requires clarification or explanation, the State Bank shall issue a written request requiring the organization to provide explanations and complete the dossier. The organization may submit explanation and complete the dossier once only. After 7 working days from the date the State Bank issues the written request for explanation and dossier completion, if the organization fails to resubmit the explanation and completed dossier, the State Bank shall issue a written notice of return of the dossier to such organization. The time for explanation and completion of the dossier shall not be included in the dossier-processing period.

Based on the Scheme describing the adjusted sandbox solution, the actual supervision situation, and the comments and opinions of relevant ministries (if any), the State Bank shall decide on whether to approve the adjustment of the sandbox solution or to reject it in writing, clearly stating the reasons.

Article 18. Conclusion of the sandbox testing period

The State Bank shall, based on the evaluation report on the testing results submitted by organizations participating in the sandbox mechanism, the monitoring and supervision process, and comments and feedback from relevant ministries (if any), determine the subsequent handling measures upon conclusion of the testing period, including: suspension of sandbox and revocation of the certificate of participation in the sandbox mechanism, extension of the testing period, or certification of completion of the sandbox.

Article 19. Suspension of the sandbox and revocation of the certificate of participation in the sandbox mechanism

1. The State Bank shall consider suspending the testing and revoking the issued certificate of participation in the sandbox mechanism in any of the following cases:

a) The testing period stipulated in the certificate of participation in the sandbox mechanism or the extended testing period has expired without further extension as prescribed in Article 20 of this Decree and the case does not fall under the issuance of the certificate of completion of the sandbox as prescribed in Article 21 of this Decree;

b) The organization participating in the sandbox mechanism submits a written request for suspension of sandbox testing to the State Bank, using Form No. 07 in Appendix I to this Decree;

c) The organization participating in the sandbox mechanism is dissolved or declared bankrupt in accordance with the law and submits a written request for suspension of sandbox testing to the State Bank, using Form No. 07 in Appendix I to this Decree;

d) After 90 days from the date of issuance of the certificate of participation in the sandbox mechanism, the organization fails to commence the sandbox, except in cases of force majeure;

dd) Risks arise during the supervision and inspection process which, according to the assessment of competent state authorities, are serious, likely to cause substantial risks or actual damage to customers, or may destabilize the financial and monetary markets; irreparable technical incidents; violations of relevant legal regulations substantiated by enforceable judgments, rulings, or decisions on administrative sanctions;

e) After 15 days from the date the State Bank issues a written notice informing the organization of violations of any conditions or criteria for participation in the sandbox mechanism as stipulated in Articles 8 and 11 of this Decree and requiring remedial measures, the organization fails to remedy such violations;

g) The organization participating in the sandbox mechanism violates the contents of the certificate of participation in the sandbox mechanism during the sandbox process;

h) A peer-to-peer lending company fails to implement a maximum outstanding loan balance control measure for a borrower under the peer-to-peer lending solution.

2. Handling procedure

a) For cases specified at Point a, Clause 1 of this Article, the State Bank shall decide on suspension of the sandbox and revocation of the certificate of participation in the sandbox mechanism when the sandbox testing period ends;

b) For cases specified at Point d, Clause 1 of this Article:

The organization participating in the sandbox mechanism shall submit a written request for suspension of sandbox using Form No. 07 in Appendix I to this Decree; an evaluation report on the testing results in accordance with Appendix V to this Decree; and a sandbox suspension plan to the State Bank.

Within 30 working days, the State Bank shall review and assess the entire sandbox process.

Where necessary, the State Bank shall issue a written request to consult relevant ministries for their comments. Within 10 working days from the date of receipt of the written request from the State Bank, the relevant ministries shall send their written comments and coordination opinions to the State Bank.

In case the dossier requires clarification or explanation, the State Bank shall issue a written request requiring the organization to provide explanations and complete the dossier. The organization registering to participate in the sandbox mechanism shall be allowed to submit explanation and complete the dossier once only. After 7 working days from the date the State Bank issues the written request for explanation and dossier completion, if the organization fails to resubmit the explanation and completed dossier, the State Bank shall decide on suspension of the sandbox and revocation of the certificate of participation in the sandbox mechanism.

In case the organization submits a written explanation and completes the dossier, based on the monitoring and supervision process of the sandbox and the comments and opinions of relevant ministries (if any), the State Bank shall decide on the suspension of the sandbox and revocation of the certificate of participation in the sandbox mechanism. The time for explanation and completion of the dossier shall not be included in the dossier-processing period.

c) For cases specified at Point c, Clause 1 of this Article:

Within 7 working days from the date of adoption of the decision on enterprise dissolution in accordance with the Law on Enterprises or the date of receipt of the court decision declaring bankruptcy pursuant to the law on bankruptcy, the organization participating in the sandbox mechanism shall submit a written request for suspension of the sandbox, using Form No. 07 of Appendix I to this Decree, to the State Bank.

Within 10 working days from the date of receipt of the organization's request for suspension of the sandbox, the State Bank shall decide on the suspension of the sandbox and revocation of the certificate of participation in the sandbox mechanism;

d) Within 7 working days from the time of recording the cases specified at Points d, dd, e, g, and h, Clause 1 of this Article, the State Bank shall send a written notice to the organization participating in the sandbox mechanism regarding the suspension of the sandbox. Within 15 working days from the date of receipt of the State Bank’s written notice, the organization participating in the sandbox mechanism shall submit a written explanation.

In case the organization participating in the sandbox mechanism fails to submit a written explanation or provides an unsubstantiated explanation, within 5 working days, the State Bank shall decide on the suspension of sandbox and revocation of the certificate of participation in the sandbox mechanism.

If the organization participating in the sandbox mechanism submits a written explanation, within 30 working days, the State Bank shall review and assess the entire sandbox process. If necessary, the State Bank shall send a written request for comments from the relevant ministries. Within 10 working days from the date of receipt of the State Bank’s written request, the relevant ministries shall send their written comments to the State Bank.

Based on the process of monitoring and supervising the sandbox, and the comments from the relevant ministries (if any), the State Bank shall decide on the suspension of sandbox and revocation of the certificate of participation in the sandbox mechanism or issue a written response to the organization regarding the continuation of sandbox.

3. Upon receiving the State Bank's decision on sandbox suspension, the organization participating in the sandbox mechanism shall:

a) Promptly implement the plan for termination of sandbox;

b) Timely notify customers of the suspension of sandbox at least 30 days prior to the official termination of participation in the sandbox mechanism in the case of suspension as prescribed at Points a and b, Clause 1 of this Article; promptly notify customers of the suspension of sandbox upon issuance of the decision on suspension of sandbox by the State Bank in the case of suspension as prescribed at Points c, d, dd, e, g, and h, Clause 1 of this Article;

c) Cease the introduction and provision of the Fintech solution under sandbox testing to new customers; publicly announce the suspension of sandbox on the official website of the organization participating in the sandbox mechanism;

d) Ensure customer interests and have a mechanism to settle complaints and compensate customers in case customers suffer damage due to the organization's suspension of participation in the sandbox mechanism;

dd) The organization suspending the testing of the solution as prescribed at Points a and b, Clause 2, Article 1 of this Decree shall be responsible for resolving all rights and obligations towards customers and other related parties within a maximum period of 6 months from the date of the decision on suspension of sandbox issued by the State Bank. A peer-to-peer lending company suspending the testing of the peer-to-peer lending solution shall be responsible for continuing to resolve all rights and obligations towards customers and other related parties after the date of the decision on suspension of sandbox issued by the State Bank.

e) Report in writing to the State Bank on the results of resolution of customer rights and obligations after termination of sandbox within 5 days from the date of completion of such resolution.

4. The suspension of sandbox of organizations participating in the sandbox mechanism shall not be construed as non-compliance with investment and business conditions as prescribed by law at the time of suspension of sandbox. Organizations shall bear their own responsibility for reviewing and complying with the provisions of the applicable laws on enterprise operations, investment, and other relevant laws.

Article 20. Extension of sandbox testing period

1. At least 90 days prior to the end of the testing period, an organization participating in the sandbox mechanism that wishes to extend the testing period shall carry out the procedures for extension of the testing period.

2. Handling procedure

The organization participating in the sandbox mechanism shall submit a written request for extension of sandbox testing period using Form No. 09 in Appendix I to this Decree; an evaluation report on the testing results in accordance with Appendix V to this Decree, to the State Bank.

Within 45 working days from the date of receiving the written request for extension of sandbox testing period together with the evaluation report on the testing results, the State Bank shall evaluate the entire sandbox process.

Where necessary, the State Bank shall issue a written request to consult relevant ministries for their comments. Within 15 working days from the date of receipt of the written request from the State Bank, the relevant ministries shall send their written comments to the State Bank.

In case the dossier requires clarification or explanation, the State Bank shall issue a written request requiring the organization to provide explanations and complete the dossier. The organization may submit explanation and complete the dossier once only. After 7 working days from the date the State Bank issues the written request for explanation and dossier completion, if the organization fails to resubmit the explanation and completed dossier, the State Bank shall issue a written notice of return of the dossier to such organization. The time for explanation and completion of the dossier shall not be included in the dossier-processing period.

Based on the testing result report (which must include the usefulness of the solution), actual monitoring status, and the comments and assessments of relevant ministries (if any), the State Bank shall decide whether to extend the sandbox testing period or reject the request in writing, stating the reasons therefor.

3. Each extension of the testing period shall not exceed 1 year and may be granted no more than 2 times.

Article 21. Certificate of completion of sandbox

1. A certificate of completion of sandbox for an organization participating in the sandbox mechanism shall be issued by the State Bank in the following cases:

a) When the official legal regulations applicable to the Fintech solution have been completed and come into force, the organization participating in the sandbox mechanism shall be granted a certificate of completion of sandbox by the State Bank and shall comply with the legal provisions in effect at the time of completion of sandbox;

b) When the implementation of the tested Fintech solution by the organization participating in the sandbox mechanism is assessed as not violating the current legal regulations and the Fintech solution is not considered a conditional business line, the organization participating in the sandbox mechanism shall be granted a certificate of completion of sandbox by the State Bank and may deploy the solution to the market in accordance with the legal regulations in effect at the time of completion of sandbox.

2. Handling procedure:

The organization participating in the sandbox mechanism shall submit an application for issuance of the certificate of completion of sandbox using Form No. 11 in Appendix I to this Decree; an evaluation report on the testing results in accordance with Appendix V to this Decree, to the State Bank.

Within 30 working days, the State Bank shall assess the entire sandbox process. Where necessary, the State Bank shall issue a written request to consult relevant ministries for their comments. Within 10 working days from the date of receipt of the written request from the State Bank, the relevant ministries shall send their written comments to the State Bank.

Based on the testing result report (which must include the usefulness of the solution), actual monitoring status, and the comments and assessments of relevant ministries (if any), the State Bank shall issue the certificate of completion of sandbox to the organization participating in the sandbox mechanism, or issue a written refusal stating the reasons therefor.

3. The certificate of completion of sandbox for the tested Fintech solution shall be valid only within the framework of this Decree and shall not serve as certification of the satisfaction of business investment conditions by the organization participating in the sandbox mechanism.

Chapter IV

RESPONSIBILITIES OF RELATED PARTIES

Article 22. Responsibilities of the organization participating in the sandbox mechanism

1. Take full responsibility before the law for the accuracy, completeness and truthfulness of the information provided in the application for registration to participate in the sandbox mechanism; take full responsibility for all activities during the operation and testing of Fintech solutions. Fully comply with the provisions of this Decree and relevant legal provisions and the contents of the certificate of participation in the sandbox mechanism during the sandbox process.

2. Follow the reporting regime in accordance with the provisions of this Decree and as required by competent state authorities.

3. Provide complete, transparent, and accurate information to customers and other organizations and individuals related to the sandbox mechanism. Comply with legal regulations on advertising and communication.

4. Take responsibility for providing inaccurate, untruthful, or incomplete information to customers, unless it can prove that it has taken all measures required by law to verify the accuracy, completeness, and truthfulness of information.

5. Proactively conduct regular self-monitoring and risk assessment during the sandbox process; regularly review and detect any signs of suspected violations of the law and promptly report to competent state authorities. closely cooperate with the State Bank and other competent state authorities during the sandbox process upon request.

6. Promulgate internal processes and regulations, including: The process of implementation and assignment of authority and responsibilities of individuals and departments in the development, operation, and implementation of the sandbox to ensure traceability and control of responsibilities of related individuals and departments; procedures for incident handling; regulations on risk management and internal control; regulations on information storage, customer information confidentiality, mechanisms for preventing the leakage and disclosure of personal information; regulations on the responsibility of the organization participating in the sandbox mechanism in resolving complaints and disputes among parties related to the provision of the Fintech solution; regulations on risk prevention, inspection, and supervision of information technology systems and information storage systems, ensuring safe and continuous operation, and preparing plans and timely response and remediation solutions in case of incidents.

7. Fulfill the responsibilities under agreements with customers and other organizations and individuals related to the sandbox mechanism in accordance with this Decree and relevant laws.

8. Peer-to-peer lending companies shall bear the following additional responsibilities:

a) Take measures to ensure that members of the Board of Directors, Executive Board, and their employees are not permitted to participate as customers or as guarantors for customers’ loans; and not to engage in acts of fraud, deceit, or misappropriation of property of customers and related parties;

b) Take measures to verify, compare, update, and authenticate information and data of customers; take measures to prevent falsification, interference, and manipulation that alters information and data;

c) Fully provide information regarding contracts, loan information, rights, responsibilities, and lawful interests of customers and related parties, applicable interest rates and fees prior to the conclusion of the loan agreement, and obtain confirmation from the customer that they have been fully informed by the peer-to-peer lending company;

d) Contracts concluded between the lender and the borrower, and between the peer-to-peer lending company and customers or related parties, must comply with relevant laws in force;

dd) Take measures to manage the maximum outstanding loan balance of a borrower under the peer-to-peer lending solution provided by the company; extract information from the database of the National Credit Information Centre of Vietnam to ensure that, at the time of contract conclusion between the borrower and the lender, the borrower is not in violation of the maximum outstanding loan balance for a single borrower under one or all peer-to-peer lending solutions participating in the sandbox mechanism as stipulated at Point e, Clause 1, Article 24 of this Decree. If the peer-to-peer lending company participating in the sandbox mechanism fails to fulfill this responsibility, the State Bank shall consider terminating the sandbox or not granting the certificate of completion of sandbox to the peer-to-peer lending company;

e) Disclose information of the peer-to-peer lending company on its official website. The peer-to-peer lending company must publish its annually audited financial statements on its official website;

g) Store dossiers on the establishment of the peer-to-peer lending company; internal regulations; operational procedures; contracts concluded between the company, customers, and related parties; contracts concluded between borrowers and lenders; and data and information of customers and related parties in accordance with the law. All information and data must be stored securely and confidentially; backed up; ensuring completeness and integrity to serve for inspection, comparison, complaint handling, dispute resolution, and provision of information upon request from competent state authorities.

Article 23. Responsibilities of customers

1. Provide truthful and accurate information as requested by the organization participating in the sandbox mechanism.

2. Be aware of the risks that may arise when agreeing to use a Fintech solution under testing and bear sole responsibility for any risks and losses that may occur during the sandbox process.

3. Cooperate with the organization participating in the sandbox mechanism in the process of resolving their rights and responsibilities upon the conclusion of the sandbox testing period.

4. Customers using peer-to-peer lending solutions shall fulfill the responsibilities prescribed in Clauses 1, 2, and 3 of this Article and shall have the following additional responsibilities:

a) The borrower shall be responsible for providing accurate and complete information on the purpose of the loan, committing to lawful and proper use of the loan funds, and ensuring the ability to repay both principal and interest in accordance with the loan agreement. The borrower shall ensure that their outstanding loan balance across one or all peer-to-peer lending solutions participating in the sandbox mechanism complies with the maximum outstanding loan levels prescribed at Point c, Clause 1, Article 24 of this Decree. In the event of a violation, the borrower shall implement measures to reduce their outstanding balance and shall not be permitted to obtain new loans through peer-to-peer lending solutions participating in the sandbox mechanism until full compliance with the maximum outstanding loan levels prescribed at Point c, Clause 1, Article 24 of this Decree is achieved;

b) The lender shall be responsible for ensuring that the funds used for lending are lawful and shall not obtain loans for the purpose of re-lending;

c) Ensure that the term of the contract between the borrower and the lender under the peer-to-peer lending solution participating in the sandbox mechanism does not exceed 2 years.

Article 24. Responsibility for implementation organization

1. The State Bank of Vietnam shall

a) On the basis of receiving complete dossiers of organizations registering for participation in the sandbox mechanism, the State Bank shall assume the prime responsibility for, and coordinate with relevant ministries in, appraising the registration dossiers; assessing the satisfaction of criteria and conditions specified in this Decree to issue the certificate of participation in the sandbox mechanism on case-to-case basis;

b) Receive and handle the adjustment of the sandbox solution, suspension of sandbox and revocation of the certificate of participation in the sandbox mechanism, extension of the testing period, or certification of completion of the sandbox;

c) Monitor the implementation, provide instructions and remove difficulties during the sandbox process, issue warnings upon detecting risks to organizations participating in the sandbox mechanism;

d) Disclose the following information on the State Bank’s e-portal: the number of dossiers for registration of participation in the sandbox mechanism for each solution under review and appraisal; the number of organizations participating in the sandbox mechanism; information on organizations participating in the sandbox mechanism, including name of the organization participating in the sandbox mechanism, Fintech solution being tested under the sandbox mechanism, the duration, location, and scope of the sandbox, the list of organizations granted the certificate of completion of the sandbox, the list of organizations whose sandbox testing has been suspended and whose certificate of participation in the sandbox mechanism has been revoked;

dd) Take charge of inspecting and supervising the trial process of organizations participating in the sandbox mechanism;

e) The Governor of the State Bank shall decide the maximum outstanding loan balance applicable to a single borrower across one or all peer-to-peer lending solutions participating in the sandbox mechanism;

g) Provide guidance to peer-to-peer lending companies on the connection, reporting, and verification of customer credit information with the National Credit Information Centre of Vietnam;

h) Annually consolidate and report to the Prime Minister on the implementation results of this Decree and propose and recommend appropriate policy measures for the subsequent period.

2. The Ministry of Science and Technology shall

a) Provide written opinions on the application dossier for the issuance of the certificate of participation in the sandbox mechanism as prescribed in Clause 3, Article 10 and Clause 3, Article 13 of this Decree, including an assessment of compliance with regulations on standards and technical regulations, and on e-transactions in relation to the Fintech solution participating in the sandbox mechanism;

b) Other responsibilities as provided in Clause 4 of this Article.

3. The Ministry of Public Security shall

a) Provide written opinions on the application dossier for the issuance of the certificate of participation in the sandbox mechanism as prescribed in Clause 3, Article 10 and Clause 3, Article 13 of this Decree, including an assessment of compliance with regulations on cybersecurity and the security of information systems by level for the information systems used in the Fintech solution participating in the sandbox mechanism;

b) Other responsibilities as provided in Clause 4 of this Article.

4. Other relevant ministries and agencies shall, within the scope of their functions and duties, coordinate with the State Bank in:

a) Providing written opinions on the fulfillment of conditions and criteria for registration dossiers for participation in the sandbox mechanism; on the issuance of the certificate of participation in the sandbox mechanism, the certificate of completion of the sandbox; on the decisions to adjust the sandbox solution, to suspend the sandbox, to revoke the certificate of participation in the sandbox mechanism, and to extend the sandbox testing period; and coordinating in on-site inspection during the appraisal process of the application dossier for the certificate of participation in the sandbox mechanism when so requested in writing by the State Bank;

b) Inspecting, managing, supervising, guiding, and resolving obstacles during the sandbox process;

c) Summarizing and evaluating implementation results and proposing suitable policy recommendations.

Chapter V

IMPLEMENTATION PROVISIONS

Article 25. Effect

This Decree takes effect from July 1, 2025.

Article 26. Implementation responsibility

Ministers, heads of ministerial-level agencies, heads of government-attached agencies, chairpersons of People’s Committees of provinces and centrally-run cities, and related organizations and individuals shall implement this Decree.