Sweden consistently ranks as one of the world’s most innovative and digitalized countries, coming in at #2 on the EU’s Digital Economy and Survey Index 2020. Indeed, Swedish capital Stockholm has created more billion-dollar startups per capita than anywhere outside Silicon Valley,1 and its fintech scene weathered the pandemic largely untouched.2 Stockholm’s dramatic rise as a global fintech hub is unsurprising given Sweden’s wealth, financial stability and receptiveness to change.
In fact, digitalization extends beyond the startup scene, as Swedes have rapidly adapted to new technologies. Sweden’s cash circulation hovers around 1% of the GDP,3 the electronic identification app BankID and electronic payments app Swish are ubiquitous,4 and connectivity and internet use rates are high.5 This amenability to digital services and products, alongside a strong welfare system, has contributed to the country’s near-100% financial inclusion rate.6
Although Sweden’s economy contracted by 2.8% amidst the COVID-19 pandemic, it was relatively insulated from the EU’s dire performance and is projected to recover beyond pre-pandemic level in 2021.7 Sweden was not immune to the pandemic’s global surge in cybercrime, however. A December attack—described as the worst in Swedish history—targeted a dozen top businesses, including the Swedish National Space Agency.8
Emerging from the pandemic, Sweden’s digital agenda includes research into the development of a central bank digital currency (CBDC), a new digital payments system and cybersecurity. Its Project 27 initiative, a joint project between top Nordic banks, aims to create a digital platform that allows real-time, cross-border payments, and is expected to launch in 2022. A National Cyber Security Centre (NCSC) is also in the works. The NCSC will facilitate information exchange and collaboration between public and private sector entities in strengthening defenses against cyberattacks. Although Sweden has already implemented the EU’s 5th Anti-Money Laundering Directive (5AMLD), it has not yet transposed the 6AMLD into national law. The deadline for implementation is 03 June 2021.
Financial Regulatory Authorities
Central bank: The Riksbank is the Swedish central bank.
Data Protection Authority: The Swedish Authority for Privacy Protection is housed under the Ministry of Justice and protects individuals’ privacy.
The Swedish Financial Supervisory Authority (Finansinspektionen, FSA) is the government agency responsible for financial regulation.
Policy, Laws and Regulations
The Riksbank joined a collaboration with consumer bank Handelsbanken and digital services company TietoEVRY in launching the second phase of the e-krona pilot. The second phase of the pilot, which could see results in five years,9 aims to test the integration of the e-krona’s technical platform with the participants’ existing internal systems.
In April 2021, the Riksbank published a report outlining phase 1 of the e-krona pilot. The technical solution tested in phase 1 was token-based, with e-kronor circulating on a decentralized blockchain platform. This solution, although promising, presents challenges and requires further investigation. Off-line functionality has yet to be tested. Regarding legality, the report notes that there is little to no precedent for the use of a central bank digital currency, and its introduction would probably warrant new regulations. An e-krona would be subject to AML laws and regulations like KYC and transaction tracing.
The launch of the e-krona pilot phase has been driven in part by Sweden’s declining cash use and the desire to safeguard against possible future disruptions to the monetary system. However, some Swedish bankers worry that a CBDC could threaten financial stability by spurring on bank runs.10 The Riksbank is expected to reach a conclusion on the possible e-krona in November 2022.
Publication of National Risk Assessment Money Laundering and Financing of Terrorism in Sweden 2020/2021, 20 April 2021
The national risk assessment of money laundering and financing of terrorism in Sweden 2020/2021, conducted by 16 authorities and the Swedish Bar Association, notes that banks, other financial institutions and unregistered virtual currency exchanges face a high risk of money laundering. Low levels of awareness on money laundering risks play a significant role in heightening the risk of exploitation, and a regular reporting obligation for companies under the purview of country administration boards could aid in bolstering knowledge of such activities. According to a Financial Action Task Force (FATF) publication Follow-Up Report Sweden 2020, Sweden has made great strides in strengthening its AML/CFT framework, though the financial industry has still faced notable missteps. In March 2020, the FSA fined Swedbank 4 billion kronor for serious lapses in its AML measures and withholding information from the authority.11 The assessment comes amidst a wave of Swedish publications on the dangers of money laundering as virtual currency usage and pandemic-driven fraud have risen.
Financial Supervisory Authority Publishes Report on Cryptoassets, 12 February 2021
The Financial Supervisory Authority published its supervision report on Financial instruments with cryptoassets as underlying asset, which analyses cryptoassets in the Swedish market and outlines risks in cryptoasset investment. The report stresses the volatility and high-risk status of cryptoassets due to their lack of valuation, and delivers a dire warning, “These instruments are therefore unsuitable for most, if not all, consumers. The absence of a generally accepted credible method of valuation means that investments in financial instruments with underlying crypto-assets are fraught with difficulties for all investors, even those with a good knowledge of the market.” A lack of appropriate consumer protection regulations compounds the inherent risks, although the European Commission’s MiCA proposal could change this. Trading platforms, which are unregulated, pose the risk of market manipulation, such as wash trades. Cryptoassets also facilitate investment scams and money laundering, although the 5AMLD has expanded the regulatory scope in combating crypto-driven ML.
AML Collaboration Between Banks and Swedish Police Authority Becomes Official, 19 January 2021
In June 2020, the top five largest banks in Sweden—Danske Bank, Handelsbanken, Nordea, SEB and Swedbank— joined the Swedish Policy Authority in the Swedish Anti Money Laundering Intelligence Task Force (SAMLIT) pilot initiative. The pilot collaboration aimed to facilitate cooperation between the banking industry and police in identifying and deterring ML/TF risks. Due to encouraging results, especially regarding information exchange, the pilot collaboration was set to become an official partnership. SAMLIT will further seek to draw in more participant banks and promote regulatory changes to strengthen AML measures. The move points to Sweden’s increasingly interdisciplinary approach to fighting crime. Its recently commissioned National Cyber Security Centre (NCSC) is to be established by defense and security agencies, and will be key in facilitating information sharing that could aid in detecting and deterring cyber risks. The government will allocate SEK440 in funds towards its operational costs over 2021-2025. Indeed, the International Monetary Fund (IMF) points to organizational challenges—like the fragmentation between different sectors, such as finance and national security—as a significant obstacle in protection from cyber risks.
Riksbank Report on Payments, 29 October 2020
The Riksbank’s report Payments in Sweden 2020 outlines the evolving and increasingly digitalized Swedish payments sector in 2020, especially in light of the COVID-19 pandemic. Only 9% of the population utilized cash for their last payment, in contrast with 39% in 2010 and 13% in 2018. Cash was primarily utilized for small payments and by older adults. The popularity in digital payments rapidly gained ground in 2012 with the introduction of Swish, the Swedish electronic payments application, and the pandemic increased adoption even further. The swift decline in cash use has presented problems for some demographics, including people living in rural areas and older demographics.
The report notes that the efficiency of international payments must be improved. Card-based, cross-currency payments incur exchange rate markups, and they cannot be used for payments between private individuals and for some types of payments and bills. Account-to-account payments to currencies outside the EU are costly, and can often take up to five days. P27, if successfully launched, will be instrumental in revolutionizing the payments industry, making previously inefficient, cross-border and cross-currency transactions convenient and fast.
Riksbank Publishes Commentary on Money and Payments of the Future, 15 October 2020
Riksbank governor Stefan Ingves’s economic commentary “Money and payments of the future” outlines measures that must be taken to secure the central bank’s functions in the future. Steps include a sufficient cash supply, should the electronic system fail; a national state ID card with e-identification; the introduction of an e-krona; the ability to make cross-currency, cross-border payments at all times; and the ability to make immediate payments in kronor at all times. The measures point to the central bank’s ambitious goals and increasing mind towards digitalization, and comes on the heels of Sweden’s 2017 Digital Strategy, a comprehensive plan to make the country the world’s #1 leader in digitalization. The e-krona has already taken center stage of Sweden’s 2021 digital agenda, and its cross-border, cross-currency payments system, known as P27, is awaiting permits from EU and national authorities. It has received a clearing license from the Swedish Financial Supervisory Authority.
Assessment on Cyber Risks in the Financial Sector, 31 August 2020
The Swedish Financial Supervisory Authority published its report on Combatting the Cyber Threat in Sweden: An Assessment of the Cyber Risk Ecosystem in the Swedish Financial Sector. The assessment strikes a serious tone, pointing to the high risks—like information security and costs—that cyber threats pose to the international financial system. Alongside the COVID-19 pandemic, the rapidly evolving financial sector—spurred on in large part by the growing dominance of fintech—has contributed to greater vulnerabilities to cyber risk. Fintech companies drive competition and innovation, which bolster financial stability, but can also attract more threats as startups’ cyber teams are not as large as those of more traditional entities. Startup companies have also traditionally shown less aversion to risk. As fintech drives an increasingly integrated financial sector, their heightened susceptibility to risk threatens to more readily affect the system at large.
1. Stockholm Fintech Guide. Invest Stockholm. https://www.investstockholm.com/globalassets/invest/reports/stockholm-fintech-guide.pdf
2. “What’s Next for Sweden’s Fintech Ecosystem?” FinTech Global, 04 May 2021. https://fintech.global/globalregtechsummit/whats-next-for-swedens-fintech-ecosystem/#:~:text=Sweden's%20FinTech%20ecosystem%20has%20gone,millions%20of%20dollars%20last%20year
3. Sharma, Rakesh. “Sweden Takes Another Step Toward a Digital Currency.” Investopedia, 14 December 2020. https://www.investopedia.com/sweden-takes-another-step-toward-a-digital-currency-5092069
4. “Sweden—The First Cashless Society?” Swedish Institute, 10 December 2020. https://sweden.se/business/cashless-society/
5. Digital Economy and Society Index (DESI) 2020. European Commission, 2020.
6. “Sweden.” The World Bank. https://datatopics.worldbank.org/g20fidata/country/sweden
7. “Swedish Output to Surpass Pre-Pandemic Levels This Year.” Fitch Ratings, 07 May 2021. https://www.fitchratings.com/research/sovereigns/swedish-output-to-surpass-pre-pandemic-levels-this-year-07-05-2021
8. Sweeney, Oisin. “Sweden Hit by Massive Cyber-Attack.” Euro Weekly News, 22 December 2020. https://www.euroweeklynews.com/2020/12/22/sweden-hit-by-massive-cyber-attack/
9. Crawley, Jamie. “Sweden’s Central Bank to Test Digital Currency With Handelsbanken.” Coindesk, 28 May 2021. https://www.coindesk.com/riksbank-handelsbanken-cbdc-test
10. Fulton, Colm. “Swedish bankers face identity crisis over digital currency plans.” Reuters, 05 January 2021. https://www.reuters.com/article/us-sweden-banks-digital-currency-idUSKBN29A1HV
11. Fulton, Colm et al. “Swedbank hit with record $386 million fine over Baltic money-laundering breaches.” Reuters, 19 March 2020. https://www.reuters.com/article/us-europe-moneylaundering-swedbank-idUSKBN2163LU
*DISCLAIMER: This information is OneSpan's interpretation of the compliance requirements as of the date of publication. Please note that not all interpretations or requirements of the applicable laws are well-settled and its application is fact- and context-specific. The information contained in this document should not be relied upon as legal advice or to determine how the law applies to your business or organization. We encourage you to seek guidance from your legal counsel with regard to law applying specifically to your business or organization and how to ensure compliance. This information is provided “as-is” and may be updated or changed without notice. OneSpan does not accept liability for the contents of these materials.
Last updated: November 2021