Fintech Regulation Guide
Does your jurisdiction regulate Fintech services under the traditional Financial Services laws or does it have any ad hoc regulatory frameworks for fintech services? (Financial Services Laws/Ad Hoc Framework/Hybrid)
India regulates Fintech services under the traditional financial services laws. These include laws pertaining to the payment system, banking, and lending services including guidelines/directions issued by the Reserve Bank of India (RBI), rules/regulations on capital market trading/services laid down by the Security and Exchange Board of India (SEBI), and regulations and policies on online insurance services promulgated by the Insurance Regulatory and Development Authority of India (IRDAI).
Besides the traditional financial services laws, the regulators are generally open to ad hoc regulatory sandbox for FinTech services. For instance, RBI has established a regulatory sandbox for businesses under its purview. Within the sandbox, eligible entities can live test their innovative products or services in a controlled environment. RBI Sandbox is based on thematic cohorts; the first cohort was on Retail Payments, the second cohort was on Cross Border Payments, and the third cohort, which was recently opened by RBI, was on Micro Small Medium Enterprise (MSME) Lending.
Similarly, SEBI launched Regulatory Sandbox with the aim to grant certain facilities and flexibilities to experiment with FinTech solutions in a live environment and on a limited set of real users for a limited time frame. SEBI facilitates access to an environment provided by enabling organizations like Stock Exchanges, Depositories and Qualified Registrar and Share Transfer Agents, wherein persons can test their innovations.
IRDAI also created a sandbox to use innovative ideas to foster growth and increase the pace of most innovative companies, in a way that provides flexibility in dealing with regulatory requirements and at the same time focussing on insurance policyholder protection.
The International Financial Services Centres Authority (IFSCA) has a sandbox as well. Under this framework, broad spread FinTech entities operating in the capital market, banking, insurance and financial services space will be granted certain facilities and flexibilities. These features must be fortified with necessary safeguards for investor protection and risk mitigation, and the Regulatory Sandbox must operate within the IFSC located at GIFT City in state of Gujarat.
Regulators in India are generally receptive to innovative and technology-driven new solutions. However, things may be complicated when dealing with a disruptive innovation that does not fit into existing regulatory frameworks.
Make a list of fintech services that may obtain a licence in your jurisdiction?
A variety of FinTech services are eligible to obtain license in India from respective sectoral regulators. Some available licenses include – peer-to-peer lending platforms; payment and settlement systems; banking as well as non-banking financial services; online investment platforms; online insurance aggregators; and crowdfunding platforms.
What is(are) the name(s) of the regulatory authority(ies) responsible to grant licences and regulate fintech service providers? If there is more than one, please list which fintech services are regulated by which authority.
For banking services, deposit taking activities, payments, clearing and settlement services, trade financing or lending services, certain licenses/approvals from the RBI will be required.
For securities trading and capital market activities, certain licenses/approvals will have to be obtained from SEBI.
For insurance related activities including aggregation and brokering, IRDAI issues the licenses/approvals.
IFSCA is the regulator for a broad spectrum of entities operating in the IFSC located at GIFT City.
Depending on the nature of the investment management/advisory services or market provisioning services, approvals may have to be taken from IRDAI or SEBI or RBI or other sectoral regulators.
Cloud-based information technology services may require approvals under the Information Technology Act, 2000 from the Central Government and/or the relevant Ministry, or other sectoral regulators.
Are there any specific restrictions on the types of fintech services that can be offered in and/or from your jurisdiction?
Fintech services that can be offered from India are subject to conditions and restrictions applicable to the underlying business activity/services such as business license, minimum net-worth, and data localization requirements. At present, India offers licenses for several unique fintech businesses such as Peer-to-Peer (NBFC-P2P) platforms, Trade Receivables Discounting Systems, Pre-Paid Instruments; Payment Banks; Small Finance Banks; Buy Now Pay Later schemes; etc.
Is reverse solicitation allowed in your jurisdiction, for fintech firms licensed in other reputable jurisidictions? (Meaning that a third-country fintech firm can offer services to clients in your jurisdiction providing its at the exclusive initiative of the client).
There is generally no explicit prohibition of reverse solicitation. However, fintech firms licensed in third countries are likely to face issues with cross-border payments and transactions when operating without Indian licenses. For instance, a fintech business engaged in lending/credit may find itself facing regulatory restrictions around borrowing/lending in foreign exchange.
Are there any specific requirements for companies providing fintech services in your jurisdiction?
Yes, depending on the sector, these could include requirements on licensing and regulation; minimum capital adequacy; customer due diligence and anti-money laundering framework; data localization, privacy and security; grievance redressal mechanisms. To ensure compliance with all necessary requirements, FinTech entities should carefully review the pertinent regulatory frameworks and seek legal counsel.
Are there any specific consumer protection measures that apply to fintech services in your jurisdiction?
In India, FinTech services are subject to consumer protection measures such as disclosure and transparency standards; prohibition of unfair trade practices; restrictions on advertised content; appropriate complaints handling processes. FinTech companies must provide clear and accurate information about their products and services, avoid discrimination, protect consumer data from unauthorized access, obtain consent before collecting personal information, and have adequate grievance redressal in place. There may be product liability issues such as indemnification of any losses or damages caused by negligence or misconduct to the impacted customers.
Are there any other legal issues that companies should be aware of when providing fintech services in your jurisdiction?
FinTech entities providing services in India must be aware of a variety of legal issues including intellectual property rights, cybersecurity, anti-money laundering, taxation, and local employment laws.
Are virtual assets (such as cryptocurrencies and) permitted in your jurisdiction? (Yes/No)
If the answer is Yes, is there any licensing /authorisation/notification process that needs to be followed for a person to issue a new virtual asset? (Yes/No)
If the answer is Yes, please provide a summary of the process that needs to be followed by a person to issue a new virtual asset).
Are Virtual Asset service providers regulated in your jurisdiction? (Yes/No)
If the answer to your previous question is Yes, please provide a summary of the framework that regulates such service providers explaining which licence(s) need to be obtained from which authority(ies).
Are you as a firm providing services and advice relating to Virtual Assets? (Yes/No)
Please feel free to add any pertinent comments in addition to your answers.
Trading/dealing in virtual assets is not prohibited in India. While it is subject to taxation, exchange control and anti-money laundering law, there is no dedicated law governing the issuance, use or disposal of virtual digital assets such as cryptocurrencies and non-fungible tokens in India.
In March 2020, the Supreme Court of India struck down a blanket prohibition imposed by the RBI on financial institutions such as banks from dealing in, or facilitating banking transactions, relating to virtual currencies. The Supreme Court (in this judgment) has not adjudicated on the legality of virtual digital assets, which remain unregulated under Indian law in the absence of any specific legislation or regulation.
A law to govern cryptocurrency, i.e., the Cryptocurrency and Regulation of Official Digital Currency Bill, 2021 was proposed by the Government of India. The bill lays down the guidelines for the issuance of official digital currency and seeks to prohibit private cryptocurrencies in India. However, this bill is not yet passed by the legislature.