4 July, 2019
The Reserve Bank of India ("RBI") released the "Draft Enabling Framework for Regulatory Sandbox" on 18th April 2019 ("Draft Framework"). The Regulatory Sandbox ("RS") pertains to the fintech start-ups in India. The draft was open to comments from stakeholders upto 8th May 2019.
The RBI had set up a working group in 2016 to study the fintech industry in India so as to review and respond to the regulatory framework required for the industrial innovations taking place in the fintech industry. One of the key recommendations of the said working group was for the RBI to introduce an appropriate framework for a regulatory sandbox within a well-defined space and duration where the financial sector regulator will provide the requisite regulatory guidance, so as to increase efficiency, manage risks and create new opportunities for consumers.
A "sandbox" is a testing ground for new products and hence a regulatory sandbox is a testing ground for new products wherein the financial regulator (in the present case, the RBI) may or may not relax existing regulations to promote innovation in a particular industry. Such sandboxes are particularly relevant in the fintech industry, where there is a growing need to develop regulatory frameworks for emerging business models. The RBI RS model has been in part inspired by the financial regulation in the UK, wherein the Financial Conduct Authority (the financial regulator of the UK) proposed regulatory sandboxes for the fintech industry in 2015.
Under the Draft Framework, the objective of the RS is to provide an environment to innovative technology-led entities for limited scale testing of a new product or service that may or may not involve some relaxation in a regulatory requirement before a wider-scale launch. The RS is, at its core, a formal regulatory programme for market participants to test new products, services or business models with customers in a live environment, subject to certain safeguards and oversight.
The RS has several risks and limitations as identified by the RBI in the Draft Framework. These include:
(i) Innovators may lose some flexibility and time in going through the RS process (but running the sandbox program in a time-bound manner at each of its stages can mitigate this risk);
(ii) Case-by-case bespoke authorizations and regulatory relaxations can involve time and discretional judgements (this risk may be addressed by handling applications in a transparent manner and following well-defined principles in decision-making);
(iii) The RBI or its RS cannot provide any legal waivers;
(iv) Post-sandbox testing, a successful experimenter may still require regulatory approvals before the product/services/technology can be permitted for wider application; and
(v) Regulators can potentially face some legal issues, such as those relating to consumer losses in case of failed experimentation or from competitors who are outside the RS, especially those whose applications have been/may be rejected.
The Draft Framework sets out the eligibility criteria for start –ups seeking to be part of the RS. These criteria include that the start- up must be a fintech company incorporated in India and must have a net worth of Rs. 50,00,000 and its directors/promoters must satisfy the "fit and proper" conditions laid down in the Draft Framework, the applicant must be able to demonstrate that their products/services are technologically ready for development in the broader market etc.
The focus of the RS will be to encourage innovations where
- there is an absence of governing regulations;
- there is a need to temporarily ease regulations for enabling the proposed innovation; and
- the proposed innovation shows promise of easing/effecting delivery of financial services in a significant way.
The Draft Framework sets out an indicative list of innovative products/services/technology which could be considered for testing under the RS. These are as follows:
Innovative Products/Services
- Retail payments
- Money transfer services
- Marketplace lending
- Digital KYC
- Financial advisory services
- Wealth management services
- Digital identification services
- Smart contracts
- Financial inclusion products
- Cyber security products
Innovative Technology "
- Mobile technology applications (payments, digital identity, etc.)
- Data Analytics
- Application Program Interface (APIs) services
- Applications under block chain technologies
- Artificial Intelligence and Machine Learning applications
The RBI may consider relaxing, if warranted, some of the regulatory requirements for sandbox applicants for the duration of the RS on a case-to-case basis. However, regulatory requirements that shall mandatorily have to be maintained by the applicants are as follows:
- Customer privacy and data protection
- Secure storage of and access to payment data of stakeholders
- Security of transactions
- KYC/AML/CFT requirements
The entities may not be suitable for RS if the proposed financial service is similar to those that are already being offered in India unless the applicants can show that either a different technology is being gainfully applied or the same technology is being applied in a more efficient and effective manner.
An indicative negative list of products/services/technology which may not be accepted for testing as set out in the Draft Framework are as follows:
- Credit registry
- Credit information
- Crypto currency/Crypto assets services
- Trading/investing/settling in crypto assets
- Initial Coin Offerings, etc.
- Chain marketing services
- Any product/services which have been banned by the regulators/Government of India
The RS will test 10-12 entities in the RS at one time. A detailed end-to-end sandbox process, shall be overseen by the FinTech Unit (FTU) at the RBI. The process will commence with the screening of the applications and end with the evaluation of the products/services by the FTU. The entire cohort (end to end RS process) is stipulated to be generally six months. On the completion of the sandbox period, the regulatory relaxations provided to the sandbox entity will elapse and the entity must exit the RS.
It is important to note that the RBI undertakes no liability arising from the RS process and any liability which arises from the experiment under the RS shall be borne by the sandbox entity. It is also important to note that once the sandbox entity exits the RS, the regulatory relaxations shall cease to apply to it.
Comment: While the Draft Framework seems to be a commendable step in ensuring proactive and meaningful regulation, the process of application for a place in the RS and screening seems to be very cumbersome.
However, one has to appreciate that the Draft Framework is a very exhaustive, detailed and well thought off piece of proposed regulation.