The FinTech (startups) market of India is poised to elevate competition for the conventional banking players following the recent release of the draft Regulatory Sandbox (RS) by the Reserve Bank of India (RBI). What the nascent FinTech firms bring to the market as value addition in their offerings is the generalisation of intricate processes plus the thoughtful user experience design interface. However, in order to be able to fully benefit from the available benefits and initiate a total digital disruption supported by the proposed RS ecosystem, FinTech companies are required to satisfy the described Selection Criteria for RS participation.

For this, it is also crucial to first understand the meaning of the word ‘startup’ (for entities) as defined by the RBI in its draft RS:

An entity shall be considered as a Startup: (i) Upto a period of seven years from the date of its incorporation / registration; (ii) Turnover of the entity for any of the financial years since incorporation / registration has not exceeded Rs. 25 crores; (iii) Entity is working towards innovation, development or improvement of products or processes or services.”

RBI FinTech Regulatory Sandbox – Selection Criteria

The various conditions to be satisfied for participating in the FinTech RS are as stated below:

  1. The entity must be a company incorporated and registered in India; satisfying the prescribed criteria of a ‘startup’ as comprehensively described by the Government of India, DIPP (or as it is now known as: Department for Promotion of Industry and Internal Trade-DPIIT) Notification No. 1 G.S.R. 364(E) dated April 11, 2018.
  2. The entity is required to maintain at least a net worth of Rs. 50 lakh according to its newest audited balance sheet.
  3. The promoter(s) / director(s) of the entity should be ‘fit and proper’ as described in the criteria detailed in Annex I of the draft. A declaration and undertaking shall be acquired to this effect according to the Annex II of the draft.
  4. The conduct of the bank accounts of the entity along with its promoters / directors must be fitting.
  5. It is a must to have an agreeable CIBIL or equivalent credit score of the promoter(s) / director(s) / entity.
  6. Potential RS participants have to exhibit that their products or services is technologically prepared for broader market deployment.
  7. The entity should demonstrate the necessary setup to guarantee compliance with the incumbent regulations / laws on consumer data protection and privacy.
  8. The IT systems of the entities should also have adequate built-in safeguards to make sure that it is safe from unauthorised access, alteration, destruction, disclosure or dissemination of records and data.
  9. A strong IT infrastructure and efficient managerial resources should be available for the entities. The RBI will inspect the IT systems for end-to-end sandbox processing, to certify end-to-end integrity of information processing by the participating entities.

Also, the proposed FinTech solution needs to bring in forefront an incumbent crack in the financial ecosystem and the suggested solution needs to exhibit the capacity to address the issue, or provide strong benefits to consumers or the industry or be able to do the work even more resourcefully. The applicants (entities) need to show that a pertinent regulatory barrier stopping the deployment at scale of the product or service, or an authentically innovative and considerably vital product / service / solution is tabled—requiring appropriate regulation that is missing. The scenarios of the test conducted and the anticipated results of the sandbox experimentation need to be clearly defined.  On the basis of an agreed schedule, the sandbox entity is required to report to the RBI on the progress of the test.

In case the proposed (FinTech-led) financial service is to be discontinued, there should be present an agreeable exit or transition strategy—same is the case for willing to deploy the proposed FinTech solution on a wider scale post an RS exit. The entities need to submit to the RBI the outcomes of the testing or Proof of Concept (PoC) prior to seeking a testing phase admission into RS. Lastly, proper mechanism should exist to first assess and then mitigate any potential risks arising from the proposed FinTech-led financial service.

RBI FinTech Regulatory Sandbox – Consumer Protection

A regulatory sandbox, when operational in the production environment, requires a clearly defined space and extent (of time) for launching the planned financial service, so as to control consequences of failure, if any, arising in the future. It is also necessary that the suitable ‘boundary conditions’ be defined for the RS to be meaningfully executed in such a manner that it also adequately defends the consumers’ interests. The RS boundary conditions might comprise: a). the date to begin and end the RS. b). intended recipients or customer type. c). limit on the volume of customers engaged. d). limit on maximum transactions or cap on cash holding. e). limit on losses of customers. The participants of sandbox should ensure that any current obligation to the customers of the experimented financial service (in question) is satisfied or dealt with prior to exiting or ceasing the RS. It needs to be remembered that RS admission does not nullify the liability of the entity in regards to its customers. What this means is that the RS entering entities should transparently inform test customers about the latent risks and the offered compensation—gaining their explicit consent for the same is also needed.