top of page


In the growing era of technological advancements, there is a rising demand for newer products in the market worldwide. The main focus of the markets is to safeguard the interest of consumers. Due to this rising demand and technological advancements, market regulators globally are encouraging participants to bring innovative ideas, something out of the box, that not only helps to cater to the interest of customers but also contributes to the growth of the industry.

In the last few years, India has witnessed a series of innovations in the field of the financial sector, especially the growth of FinTech companies due to the increasing technological advents. The customers have also started adopting and funding these companies due to their increasing interest in FinTech. However, there are several challenges ahead involved in the regulation of these FinTech companies.

Therefore, in this article you’ll find answers to certain questions that are listed below:

  1. What are FinTech companies?

  2. What is meant by Regulatory Sandboxes (hereinafter, referred to as RS)?

  3. How these FinTech companies are regulated in India?

  4. What are the regulations imposed by RBI on these companies?

  5. What are the regulations imposed by SEBI on these companies?

  6. What are the differences between RS provision of RBI and SEBI?

  7. Comparing India with other countries in the field of RS for FinTech companies.


  • The acronym “FinTech” is used to denote financial technology.

  • FinTech companies are the companies that use technology to provide financial services to their customers such as retail payments, online transactions, cheque deposition from a smartphone, investment management, etc.

  • It refers to emerging technology that aims to enhance and simplify the distribution and use of financial services.

  • FinTech is aimed to help companies and their consumers, and business owners in managing their financial transactions and their processes by specialized and differentiated software as well as algorithms.

  • Some examples of FinTech companies are Paytm, Razor pay (a payment gateway for online transactions), Instamojo, etc.

  • The development of crypto-currencies and using them, for example, bitcoin, also comes under FinTech.

  • Due to the advent of technology, innovations in financial technology are taking place at a faster pace and as a result, funding of such companies is increasing. Therefore, there is a dire need to regulate them.


  • In a literal sense, a sandbox is a box containing sand where children experiment and try to make something with the help of their innovating mind, and if they get successful in this skill then they might choose it as their passion in the long run.

  • Similarly, a Regulatory Sandbox (RS) is an ecosystem or framework created and regulated by an authority that provides an opportunity to market players for live testing their innovative products, business models, services, and delivery mechanisms (bounded with certain regulations).

  • The regulators of such an environment can be RBI, SEBI, IRDAI, etc. It is at their discretion to permit certain regulatory relaxations for the limited purpose of testing.

  • It can provide a structured avenue to develop innovation that facilitates the delivery of relevant, low-cost financial products.

  • This ecosystem allows the innovators to conduct field tests to collect evidence related to the benefits and risks involved in new financial innovations. It also includes the consumers, the regulators, and the financial service providers.

  • The RS involving test for innovation in the fintech sector is referred to as fintech sandbox.

  • The proposed financial services to be launched under the RS must include new or emerging technology or use of existing technology in an innovative way.

  • Though the term 'Regulatory Sandbox' was coined in the UK yet it was first created in the US.


In India, there is no universal regulatory body for fintech companies. The regulatory body overseeing such companies will regulate certain individual entities depending on the product or service provided by the entity. Due to the growing popularity of fintech companies in India, the regulators proposed to make certain regulations for these companies. Till now, there are 3 regulatory bodies in India which have made regulations for fintech sandboxes and they are listed below:

  1. Reserve Bank of India (RBI)

  2. Securities Exchange Board of India (SEBI)

  3. Insurance Regulatory and Development Authority of India (IRDAI).

After having a basic understanding of these technical words, let’s move towards the regulations imposed by RBI and SEBI on fintech sandboxes.


The major number of fintech companies comes under the regulation of RBI such as payments, crypto-currencies, account aggregation, etc. Application (by entities to be a part of the RS), Selection (of the entities that meet all of the eligibility criteria), Testing and Evaluation (of the proposed innovation with real customers), and Exit are the four phases of the method (of the entity from the RS). Therefore, its RS guidelines are more comprehensive and they include:


According to the guidelines of RBI, “innovative products/services” include the arena of marketplace lending, money transfer services, digital KYC, smart contracts, financial advisory services, wealth management services, cybersecurity products, and digital identification services.

It also includes "innovative technologies" like API services, mobile applications, data analytics, artificial intelligence, machine learning, and applications under blockchain technology.

EXCEPTION- It will not include startups involved in:-

  • Creation of credit registry;

  • credit information services;

  • cryptocurrency or crypto assets;

  • trading, investing, and settling in crypto assets;

  • initial coin offerings (ICOs);

  • chain marketing services; and

  • Any banned product or service by other regulators and the Indian government.


The testing can be performed in different periods but should be completed within 6 months. This time-bound testing will help in generating evidence-based policies.


Firms joining the regulatory sandbox will be granted numerous exemptions like liquidity criteria, board composition, management experience, financial soundness, and business results, among other things.


Entities accessing the sandbox must comply with:-

  • anti-money laundering

  • counter-terrorist financing requirements

  • consumer privacy and data security,

  • Secure storage and access of payment data and KYC information.


There are several relaxations in the entry criteria as compared to April 2018 draft guidelines. The criteria are listed below:

  • The RBI's regulatory sandbox requires applicants to have a net worth of INR 25 lakh and be incorporated and registered in India or authorized to operate in India.

  • Only organizations that "meet the government of India's requirements for a startup" will be allowed into the regulatory sandbox.


RBI believes that instead of encouraging a wide range of creativity, it is used to achieve a particular policy goal. The RBI will consider organizations that deal with retail payments as part of its first cohort and are involved in:

  • Mobile payments, including feature phone-based payment services

  • Offline payment solutions

  • Contactless payments


Though the regulations cover broad arenas yet it has few limitations which are iterated below:

  • Lack of flexibility- The framework's three-month testing period for each cohort might not be long enough to produce enough accurate data to determine if a FinTech product or service is viable in India.

  • Customer protection- While the framework stipulates that the organization implementing RS has unrestricted responsibility against the consumer, it makes no provisions for enforcing that liability.

  • Transparency- It emphasizes the inevitability of discretionary decisions right away. It also mentions that RS can aid in reducing stakeholder dependence, which is extremely dangerous. Stakeholder consultation is essential for regulatory policies to be transparent and inclusive in policymaking and enforced in the public interest.


Securities Exchange Board of India (SEBI) is a body that regulates the stock market. It was established by SEBI Act, 1992. It has issued a framework for RS for entities/ organizations registered with SEBI under Section 12 of the SEBI Act, 1992. Its regulations are listed below:


The qualified organizations may participate on their own or with the help of a Fintech company, but they will be considered the primary applicant. The project's eligibility and assessment requirements will be focused on several factors, including:-

  • the applicant's profile,

  • the solution's novelty,

  • the real need for live testing,

  • the benefits to users,

  • the absence of financial system threats,

  • testing preparedness,

  • a sound grievance resolution process,

  • sufficient disclosure of possible risks to participating users, and

  • Well-defined testing boundary conditions.

The evaluation will be done using a scoring system based on various criteria that SEBI deems important, such as the ones mentioned above.


  • Application stage: SEBI will review the application at the application level and advice on its suitability for sandbox testing. SEBI can also provide the applicant advice based on the basic characteristics and risks of the proposed solution.

  • Evaluation stage: SEBI will work with the applicant during the assessment stage to assess the relevant regulatory criteria and conditions that will apply to the proposed solution in question. The applicant will be permitted to build and test the proposed Fintech innovation in the sandbox if they are willing and able to fulfill these conditions.

  • If approved: Following approval, the testing process will begin, during which the applicant must inform its users that the solution will function in a sandbox and the solution's possible main risks. The applicant will have to obtain the user's acknowledgment that they are aware of the risks involved.


The sandbox testing period is limited to twelve months and may be extended at the request of the applicant and SEBI's discretion.


SEBI may consider relaxation of requirements relating to net worth, track record, registration fees, financial soundness, SEBI guidelines such as technology risk management/outsourcing guidelines, etc. The overriding principle is that no exemptions from the existing investor protection system, know-your-customer (KYC), or Anti-Money Laundering (AML) Rules will be given, as these are essential for market integrity and investor protection.


Some drawbacks include:

  • the cost involved in the sandbox phase,

  • the lack of analytical evidence for decision-making,

  • the lack of exemptions/relaxations during the testing phase,

  • Negative impact on the applicant.


India was not too early to adopt RS as other developed countries like the UK, the US has already adopted such a concept.

  • Given the design and complexity of an RS, Australia recommends a 12-month testing period. Malaysia, Arizona (USA), Ontario (Canada), and Abu Dhabi (UAE) are among the countries that have a 12-month trial period but India provides only a 3-month testing period (RBI’s RS).

  • Kenya and the United Kingdom, for example, have well-defined processes for dealing with consumer concerns. In Kenya, the regulator oversees the settlement of consumer disputes fairly and efficiently. Customers in the United Kingdom have the right to appeal to the Financial Ombudsman Service, as well as access to a financial reimbursement plan, thanks to the FCA whereas in India, while the framework stipulates that the organization implementing RS has unrestricted responsibility against the consumer, it makes no provisions for enforcing that liability.

  • Individual case officers are assigned to each test in the FCA sandbox in the United Kingdom. Case officers work closely with innovators to help them understand how their business models fit into the regulatory system and to develop appropriate protections for testing and afterward whereas, in India, there is no such point to consider.


Overall, a sandbox offers a safe and constrained environment in which to test new ideas on the outskirts of the current regulatory system. This should go a long way toward enticing market participants and intermediaries to develop innovative Fintech solutions, which are the foundation for a vibrant financial market. RS is a critical step toward establishing a financial regulatory system that is both innovative and competitive. As a result, addressing the concerns posed in this post would aid in the development of a more inclusive, holistic, and robust RS system that prioritizes the needs of consumers.









By Vamika Chourasiya, Law Student

104 views0 comments

Recent Posts

See All

I. BACKGROUND The advancement of internet trend has caused a shift in the business sector. Many business organisations have migrated to the internet realm of marketing and commerce, inc

Introduction Black’s law dictionary defines Double Jeopardy as: – A second prosecution after a first trial for the same offense. In India, protection against double jeopardy could be an elementary rig

INTRODUCTION Indian Parliament, in the preceding year passed three bills related to agriculture and farming, together known as the Farmers Bill. The Bills include The Farmer’s Produce Trade and Commer

bottom of page