SP Services

RBI Releases Draft Framework for Regulatory Sandbox to Create Innovation Test Lab for Fintech

Draft Framework For Regulatory Sandbox

The Reserve Bank of India has come out with the enabling framework for a regulatory sandbox on 18th April 2019 to help Fintech Startups. Department for Promotion of Industry and Internal Trade (DPIIT) has acknowledged Fintech Startups to take part in Sandbox testing. While crypto startups expelled from the sandbox testing not even in the draft phase. The Sandbox testing process will start with around ten to twelve selected entities with the main focus on financial inclusion, digital KYC and payments, and lending, etc. As per the RBI, the end to end sandbox process should be completed within six months.

Now, let’s discuss the framework for regulatory sandbox in details;

What is Regulatory Sandbox?

This is an evolutionary phase for Fintech startups in India in terms of payments; insurance and lending. Now, banking services are rendered through mobile. The Reserve Bank of India (RBI) came up with a draft ‘Enabling Framework for Regulatory Sandbox’ acknowledging the latest innovations by Fintech startups. This framework will permit Fintech startups to test within a regulatory sandbox (RS).

As per the draft, Fintech startups may still need regulatory approvals in respect of their products, services, or technology for wider application even after successful sandbox testing.

It permits financial entities to test their products in a controlled environment before introducing it on a wider level. Therefore, for market participants, it is mainly a formal regulatory program in order to test new products, services, business models with customers in a live environment subject to certain safeguards.

The concept of ‘innovation hub’ has also been discussed in the Working Group Paper of RBI which provides guidance to the regulated or unregulated firms in identifying the legal issues as well as in navigating the regulatory framework.

A regulatory sandbox means live testing of new products or services in a restricted regulatory environment in relation to which regulators might allow certain regulatory relaxations for the purpose of the testing.

Why it has been introduced?

This draft framework for regulatory sandbox came into force on the recommendation of an inter-regulatory working group set up by the RBI in July 2016.  In February 2018, this inter-regulatory working group submitted its report and recommended an introduction of a draft framework for a ‘Regulatory Sandbox’ within a well-defined space and duration. Therefore this step had been taken with a view to responding to the dynamics of the swiftly growing Fintech scenario.

In this group, there are members of Reserve Bank of India (RBI), Securities Exchange Board of India[1] (SEBI), Insurance Regulatory and Development Authority (IRDA), Pension Fund Regulatory and Development Authority (PFRDA), National Payments Corporation of India (NPCI), Institute for Development and Research in Banking Technology (IDRBT), banks and rating agencies set up by the RBI in July 2016.

Role of Regulatory Sandbox (RS)

The Regulatory Sandbox (RS) will permit carrying out field tests with the objective of collecting facts on the basis of advantages provided by new financial innovations to the regulators, innovators, financial service providers, and customers.

Additionally, it will also allow monitoring of the risk involved. It provides a way to the regulator to engage with the network to develop innovation-enabling and responsive regulations in respect of financial products.

How it will take place?

The regulatory sandbox will take place within a well-defined space and duration for which requisite regulatory guidance will be provided by the RBI. This is mainly to enhance efficiency, control risk, and to generate fresh opportunities for clients.

What is Covered Under the Draft Guidelines?

The guidelines issued by RBI on regulatory sandbox highlights the role of the proposed regulatory sandbox (RS), its benefits & disadvantages along with the object of setting up the regulatory sandbox (RS). RBI has also asked for comments from stakeholders on the draft guidelines by the 8th of May.

Target Applicants

For entry to the regulatory sandbox, the target applicants include fintech firms that fulfill the eligibility criteria prescribed for start-ups by the government. While such entity must possess minimum net worth of Rs. 50 lakh as per its latest audited balance sheet. An applicant needs to emphasize how the existing gap would be addressed in the financial system through its product/service. It has to express that there is a relevant regulatory barrier in its operation.

The RBI also clarified that, it shall not bear liability arose from the regulatory sandbox process, and it shall be borne by the applicant as a sandbox entity.

Eligibility Criteria of an Applicant

As we discussed above for entry in the RS, an applicant can be Fintech firm meeting the prescribed criteria. For participating in the regulatory sandbox (RS), the guidelines lay down the eligibility criteria.

The main object of the RS is to promote the innovation where

  1. There is an absence of regulations
  2. There is a requirement of temporarily ease the regulations for the proposed innovation, and
  3. The proposed innovation assures easing the delivery of financial services.

Initially, the testing process will begin with the ten to twelve selected entities through a comprehensive selection process. Under the ‘Fit and Proper criteria” details are given for the selection of participants in the regulatory sandbox (RS).

Following below-mentioned conditions must be satisfied by the entities:

  1. The entity should be a company incorporated in India which should be a “Startup”.
  2. There is a requirement of the minimum net worth of Rs 50 lakhs as per the latest audited balance sheet of the entity.
  3. The promoters/ directors of the company must fall under the prescribed fit and proper criteria and a declaration should be made to that effect.
  4. Satisfactory conduct of the bank accounts as well as the entity’s promoters/directors.
  5. A reasonable CIBIL score of the promoters/directors of the entity.
  6. An applicant should display their product/services as they are ready for deployment in the market.
  7. To ensure compliance with regulations on consumer data protection and privacy, an entity should reflect arrangements and
  8. To ensure the safety of data, there should have adequate safeguards with an entity related to the IT system.

What is the Object of Enabling Framework for Regulatory Sandbox?

The main object of the regulatory sandbox (RS) is to promote innovations where there is the absence of governing regulations or where there is a requirement of temporarily easing the regulations for enabling the proposed innovation or where the proposed innovation reflects easing effective delivery of financial services in a significant manner.

Fintech Report 2020

Complete Overview of the World Fintech Industry


Design Features of the Regulatory Sandbox (RS)

End-to-end sandbox process may run by the RS with the restricted number of entities in each cohort testing their products in a prescribed time. The RS shall focus on areas such as financial inclusion, payments, digital KYC, etc. Ordinarily, it should be completed within the time frame of 6 months.

Under RS, the following could be considered for testing:

  • Retail payments
  • Money transfer services
  • Market place lending
  • Digital KYC
  • Financial Advisory Services
  • Smart contract
  • Cybersecurity products, etc

While, for testing under RS, the innovative technology which could be considered would be the following:

Regulatory Requirements for RS Applicant and Exclusions from RS

Here are some of the mandatory regulatory requirements which need to be followed by the applicants:

  • Customer Privacy and Protection of Data
  • Transactions Security
  • KYC/ AML/ CFT requirements
  • Secure storage of and access to payment of stakeholders, and
  • Statutory requirements

However in case the proposed financial service is similar to a product/service/technology which is being offered in India, such entity would not be suitable for RS except when the applicant show that either a different technology is usefully applied or the same technology is being used in a more efficient manner.

Thus, prescribed regulations have designed an indicative negative list of products/ services/ technology which are not accepted for testing. This negative list includes businesses in connection with credit registries, credit information, crypto-currency, initial coin offerings and chain marketing services.

Following below mentioned are put on the negative list of the RBI:

  • Credit Registry
  • Crypto currency/Crypto assets services
  • Credit Information
  • Initial Coin Offerings
  • Trading/investing/settling in crypto assets
  • Chain marketing services, and
  • Product/services banned by the regulators or the Government of India

Extending or Exiting RS

If the extension of the sandbox period is required by the sandbox entity, it shall apply to the RBI within a period of one month before the expiration of the sandbox period.

Moreover, RBI can cancel the regulatory sandbox testing at its sole discretion if it finds that intended purpose is not achieved or when the entity is unable to comply with the appropriate regulatory requirements. An entity may also exit at its own discretion from the Regulatory Sandbox (RS)  by informing the RBI within a one week in advance.

Boundary Conditions, Transparency, and Consumer Protection

For the proposed financial services, there must be a well-defined space and duration. For the RS boundary conditions shall include the start and end date, target customer type, limit the customers involved, cap on customer, and transaction ceiling.

Moreover to ensure transparency, the entire RS process shall be communicated by the RBI on its website. The sandbox entity shall ensure that all the existing obligations are met and liability of the entity towards its customers is not affect by entering into an RS.

Stages Involved in Sandbox Process

The stages involved in the regulatory sandbox are as follows:

  • Preliminary Screening (4 weeks)

It shall be ensured by the Fintech that the objectives and principles are clearly understood by the applicant. Application received is shortlisted on the basis of meeting the eligibility criteria.

  • Testing Design (3 weeks)

Under this, Fintech unit finalizes the test design through interacting with the applicant and for evaluating the risk or benefits it shall identify the outcome metrics. This phase is lasts for three weeks.

  • Application Assessment (3 weeks)

Under this, Fintech unit vets the test design and regulatory modifications are proposed if any.

  • Testing (12 weeks)

If we talk about the maximum tenure, the testing may last for 12 weeks. Under this, an empirical evidence is generated to evaluate the test conducted.

  • Evaluation (4 weeks)

Under this, RBI confirms the final evaluation of the outcome of testing the products/ services/ technology. The outcome report is evaluated by the RBI and makes decision regarding the viability of the product/service under RS.

Stages Involved in Sandbox Process

Sandbox Process

Statutory and Legal Issues

If the applicant is permitted into the RS by the FTU, appropriate regulatory support will be provided to the entity by RBI in the form of specific regulatory requirements relaxation during the duration of the RS.

However, if any liability arises from the process then RBI[2] shall not bear and it has to be borne by the entity alone.

Further, an entity has to ensure that it fully comply with all the relevant regulatory requirements on the completion of the RS process.

Crypto Startups Barred From the Regulatory Sandbox

As per the guidelines, such startups which are offering crypto solutions and ICOs are not allowed to test regulatory sandbox. While, block chain-based innovations are allowed by the RBI other than crypto in certain areas.


Fintech Startups are welcoming the regulatory sandbox. It will bring new revolution in the Fintech Sector. Also with this, we will come across new innovations in the financial domain. It is an innovative step taken in the right direction. However, there are certain conditions which restrict the operations of regulatory sandbox. We will keep a close eye on upcoming notifications in this regard.

Also Read: Impact of Artificial Intelligence (AI) on Financial Service Landscape


Soniya Khanna

Soniya is a dedicated legal professional with a flair for reading & writing to keep herself updated with the latest economical developments. She has worked on projects related to IPR & Corporate laws which have given her diversity in work and a chance to blend her subject knowledge with its real-time implementation, thus enhancing her skills.

Business Plan Consultant

Trending Posted

Startup CFO

Our Awards Our Awards

Top 100 Companies in Asia - Red Herring
Top 100 Companies in Asia - Red Herring

Red Herring Top 100 Asia enlists outstanding entrepreneurs and promising companies. It selects the award winners from approximately 2000 privately financed companies each year in the Asia. Since 1996, Red Herring has kept tabs on these up-and-comers. Red Herring editors were among the first to recognize that companies such as Google, Facebook, Kakao, Alibaba, Twitter, Rakuten, Salesforce.com, Xiaomi and YouTube would change the way we live and work.

Top 25 in India - Consultants Review

Researchers have found out that organization using new technologies in their accounting and tax have better productivity as compared to those using the traditional methods. Complying with the recent technological trends in the accounting industry, Enterslice was formed to focus on the emerging start up companies and bring innovation in their traditional Chartered Accountants & Legal profession services, disrupt traditional Chartered Accountants practice mechanism & Lawyers.

Top 25 in India - Consultants Review

In the news