GIFT City has designated itself as India’s global platform for international financial services, providing clarity for regulations, excellence in infrastructure, and cross-border flexibility. For the Fintech and payment entities looking to expand beyond the domestic borders, GIFT IFSC offers a compelling destination, with a unified regulator, innovation-driven frameworks, and attractive tax incentives. <\/p>\n\n\n\n
However, setting up in the GIFT City requires careful navigation of eligibility laws, licensing requirements, and governance standards. For this, you need a comprehensive checklist, provided in this blog to assist the payment and fintech entities to confidently set up and operate within the NBFC<\/a> GIFT City. <\/p>\n\n\n\n The Gujarat International Finance Tec-City, also known as GIFT City, in Gandhinagar, Gujarat, is the first operational International Financial Services Centre (IFSC) in India. It was established as a Greenfield Smart City & Multi-Services Special Economic Zone to make India a global financial & technology powerhouse. <\/p>\n\n\n\n As of December 2025, it (GIFT city) accommodates more than 1,034 entities in its registry, with 38 foreign banks with an aggregated asset base of more than $100 billion. The International Financial Services Centres Authority enables Onshore & Offshore Financial Services to flourish in innovative areas such as Banking, Capital Markets, Insurance, Fund Management, & Fintech, along with other areas. <\/p>\n\n\n\n GIFT city provides a gateway to India’s “Ease of Doing Business” to world-class companies such as Google, JPMorgan, & HSBC to perform activities seamlessly across international boundaries, thereby propelling economic & employment growth in India. <\/p>\n\n\n\n GIFT City, which stands for Gujarat International Finance Tec-City, has been notified as a Special Economic Zone since 2015. It is India’s first operational IFSC, spanning an area of 886 acres, located between Ahmedabad and Gandhinagar. <\/p>\n\n\n\n The GIFT city hub is designed to function globally across finance and IT, presenting advanced infrastructure in utility tunnels, district cooling, and automated waste systems. Being the country’s first IFSC under the IFSCA Act, 2019, it is considered a gateway for international financial services, thereby onshoring global transactions and channeling capital flows into India. <\/p>\n\n\n\n In 2025, GIFT city has made considerable progress across various global indices, ranking among the topmost reputational advantage and leading fintech positioning by hosting various sectors like banking, insurance, and aircraft leasing. <\/p>\n\n\n\n The GIFT City provides huge advantages to the payment and fintech organizations. It includes tax holidays, exemptions, and ease-of-forex rules because of unified regulations by IFSCA. This provides a dynamic system for development through its Payments Services Regulations (2024) and TechFin Regulations (2025) for e-money, remittance payment services, and digital payment services. <\/p>\n\n\n\n The organizations can also benefit from the regulatory sandbox system for experimentation, favorable schemes such as grants, and easy global connectivity. It also has over 60 registered fintech organizations with infrastructure for real-time settlement and can act as a landing spot for foreign organizations that aim at the international markets. <\/p>\n\n\n\n The IFSCA is a unified regulator for GIFT IFSC, which came into force in 2020. It regulates banking, capital markets, insurance, and Fintech under the IFSCA Act, 2019. For payment and fintech entities, the main regimes are the Payment Services Regulations, 2024, on authorizations, net worth, and risk management, and the TechFin and Ancillary Services Regulations, 2025, for technology-enabled solutions in financial services. <\/p>\n\n\n\n IFSCA promotes innovation through sandboxes, incentives, and global alignments. It enforces AML\/CFT, cybersecurity, and consumer protection standards. Regular updates to the Master Circulars and consultations are issued to keep up to date with an ever-evolving and compliant ecosystem. <\/p>\n\n\n\n Under the IFSC in GIFT City, classification is based on services. Payment Service Providers require targeted IFSCA authorization in the context of the Payment Services Regulations of 2024. FinTech Entities are governed by generic regulations such as those under the TechFin Regulations of 2025. A net worth requirement applies to both domestic and foreign applicants. <\/p>\n\n\n\n Fintech Entities operate within the IFSCA FinTech Entity Framework and TechFin Regulations, 2025. It enables technology-driven innovation within financial services, including supplementary as well as technology-driven solutions that support flexible authorizations for more extensive operations. <\/p>\n\n\n\n Moreover, PSPs operate specifically within the IFSCA (Payment Services) Regulations, 2024, which require separate authorization for key operations. It involves cross-border transfer and e-money. PSPs also operate within more stringent net worth and settlement requirements. Meanwhile, fintech entities operate within a framework that offers incentives and sandboxes. RBI-regulated Indian entities demand separate IFSC entities for PSPs. More than 60 fintech entities are registered currently. <\/p>\n\n\n\n The following eligibility criteria outline regulatory, structural, and IFSCA compliance<\/strong><\/a> requirements applicable to domestic and foreign applicants seeking authorization is here. See the pointers given below: <\/p>\n\n\n\n Under the 2024 regulations, PSPs are allowed to offer cross-border money transfer services, issuing accounts, acquiring merchants, issuing e-money, and escrow services, largely for foreign currencies. <\/p>\n\n\n\n Fintech entities, under the TechFin regulations, 2025, include embedded finance solutions, multi-currency wallets, and other auxiliary tech-related services for banks, insurers, and capital market<\/a> businesses. <\/p>\n\n\n\n Activities need to focus on international markets, while rupee transactions are restricted. Excluded are security transactions and transactions between groups that do not include any third parties. Even a non-resident business is a key factor for cross-border scalability. <\/p>\n\n\n\n The IFSCA Regulatory Sandbox allows fintech and payment entities to test innovative products in a current scenario with real customers under relaxed regulations for up to 12 months, extendable. Innovation Sandbox: Isolated testing with market data. <\/p>\n\n\n\n It is perfect for new payment models, such as embedded finance or cross-border wallets. After going through the sandbox, most of them migrate to full-fledged PSP operations. This allows risk-managed experimentation, regulatory feedback, and global alignment. Applications include both domestic and foreign, essential for transitioning to full authorization under the frameworks of 2024\/2025. <\/p>\n\n\n\n The setting up of any payment or fintech entity in the GIFT IFSC is done by Incorporation in the SEZ, unit approval, and authorization from IFSCA. <\/p>\n\n\n\n The basic steps would include renting office space, SEZ registration by filing Form F, Incorporation at MCA, and filing a Common Application Form with IFSCA. <\/p>\n\n\n\n PSPs shall commence operations within 6 months, but extendable to a maximum of 3 months upon authorization under the Payment Services Regulations, 2024. <\/p>\n\n\n\n Find the incorporation and SEZ registration requirements given as pointers below: <\/p>\n\n\n\n In the case of PSPs, obtain authorization under the IFSCA (Payment Services) Regulations, 2024, using the prescribed format (commonly the Common Application Form through the SWIT portal). Based on IFSCA’s assessment of aptness in terms of fit and proper persons, infrastructure, and readiness to comply, In-Principal Approval might be granted prior to Full Authorization. <\/p>\n\n\n\n Fintech companies unfurl\/change allegiance to TechFin and Ancillary Services Regulations, 2025. IFSCA issues a certificate after satisfying the requirements, warranting operational launch within 6 months, which is extensible. A separate entity must be introduced in RBI-regulated Indian companies. <\/p>\n\n\n\n Normal PSPs must have a minimum capital\/wealth of USD 100,000 at the point of authorization, increasing to a total of USD 200,000 by the end of the third financial year. <\/p>\n\n\n\n Large PSPs (classified if crossing certain levels of transactions, for example, USD 2-4 million per month) require a capital\/wealth of USD 250,000 within 90 days of being categorized as such, increasing to a total of USD 500,000 at the end of the third year. Scheduled calculation for fintech companies based on 2025 TechFin Regulations. <\/p>\n\n\n\n The following pointers outline the documentation requirements, approval timeline, and operational commencement obligations applicable to authorized entities. <\/p>\n\n\n\n GIFT IFSC’s licensing regime, controlled by IFSCA, makes a clear division between Payment Service Providers (PSPs) subject to approval for licensing under the Payment Services Regulations of 2024 and Fintech entities in general, as updated by the 2025 consultations on the 2022 Framework. <\/p>\n\n\n\n While licensing is necessary for basic services of PSPs, licensing in the form of registration, sandboxes, or other incentives are provided to encourage innovation in cross-border financial services by fintech entities. Registering an NBFC in Gift City<\/a><\/strong> is profitable in current scenario. <\/p>\n\n\n\n Notified in January 2024 and brought under one umbrella in April, the IFSCA (Payment Services) Regulations, 2024, facilitate non-banking entities in the IFSC for the predominant foreign currencies for the purpose of offering payment services. Some of the key features under this regulation include authorisation, net worth, safeguarding of client funds, governance, and adherence to the principles of AML\/CFT. <\/p>\n\n\n\n The 2024 Regulations list the following as the categories of regulated services: <\/p>\n\n\n\n These are mainly aimed at non-residents and foreign currency and provide seamless international payments, with the exclusion of rupees in the domestic market. <\/p>\n\n\n\n The Framework for FinTech Entity of 2022 recognizes entities for technological innovations in banking, insurance, and capital markets, with limited use of support services. The progressive consultative approach (drafts of the TechFin Regulations in 2025) enhances the scope. <\/p>\n\n\n\n The IFSCA’s FinTech Incentive Scheme of 2022 provides grants for the specified amount for sandboxes, accelerators, and Proof of Concepts for developing scalable innovations at GIFT IFSC for startups, as well as the global community. <\/p>\n\n\n\n IFSCA’s Regulatory Sandbox allows scaled live experimentation in a reduced regulatory setting up for a maximum period of 12 months, extendable, while the Innovation Sandbox facilitates disconnected data-driven experimentation. Successful participants leave with regulatory feedback and can apply for full regulatory authorizations and PSPs under the 2024 Regulations or the Fintech Entities using Frameworks. <\/p>\n\n\n\n Anti Money Laundering (AML), Know Your Customer (KYC), and risk management are essential concepts in the financial industry to combat money laundering, terrorism financing, and related issues. <\/p>\n\n\n\n AML refers to policies and procedures to identify and prevent money laundering. At the same time KYC verifies the identity of customers, and risk management takes a risk management approach to identify and mitigate possible risks. <\/p>\n\n\n\n The Anti Money Laundering, Counter-Terrorist Financing, and Know Your Customer Guidelines, 2022, have been released by the International Financial Services Centres Authority (IFSCA). This is applied to all regulated entities in the IFSCs, such as the GIFT City. <\/p>\n\n\n\n The guidelines follow a principles-based structure where entities must nominate a Principal Officer and a Designated Director, register on FINGate for the reporting process, carry out enterprise-wide assessments on money laundering and terrorist financing risks, and formulate AML\/CFT policies. <\/p>\n\n\n\n All these must be endorsed by the senior management, establish and maintain internal controls, provide employees with training, maintain records, and adhere to targeted financial sanctions in the UN lists and national laws. <\/p>\n\n\n\n Also, entities have to screen for prohibited relationships, freeze related assets as per the regulation, and align with the Prevention of Money Laundering Act (PMLA). The updated guidelines make it mandatory to have certifications from the chief personnel. <\/p>\n\n\n\n The Client Due Diligence (CDD) consists of identifying and verifying customers and beneficial owners, understanding the nature of business relationships, including the obtaining of KYC records and risk profiling. <\/p>\n\n\n\n Simplified Due Diligence in the case of low-risk clients or Enhanced Due Diligence in the case of high-risk clients, including PEPs, is applied. In the case of residents of India, upload to the Central KYC Registry; in the case of foreign nationals, maintain internally. <\/p>\n\n\n\n Ongoing monitoring consists of scrutinizing transactions to ensure they are consistent with the client profile, updating information periodically or whenever a trigger event occurs, and reviewing the risks at least once every two years. Digital KYC processes are permissible. Reliance on third parties is allowed under strict conditions. By doing so, continued vigilance against ML\/TF risks is ensured throughout the continuance of the relationship. <\/p>\n\n\n\n IFSCA prescribes its entities on a Risk-Based Approach (RBA) to identify ML\/TF risks associated with customers, geographies, products, services, transactions, and delivery channels. Make overall entity and customer-level risk assessments approved by the board at least once every two years or when there is a material change. <\/p>\n\n\n\n Resource allocation shall be proportional to the risks identified, using intensified approaches for high-risk opportunities. Suspicious Transaction Reporting (STR) involves early identification of suspicious transaction flags pointing towards extraordinary patterns not aligned with customer profiling. <\/p>\n\n\n\n This information has to be reported through FINGate to FIU-IND without tipping off the customer. Entities must develop internal procedures for detection and strong governance. <\/p>\n\n\n\n The IFSCA AML\/CFT Guidelines emphasize the importance of strong cybersecurity measures to protect KYC data against breaches that might facilitate financial crime. This approach requires financial entities to establish secure storage and recovery of customer information. There is also a requirement for confidentiality and protection against any malicious interference and cybersecurity risks. <\/p>\n\n\n\n The provision of staff training on handling customer data, as well as compliance audit checks to ensure controls are in place, is also required. In the context of technological KYC and reliance on third-party sources, entities are expected to transmit and store this information securely. <\/p>\n\n\n\n IFSCA AML\/CFT Guidelines for governance, operation, as well as reporting compliance, make it mandatory for regulated entities to implement effective internal controls, designate key personnel, formulate policies endorsed by the highest level of management, carry out independent audits, provide training for employees, and maintain respective records. It is mandatory for entities to submit suspicious transaction reports to FIU-IND and comply with periodic reporting. <\/p>\n\n\n\n Regulated entities require a senior management-level Principal Officer. This officer is responsible for AML\/CFT compliance functions, including AML\/CFT monitoring, AML\/CFT reporting of suspicious transactions to FIU-IND, and compliance with guidelines. <\/p>\n\n\n\n A Designated Director also looks after overall compliance. However, on a recent requirement, both must undertake the NISM-IFSCA AML\/CFT certification course. A day-to-day operation can be handled by another officer as the Compliance Officer. <\/p>\n\n\n\n AML\/CFT policies, procedures, and controls must be developed by entities that are approved at the board or executive management level. This involves risk assessment, CDD, ongoing monitoring, and AML\/CFT reporting. <\/p>\n\n\n\n To ensure effectiveness, there is an independent audit function that tests these measures. A well-governed AML\/CFT program requires oversight at the executive management level, employee training, and effective internal controls. <\/p>\n\n\n\nIntroduction to GIFT City and IFSC <\/h2>\n\n\n\n
What is GIFT City & its role as India’s Premier IFSC? <\/h2>\n\n\n\n
Key Advantages for Payment and Fintech Entities <\/h2>\n\n\n\n
An Overview of the Regulatory Landscape Under IFSCA <\/h2>\n\n\n\n
Understanding Entity Types and Eligibility <\/h2>\n\n\n\n
Fintech Entities vs. Payment Service Providers (PSPs) <\/h3>\n\n\n\n
Eligibility Criteria for Domestic and Foreign Applicants <\/h3>\n\n\n\n
\n
\n
\n
\n
\n
Permissible Activities in Payment and Fintech Services <\/h3>\n\n\n\n
Role of Regulatory Sandboxes for Innovation <\/h3>\n\n\n\n
Entity Setup Process <\/h2>\n\n\n\n
Incorporation and SEZ Registration Requirements <\/h3>\n\n\n\n
\n
\n
\n
\n
\n
Obtaining IFSCA Authorization or Registration <\/h3>\n\n\n\n
Minimum Capital and Net Worth Obligations <\/h3>\n\n\n\n
Required Documentation & Application Timeline <\/h3>\n\n\n\n
\n
\n
\n
\n
Licensing and Authorization Framework <\/h2>\n\n\n\n
IFSCA (Payment Services) Regulations, 2024: An Overview <\/h2>\n\n\n\n
Categories of Payment Services (e.g., Cross-Border Transfers, E-Money, Escrow) <\/h3>\n\n\n\n
\n
\n
\n
\n
\n
Fintech Entity Framework and Incentive Schemes <\/h3>\n\n\n\n
Transition from Sandbox to Full Operations <\/h3>\n\n\n\n
Anti-Money Laundering<\/a> (AML), KYC, and Risk Management <\/h2>\n\n\n\n
IFSCA AML\/CFT Guidelines and Compliance Obligations <\/h3>\n\n\n\n
Client Due Diligence and Ongoing Monitoring <\/h3>\n\n\n\n
Risk-Based Approach and Suspicious Transaction Reporting <\/h3>\n\n\n\n
Cybersecurity and Data Protection Requirements <\/h3>\n\n\n\n
Governance, Operational, and Reporting Compliance <\/h2>\n\n\n\n
Appointment of Key Personnel (Compliance Officer, Principal Officer) <\/h3>\n\n\n\n
Internal Policies, Audits, and Governance Structure <\/h3>\n\n\n\n
Quarterly and Annual Reporting to IFSCA <\/h3>\n\n\n\n