What is RBI Regulatory Sandbox?
RBI Regulatory Sandbox refers to the environment where live testing of new financial products and services is done in a controlled/ regulated environment where the regulators may or may not permit certain regulatory relaxations for the purpose of testing only. The regulatory sandbox offers an opportunity to the regulators, financial service providers, and customers to conduct live tests of the financial product or service and collect evidence of the benefits and risks associated with such product while monitoring and containing the risks associated with it. Such a framework allows the regulators to engage with the ecosystem and also develop innovation-enabling or innovation-responsive regulations that facilitate the delivery of low-cost financial products. This avenue of dynamic and regulatory-based environment enables the regulator to learn from and evolve with emerging technologies.
Benefits of Regulatory Sandbox
Setting up a regulatory sandbox has the following benefits:
Fosters the principle of ‘learning by doing’
Within the regulatory sandbox framework, first-hand empirical evidence is obtained about the benefits and risks associated with the emerging technologies and their implications. This allows the regulator to realize the requirement of new regulations that will be needed to support useful innovation while containing the possible risks at the same time. It allows the existing financial service providers to develop an understanding of how new technologies work and how they can integrate the same into their existing services. Vice versa, the innovators and FinTech companies, too, develop an understanding of the regulatory environment and accordingly shape their products in the future. In the end, the customers also provide their feedback which educates both the regulators and service providers as to what kind of services and the benefits may accrue to customers from these innovations.
Opportunity to test product viability
The Regulatory Sandbox offers an opportunity for the service provider to check the viability of the product without the need for expensive and large-scale roll-outs. It becomes a testing ground which offers the opportunity to the service providers to make appropriate modifications to the product before launching the same in the broader market.
Increases financial inclusion
FinTech service providers’ primary aim is to increase financial inclusion. Regulatory Sandbox helps in improving the pace of innovation, technology absorption and financial reach. Areas that can benefit from Regulatory Sandbox include microfinance, innovative small savings, mobile banking, remittances and other digital payments.
Dependence on industry/ stakeholder consultation is reduced
Regulatory Sandbox offers a structured and institutionalised environment for evidence- based regulatory decision making which ultimately reduces the dependence of the regulator on industry/ stakeholder consultations.
Better outcomes for consumers
The outcomes can become better for the consumers because of the increased range of products and services, lower costs and improved access to financial services.
Eligibility criteria for Regulatory Sandbox
The target group for entry to the Regulatory Sandbox includes the startups, financial institutions, banks and other companies partnering with or providing support to the financial services business. Such entities need to fall within the following eligibility criteria laid down by the Reserve Bank of India.
The focus of Regulatory Sandbox is to encourage innovations intended for use in the Indian market areas where:
- There is an absence of governing regulations;
- There is a requirement to temporarily ease regulations to enable the proposed innovation; and
- The proposed innovation shows promise of easing/affecting the delivery of financial services in a significant
Regulatory Sandbox Cohorts (end-to-end sandbox process)
The Regulatory Sandbox runs a few cohorts (end-to-end process) where a limited number of entities in each cohort test their products during a stipulated time period. Such cohorts are based on the themes such as financial inclusion, digital KYC, payment and lending etc. These cohorts run for different time periods, but they should be completed within a time period of 6 months.
An indicative list of innovative services/ products/ technology for test under Regulatory Sandbox has been given as follows:
Innovative services/ products
- Retail payments
- Marketplace lending
- Money transfer services
- Digital KYC
- Wealth management services
- Digital identification services
- Smart contracts
- Financial advisory services
- Financial inclusion products
- Cyber security products
- Mobile technology applications (payments, digital identity, etc.)
- Application Program Interface (APIs) services
- Data Analytics
- AI and Machine Learning applications
- Applications under blockchain technologies
Exclusion from Sandbox testing
The entities who have been excluded from Sandbox testing are the ones who are offering financial services similar to services that are already being offered in India. In order to stand out, the applicant needs to show that either a different technology is gainfully applied or same technology is being applied in a more effective and efficient manner. An indicative negative list of technologies/ services/ products which will not be accepted for testing is given below:
- Credit information
- Credit registry
- Trading/ investing/ settling in crypto assets
- Cryptocurrency/ crypto assets services
- Chain marketing services
- Initial Coin Offerings
- Any service/ product that has been banned by the regulators/ government of India
Relaxations for the applicant
If the RBI deems fit, some of the regulatory requirements can be relaxed for the applicants during the time of Regulatory Sandbox on a case-to-case basis. Some of the examples of regulatory relaxation have been given below:
- Liquidity requirements
- Board composition
- Financial soundness
- Management experience
- Track record
Some of the regulatory requirements that need to be compulsorily complied with are given below:
- Data protection and Customer privacy
- Security of transactions
- KYC/AML/CFT requirements
- Secure storage of and access to payment data of stakeholders
- Statutory restrictions
‘Fit and Proper’ criteria for selection of applicants
In order to be selected for the Regulatory Sandbox testing, the applicants need to go through a comprehensive selection process laid under the ‘Fit and Proper’ criteria. It must be noted that the decision of RBI on the application shall be final.
The following conditions need to be satisfied by every applicant:
- The applicant should either be bank licensed to operate in India or a company registered in India. Financial institutions that are constituted under a statute in India should also be eligible.
- The minimum net worth of the entity should be Rupees 25 lakhs as per the latest audited balance
- The promoters/ directors/ of the entity should be a fit and proper people as per the prescribed criteria. A declaration and undertaking are also obtained to this effect from every director.
- The conduct of the bank accounts of the entity and its directors/promoters should be satisfactory.
- The credit history of the directors/promoters of the entity should also be satisfactory.
- The applicant must demonstrate that the service/ product is technologically sound to be released in the broader market.
- The applicant must also demonstrate arrangements to ensure compliance with the existing legislation on consumer data privacy and data protection.
- The applicant should integrate adequate safeguards in its IT systems to protect it from unauthorised access, alteration, disclosure, destruction or dissemination of records and data.
- The applicant is supposed to have a robust IT infrastructure and managerial resources. Further, the IT systems used for end-to-end sandbox processing should also provide end-to-end integrity of information processing.
Additional conditions to be satisfied:
- The FinTech solution should point out an existing gap in the financial ecosystem, and the application should demonstrate how it would address the problem and benefit the consumers and industry and/or perform the same work more efficiently. Alternatively, the applicant needs to show that there exists a regulatory barrier which prevents deployment of the service/product to scale up or a genuinely innovative and significantly important solution/ product/ service is proposed for which relevant regulation is required but absent.
- The applicant should clearly define the test scenarios and the expected outcomes of the Regulatory Sandbox experimentation. The sandbox entity needs to report to the RBI on the test progress based on the agreed schedule.
- Appropriate boundary conditions must be clearly defined for the Regulatory Sandbox to be meaningfully executed while protecting consumers’ privacy at the same time.
- An acceptable exit and transition strategy should be properly defined in case the proposed FinTech driven financial service has to be discontinued or continue to be deployed on a bigger scale after exiting the RS.
- The applicant has to share details related to Proof of Concept/ Testing of use cases, including any relevant prior experiences, before getting admission into Regulatory Sandbox for testing.
- Significant possible risks arising from the proposed FinTech solution should be assessed, and a mitigation plan should be submitted.
End-to-End Sandbox Process
The Fintech Unit (FTU), under the overall guidance of the Inter-Departmental Group (IDG) of RBI, shall oversee the detailed end-to-end sandbox process, including the testing of products/ innovations by Fintech entities etc. The FTU shall also have the participation of domain experts.
Stages and Timelines of Sandbox process
Each cohort of the Regulatory Sandbox shall have the following five stages and timeline:
This phase shall last for a period of four weeks from the date of closure of application window. FTU receives the applications and evaluates them to shortlist the applicants meeting the eligibility criteria. It is the responsibility of the FTU to make the applicants understand the objectives and principles of the Regulatory Sandbox and ensure that the applicants confirm to them.
Again, the Test Design phase too lasts for a period of 4 weeks. FTU finalizes the test design through an iterative engagement with the applicant and identify the outcome of the metrics in order to evaluate evidence of benefits and risks.
Assessment of application
The phase of application assessment lasts for a period of 3 weeks. FTU vets the test design and propose any regulatory modification if there exist any.
This phase lasts for a maximum period of 12 weeks where the FTU generates empirical evidence to assess the test by close monitoring.
The evaluation phase also lasts for 4 weeks where the final outcome of the testing of the technology/ services/ products as per the expected parameters including the acceptability/ viability under the scheme of Regulatory Sandbox is confirmed by RBI. Thereafter, RBI will assess the outcome of the reports on the test and decide whether the product or service is acceptable and viable under Regulatory Sandbox.
Legal and Statutory Issues
- Relaxation of regulatory requirements: once the approval has been granted, the applicant becomes the Sandbox entity who is responsible for operating in the Regulatory Sandbox. RBI will provide appropriate regulatory support by relaxing specific regulatory requirements (which the sandbox entity would otherwise be subject to) where necessary for the duration of Regulatory Sandbox. RBI will bear no legal liability arising from the Sandbox process. Any liability that arises from the experiment will be borne by the applicant as a sandbox entity.
- Compliance with regulatory requirements: On successful experimentation and exiting of Regulatory Sandbox, the sandbox entity is bound to comply with relevant regulatory requirements. The entity needs to clearly understand the objectives and principles of the Regulatory Sandbox as it is not a means of circumventing legal and regulatory requirements.
- Exit from Sandbox: At the end of the Sandbox period, the Sandbox entity must exit the Regulatory Sandbox.
Transparency and Disclosure
All the necessary communication related to the Regulatory Sandbox including its launch, theme of its cohort, successful applicants selected for Regulatory Sandbox, entry and exit criteria and the products/ services found viable and acceptable under the Regulatory Sandbox shall be disseminated through RBI’s official website.
RBI’s reserves the right to publish relevant information about Regulatory Sandbox on its website for the purposes of knowledge transfer and collaboration with international regulatory agencies without revealing any intellectual property rights related information.
Enterslice can give you overall advisory and assistance in filing application and applying for Regulatory Sandbox for your organisation as we are a team of highly skilled & dedicated professionals. We specialize in providing legal consultancy services.