INDIA Law and Practice Contributed by: Shilpa Mankar Ahluwalia, Himanshu Malhotra and Purva Anand, Shardul Amarchand Mangaldas & Co
for market-linked financial products offered by SEBI-regulated entities, respectively. 2.6 Jurisdiction of Regulators The regulatory regime governing the fintech space across most key verticals is primarily driv - en and implemented by the RBI, with support on specific, specialised aspects from NPCI, UIDAI, IRDAI and SEBI (see 2.2 Regulatory Regime ), as set out below. RBI In India, the primary regulator for fintech is the RBI, which has shifted from a light-touch approach to a full-regulation model in recent years. The RBI is responsive to market changes and technological advances, and regulations have been promptly updated to account for such developments. NPCI NPCI is an umbrella, quasi-regulatory organi - sation for operating retail payments and settle - ment systems in India. It is a joint initiative of the RBI and the Indian Banks’ Association under the PSS Act and was established with a view to creating an innovative and robust payment and settlement infrastructure in India. UIDAI UIDAI is a statutory body responsible for admin - istering the Aadhaar programme – the largest identity project in India and one of the largest globally. UIDAI has been central to framing the rules governing the use of Aadhaar by fintech players as a means for customer onboarding and verification. IRDAI IRDAI is the primary regulator in the insurance sector in India and supplements the regulatory
framework of the RBI applicable to fintech play - ers, specifically for insurtech elements. SEBI SEBI is the key financial markets regulator in India charged with the function of regulating the securities market and protecting investor inter - est. It has jurisdiction over aspects of fintech related to robo-advisors, algorithmic trading and financial research platforms, although these areas are still nascent in India. 2.7 No-Action Letters Financial regulators in India have typically not issued no-action letters for the fintech sector. The RBI does not issue no-action letters, although the fintech department of the RBI holds monthly virtual meetings with fintechs “Finter- act” and “Finquiry” sessions – which provide a platform to interact with the regulator and get verbal non-binding guidance. SEBI, however, issues no-action letters in the form of non-bind - ing informal guidance letters under the SEBI (Informal Guidance) Scheme, 2003. 2.8 Outsourcing of Regulated Functions The permissibility of outsourcing regulated financial and IT functions in the Indian fintech space is governed largely by outsourcing guide - lines issued by the RBI, which are applicable to banks and NBFCs and (separately) to PSOs. Broadly, the core regulated activities cannot be outsourced to unregulated entities. Outsourcing Guidelines These guidelines require that banks, NBFCs and PSOs have a board-approved outsourcing policy and that they do not outsource “core manage- ment functions” , such as internal audit, under - taking regulatory compliance, and decision- making roles such as determining compliance
306 CHAMBERS.COM
Powered by FlippingBook