The Working Group gratefully acknowledges the support and guidance received from Deputy Governor, Shri. N.S. Vishwanathan. The Chairman is grateful for the contributions made by the individual members of the Working Group for completing the task entrusted to it. In particular, he wishes to place on record the excellent work done by the Member-Secretary, Shri Prasant K. Seth, General Manager, RBI in compiling the Group's Report.
The Group wishes to specially acknowledge the contribution of Shri S.S. Barik, CGM-In-Charge, DBR in providing necessary support to the Working Group. The Group also wishes to acknowledge the contribution by Shri Talakona Jagadeesh Kumar, Assistant General Manager, DBR, in providing assistance to the Working Group for drafting the Report.
The Group also wishes to thank Shri Rajat Gandhi, M/s Faircent Technologies, Mr. Lishoy Bhaskaran and Mr. Mohamed Galib, M/s Backwaters Technology and Ms. Theresa Karunakaran, Deutsche Bank, for sharing their valuable experience and market perspective on working of various FinTech products.
Background, Terms of Reference, Methodology and Members of the Group
In view of the growing significance of FinTech innovations and their interactions with the financial sector as well as the financial sector entities, the Financial Stability and Development Council - Sub Committee (FSDC-SC) in its meeting held on April 26, 2016 decided to set up a Working Group to look into and report on the granular aspects of FinTech and its implications so as to review and reorient appropriately the regulatory framework and respond to the dynamics of the rapidly evolving FinTech scenario.
Given the wide ranging issues involved, Reserve Bank of India set up an inter-regulatory Working Group (WG) to look into and report on the granular aspects of FinTech and its implications for the financial sector so as to review and reorient appropriately the regulatory framework and respond to the dynamics of the rapidly evolving FinTech scenario. The Group included representatives from RBI, SEBI, IRDA, and PFRDA, from select financial entities regulated by these agencies, rating agencies such as CRISIL and FinTech consultants / companies.
Terms of Reference of the Working Group
To undertake a scoping exercise to gain a general understanding of the major FinTech innovations / developments, counterparties / entities, technology platforms involved and how markets, and the financial sector in particular, are adopting new delivery channels, products and technologies
To assess opportunities and risks arising for the financial system from digitisation and use of financial technology, and how these can be utilised for optimising financial product innovation and delivery to the benefit of users / customers and other stakeholders.
To assess the implications and challenges for the various financial sector functions such as intermediation, clearing, payments being taken up by non-financial entities.
To examine cross country practices in the matter, to study models of successful regulatory responses to disruption across the globe.
To chalk out appropriate regulatory response with a view to re-aligning / re-orienting regulatory guidelines and statutory provisions for enhancing FinTech / digital banking associated opportunities while simultaneously managing the evolving challenges and risk dimensions.
Any other matter relevant to the above issues.
The WG reviewed globally published material on the subject, the FinTech developments worldwide, the approaches adopted by various regulators, evolving views of international standard-setting bodies, and interacted with some FinTech entities/start-ups/sponsors operating in India as payment system provider, platform lender, block chain/digital ledger provider, etc. and took on board their views and concerns, including impact on the broader financial market1. These helped inform some of the views of the WG on aspects to be kept in mind while conceptualizing, designing and implementing the regulatory framework / structure for FinTech in the near future.
Members of the Working Group
The WG comprised:
|i. Shri Sudarshan Sen, Executive Director, RBI ||Chairman |
|ii. Dr. Sarat Kumar Malik, CGM, SEBI ||Member |
| iii. Shri R.K. Sharma, Joint Director, IRDAI ||Member |
| iv. Shri Rakesh Sharma, GM, PFRDA ||Member |
|v. Shri A. P. Hota, MD & CEO, NPCI ||Member |
| vi. Dr. A. S. Ramasastri, Director, IDRBT ||Member |
|vii. Smt. Nanda S. Dave, CGM, DPSS, RBI ||Member |
|viii. Shri R Ravikumar, CGM, DBS, RBI ||Member |
| ix. Shri Mrutyunjay Mahapatra, DMD, & CIO, SBI ||Member |
| x. Shri Nitin Chugh, Head, Dig. Bkg. HDFC Bank ||Member |
| xi. Shri Amish Mehta, CFO, CRISIL ||Member |
|xii. Shri A. Joseph, JLA, LD, RBI ||Member |
|xiii. Shri Prasant K. Seth, GM, DBR, RBI ||Member-Secretary |
a. Financial services, including banking services, are at the cusp of a revolutionary change driven by technological and digital innovations. A rapidly growing number of financial entities and technology firms are experimenting with related technological and financial solutions as well as new products in the financial services field which either modifies the way financial intermediation takes place or leads to disintermediation.
b. FinTech is broadly an omnibus term used to describe emerging technological innovations in the financial services sector, with ever increasing reliance on information technology. Commencing as a term referring to the back end technology used by large financial institutions, it has expanded to include technological innovation in the financial sector, including innovations in financial literacy and education, retail banking, investments, etc.
Technological innovation is considered to be one of the most influential developments affecting the global financial sector in the near future. Innovations related to payments, lending, asset management and insurance pose a challenge to business models and strategies of financial institutions; yet, these also bring opportunities for both the incumbent market participants and newcomers. At the same time, innovation can create new risks for individual financial institutions, consumers of financial services, as well as the financial system as a whole.
c. FinTech or digital innovations have emerged as a potentially transformative force in the financial markets. A recent FSB study highlighted some of the potential benefits of FinTech, including efficiency improvements, risk reduction and greater financial inclusion. It also identified some of the key challenges associated with FinTech, such as difficulty of regulating an evolving technology with different use cases, monitoring activity outside the regulated sector, identifying and monitoring new risks arising from the technology.
d. Financial innovation has become a focal point for a lot of attention, and some jurisdictions have decided to take a more active approach in facilitating this innovation. To do this, they have taken a variety of regulatory and supervisory initiatives such as regulatory sandboxes, innovation hubs, innovation incubators or accelerators, etc.
e. The regulatory uncertainty surrounding FinTech could potentially hamper development. As a result, international standard setting bodies (BCBS, FSB, CPMI, WBG, etc.) including regulatory authorities of different jurisdictions are taking steps to actively monitor FinTech developments both domestically and in cooperation with international organizations.
f. Key Recommendations
There is a need to have a deeper understanding of various FinTech products and their interaction with the financial sector and, thereby, the implications on the financial system, before regulating this space.
The regulatory actions may vary from “Disclosure” to “Light-Touch Regulation & Supervision” to a “Tight Regulation and Full-Fledged Supervision”, depending on the risk implications.
There is a need to develop a more detailed understanding of risks inherent in platform based FinTech.
Various financial sector regulators to identify sector specific FinTech products and regulatory approaches.
The adoption of digital channels to replace manual time-consuming processes to empower customers and / or workforce in insurance sector.
Innovation labs may be established, including within insurance companies, to combine brand and product managers with technological and analytical resources.
As and when any securities market Fin-Tech products are introduced or emerge in the market, regulators may assess the product and see whether it can be monitored by way of registering them as an intermediary or through the activity regulations.
Insurance companies may collaborate with “Insurtech” entities or start-ups to provide better customer experience in a cost effective manner.
Financial sector regulators need to engage with FinTech entities in order to chalk out appropriate regulatory response and with a view to re-align regulation and supervision in response to the changing environment.
In order to identify and monitor the challenges associated with the development of major FinTech innovations and to assess respond to opportunities and risks arising for the financial system from these innovations, a ‘dedicated organizational structure’ within each regulator needs to be created.
To provide an environment for developing FinTech innovations and testing of applications/APIs developed by banks and FinTech companies.
An appropriate framework may be introduced for “Regulatory Sandbox/innovation hub” within a well-defined space and duration where financial sector regulators will provide the requisite regulatory support, so as to increase efficiency, manage risks and create new opportunities for consumers in Indian context similar to other regulatory jurisdictions.
In view of IDRBT’s unique positioning as a research and development institute, and as indicated by some of its activities, it is felt that IDRBT is well placed to create and maintain a regulatory sandbox in collaboration with RBI for enabling innovators to experiment with their banking/payments solutions for eventual adoption. The Institute may continue to interact with RBI, banks, solution providers regarding testing of new products and services and over a period of time upgrade its infrastructure and skill sets to provide full-fledged regulatory sandbox environment. The Reserve Bank of India may actively engage with the Institute in this regard.
Regulatory and legal reforms are essential to enable the sustained development of a digital financial industry for the future.
Partnerships / engagements among regulators, existing industry players, clients and FinTech firms will enable the development of a more dynamic and robust financial services industry.
Regulators may explore the use of Reg Tech that may facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities.
The organizational structure and human resources (HR) practices of regulators have to be reoriented to meet the challenges of innovation, in terms of adapted HR hiring profiles, learning and educational programmes.
There is a need for a stand-alone data protection and privacy law in the country.
Banks / Regulated entities may be encouraged to collaborate with FinTech/start-ups to improve their customer experience and operational excellence. They may also consider undertaking FinTech activity in areas such as payments, data analytics and risk management.
Models of engagement and checklist to be developed by each regulator for each of the activities.
Given that FinTech companies are in their infancy but are growing at a rapid pace, the Government may consider introducing tax subsidies for merchants that accept a certain proportion of their business revenues from the use of digital payments.
The requirement of increasing the levels of education/ awareness of customers should be highlighted by all market regulators.
A self-regulatory body for FinTech companies may be encouraged.
1.1 FinTech and Financial Market disruptions
The term “FinTech” is a contraction of the words “finance” and “technology”. It refers to the technological start‑ups that are emerging to challenge traditional banking and financial players and covers an array of services, from crowd funding platforms and mobile payment solutions to online portfolio management tools and international money transfers.
Some of the major FinTech products and services currently used in the market place are Peer to Peer (P2P) lending platforms, crowd funding, block chain technology, distributed ledgers technology, Big Data, smart contracts, Robo advisors, E-aggregators, etc. These FinTech products are currently used in international finance, which bring together the lenders and borrowers, seekers and providers of information, with or without a nodal intermediation agency.
FinTechs are attracting interest both from users of banking services and investment funds, which see them as the future of the financial sector. Even retail groups and telecom operators are looking for ways to offer financial services via their existing networks. This flurry of activities raises questions over what kind of financial landscape will emerge in the wake of the digital transformation.
Financial institutions are seeking to increase their knowledge in relation to technological innovation, both through partnerships with tech companies and by investing in or acquiring such companies. Despite this, there are wide differences in the preparedness of market participants for these changes in practice.
1.2 FinTech: Definitions and scope
1.2.1 What is FinTech?
FinTech is an umbrella term coined in the recent past to denote technological innovation having a bearing on financial services. FinTech is a broad term that requires definition and currently regulators are working on bringing out a common definition.
According to Financial Stability Board (FSB), of the BIS, “FinTech is technologically enabled financial innovation that could result in new business models, applications, processes, or products with an associated material effect on financial markets and institutions and the provision of financial services”. This definition aims at encompassing the wide variety of innovations in financial services enabled by technologies, regardless the type, size and regulatory status of the innovative firm. The broadness of the FSB definition is useful when assessing and anticipating the rapid development of the financial system and financial institutions, and the associated risks and opportunities.
FinTech innovations have the potential to deliver a range of benefits, in particular efficiency improvements and cost reductions. Technological developments are also fundamentally changing the way people access financial services and increasing financial inclusion.
There is large investment in FinTech sector by venture capital Funds. During 2014 around USD 12 billion was invested in FinTech companies, and in 2015 the same is estimated around USD 20 billion2.
2. FinTech and its impact on global Financial Services
2.1 FinTech innovations, products and technology
2.1.1 There is no commonly accepted taxonomy for FinTech innovations. In order to get a sense of the broad nature of the ongoing developments in this area, the WG categorized some of the most prominent FinTech innovations into five main groups through its scoping exercise. Though this does not represent a comprehensive review of all FinTech innovations, it highlights those regarded as potentially having the greatest effects on financial markets3.
2.1.2 A simple categorization of some of the most prominent FinTech innovations into groups according to the areas of financial market activities where they are most likely to be applied is as under:
|Categorization of major FinTech Innovations |
|Payments, Clearing & Settlement ||Deposits, Lending & capital raising ||Market provisioning ||Investment management ||Data Analytics & Risk Management |
|Mobile and web-based payments Digital currencies Distributed ledger ||Crowd-funding Peer to peer lending Digital currencies Distributed Ledger ||Smart contracts Cloud computing e-Aggregators ||Robo advice Smart contracts e-Trading ||Big data Artificial Intelligence & Robotics |
2.1.3 Payments, clearing and settlement services
Innovations in this category are targeted at improving the speed and efficiency of payments, clearing, and settlement, reducing cost and changing the ways people access financial services and conduct financial transactions. Some of the innovations in areas of payments, clearing and settlements in the financial markets are as follows:
126.96.36.199 Mobile and web-based payment applications
The majority of developments in the areas of payments are based on mobile technology by providing wrappers over existing payments infrastructure. Examples include Apple Pay, Samsung Pay, and Android Pay, which sit on top of existing card payment infrastructure enabling the user’s mobile devices to act as their credit/debit cards. There are also mobile payments built on new payment infrastructure, for example mobile phone money services, such as M-Pesa in Kenya and IMPS in India, which provide payment services. While such innovation facilitates the entrance of new users to the financial system, it may also move the provision of some payment services to non-banking companies that are not regulated as financial entities. There are a number of web-based and mobile-based payment applications that primarily focus on the customer experience and often aim to better integrate payment transactions within the commerce value chain. These service providers usually do not offer banking services other than payments, and they normally do not apply for banking licenses. The services can be offered by the payer’s own payment service provider (PSP) or by third party services (TPS), where an innovative service provider links payers and merchants by using the payer’s online banking credentials but without necessarily involving the payer’s PSP in the scheme or solution or by using the card payment infrastructure (Alipay, PayPal).
188.8.131.52 Digital currencies (DCs)
Digital currencies (DCs) are digital representations of value, currently issued by private developers and denominated in their own unit of account. They are obtained, stored, accessed, and transacted electronically and neither denominated in any sovereign currency nor issued or backed by any government or central bank4.
Digital currencies are not necessarily attached to a fiat currency, but are accepted by natural or legal persons as a means of exchange and can be transferred, stored or traded electronically. DC schemes comprise two key elements: (i) the digital representation of value or ‘currency’ that can be transferred between parties; and (ii) the way in which value is transferred from a payer to a payee.
Privately issued DCs, such as Bitcoin, facilitate peer-to-peer exchange, possibly at lower cost for end-users and with faster transaction times, especially across borders. DC schemes are also known as ‘crypto currencies’ due to their use of cryptographic techniques. It is reported that there are hundreds of crypto currencies currently in use with an aggregate market capitalization of around USD 6.5bn5. However, only a very small fraction of these currencies are traded on a daily basis.
Crypto currencies derive their value solely from the expectation that others will be willing to exchange it for sovereign currency or goods and services. DC schemes may allow for the issuance of a limited or unlimited number of units. In most digital currency schemes, distributed ledger technology allows for remote peer-to-peer exchanges of electronic value. The various DC schemes differ from each other in a number of ways; they have different rules for supplying the currency; they differ in the way in which transactions are verified.
The implications of DCs for financial firms, markets and system will depend on the extent of their acceptability among users. If use of DCs were to become widespread, it would likely have material implications for the business models of financial institutions. DCs could potentially lead to a disintermediation of some existing payment services infrastructure.
At the moment, DCs schemes are not widely used or accepted, and they face a series of challenges that could limit their future growth. As a result, their influence on financial services and the wider economy is negligible today, and it is possible that in the long term they may remain a product for a limited user base on the fringes of mainstream financial services.
The regulatory perimeter around DCs is a complicated issue and regulation may depend on the definition of DCs in particular jurisdictions. The cross-border reach of DC schemes may make it difficult for national authorities to enforce laws.
184.108.40.206 Distributed ledgers Technology
Distributed ledger technologies (DLT) provide complete and secure transaction records, updated and verified by users, removing the need for a central authority. These technologies allow for direct peer-to-peer transactions, which might offer benefits, in terms of efficiency and security, over existing technological solutions.
The impetus behind the development and adoption of distributed ledger technology are the potential benefits. The major benefits are reduced cost; faster settlement time; reduction in counterparty risk; reduced need for third party intermediation; reduced collateral demand and latency; better fraud prevention; greater resiliency; simplification of reporting, data collection, and systemic risk monitoring; increased interconnectedness; and privacy.
Distributed ledger technology is an innovation with potentially broad applications in financial market infrastructures (FMIs) and in the economy as a whole. Its most common use at present is for digital currencies, but firms are stepping up their R&D activities for other uses including securities trading, smart contracts, and land and credit registries. If widely adopted, distributed ledger technology can pose new challenges for regulation. Though there are no imminent concerns, constant monitoring of developments in the application of the distributed ledger technology to financial services and systems is prudent given the significant potential of the technology.
220.127.116.11 Block chain Technology
Block chain is a distributed ledger in which transactions (e.g. involving digital currencies or securities) are stored as blocks (groups of transactions that are performed around the same point in time) on computers that are connected to the network. The ledger grows as the chain of blocks increases in size. Each new block of transactions has to be verified by the network before it can be added to the chain. This means that each computer connected to the network has full information about the transactions in the network. Block chain potentially has far-reaching implications for the financial sector, and this is prompting more and more banks, insurers and other financial institutions to invest in research into potential applications of this technology.
Frequently cited benefits of Block chain are its transparency, security and the fact that transactions are logged in the network. Some of the disadvantages currently include the lack of coordination and the scalability of this technology. One of the best-known applications of Block chain technology at the present time is bitcoin. Transactions in this virtual currency are largely anonymous. This creates ethical risks for financial institutions dealing with users of this currency, because they are unable to (fully) verify their identity.
It has also been observed that market participants in other securities markets are exploring the usage of Block chain or Distributed Database technology to provide various services such as clearing and settlement, trading, etc. Indian securities market may also see such developments in near future and, therefore, there is a need to understand the benefits, risks and challenges such developments may pose.
2.1.4 Deposits, lending and capital raising services
Alternative models of lending and capital raising are gaining prominence, potentially changing the market dynamics of traditional lenders and affecting the role of traditional intermediaries. A few examples of the products offered by FinTechs are as under:
18.104.22.168 Peer-to-peer (P2P) lending
Peer-to-peer (P2P) lenders connect lenders and borrowers, using advanced technologies to speed up loan acceptance. These technologies are designed to increase the efficiency and reduce the time involved in access to credit.
While P2P lending originally involved direct matching of individual lenders and borrowers on a one-to-one basis, it has evolved into a form of marketplace lending where institutional and high net worth individual investors lend into a pool that borrowers can access.
P2P lending has grown rapidly over the past decade but remains small outside of the United States, the United Kingdom, and China. P2P lending is estimated to have recorded 123% compound annual growth (CAGR) globally from 2010-2014. Further, global market for P2P lending is expected to grow at a CAGR of 60 per cent to USD 1 trillion by 2025 from USD 9 billion in 20146.
Depending on the structure, P2P may involve simple matching, deposit taking, or management of a collective investment scheme. Since P2P lending companies operate entirely online, they can run with lower overhead and provide services more cheaply than traditional financial institutions. As a result, lenders often earn higher returns compared to savings and investment products offered by banks, while borrowers can borrow money at lower interest rates. The most common form of P2P loan is an unsecured personal loan, but start-up and small-business loans are also becoming important.
The principal benefit of P2P lending for borrowers is the fast and convenient access to funding, while for investors it is the potential for high returns.
In their current form, P2P platforms are different from banks, because they do not take positions in loans and do not generally perform maturity and liquidity transformation like banks. P2P platforms more directly match the risk appetite of lenders with the risk profile of borrowers. These factors are likely to make P2P platforms less systemically important than banks of comparable size.
The default of a bank can have systemic effects because of the many credit inter linkages that a bank builds during its business of intermediating credit markets. This creates the possibility of contagion should a single bank fail. The risk of such a contagion is likely to be much less with the failure of a P2P platform because they do not have the same network of credit inter-linkages. This would be true even if a P2P platform was very large. In sum, P2P lending does not currently pose a systemic risk, and it is not clear whether it would if the sector grew significantly larger.
22.214.171.124 Crowd funding
Crowd funding is a way of raising debt or equity from multiple investors via an internet-based platform. Securities and Exchange Board of India (SEBI) has released a paper and defined crowd funding as “solicitation of funds (small amount) from multiple investors through a web-based platform or social networking site for a specific project, business venture or social cause.” Some jurisdictions have chosen to enact special legislative regimes to determine the conditions under which this service can be made available to retail investors. The platform matches borrowers / issuers with savers/investors. Platform providers offer a range of information about the potential borrowers/issuers, ranging from credit ratings (for most peer-to-peer loan arrangements) to business model to verification of information and AML checks of firms that want to raise equity capital. Though SEBI had come out with a draft regulation on the subject, it has not issued the final guidelines.
2.1.5 Market provisioning services
Advances in computing power are facilitating faster and cheaper provision of information and services to the market. A few of these innovations are discussed below:
126.96.36.199 Smart contracts
Smart contracts are computer protocols that can self-execute, self-enforce, self-verify, and self-constrain the performance of a contract. Development of smart contracts in relation to financial services could have a large impact on the structure of trade finance or derivatives trading, especially more bespoke contracts, and could also be integrated into Robo-advice wealth management services. The widespread adoption of smart contracts in financial services could be facilitated by the establishment of distributed ledger technology.
E-Aggregators provide internet-based venues for retail customers to compare the prices and features of a range of financial (and non-financial) products such as standardised insurance, mortgages, and deposit account products. They can also be firms that provide services that allow users to aggregate and analyse their data on their payment patterns, across separate accounts and products (example-Yodlee). E-Aggregators also provide an easy way to switch between providers and may become a major distributor for a variety of financial products. Reserve Bank of India has issued directions regarding Account Aggregators which requires that no entity other than a company can undertake the business of an Account Aggregator, no company shall commence or carry on the business as an Account Aggregator without obtaining a certificate of registration from the RBI and every company seeking registration with the RBI as Non-Banking Financial Company - Account Aggregator shall have a net owned fund of not less than ₹ two crore or such higher amount, as the RBI may specify. Provided that, entities being regulated by other financial sector regulators and aggregating only those accounts relating to the financial assets of that particular sector will be excluded from the registration requirement.
188.8.131.52 Cloud computing
Cloud-based IT services can deliver internet-based access to a shared pool of computing resources that can be quickly and easily deployed. Infrastructure, Platform, Service and Mobile backend as a service are offered under cloud based services. The use of these services is an important enabler for new entrants to the financial services arena to set up quickly and with low start-up cost, with easy options to expand their capability as the firm grows. Depending on the type of services of the cloud service availed, it can potentially pose several challenges including the ability of jurisdictional enforcement authorities to effectively ensure security of data.
184.108.40.206 Big data
As more business activity is digitised, new sources of information are becoming available. Combining these data sources with the availability of increased computing power is delivering faster, cheaper, and more comprehensive analysis for better informed decision-making. For example, wider use of increasingly large datasets could deliver material improvements in credit risk assessments. Financial institutions may desire to monetize aggregated data by selling them or bundling them with other products and services offered.
220.127.116.11 Artificial Intelligence (AI) & Robotics
Companies looking to achieve a competitive edge through AI need to work through the implications of machines that can learn, conduct human interactions, and engage in other high-level functions at an unmatched scale and speed. They need to identify what machines do better than humans and vice versa, develop complementary roles and responsibilities for each, and redesign processes accordingly. AI often requires, for example, a new structure, of both centralized and decentralized activities, that can be challenging to implement. Finally, companies need to embrace the adaptive and agile ways of working and setting strategy that are common at startups and AI pioneers. All companies might benefit from this approach, but it is mandatory for AI-enabled processes, which undergo constant learning and adaptation for both man and machine.
2.1.6 Investment management services
Automated systems have the potential to transform the business of investment management. Few commonly used applications in investment management services are discussed as under:
18.104.22.168 Robo advice
“Robo-advice” is the provision of financial advice by automated, money management providers, thereby disintermediating human financial advisors and reducing costs. It can offer more investor choice, especially for low and middle income investors who do not have access to the wealth management divisions of the banks. Robo Advisors are said to be currently handling assets under management estimated at $20bn7 and such business is growing rapidly. They use client information and algorithms to develop automated portfolio allocation and investment recommendations that are meant to be tailored (to a greater or lesser degree) to the individual client.
Robo advisors are regulated just like independent advisors who set up offices and meet clients on a regular basis in USA. They typically register with the U.S. Securities and Exchange Commission and are deemed "fiduciaries" who must put their clients' interests above their own.
Electronic trading has become an increasingly important part of the market landscape, notably in fixed income markets. It has enabled a pickup of automated trading in the most liquid market segments. Innovative trading venues and protocols, reinforced by changes in the nature of intermediation, have proliferated, and new market participants have emerged. This, in turn, has had implications for the process of price discovery and for market liquidity. It could also lead market structures to evolve from over-the-counter to a structure where all-to-all transactions can take place. The development of e-trading platforms contributes to improving the efficiency of market orders and to reducing average trading costs8.
2.2. FinTech and its impact on global financial services
2.2.1 Innovation and technology have brought about a radical change in traditional financial services. The world has seen the emergence of more than 12,000 start-ups and massive global investment of USD 19 billion in 20159 in the FinTech space. The global FinTech software and services sector is expected to boom as a USD 45 billion10 opportunity by 2020, growing at a compounded annual growth rate of 7.1% as per NASSCOM.
2.2.2 Technological innovations compel banks to modify their way of doing business and earnings models. Banks currently perform activities in several market segments, viz., payments services, raising deposits, lending, and investments, etc. These are segments where technological innovations will result in more high-grade products at lower prices. If banks do not adopt them quick enough, innovation by rivals may put their business models under pressure. Loss of consumer contact and fragmentation of the value chain could then diminish banks’ ability to profit from the cross-selling market.
2.2.3 Global Technology players, viz., Apple, Google and Facebook that adopt innovations effectively and carry technological innovation and new services across the financial value chains. These companies displace existing financial institutions by exploiting their scale and innovative capacity.
2.2.4 Technological innovation brings opportunities and risks. FinTech can increase efficiency and diversity by boosting competition within the financial sector. This effect will reduce market concentration and may lead to better services for consumers, in particular as new technological processes often result in greater user-friendliness. This is in particular relevant for the Indian banking sector. Moreover, innovative new entrants provide an incentive for established financial institutions to become more competitive and focus more on their customers.
2.2.5 A more diverse financial sector also reduces systemic risk by increasing the heterogeneity between the risk profiles of market participants. In addition to creating new opportunities, FinTech also carries potential risks for the financial sector. These include risks to the profitability of incumbent market players as well as risks related to cyber-attacks.
2.2.6 As the rise of FinTech leads to more and more IT interdependencies between market players (banks, FinTech, and others) and market infrastructures, IT risk events could escalate into a full-blown systemic crisis.
2.2.7 The entrance of new FinTech players has not only increased the complexity of the system but has also introduced heightened IT risks for these players who typically have limited expertise and experience in managing IT risks.
3. FinTech and its impact on Indian Financial Services
3.1 FinTech innovations, products and technology
India’s FinTech sector may be young but is growing rapidly, fueled by a large market base, an innovation-driven startup landscape and friendly government policies and regulations. Several startups populate this emerging and dynamic sector, while both traditional banking institutions and non-banking financial companies (NBFCs) are catching up. This new disruption in the banking and financial services sector has had a wide-ranging impact.
In India, FinTech has the potential to provide workable solutions to the problems faced by the traditional financial institutions such as low penetration, scarce credit history and cash driven transaction economy. If a collaborative participation from all the stakeholders, viz., regulators, market players and investors can be harnessed, Indian banking and financial services sector could be changed dramatically. FinTech service firms are currently redefining the way companies and consumers conduct transactions on a daily basis.
The Indian FinTech industry grew 282% between 2013 and 2014, and reached USD 450 million in 2015. At present around 400 FinTech companies are operating in India and their investments are expected to grow by 170% by 2020. The Indian FinTech software market is forecasted to touch USD 2.4 billion by 2020 from a current USD 1.2 billion11, as per NASSCOM. The transaction value for the Indian FinTech sector is estimated to be approximately USD 33 billion in 2016 and is forecasted to reach USD 73 billion12 in 2020. The broad FinTech products/services offered in Indian financial markets are as under
3.1.1 Peer-to-Peer (P2P) Lending Services
These companies use alternative credit models and data sources to provide consumers and businesses with faster and easier access to capital, providing online services to directly match lenders with borrowers who may be individuals or businesses. Examples are Lendbox, Faircent, i2iFunding, Chillr, Shiksha Financial, Gyan Dhan, and Market Finance.
3.1.2 Personal Finance or Retail Investment Services
Fintech companies are also growing around the need to provide customized financial information and services to individuals, that is, how to save, manage, and invest one’s personal finances based on one’s specific needs. Examples are FundsIndia.com, Scripbox, Policy Bazaar, and Bank Bazaar.
3.1.3 Miscellaneous Software Services
Companies are offering a range of cloud computing and technology solutions, which improve access to financial products and in turn increase efficiency in day to day business operations. The scope of FinTech is rapidly diversifying at both macro and micro levels, from providing online accounting software to creating specialized digital platforms connecting buyers and sellers in specific industries. Examples include Catalyst Labs in the agriculture sector, AirtimeUp which provides village retailers the ability to perform mobile top ups, ftcash that enables SMEs to offer payments and promotions to customers through a mobile based platform, Profitbooks (online accounting software designed for non-accountants), StoreKey, and HummingBill.
3.1.4 Equity Funding Services
This includes crowdfunding platforms that are gaining popularity as access to venture capital is often difficult to secure. These services are particularly targeted at early stage business operations. Examples include Ketto, Wishberry, and Start51.
3.1.5 Crypto currency
India being a more conservative market where cash transactions still dominate, usage of digital financial currency such as ‘bitcoin’ has not seen much traction when compared to international markets. There are, however, a few bitcoin exchange startups present in India – Unocoin, Coinsecure, and Zebpay.
3.1.6 Developments in Block chain Technology in India
Block chain, a seemingly unassuming data structure, and a suite of related protocols, has recently caught the attention and spurred efforts of a number of domestic firms. IDRBT has taken the initiative of exploring the applicability of BCT to the Indian Banking and Financial Industry by publishing a White Paper detailing the technology, concerns, global experiences and possible areas of adoption in the financial sector in India. In order to gain first-hand experience of the implementation, the Institute has also attempted a Proof-of-Concept (PoC) on the applicability of BCT to a trade finance application with active participation of NPCI, banks and solution provider, the details of which are presented in the White Paper13.
The results of the PoC have been quite encouraging, giving comfort and confidence in the implementability of BCT in the Indian financial sector. The PoC provided a good insight into the workings of the Blockchain eco-system demonstrating the following key aspects:
Complete transparency of various events triggered by various counter-parties
Automated flow triggered by the occurrence of specific events.
Private distributed ledger
The IDRBT White paper has suggested a phased adoption of BCT by the Indian banking system, the stages of which are as follows:
i. Intra-bank usage of BCT
Banks may setup a private Blockchain for their internal purposes. This not only helps them to train human resources in the technology, but also benefits by enabling efficient asset management, opportunities for cross-selling, etc.
ii. Inter-bank usage of BCT
Proof-of-Concept implementation and testing may be carried out in the following order of increasing application complexity – mainly because of the number of stakeholders involved in the transaction.
Centralized KYC: Secure, distributed databases of client information shared between institutions helps reduce duplicative efforts in customer onboarding. Secure codification of account details could enable greater transparency, efficiency in transaction surveillance and simplify audit procedures.
Cross-Border Payments: BCT enables real-time settlement while reducing liquidity and operational costs. Transparent and immutable data on BCT reduces fraudulent transactions. Smart contracts eliminate operational errors by capturing obligations among FIs to ensure that appropriate funds are exchanged. BCT allows direct interaction between sender and beneficiary banks, and enables low value transactions due to reduction in overall costs.
Syndication of loans: Underwriting activities can be automated, leveraging financial details stored on the distributed ledger. KYC requirements can also be automatically enforced in real-time. BCT can provide a global cost reduction opportunity within the process execution and settlement sub-processes of syndicated loans.
Trade Finance: BCT usage for Trade finance enables automation of LC creation, payment against documents, development of real-time tools for enforcing AML and customs activities, and associated cost savings.
Capital markets: BCT brings the following advantages in the clearing and settlement processes: reducing or eliminating trade errors, streamlining back office functions, and shortening settlement times.
Further areas where BCT can be applied advantageously in BFSI sector would be Supply-chain finance, Bill discounting, Monitoring of consortium accounts, Servicing of securities and Mandate management system.
Use cases of BCT banking operations in India
A few banks in India in the recent past have reported successful use of BCT in their operations, especially in the areas of trade finance, international remittances, etc. and reported that this has potential to be used in larger scale in many operations of their bank.
Unlike regular trade transactions where documents are authorized and physically transferred, in a block chain transaction all parties can view the authorization live. A key feature is that the records cannot be tampered and any changes can be introduced only by creating a fresh entry. Besides eliminating the need for moving paper across countries, the transaction eliminates the need for financial messaging between banks and introduces the convenience of instant cross-border remittances for retail customers. Examples- SBI, Axis Bank, ICICI Bank, etc.
3.1.7 Developments in Payments landscape in India
Fintech enablement in India has been seen primarily across payments, lending, security/biometrics and wealth management. The modes of payments in India have leapfrogged from cash to alternate modes of payments registering phenomenal growth. The innovations have happened in all spheres - from common USSD channel access through NUUP, Immediate Payment Service (IMPS) – initiation of transactions through various options for real-time payments to end customer, with the latest being the Unified Payments Interface (UPI). Some of the developments in this regard are discussed below.
22.214.171.124 Fast Payments
Leveraging on the high mobile density in India, with a population of more than one billion, many PSPs utilize mobile payment apps to link underlying payment instruments with mobile phone numbers for fast payments via the Immediate Payment Service (IMPS) or for issuance of m-wallets. The Unified Payment Interface (UPI) developed by NPCI provides complete interoperability for merchant payments as well as P2P payments. The UPI enables users to link their bank accounts with their mobile phone numbers through an application provided by the payment service providers (PSPs) and obtain a virtual address which can be used for making and receiving payments. Introduction of UPI has the potential to revolutionize digital payments and take India closer towards being a “Less Cash” society.
126.96.36.199 Process Innovation
With the nation-wide implementation of Aadhaar, providing a unique identification number to all residents of India, NPCI has launched an Aadhar Enabled Payment System (AEPS) that is a safe and convenient channel enabling micropayments with every transaction validated by biometric authentication. In a further impetus to digital innovations, Unique Identification Authority of India (UIDAI) in collaboration with TCS plans to roll out an Android-based Aadhaar-Enabled Payment System (AEPS). The application can be downloaded by merchants on a smartphone and would require a fingerprint scanner to use it. The application is intended to facilitate undertaking transactions without any Card or PIN.
The traditional modes to make payments include cheque, electronic payment modes viz., NEFT, RTGS, etc. and card (debit and credit) payments. The need for prepaid payment instruments in the form of physical card or e-wallet was felt to give non-bank customers the facility to use electronic modes of payments and give existing bank customers a safeguard measure that limits the extent to which they are exposed. The emergence of bank (State Bank Buddy, Citi MasterPass, ICICI Pockets) and non-bank (PayTM, Mobikwik, Oxigen, Citrus Pay, etc.) payment wallets in India has changed the landscape of payments. Many start-ups have entered the space to simplify mobile money transfer, such as Chillr application, which provides peer-to-peer money transfer without using bank account details. Several leading banks have launched their own digital wallets leveraging NPCI’s IMPS platform. These digital wallets are integrated with social media features as well. Digital Innovators are also promoting the Online to Offline (O2O) model to facilitate digital payments at local stores.
188.8.131.52 BHIM (Bharat Interface for Money)
BHIM is a mobile app developed by NPCI, based on the Unified Payment Interface (UPI) and was launched on 30 December 2016. It is intended to facilitate e-payments directly through banks and as part of the drive towards cashless transactions. BHIM allow users to send or receive money to other UPI payment addresses or scanning QR code or account number with IFSC code or MMID (Mobile Money Identifier) Code to users who do not have a UPI-based bank account. BHIM allows users to check current balance in their bank accounts and to choose which bank account to use for conducting transactions, although only one can be active at any time. Users can create their own QR code for a fixed amount of money, which is helpful in merchant transactions.
3.2 Innovations in digital banking and investment services in India
3.2.1 Innovation in retail financial services
The form of Retail Financial Services is completely dictated by consumers and as they evolve so will retail financial services. Hence innovation is not a luxury anymore, it's a necessity. More importantly we are also seeing the advent of nimble startups, which are slowly and steadily changing how retail financial services are delivered to the consumers and hence putting pressure on traditional banks to take notice and align their functioning accordingly. It is therefore extremely important for banks to innovate in the retail financial services space in tune with the changing times or else there is a grave risk of their becoming less relevant to existing customers.
3.2.2 Innovation in Mobile Banking Services
Mobile banking companies have come a long way. Innovation in mobile banking has grown in sophistication, using advanced technologies such as touch and voice capabilities and machine learning algorithms. Mobile banking innovators focus on enabling customers to bank the way they want to with minimum limitations, using mobile banking apps.
3.2.3 Innovation in Financial Services though Digital Banking
184.108.40.206 Customers are rapidly adopting technology in their daily lives driven by the growth in internet and mobile penetration, availability of low cost data plans and shift from offline to online commerce. Banks are keeping abreast of their evolving needs and behavior and have enabled access to a wide range of banking and financial services through different digital platforms. Banks in India are putting in place robust foundations for digital infrastructure and are innovating using digital technologies across all channels to deliver the power of speed and convenience to all customer segments across urban and rural markets. Some incumbents, in order to defend market share, have encouraged the development of a whole ecosystem of digital banking products and services built upon their infrastructure.
To cater to the fast changing expectations of customers, constant development of new products and services and enhancements, a dedicated focus on digital innovation is of prime importance. Innovation objectives to be identified early on and well-articulated by banks aspiring for a leadership position in the entire value chain. There was a time when cost leadership and service range leadership offered differentiation; however, the way to maintain sustainable leadership going forward will be 'experience leadership' through customer-driven Innovation.
220.127.116.11 Banks thus need to have dedicated resources, both people as well as infrastructure, to form an agile innovation unit, with a view to position themselves at the forefront of digital innovations amidst changing customer expectations and sea-change in the competitive landscape.
18.104.22.168 Now that digital innovation practice has reached a critical mass, banks are shifting gears to create a stronger innovation culture via the Internal Social Collaboration platform and adopting cutting edge technologies like Artificial Intelligence, Block Chain and Internet of Things (IOT), among others. Customers are taken into a new world of multi-channel banking, where they can access services from home, at the office, or on-the-go through Mobile Banking, SMS Banking, Phone Banking, ATMs and Net Banking.
22.214.171.124 Managing investments for Private Banking clients is now simpler and faster. Clients can now easily access research reports both online and on mobile via the apps, capitalize on investment opportunities quickly through Net Banking and Mobile Banking, and track investments using investment tracking apps. The focus on making customers accomplish more comes with the assurance that the services are secure and protected. Banks have set up a Digital Security infrastructure which works with other teams to monitor and set up new security enhancements.
126.96.36.199 Some banks in India are proposing to form a block chain consortium along with other global banks such as SBI, Citi, Deutsche, JP Morgan, Nomura, HSBC, UBS, Barclays, Bank of America, BNP, RBS, Macquarie, Westpac, etc.
188.8.131.52 Some of the banks are also collaborating with Indian IT service providers in areas of voice enabled system for the customers to open new accounts on the basis of Aadhaar authentication.
184.108.40.206 Banks are also collaborating with IT service providers for e-Sign(digital signature) facility to help digitally signing the loan documents. This will help in faster approval process, lesser paper work and lesser paper storage space.
220.127.116.11 Some of the innovations and related initiatives taken by Indian banks in collaboration with FinTech start-ups/academia and other service providers in the recent past are SBI FinTech IPDaaS Software Developed with IIT-KGP; Zing HR using Microsoft AI; Digital Village; cross border remittances, etc. Such start-ups are listed in Annex-1.
3.2.4 Innovations in branch banking through Intelligent Robotic Assistant
AI and robotics have the potential to transform data analytics and customer experience in banking. Until recently, application of robotics was unheard of in banking and was considered for application primarily in the manufacturing & medical sectors. With use of Intelligent Robotic Assistant (IRA), robotics are being brought into the mainstream of customer service and support. IRA is designed to assist branch staff in large branches, which have high footfalls, by guiding customers to carry out their banking transactions. AI is becoming an integral part of the banking system, functions, processes and customer interactions. Both Robotics and AI will help banks manage both internal and external customers much more effectively and help reduce operational costs exponentially in the future. The potential of AI and Robotics based solutions is enormous and will revolutionize the way people do banking.
Digital transformation and innovation in the BFSI space will ride on three pillars - BlockChain, Artificial Intelligence and Internet of Things. It is said that 'technology becomes truly useful when it becomes invisible'. With the onset of interconnected devices riding on a self-learning and evolving AI and BlockChain keeping a track of each and every transaction, banking will no longer be just apps, websites or physical branches. Widespread adoption of biometric authentication and AI based voice enabled financial services and advisory may make banking relatively 'invisible'.
However, a strong caveat here is that ideas are not good enough. There has to be a strong focus on execution. Buzz words on innovation have to progress to functional use cases, and be implemented to create true value.
With the change that banking has seen in the last 20 years, it is difficult to say how it'll look like in the future. Although the essence of banking, which is collecting money from those who have surplus savings and using it to lend to those who need it, will remain unchanged, what the customers and the bank staff will experience may be transformed by FinTech.
It is believed that banking will not be just about saving, spending or servicing transactions. It will be about banks acting as the alter ego of their customers, aiming to maximize their wealth and meet their financial needs seamlessly. Financial advisory, Investment Management, facilitating commerce on both borrower and lender side will take center stage and, taking a futuristic view, the entire value chain will be about “Automation (Blockchain – Robotics Process Automation), Experience (Artificial Intelligence, NLP & Language support) and Assistance (Humanoids, Holographic Banking & Robo-advisory).
3.2.5 Innovation in Investment services
Technology plays an important role and brings efficiency in terms of cost, reduction in turnaround time, increasing the reach, anytime availability to the clients, etc. Towards this the mutual funds industry has adopted technology and the use of same is increasing day by day. Product manufacturers, i.e. individual mutual funds/asset management companies (AMCs) are providing online facilities by which investors can subscribe, redeem and monitor their portfolio by logging onto their websites. AMCs have integrated the online processes with payment systems which enable investors to make seamless payment. Some of the AMCs have also developed mobile applications for investors to access their portfolio through smart phones.
Further, Mutual Fund Distributors (MFDs) have also adopted technology in distribution of mutual funds. There are distributors such as Scripbox, FundsIndia, MyUniverse, ArthaYantra, etc, who operate only in the online space and cater to the tech savvy investors. The processes like onboarding of investors, risk profiling, analysis of their portfolio, recommendation of schemes, asset allocation, rebalancing of portfolio etc. are online and driven by technology.
With an objective to use technology in an innovative manner so that an investor can transact seamlessly in a presence-less and paperless manner, SEBI has engaged with various stakeholders of industry to leverage the advancement in technology and digitalize the whole process of investment in securities market. After involving UIDAI and all stakeholders, SEBI has issued instructions on Aadhaar based e-KYC, which has made onboarding of a new investor in securities market (especially in mutual funds) totally paperless and presence-less.
3.3 Scope for Growth of FinTech and digital banking in India
India has a large untapped market for financial service technology startups as 40 percent of the population are currently not connected to banks and 87 percent of payments are made in cash. With mobile usage expected to increase to 64 percent in 2018 from 53 percent currently, and internet penetration steadily climbing, the growth potential for FinTech in India cannot be overstated. Moreover, by some estimates, as much as 90 percent of small businesses are not linked to formal financial institutions. These gaps in access to institutions and services offer important scope to develop FinTech solutions (such as funding, finance management) and expand the market base.
4. Regulatory Initiatives: Recent global regulatory Initiatives on FinTech
4.1 Global experiences on regulatory actions
FinTech or digital innovations have emerged as a potentially transformative force in the financial markets. A recent FSB study highlighted some of the potential benefits of FinTech, including efficiency improvements, risk reduction and greater financial inclusion. The study also identified some of the key challenges associated with FinTech, such as difficulty of regulating an evolving technology with different use cases, monitoring activity outside the regulated sector, and identifying and monitoring new risks arising from the technology.
The developments in increasing digitization in banking present regulatory and supervisory challenges for several reasons. First, financial technology is increasing the channels for provision of finance, both from banks and non-banks (e.g. platform-based lending). Second, technological innovation is affecting existing bank business models, which in turn could undermine their overall business strategies. Third, the rise of FinTech may lead to fundamentally different bank risk profiles. In this regard, best practices and principles for the management and supervision of risks arising from financial technology are much needed.
Financial innovation has become a focal point for a lot of attention from regulators, and some jurisdictions have decided to take a more active approach in facilitating this innovation. To do this, they have put in place a variety of regulatory and supervisory initiatives such as regulatory sandboxes, innovation hubs or teams, innovation incubators or accelerators, etc.
Regulatory uncertainty surrounding FinTech could potentially hamper its development. As a result, international standard setting bodies (BCBS, FSB, CPMI, WBG, etc.) including regulatory authorities of different jurisdictions are taking steps to actively monitor FinTech developments both domestically and in cooperation with international organizations. Some developments in this regard are as under:
4.1.1 Basel Committee on Banking Supervision (BCBS):
BCBS has set up a Task Force on FinTech (TFFT) to identify and assess the risks arising from the digitalisation of finance with a focus on the impact of financial technology on banks’ business models, the provision of finance and systemic risk, as well as associated supervisory challenges. The Task Force has been mandated to investigate the impact of FinTech on banks and the implications for banking regulation and supervision. The work of the TFFT will involve initial mapping of the FinTech industry and technologies, in order to gain a general understanding of the major innovations and how banks are adopting new technologies. The second phase will involve a scenario-analysis of the potential impact of FinTech on the banking industry, as well as ‘deep dive’ case studies of specific technologies and their banking application. The third phase will aim to assess risks for banks and any implications for supervision, with a view to making recommendations on how the Committee should proceed, based on the information collected.
4.1.2 Financial Stability Board (FSB)
FSB has set up a task force named Financial Innovations Network (FIN) for the assessment of FinTech, inter alia recommending that innovations be examined through the lens of authorities’ and Secretarial Standards Board’ (SSB) responsibilities. BCBS and the FSB have conducted a joint survey of their members’ FinTech-related activities, including the use of regulatory sandboxes and innovation hubs.
FSB has considered the financial stability implications of distributed ledger technology, and continues to work in this area, jointly with Committee on Payments and Market Infrastructures (CPMI), to identify key issues that market participants and policymakers need to address. FSB is conducting an in-depth study of the financial stability implications of peer to peer lending with the BIS’ Committee on the Global Financial System.
FSB is currently undertaking a study of the key elements underlying the broad swath of FinTech innovations and examining the financial stability implications of those elements. That work has identified three elemental 'promises' common to a broad range of FinTech innovations14: (i) greater access to and convenience of financial services, (ii) greater efficiency of financial services, and (iii) to push toward a more decentralised financial system, in which FinTech firms may be disintermediating traditional financial institutions.
4.1.3 Committee on Payments and Market Infrastructures (CPMI)
CPMI is also looking at digital innovations as well as “FinTech” developments and their implications for payments and market infrastructures. The CPMI is continuing to monitor developments and evolution of digital currency schemes and their wider implications. To focus its activities, the CPMI has established a dedicated Working Group to look at the impact of digital innovations and to analyse the implications of such innovations on payment services and systems, having particular regard to the technical and infrastructure aspects of products and services based on innovative technologies, such as block chain and distributed ledgers.
4.1.4 European Commission
The European Commission in November 2016 launched a Task Force on Financial Technology (TFFT) that aims to assess and make the most of innovation in this area, while also developing strategies to address the potential challenges that FinTech poses. The work of this Task Force builds on the Commission's goal to develop a comprehensive strategy on FinTech.
4.1.5 World Bank Group
The World Bank participates actively in SSB work streams relevant to FinTech. The WBG works with national authorities to put in place enabling frameworks for adoption of technology, market entry/level playing fields, and expansion of financial access – as technical, policy, or financing partner IFC: investments, risk-sharing, also dialogue with private sector players in this space e.g. through SME Finance Forum.15
4.2 Regulatory Sandboxes / Innovation Hub
4.2.1 Innovation Hubs
Support, advice or guidance provided to regulated or unregulated firms in navigating the regulatory framework or identifying supervisory, policy or legal issues and concerns is generally termed as ‘innovation hub’. Some of the key benefits of having an innovation hub are:
Reduce regulatory uncertainty.
Reduce the time it takes to bring an innovative product to market.
Support innovators by providing needed services.
Improve access to supervisory authorities for financial market operators by creating a central point of contact.
- Play an active role as a catalyst for promoting interaction among financial practices and innovative technologies, research and study, and the needs of the economic society.
4.2.2 Regulatory Sandbox
Live or virtual testing of new products or services, in a (controlled) testing environment, with or without any ‘regulatory relief’ is termed a ‘sandbox’. The testing environment could be available to regulated or unregulated firms, or both. Regulator provides the appropriate regulatory support by relaxing specific legal and regulatory requirements, which the sandbox entity will otherwise be subject to, for the duration of the sandbox.
4.2.3 Benefits of Sandbox
Sandboxes appear to offer a number of benefits. Users of a sandbox can test the product’s viability without the need for a larger and more expensive roll out. If the product appears to have the potential to be successful, the product might then be authorized and brought to the broader market more quickly. Finally, if concerns are unearthed while the product is in the sandbox, appropriate modifications can be made before the product is launched more broadly.
18.104.22.168 The objective of Sandbox
Sandbox should help to encourage more FinTech experimentation within a well-defined space and duration where regulators will provide the requisite regulatory support, so as to increase efficiency, manage risks better and create new opportunities for consumers.
22.214.171.124 Eligible Applicant for Sandbox
Regulators need to specify the target audience which may include existing financial institutions, FinTech firms, and professional services firms partnering with or providing support to such businesses, etc. The applicant should clearly understand the objective and principles of the sandbox.
126.96.36.199 Criteria for joining the sandbox
The proposed financial service to be launched under the sandbox should include new or emerging technology, or use existing technology in an innovative way. The proposed financial service should address a problem, or bring benefits to consumers or the industry. The criteria should also specify the following parameters:
Type of innovation, product
Who can apply for the sandbox (e.g. only start up or also incumbents)?
Are there any limitations regarding the number of participants?
What is the authority's timeframe for the approval of application?
188.8.131.52 Boundary conditions for the sandbox and evaluation criteria
When a sandbox operates in the production environment, it must have a well-defined space and duration for the proposed financial service to be launched, within which the consequences of failure can be contained. The appropriate boundary conditions should be clearly defined, for the sandbox to be meaningfully executed while sufficiently protecting the interests of consumers and maintaining the safety and soundness of the industry.
Regulators creating the sandbox should specify the following:
Start and end date of the sandbox
Target customer type
Limit on the number of customers involved
Other quantifiable limits such as transaction thresholds or cash holding limits
Associated risk disclosure for participating in the sandbox
184.108.40.206 Exit Strategy
An acceptable exit and transition strategy should be clearly defined in the event that the proposed financial service has to be discontinued, or can proceed to be deployed on a broader scale after exiting the sandbox. There should also be an exit plan to ensure a smooth exit from the market in case sandbox participant fails.
220.127.116.11 Consumer protection
The sandbox entity should ensure that any existing obligation to its customers of the financial service under experimentation must be fully fulfilled or addressed before exiting or discontinuing the sandbox.
18.104.22.168 Regulatory requirements to be followed by the Sandbox applicants
Applicants for sandbox must comply the following regulatory requirements to ensure the interests of consumer and safety and soundness of the financial sector:
Confidentiality of customer information
Fit and proper criteria
Handling of customer’s moneys and assets by intermediaries
Prevention of money laundering and countering the financing of terrorism
Number of customers
Specific customer groups
Information to customer
22.214.171.124 Facilities generally granted to sandbox participants
Possible regulatory relaxation that may be considered by the regulators for sandbox are as under:
126.96.36.199.1 Quantitative prudential requirements
188.8.131.52.2 Corporate governance
Fit and proper criteria
184.108.40.206.3 Risk management
Technology risk management,
Outsourcing guidelines, etc.
4.2.4 Regulatory Sandbox/Innovation hubs created in other jurisdictions:
Australian Securities and Investments Commission (ASIC) released a detailed regulatory framework during May 2016 on innovation hub/sandbox allowing eligible FinTech businesses to test certain specified services without holding an Australian financial services (AFS) or credit licence. This allows eligible businesses to notify the regulator and then commence testing without an individual application process. There are five elements in the said framework as discussed under:
The first element is engagement with other FinTech initiatives, including physical hubs and co‑working spaces for start‑ups. ASIC makes senior ASIC staff available from time to time to present information and answer questions.
The second element is informal guidance from ASIC to help new businesses consider the important regulatory issues. Eligible businesses can request guidance from ASIC through its website. ASIC expects that this guidance will minimise the time and cost of applying for a licence or relief from the law.
Thirdly, ASIC has established new ‘Innovation Hub’ webpages for innovative businesses to access information and services targeted at them.
The fourth element is a senior internal taskforce to coordinate the work on new business models. The taskforce draws together learnings and skills from across ASIC.
The final element is the Digital Finance Advisory Committee (DFAC) that meets quarterly, which was established to advise ASIC on its efforts in this area. DFAC members are drawn from a cross‑section of the FinTech community, as well as academia and consumer backgrounds. Other financial regulators are observers on DFAC.
220.127.116.11.1 Eligibility criteria for Sandbox
The FinTech entities willing to provide financial services are exempted from licensing subject to the following conditions:
Banned from engaging in credit activities
Already hold a credit licence
Already be a credit representative of a credit licensee
A related body corporate of a credit licensee
18.104.22.168.2 Boundary conditions
Boundary conditions for participants in the sandbox are:
- Have no more than 100 retail clients (unlimited wholesale clients)
- Plan to test for no more than 12 months
- Have total customer exposure of no more than USD 5 million
- Have a maximum annual rate of interest at 24%
- Have adequate compensation arrangements
- Have dispute resolution processes in place
- Meet disclosure and conduct requirements
22.214.171.124.3 Consumer protection:
FinTech entities are required to maintain adequate compensation arrangement and register with an External Dispute Resolution (EDR) scheme in order to provide consumers with an outlet to settle disputes with sandbox business. The entities need to comply with key consumer protection provisions in the financial services and credit laws.
FinTechs are required to tell their clients that:
(a) they do not hold a licence;
(b) the service they will provide is being tested under the FinTech licensing exemption
(c) some of the normal protections associated with receiving services from a licensee will not apply.
126.96.36.199.4 Dispute resolution framework
To rely on the FinTech licensing exemption, FinTechs must also have in place a dispute resolution system that consists of:
(a) Internal dispute resolution (IDR) procedures
(b) Member of one or more ASIC-approved external dispute resolution (EDR) schemes.
188.8.131.52.5 ASIC Role:
ASIC retains the right to refuse or withdraw relief and may give a person a written notice that they cannot rely on the FinTech licensing exemption, due to concerns about poor conduct while relying on the exemption; failure to meet one or more of the conditions of relief; or previous misconduct.
184.108.40.206.6 Next step after the testing period
After the 12-month testing period ends, FinTechs are required to cease their operations, unless granted an AFS or credit licence; or have entered into an arrangement to provide services on behalf of an AFS or credit licensee; given the individual relief extending the testing period. Further, after the end of the testing period, FinTechs will no longer be able to offer financial services or engage in credit activities unless they comply with the law like other businesses.
220.127.116.11.7 FinTech set up in ASIC
ASIC has created the Innovation Hub/Sandbox with 2-3 staff sourced from its various functions.
18.104.22.168.8 International co-operation/MOU and agreement
ASIC has an innovation hub agreement with the UK's FCA Innovation Hub during March 2016. ASIC has also entered into an agreement with Singapore's MAS to help innovative business to expand in each other’s market faster during June 2016.
22.214.171.124 Financial Conduct Authority (FCA), UK, Regulatory Sandbox
FCA, UK has introduced a regulatory sandbox during June 2016. The sandbox aims to create a ‘safe space’ in which businesses can test innovative products, services, business models and delivery mechanisms in a live environment without immediately incurring all the normal regulatory consequences of engaging in the activity in question. The proposal is directed at authorised and unauthorised firms of both small and large scale.
The sandbox contributes to achieving the FCA’s competition objective by lowering barriers to entry (e.g. reducing time-to-market for innovative ideas), enabling greater access to finance for innovators, and enabling more products to be tested and potentially introduced to the market. Currently the FCA sandbox is running on a cohort approach. There was a two month period (May to June 2016) for firms to apply to the first cohort which aims to carry out testing activities around October 2016. The selection process is a competitive process. Based on the eligibility criteria, FCA may select the appropriate firms to join the sandbox. After a firm is chosen to enter the sandbox, FCA would work on a detailed testing proposal and the issuance of one or more of the tools the sandbox offers. Currently there are no extra charges or fees for firms which want to use the sandbox. Standard fees however might apply for the authorisations process.
Deposit taking is excluded from the sandbox proposal and restricted authorisation option is not available to firms looking for a banking license. The sandbox may be useful for firms who are not currently authorised that need to become authorised before being able to test their innovation in a live environment.
The second cohort was opened for applications from around November 2016 to mid-January 2017.
126.96.36.199.1 Eligibility criteria for Sandbox
The key requirements for applying the sandbox are that is the applicant has a genuine innovation that addresses a consumer need. To conduct a regulated activity in the UK, the firm must be authorised or registered by the FCA, unless certain exemptions apply. Firms who are accepted into a cohort will need to apply for the relevant authorisation or registration in order to be able to test. The FCA has set up a tailored authorisation process to work closely with firms accepted into the sandbox to enable them to meet these requirements. Any authorisation or registration will be restricted to allow firms to test only their ideas as agreed with the FCA. The process should make it easier for firms to meet their requirements and reduce the cost and time to get the test up and running.
The evaluation criteria by FCA for FinTech entities are as under:
Is the firm looking to deliver innovation which is either regulated business or supports regulated business in the UK financial services market?
Does the firm have a UK nexus and is it related to financial services?
Is it a genuine innovation? Is the innovation ground-breaking or constitutes a significantly different offering in the marketplace?
Is there consumer benefit? Does the innovation offer a good prospect of identifiable benefit to consumers?
Is there a need for a sandbox?
Does the business have a genuine need to test the innovation on real customers and in the FCA sandbox? Which tool is suitable for testing and why?
Is the firm ready for testing? Is the business ready to test their innovation in a live environment?
188.8.131.52.2 FCA Role:
The FCA Sandbox offers four different tools to create the safe space for firms as listed under:
Waivers or modifications to rules
No enforcement action letters
For non-FCA authorized firms, FCA has set up a limited authorization process that allows firms to meet the requirements necessary for sandbox purposes only. Upon successful completion of the sandbox, such firms can apply to have their limited FCA authorizations converted into full authorizations. Technology businesses that seek to provide services to FCA authorized firms can also apply for the sandbox and the above tools if they need clarity around applicable rules before testing.
184.108.40.206.3 Consumer Protection
Safeguards exist against potential customer detriment when innovative financial products or services are tested in real life situations. Approaches taken to protect consumers include:
Customers give informed consent to be included in testing, and they are notified of the potential risks and available compensation
FCA agrees on a case-by-case basis the disclosure, protection and compensation appropriate to the testing activity
Customers have the same rights as customers who engage with other authorised firms
Businesses undertaking sandbox trials are required to compensate any losses to customers and must demonstrate that they have the resources (capital) to do that
Consumers will have Financial Ombudsman Service (FOS) and Financial Services Compensation Scheme (FSCS) protection provided that the tested solutions fall within their jurisdiction.
The parameters for sandbox activities will have to take into account that testing should not cause risks to the financial system (i.e. the scale of testing has to be limited).
FCA may consider propositions where they are satisfied that there is a prospective direct or indirect consumer benefit
Every sandbox firm is required to have a fair exit strategy for consumers.
220.127.116.11.4 Next Step on completion of testing period
Following completion of sandbox testing, the FCA will work with participants to determine the most appropriate strategy for next steps.
18.104.22.168.5 International co-operation/MOU and agreement
FCA Innovation Hub has an innovation hub agreement with the ASIC, Australia Innovation Hub during March 2016. The UK (HM Treasury and the FCA) and Singapore (MAS) concluded a “FinTech Bridge” agreement. The agreement will enable the regulators to “refer” FinTech firms to each other. According to the FCA and the MAS, the agreement also sets out how the regulators plan to share and use information on financial services innovation in their respective markets.
22.214.171.124 Monetary Authority of Singapore (MAS), Singapore
MAS has introduced a regulatory sandbox during June 2016. Financial institutions (FIs) in Singapore are free to launch new solutions without first seeking its guidance, as long as they are satisfied with their own due diligence and there is no breach of legal and regulatory requirements. MAS published its final “regulatory sandbox” guidelines during November 16, 2016 to encourage and enable experimentation of solutions that utilise technology innovatively to deliver financial products or services. The Sandbox would be deployed and operated by the applicant, with MAS providing the appropriate regulatory support by relaxing specific legal and regulatory requirements, which the applicant would otherwise be subject to, for the duration of the Sandbox. The guidelines aim to improve the clarity, flexibility and transparency of the regulatory sandbox. The Sandbox is applicable to both FIs and FinTech companies.
126.96.36.199.1 Objective of Sandbox
MAS aims to transform Singapore into a smart financial centre by encouraging the adoption of innovative and safe technology in the financial sector. To this end, the sandbox can help to encourage more FinTech experimentation within a well-defined space and duration where MAS will provide the requisite regulatory support, so as to increase efficiency, manage risks better, create new opportunities and improve people’s lives.
188.8.131.52.2 FinTech set up
The MAS formed the FinTech and Innovation Group (FTIG) in August 2015 in order to drive the Smart Financial Centre initiatives. The FTIG is led by a Chief FinTech Officer and consists of three offices, namely Payments & Technology Solutions Office, Technology Infrastructure Office and Technology Innovation Lab. The group is responsible for formulating regulatory policies and developing strategies to facilitate the use of technology and innovation to better manage risks, enhance efficiency, and strengthen competitiveness in the financial sector.
184.108.40.206.3 Criteria for joining the sandbox
The major criteria for evaluation to join the sandbox are as under:
a. The proposed financial service includes new or emerging technology, or uses existing technology in an innovative way
b. The proposed financial service addresses a problem, or brings benefits to consumers or the industry
c. The applicant has the intention and ability to deploy the proposed financial service in Singapore on a broader scale after exiting the sandbox
d. The test scenarios and expected outcomes of the sandbox experimentation should be clearly defined
e. The sandbox entity should report to MAS on the test progress based on an agreed schedule
f. The appropriate boundary conditions should be clearly defined, for the sandbox to be meaningfully executed while sufficiently protecting the interests of consumers and maintaining the safety and soundness of the industry
g. Significant risks arising from the proposed financial service should be assessed and mitigated
h. An acceptable exit and transition strategy should be clearly defined
220.127.116.11.4 Time frame for regulatory approval
MAS will review the application and inform the applicant of its potential suitability for a sandbox within 21 working days after receiving the required information.
18.104.22.168.5 Boundary conditions for the sandbox and evaluation criteria
Given that the sandbox would operates in the production environment, it must have a well-defined space and duration for the proposed financial service to be launched, within which the consequences of failure can be contained. The appropriate boundary conditions set by MAS are as under:
Target customer type
Limit on the number of customers involved
Other quantifiable limits such as transaction thresholds or cash holding limits
Associated risk disclosure for participating in the sandbox
22.214.171.124.6 Exit Strategy
An acceptable exit and transition strategy should be clearly defined in the event that the proposed financial service has to be discontinued, or can proceed to be deployed on a broader scale after exiting the sandbox. There should also be an exit plan to ensure a smooth exit from the market in case sandbox participant fails.
126.96.36.199.7 Consumer protection
The sandbox entity should ensure that any existing obligation to its customers of the financial service under experimentation must be fully fulfilled or addressed before exiting the sandbox or discontinuing the sandbox. Customers need to be informed that the FinTech solution is operating within a Sandbox. For the purpose of transparency and provision of information to customers, relevant information of all approved sandbox applications such as the name of the applicant, and the start and expiry dates of the sandbox experimentation, will be published on MAS’ website.
188.8.131.52.8 Agreement with other Regulators
In March 2016 UK (HM Treasury and the FCA) and Singapore (MAS) concluded a “FinTech Bridge” agreement. The agreement will enable the regulators to “refer” FinTech firms to each other. According to the FCA and the MAS, the agreement also sets out how the regulators plan to share and use information on financial services innovation in their respective markets. The MAS has an agreement in place during June 2016 with Australia's ASIC to help innovative businesses expand in each other’s market faster.
184.108.40.206.9 Development of Insurance Technology (Insurtech) ecosystem
In response to a growing demand for personalised services and addressing individual needs, MAS provides significant investment and resources to spur the growth of insurtech in Singapore. Over the years incumbent insurers have built accelerators of digital labs. Examples include Aviva Digital Garage, Metlife’s Lumen Lab, AXAá data Innovation Lab in Singapore.
220.127.116.11 Dutch Central Bank (DNB)-Authority for Financial Markets (AFM)
Dutch Central Bank (DNB) and Netherlands Authority for the Financial Markets (AFM) created a pilot FinTech Innovation Hub in June 201616 to support market participants that seek to market innovative financial services or products but are unsure about the rules. The Hub aims to create room for innovation in the financial sector. The Hub offers new entrepreneurs and incumbents the opportunity to submit questions about regulations directly to a supervisory authority, irrespective of whether they are currently subject to supervision. The Hub is primarily intended to provide informal support to new entrants at an early stage of developing an innovative product or financial service. Innovation Hub facilitates access to the supervisory authorities for financial market operators by offering a central point of contact by the both supervisors and providing a coordinated approach to possible support. The Hub has created a central site for innovation-related issues. These include consultations, policy proposals, frequently asked questions and other useful information for new and current market players.
18.104.22.168.1 Objective of Sandbox
DNB's stated objective is to seek to achieve solid and ethical financial institutions and a stable financial sector. The AFM stated focus is on orderly and transparent financial market processes, clear relations between market operators and diligent customer care. According to both, these objectives are best ensured in a financial sector that offers scope for effective competition and variety. The Dutch competent authorities outline three policy options that may facilitate market entry for new and innovative financial services or activities provided by new or established players in the market.
- Creating a “regulatory sandbox”, which leverages the scope offered by the law when interpreting the rules. By doing so the supervision standards will not be relinquished, but merely reviewed and fine-tuned to facilitate innovation.
- To facilitate access to the Dutch financial sector, banks could also take advantage of partial authorisation, for instance if they do not plan to take on all the activities covered by the authorisation.
- Provisional authorisation might also prove to be an option that offers the best solution for some initiatives.
22.214.171.124.2 Criteria for joining the sandbox
The regulatory sandbox is available to all financial services companies looking to operate an innovative financial product, service or business model, whether as supervised players or newcomers. To guarantee the security of the financial system as much as possible, financial services companies must meet a number of criteria and will be eligible for the sandbox if the following preconditions are met:
- The innovative product, service or business model contributes to one or more of the objectives of the financial supervision laws: The solidity of financial services companies and stability of the financial system; orderly and transparent financial market processes, clear relationships between market operators and careful treatment of customers.
- The application of the innovative product, service or business model runs into policy or legal barriers that the financial services company cannot reasonably overcome, although it does meet the underlying aim of such policies or laws.
- The financial services company’s corporate processes include procedures and measures to protect the solidity of the financial services company, the interests of those buying its financial services or products and of any of its other stakeholders.
126.96.36.199.3 Time frame for regulatory approval
The regulatory sandbox is available from January 01, 2017 and participants are able to apply anytime. The supervisor in charge will determine how and under what conditions the sandbox can be put in place, and how such arrangements are recorded will depend on the type of sandbox. That said, both the financial services company and the supervisor will be clear beforehand on how the arrangement is set up, how long it will remain in place and what terms and conditions apply.
188.8.131.52.4 Boundary conditions for the sandbox and evaluation criteria
After a pre-set period, the duration of the sandbox may differ on a case-by-case basis. Depending on the type of arrangement, the supervisor may find that the sandbox needs adapting, can stay in force indefinitely or should be discontinued. However, the supervisors can partially or wholly end, change or constrain the sandbox, or impose additional requirements at any time. As the Netherlands are part of the European Union and the Single Supervisory Mechanism, the authorities have indicated that most applications for sandbox are approved within the scope of their own policies.
184.108.40.206.5 Exit Strategy
The exit plan should identify the possible and most likely causes of the business failing and the triggers that will set in motion the exit plan. In addition, the exit plan should describe the decision-making process and procedures that will follow once the exit plan is activated and identify the team or crisis team that will execute the exit plan. Furthermore, the exit plan should offer at least one alternative if the basic scenario proves not feasible for any reason. Finally, the exit plan should identify essential functions that will need to continue once the exit plan is activated.
220.127.116.11 USA: OCC Special Purpose National Bank Charters for FinTech Companies
18.104.22.168.1 On December 2, 2016, the OCC released a paper entitled 'Exploring Special Purpose National Bank Charters for Fintech Companies' that sets forth the OCC’s plans to allow FinTech companies to apply to become special purpose national banks. The OCC requested comment on the proposal, with the comment period closing on January 15, 2017. The OCC’s special purpose charter is a licensing system, not a space for piloting or testing new products. The charter is designed to be a more permanent license, while participants in the sandboxes often need to go through another application process, expedited for some, at the end of their pilot or testing program. Sandboxes often have limitations on the test market, such as number of clients and products, while the OCC’s special purpose charter does not restrict the same. Fintech companies receiving an OCC special purpose charter would generally be subject to the same type of regulatory oversight as a national bank.
Fintech companies that are eligible to apply for charters are those that engage in fiduciary activities or in at least one of the three “core banking” activities that include receiving deposits, paying checks, or lending money. The eligibility decision will be made by the OCC on a case-by-case basis.
22.214.171.124.2 Regulatory applicability:
Fintech companies with special charters will be subject to the same laws, regulations, examination, reporting requirements, and ongoing supervision as other national banks.
State laws, as they apply to national banks, including fair lending, unfair and deceptive acts and practices, and debt collection, will also apply.
The OCC may extend a framework for receivership of an uninsured national bank to FinTech companies with special charters that are not insured.
Most special purpose national banks become members of the Federal Reserve System. In that case, status and Federal Reserve regulations for member banks will be applicable to special purpose national banks.
A FinTech company that proposes to accept deposits other than trust funds would be required to apply to, and receive approval from, the FDIC for deposit insurance.
Fintech companies can receive a charter without being insured by the FDIC, if they do not take deposits.
If special purpose national banks engage in activities that are regulated under a federal consumer financial law, they may be subject to oversight by the CFPB.
The OCC has the right to apply additional conditions in connection with granting special purpose charters, such as capital, liquidity, safety and soundness, compliance risk management and encouraging financial inclusion and fair lending.
126.96.36.199.3 The OCC paper states that entities interested should provide the following:
A robust, well-developed business plan
A governance structure that commersurate with the risk and complexity of the firm - the Board of Directors must have a prominent role
Capital levels, liquidity, and compliance risk management commensurate with risks and products
A financial inclusion plan – in particular, lenders should demonstrate a commitment to financial inclusion
A recovery plan and exit strategy
HKMA has commissioned ASTRI to carry out a comprehensive study on distributed ledger technology (DLT). First stage of this research project is completed and a white paper has been published. HKMA-ASTRI FinTech Innovation Hub - equipped with high-powered computing resources and supported by the experts at ASTRI to allow banks, payment service providers, FinTech firms and the HKMA to brainstorm innovative ideas, tries out and evaluates new FinTech solutions in a safe and efficient manner.
FinTech Supervisory Sandbox was launched in September 2016 in order to create a regulatory environment that is conducive to FinTech development. The stated purpose of the Sandbox is to enable banks to conduct pilot trials of their FinTech initiatives in a controlled production environment without the need to achieve full compliance with the HKMA's usual supervisory requirements. So far, two banks have already made use of the Sandbox to conduct pilot trials of their biometric authentication and securities trading services.
4.3 Regulatory response in other jurisdictions
4.3.1 Bank of Japan FinTech Center- April 201618
The Japan Financial Services Authority (JFSA) established the “FinTech Support Desk” in Dec, 2015. The Desk is a one-stop contact point for inquiries and opinions pertaining to business involving FinTech in relation to Japan’s financial environment. The staff members are partially dedicated to FinTech and innovation. Bank of Japan also created a FinTech center in April 2016. The Center plays an active role as a catalyst for promoting interaction among financial practices and innovative technologies, research and study, and the needs of the economic society. The center engages to support, advise or guide regulated and unregulated firms to develop FinTech and enhance financial services. The Center is a section of the Payment and Settlement Systems Department of the Bank of Japan. Companies from a wide range of sectors have access to the Center. They include banks, financial institutions, IT firms, consulting companies, law firms, and start-up/venture companies. The Bank has also built up a “FinTech network” comprised of a wide range of staff drawn from the relevant departments of the Bank. This FinTech Network, for which the FinTech Center functions as the secretariat, promotes the sharing of information and expertise related to FinTech in a cross-sectoral manner within the Bank.
4.3.2 China: China Banking Regulatory Commission (CBRC)
The P2P lending industry in China is the largest in the world with hundreds of platforms offering diverse services but it is not regulated currently. As per the media reports, China's P2P lending sector is currently estimated at USD 60 billion. China Banking Regulatory Commission (CBRC), Ministry of Public Security, Cyberspace Administration of China, and the Ministry of Industry and Information Technology issued guidelines on P2P lending during August 2016. The major areas of regulatory framework are: P2P platforms will not be able to take deposits, nor provide any forms of guarantee for lenders; not be permitted to sell wealth management products; P2P firms can neither guarantee investment returns nor investment principal.
4.3.3 Bank of Italy
The Bank of Italy is currently interested in analyzing the implications of technological innovations in payment systems and financial markets. In light of the above, the Bank of Italy is monitoring market developments, and in particular new emerging actors and new service offerings, to observe and consequently to assess and mitigate potential market risks and misbehaviors. Considering the high interest of market operators in the blockchain and distributed ledger technology (DLT), the Bank of Italy set up an internal working Group with the aim of analyzing new developments in the adoption of this technology.
The objectives of the working Group are: i) analysing possible future scenarios in which blockchain and distributed ledger technologies can be used by financial intermediaries; ii) supporting the Bank’s supervisory department and oversight department in analyzing any initiative presented by supervised entities and in defining any policy stance; iii) managing the interaction with market operators; and (iv) research.
5. Emerging Regulatory and Supervisory issues in India
5.1 Regulatory and Supervisory response in India
FinTech has significant implications for the entire financial system in India. The multiplicity of firms and a mosaic of business models complicate the classification of the various types of activities, products and transactions covered under the FinTech spectrum.
Though the western world has been using the term 'FinTech' for some time, it has only recently become a buzzword in India. Notwithstanding this, FinTech has, since quite some time, gathered momentum in the country. However, as of now, the FinTech risks are being looked at more in terms of what is associated with the traditional IT systems, such as cyber-security risks. While the IT related risks are no doubt multiplying manifold under FinTech, the whole gamut of issues under the FinTech umbrella, particularly those of regulatory concern, have to be responded to on priority. It is, therefore, necessary to examine these issues and outline the contours of an appropriate regulatory strategy. However, FinTech treads across several activities that are within the scope of different financial sector regulators.
5.1.1 RBI issued a consultation paper on P2P lending in April 2016. Some of the issues raised in the consultation paper are as under:
Regulations may also be perceived as too stringent, thus stifling the growth of an innovative, efficient and accessible avenue for borrowers who either do not have access to formal financial channels or are denied loans by them.
The market for P2P lending is currently in a nascent stage and they neither pose an immediate systemic risk nor any significant impact on monetary policy transmission mechanism.
In its nascent stage, this industry has the potential to disrupt the financial sector and throw surprises. A sound regulatory framework will prevent such surprises.
P2P lending promotes alternative forms of finance, where formal finance is unable to reach and also has the potential to soften the lending rates as a P2P Lending result of lower operational costs and enhanced competition with the traditional lending channels.
If the sector is left unregulated altogether, there is the risk of unhealthy practices being adopted by one or more players, which may have deleterious consequences.
It has been proposed in the consultation paper to bring the P2P lending platforms under the purview of Reserve Bank’s regulation by notifying P2P platforms as NBFCs.
5.1.2 Monitoring framework for new technologies / innovations
The RBI as regulator and supervisor of payment systems has been playing the role as the catalyst / facilitator for innovations in payment systems. The Payment and Settlement System Vision – 2018 also covers this aspect appropriately under the Strategic Initiatives – Responsive Regulation and Effective Oversight. In order to ensure that regulations keep pace with the developments in technology impacting the payment space, the global developments in technology such as distributed ledgers, blockchain, etc. will be monitored, and regulatory framework, as required, will be put in place. Further, the payments eco-system is dynamically evolving with the advancements and innovations taking place, particularly in the area of FinTechs. In order to provide a platform for innovators to showcase their models to the industry, particularly in the areas of interest to payment systems and services, the Reserve Bank has organized an innovation contest through the Institute for Development and Research in Banking Technology (IDRBT). Learnings from such interfaces will also be used as inputs for policy adaptations. RBI has taken various initiatives in the technology-enabled banking space as listed below:
Issued in-principle approvals for Payments Banks, of which some have since been licensed
Allowed entry of non-banks in the payments space both as payment system operators and technology service providers
Introduced Bharat Bill Payments System (BBPS)
Published a consultative paper on Card Payment Infrastructure
Issued a consultation on Peer to Peer (P2P) lending
Issued Directions on Account Aggregators
Authorised payment solutions provided by NPCI such as NACH, AEPS, IMPS, Unified Payment Interface (UPI)
Given in-principle approval for National electronic toll collection project.
Set up the framework for the electronic Trade Receivables Discounting System (TReDS) to improve flow of funds to MSMEs
5.2 Impact on Financial inclusion
The Government of India and the Reserve Bank are actively promoting financial inclusion with schemes like Jan Dhan Yojana, Aadhaar enrolment and licensing of Payment Banks /Small Finance Banks, to name just a few. The FinTech companies across the nation are taking the advantage of these initiatives for expanding financial inclusion in the following areas by leveraging technology.
|S. No. ||Area of Financial Inclusion ||Use of FinTech |
|1 ||Augment the government social cash transfer in order to increase the personal disposable income of the poor. It would put the economy on a medium-term sustainable inclusion path. ||Easy cash transfer App |
|2 ||Banks should make special efforts to step up account opening for females belonging to lower income group under this scheme for social cash transfer as a welfare measure (Sukanya Shiksha Scheme). ||Modification to existing Bank FinTech App. |
|3 ||Aadhaar should be linked to each individual credit account as a unique biometric identifier which can be shared with Credit information bureau to enhance the stability of the credit system and improve access. ||Integration of Aadhaar Infrastructure |
|4 ||Bank’s traditional business model should be changed with greater reliance on mobile technology to improve ‘last mile’ service delivery. ||Enhanced Mobile Banking |
|5 ||Increase the formal credit supply to all agrarian segments through Aadhaar-linked mechanism for Credit Eligibility Certificates (CEC). ||Digitisation of land records |
|6 ||Corporates should be encouraged to nurture Self Help Groups (SHGs) as part of Corporate Social Responsibility (CSR) initiative. ||Loan / Payment App. |
|7 ||Replacement of Government’s current agricultural input subsidies on fertilizers, irrigation and power by a direct income transfer scheme as a part of second generation reforms. ||Direct Account Transfer App with the help of Aadhaar Infrastructure |
|8 ||Introducing universal crop insurance scheme by Government covering all crops starting with small and marginal farmers with monetary ceiling of Rs. 2 lakhs. ||Crop Insurance App |
|9 ||To provide credit guarantees in niche areas for micro and small enterprises (MSEs). It would also explore possibilities for counter guarantee and re-insurance. ||Multiple Guarantee App for agencies |
|10 ||Introduction of UID for all MSME borrowers and information from it should be shared with credit bureaus. ||UID for MSME App. |
5.3 Initiatives taken by other financial market regulators in India
188.8.131.52 Specifically, considering the financial sector and the evolution of SEBI over the last two and a half decades, it is believed that increasing preponderance of technology has been largely beneficial to the financial markets, increasing the efficiency of trading systems, reducing overall cost of transactions and most importantly democratising the reach of financial markets and increasing retail participation. SEBI on its part has also made its best efforts to evolve with the changing technological landscape. Screen Based Trading, nationwide trading systems and dematerialisation of shares are amongst the biggest gifts of the technology revolution which has brought significant reforms in the Indian capital market.
184.108.40.206 In the recent past one of the most pertinent innovations in financial sector is the adoption of algorithmic and machine based trading. Additionally, tools like robot advisors in the investment advisory space are another innovation gathering speed in recent times. Another important innovation is the emergence of social media, which serves as the carrier of news - financial or otherwise - faster than any other mode and more importantly with a very wide reach.
220.127.116.11 It has also been observed that market participants in other securities markets are exploring the usage of BlockChain or Distributed Database technology to provide various services such as clearing and settlement, trading, etc. Indian securities market may also see such developments in near future and, therefore, there may be a need to understand the benefits, risks and challenges such developments may pose.
5.3.2 Insurance Sector
18.104.22.168 A number of emerging forces are creating pressure across the insurance value chain, with the potential to redefine the structure of the Indian market. Insurance is typically considered one of the functions within financial services where the adoption of innovation has been the slowest. However, over the past decade, many innovative practices such as digital channels and process automation have been gradually adopted by many insurers. This has been especially true in personal lines of business while large commercial lines have continued to focus on establishing a “personal touch” across the value chain. Traditional broker / agent in-person distribution faces significant competitive pressures from digital channels in personal lines. Distribution partnerships with banks and retailers through white-labelling and over-the-counter products have become increasingly popular.
22.214.171.124 In some geographies, customer-centric high-touch services have emerged to provide differentiated claims experience. Some of the initiatives taken in the recent past are:
The adoption of digital channels has begun to replace manual time-consuming processes to empower customers and / or workforce
Innovation labs within insurance companies are being established to combine brand and product managers with technological and analytical resources
New products increasingly require integration with 3rd party data providers
Advanced statistical models are being deployed to understand the correlation between measurable factors and risk (actuarial) using historical data
A large portion of pricing risks with collected data (underwriting) has been automated over the years to improve accuracy and speed, especially with the advent of out-of-box solutions
126.96.36.199 Advancing technologies, changing customer preferences and the market landscape are enabling a number of innovations and trends, which are likely to create pressure across the insurance value chain. As a result, the insurance value chain will be increasingly disaggregated in the future, changing the nature of the insurance business. The rise of online aggregators and the potential entry of technology players could disaggregate the distribution of personal and small commercial policies and separate insurers from the ownership of customer relationships.
188.8.131.52 New sources of capital and investment management capabilities, such as hedge funds and investment banks, are aggressively moving into the insurance industry through innovative securitisation products, offering more cost-effective options to fund policies. In order to remain competitive in the face of a disaggregating value chain insurers will need to reconsider which core competencies they will invest in to maintain a strong competitive position.
184.108.40.206 FinTech companies take an approach that is more collaborate than disruptive. This has given the financial services sector a sense of security because incumbent players are not threatened by start-ups that are out not to disrupt but to collaborate, seemingly cementing the financial institutions position as undefeated incumbent. Insurance companies may collaborate with Insurtech entities or start-ups to provide better customer experience in a cost effective manner.
5.4 Cyber security and FinTech
Since early 1990s (accelerated in 2000s) with entry of New Pvt. Sector banks, the PSU banks have also embraced technology by leaps and bounds in the last decade or so. But the key shift has been brought in by consumer demand for real-time and always ON (anytime/anywhere) banking aided by growing demand coming from explosive growth in use of personal computing devices and internet connectivity, innovative products (plastic cards, now contactless cards, future - internet of things) by consumers. The banks have also been trying to make their processes more efficient and continuously looking for ways to leverage enhanced level of engagement with customers with a view to offering innovative products and services keeping in view cost, convenience and profitability factors. Being a largely service based industry, there is a high degree of dependency on technology for delivering services (be it from sourcing to servicing) by banks and competitive pressures to continually innovate in order to retain customers in the wake of entry of niche players/new players/entrants (banks, small finance banks, payment banks).
The advancements in technology and shift in consumer preferences driven by (SMAC – social media, mobility – mobile computing, analytics – big data, cloud computing, etc.) have further brought on opportunities and challenges in terms of their utility/efficiency, complexity of products, deployment architecture, accompanied by persistent concerns over consumer protection in this era of instant communication and real time transactions, sometimes through opaque channels. The propensity to adopt the latest and deploy the emerging technologies, computing devices is not perhaps commensurate with the growth in understanding/awareness of their pitfalls, by both consumers and banks alike. In the eagerness to provide innovative products and services through digital channels and reducing cost of transactions/services/processes, banks are resorting to outsourcing (managed products/services), quicker development and deployment cycle of products/services/processes without due emphasis/rigor in security design and testing and this, often leaves loopholes for attackers to exploit.
Along with the benefits that the technology advancements have brought in, with increased reach of connectivity (internet) and geo political/macro-economic factors, we are beginning to see another side/dark side of the technology in the form of cyber-attacks. The sophistication of cyber-attacks are on the rise and may well continue in the future with connected devices set to exceed the human population at some point in the future.
Cyber Security is an issue that has been growing in importance with the advancements in technology. From a securities market point of view, some developed jurisdictions have observed cases of hacking of trading accounts for market manipulation. However, the same is as yet unheard of in Indian market, largely on account of separation of trading and bank accounts. Consequently, while infeasible (from the point of view of manipulator/offender) because of the practicality issue of hacking multiple accounts, hacking of trading accounts and like activities, is not impossible in the Indian context. However, the real danger here could be an attack on the systems of Market Infrastructure Institutions or even the Regulator for that matter as targets of economic terrorism or warfare.
5.4.1 Customer Data Protection (CDP)
The FinTech entities are heavily dependent on technology for each and every product they offer to their consumers. These entities may collect various personal and sensitive information about the customer and become the owners/custodians of such data. Therefore the onus of CDP lies with these entities ranging from data Preservation, Confidentiality, Integrity and Availability of the same, irrespective of whether the data is stored/in transit within themselves or with customers or with the third party vendors; The confidentiality of such custodial information should not be compromised at any situation and to this end, suitable systems and processes across the data/information lifecycle need to be put in place by the FinTechs.
Section 43A of the Information Technology Act, 2000, provides for payment of compensation by a body corporate in case of negligence in implementing reasonable security practices and procedures in handling sensitive personal data or information resulting in wrongful loss to any person. In terms of section 72A of that Act, disclosure of information, knowingly and intentionally, without the consent of the person concerned and in breach of the lawful contract has been also made punishable with imprisonment for a term extending to three years and fine. Hence, that data protection is generally governed by the contractual relationship between the parties, and the parties are free to enter into contracts to determine their relationship defining the terms personal data, personal sensitive data, its dissemination, etc. As such, it may be necessary to emphasize the need for an exhaustive stand-alone legislation on data protection in India keeping in mind the innovations in FinTech and risk to personal data which comes to the possession of these entrepreneurs.
5.4.2 Classification of Customer / Organization Data (CCOD)
The FinTech entities should classify data / information based on information classification / sensitivity criteria of the organization. It becomes important to appropriately manage and provide protection within and outside organization borders/network taking into consideration how the data/information are stored, transmitted, processed, accessed and put to use within/outside the bank’s network, and level of risk they are exposed to depending on the sensitivity of the data/information.
5.4.3 Adherence to Safe Transaction Principles (STP)
A transaction in the IT parlance is termed as successful, if the transaction does not suffer from loss of confidentiality, loss of integrity, and loss of availability. These three together are referred as the security triad / the CIA triad. The three consequences of lack of CIA leads to “Data Leakage to Unauthorized Parties”, “Data Tampering / Destruction by an Unauthorized Party”, “Non Availability of the Data / System at times it is really needed”. The FinTech entities need to satisfy these principles in order to build faith in the new ecosystem.
5.4.4 Network Management and Security (NMS)
The FinTech entities should establish a common / individual Security Operation Centre (SOC) to monitor the adherence to Standard Operating Procedures (SOP) of the all major IT activities. A Security Incident and Event Management Systems (SIEM) is of great help to monitor these, which the entities may induct as part of their monitoring services.
5.4.5 Configuration / Patch Management Systems
The FinTech entities should install systems and processes to identify, track, manage and monitor the status of patches to operating system and application software running at end-user devices directly connected to the internet and in respect of Server operating Systems / Databases / Applications / Middleware, etc.
5.4.6 Audit Management
The FinTech entities should be subject to Detailed Application Control Review (DACR) of the entire Application Development Life Cycle (ADLC) as well as functionalities.
5.4.7 Quality Management
The FinTech entities should acquire industry quality management certifications facilitated by International Organization for Standardization (ISO) / Payment Card Industry Security Standards Council, etc as applicable.
5.4.8 Vulnerability Assessment and Penetration Testing (VAPT)
The FinTech entities should periodically assess / reassess the systemic vulnerabilities by conducting VAPT tests.
5.4.9 Audit Log Management System (ALMS)
The FinTech entities should implement ALMS to periodically validate settings for capturing of appropriate logs / audit trails of each device, system software and application software, ensuring that logs include minimum information to uniquely identify the log for example by including a date, timestamp, source addresses, destination addresses, and various other useful elements of each packet and/or event and/or transaction.
5.4.10 Incident Response & Management Framework (IRMF)
The FinTech entities need to have clear procedures for responding to cyber incidents and a mechanism for dynamically recover from cyber threats. Technical progress fosters innovation, but it also entails new risks. At the same time, the primary mandate of the regulator is to protect the users of financial services and the stability of the financial system. In this section, we analyse two issues the regulator needs to focus on: the threat of cyber‑attacks and the risks related to the outsourcing of certain traditional bank activities. Companies in the banking and financial sectors are prime targets for cyber‑attacks, and the emergence of online services, designed to be simple and interactive, only heightens this risk. In a worst case scenario, it is possible to imagine a wave of concerted attacks triggering a liquidity squeeze in the markets and threatening the solvency of sector participants. For regulators, however, the difficulty is knowing how to evaluate these new risks. There are no historical examples that can be used to construct realistic scenarios. All regulators can do is to take a pragmatic approach, defining plausible attack scenarios and testing the defence mechanisms put in place by digital enterprises. This task is made all the more difficult by the fact that ongoing financial innovation is constantly opening up new possibilities of attack. Only by developing in‑depth expertise in this field can the regulators expect to effectively fulfil their role.
The second source of risk is the outsourcing of certain tasks in the financial transaction processing chain. Before the technological revolution, it was usual for banks to carry out all tasks in the value chain internally, so that all these tasks were subject to supervisoey oversight. These days, this is increasingly rare, both for conventional players and new market entrants. In the case of conventional banks, for example, cost pressures have pushed them to offload some tasks to unregulated entities.
6 Way Forward – for stakeholders
6.1.1 FinTech powered business should ideally be undertaken by only regulated entities, e.g. banks and regulated payment system providers. The forms of business which can be undertaken by, say, a banking company are specified in section 6 of the Banking Regulation Act, 1949 and no banking company can engage in any form of business other than those referred to in that section. This provision however also enables a banking company to do such other things which are incidental or conducive for the promotion or advancement of its business. Banking companies can therefore form subsidiaries for undertaking any business which supports their main business. Subsidiaries can also be formed for undertaking such other business which Reserve Bank may, with the approval of the Central Government, consider to be conducive to spread banking in India or to be otherwise useful for necessary in the public interest [section 19(c), BR Act]. These provisions give room for banking companies to undertake focused innovative FinTech business relevant to their operations, via a dedicated subsidiary, while remaining within the legal framework of the Banking Regulation Act. However, as FinTech innovations are typically multiple-use, with significant applications beyond financial regulation, it may be inefficient and counterproductive to restrict core FinTech activities to only those entities and applications which are covered under financial regulation/supervision.
6.1.2 The Payment and Settlement Systems Act, 2007 provides for authorisation, regulation and supervision of payments systems by Reserve Bank. A payment system is defined in that Act as a system that enables payment to be effected between a payer and a beneficiary, involving clearing, payment or settlement service or all of them, but does not include a stock exchange or clearing corporation set up under a stock exchange. It is further stated by way of an explanation that a “payment system” includes the systems enabling credit card operations, debit card operations, smart card operations, money transfer operations or similar operations. As the bulk of FinTech innovations do not amount to ‘payment system’ as defined under that Act, they will not fall under its regulatory framework.
6.1.3 Section 35A of the Banking Regulation Act empowers the Reserve Bank to issue directions to banking companies in public interest and in the interest of banking polices, etc. Reserve Bank is also empowered under section 36 of the BR Act to caution or prohibit banking companies generally and generally to give advices to banking companies. As regards payment systems, section 17 of the Payment and Settlement Systems Act gives the RBI the power to issue directions to payment systems and systems participants. It may be possible for the Reserve Bank to invoke these provisions in case FinTech innovations used by these regulated entities require RBI intervention. However, there is scope for developing a legal framework that sets out the broad contours of what principles financial innovations should conform to.
6.1.4 Faced with the profound changes that FinTech is bringing to the banking and financial sectors, regulators need to take care to avoid two pitfalls. The first is overprotecting incumbents by erecting barriers to entry for newcomers. Doing so would discourage financial innovation and stifle competition in the financial sector. The second potential pitfall is choosing instead to unduly favour newcomers by regulating them less stringently than incumbents, in the name of fostering competition.
Regulators have a difficult role to play as their decisions have both a direct and indirect impact on competition between incumbent firms and newcomers. They have to provide a level playing field for all participants, but at the same time foster an innovative, secure and competitive financial market.
6.1.5 The Watal Committee Report has noted that the current law does not impose any obligation on authorised payment systems to provide open access to all PSPs. This has led to a situation where access to payment systems by new non-bank payments service providers, including FinTech firms, is restricted. Most of them can access payment systems only through the banks, which are also their competitors in the payments service industry. This, according to the Committee, has restricted fast-paced expansion of digital payments in India by hindering competition from technology firms19.
6.1.6 FinTech companies that require to connect to banking systems to serve their customers tend to face restrictive practices. This anti-competitive setting may not be conducive for innovation and consumer interest. Moreover, India may not then reap the full benefits from global innovation as international technology based PSPs would not find it attractive to grow in India. That said, the approach of RBI has been to regulate non-bank payments service providers lightly. This has enabled them to emerge as significant players in a relatively short time frame. This growth now needs to be nurtured in a balanced way, so that banks have competitive pressure to innovate and non-banks have adequate opportunity to compete, without losing sight of systemic stability.
6.1.7 Globally, the above approach has been recognised and structural changes have been put in place to ensure that the consumers benefit the most from this technology led payments revolution. This is true for many progressive economies including countries in European Union (including UK), Australia and South Africa. The common themes across these jurisdictions is to promote increased participation of non-banks in payments, and promote access and competition in the payments industry.
6.1.8 The Watal Committee Report recommends that the regulator should enable a formal framework for a regulatory sandbox. A regulatory sandbox can be used to carve out a safe and conducive space to experiment with FinTech solutions, where the consequences of failure can be contained.
6.1.9 IDRBT, an institute established by the Reserve Bank of India exclusively for research and development in the area of banking technology, has been working closely with banks and technology companies. The institute, at the instance of RBI, organized a payment system innovation contest in the year 2016. There have been several entries from academicians, banks, start-ups from India and other countries. The Institute awarded prizes to best entries, after a rigorous evaluation process. Similarly, the Institute has brought out a white paper on application of block chain technology in banking and finance. The white paper also describes a Proof of Concept exercise in the area of trade finance, done with active participation of NPCI, banks and an international solution provider. The institute has facilities for testing mobile apps, which are being used by banks.
6.1.10 In view of IDRBT’s unique positioning as a RBI established institute, and its expertise and experience, it is felt that IDRBT is well placed to operate a regulatory sandbox, in collaboration with RBI, for enabling innovators to experiment with their solutions for eventual adoption. The Institute may continue to interact with RBI, banks, solution providers regarding testing of new products and services and over a period of time upgrade its infrastructure and skill sets to provide a full-fledged regulatory sandbox environment. The Reserve Bank of India may actively engage with the Institute in this regard. Other regulators may also leverage the expertise of IDRBT to provide sandbox for respective sectoral solutions.
6.1.11 It is possible, however, to outline a number of general regulatory principles. The first should be to maintain a neutral stance with regard to technological advances. Regulations should foster healthy competition between players, regardless of whether they offer conventional approaches or use new technological solutions. We need to avoid putting unnecessary obstacles to growth for new entrants. The second principle is that we have harmonised sets of rules, inter-operability and platform utilization security protocols, covering a given activity across all players simultaneously, rather than treating players differently according to their characteristics, an approach that would artificially segment the market and hence limit competition. The third principle is that regulators must also act in the interests of users, protecting them in a changing environment that can pose new, unanticipated risks. The fourth principle is that systemic stability concerns should be addressed.
6.1.12 Respecting these principles in equal measure will clearly be difficult, and giving one principle priority could undermine the others. The role of the regulator is to find the right balance.
6.1.13 Regulators are responding to challenges posed by technological innovation and are seeking to strike a balance between mitigating the potential risks associated with this development, and not impeding the positive effects of innovation. The range of actions taken by various regulators include:
Research and publishing papers on FinTech developments
Proactive engagement with existing firms and new entrant FinTech firms
Modifications to supervisory processes;
New guidance or regulations
6.1.14 It would be difficult for a regulator to imagine and fully anticipate what kind of innovations can take place in the market and their impact on the broader market and institutions. Generally, the need for a certain service creates demand for the product, which the entrepreneurs tap, and try to make a business model out of it. At times, products are designed in advance and the market is created for such product. While encouraging such innovations, as already stated, the challenge would be to keep in mind systemic risk, which may arise with greater innovation; consequently, risk management measures would need to be in place.
Illustratively, a securities market regulator (e.g. SEBI) would want to minimise the impact of tail events like flash trades, freak trades or malfunctioning of Algos, etc. For example:
The technology should not prove a hindrance or obstacle for surveillance or investigation function of SEBI.
Cases have been observed in the recent past of usage of tools like SMS to spread misinformation relating to specific scrips; there is the possibility of usage of similar tools to spread general market wide panic. The challenge in this case is twofold; firstly, in terms of prevention of such activity, which presently at least, seems infeasible for all practical purposes. Secondly, the challenge of establishment of audit trail post the concerned event makes it difficult to identify and nail the actual culprit/brain behind the activity. Such acts are observed to have taken place under layers and layers of front entities, some of which may not even be within the jurisdictional reach or ambit of the regulator, geographically, legally or otherwise and necessary supervisory response might require inter-regulatory and cross jurisdictional coordination, in addition to the technological capacity to identify such issues.
6.1.15 The use of technology has been of great help for increasing the reach of the financial services and has also facilitated the ease of doing business. Regulators can be open to considering all these FinTech options and facilitating the same, so long as these serve to subserve their regulatory mandate without compromising on the risk associated with such innovations. As and when such products are introduced or emerge in the market, the issue for consideration before the regulator would be to assess the product and its implications for stakeholders, and how to monitor its use.
6.1.16 Realignment of regulatory approach
Regulators therefore need to examine how their approach can be brought more closely in line with a financial sector that is undergoing structural change. Regulators need to also examine whether and how their regulations impose barriers to innovation and whether, and to what extent, these can be removed. There is a need to develop a deeper understanding of various FinTech products and their interaction with the financial sector and thereby their implications on the financial system, before actively regulating this space.
In this regard, the following steps are recommended by the Working Group:
The regulatory actions may vary from “Disclosure” to “Light-Touch Regulation & Supervision” to a “Full-Fledged Regulation and Supervision”, depending on the risk implications. As suggested per the matrix in the Annex-2.
To develop a more detailed understanding of risks inherent in platform based FinTech.
To identify sector specific FinTech products, study regulatory approaches by various financial sector regulators, and devise the regulatory approach.
To provide an environment for developing FinTech innovations and testing of applications/APIs developed by banks/FinTech companies.
An appropriate framework may be introduced for “Regulatory Sandbox/innovation hub” within a well-defined space and duration where financial sector regulators will provide the requisite regulatory support, so as to increase efficiency, manage risks and create new opportunities for consumers, for Indian context, similar to other regulatory jurisdictions.
In view of IDRBT’s unique positioning as an RBI established institute, and as indicated by some of its activities, it is felt that IDRBT is well placed to act as regulatory sandbox in collaboration with RBI for enabling innovators to experiment their solutions for eventual adoption. The Institute may continue to interact with RBI, banks, solution providers regarding testing of new products and services and over a period of time upgrade its infrastructure and skill sets to provide full-fledged regulatory sandbox environment. The Reserve Bank of India may actively engage with the Institute in this regard.
In order to identify and monitor the challenges associated with the development of major FinTech innovations and to assess opportunities and risks arising for the financial system from these innovations, a ‘dedicated organizational structure’ within each regulator should be created.
Financial sector regulators require to engage with FinTech entities in order to chalk out appropriate regulatory response and to re-align existing regulatory and supervisory framework.
Regulatory and legal reforms which are essential to enable the sustained development of a digital financial industry for the future.
Partnerships/engagements with regulators, existing industry players, clients and FinTech firms will enable the development of a more dynamic and robust financial services industry.
Models of engagement and risk-benefit checklist to be developed by each regulator for identified FinTech based activities.
6.1.17 Reg Tech
220.127.116.11 Reg Tech is a sub-set of FinTech that focuses on technologies that facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities. In July 2015 the FCA issued a call for input entitled “Supporting the development and adoption of Reg Tech”.20
18.104.22.168 Some of the key Reg Tech processes and their benefits are as under:
Alternative reporting methods: Technology that allows data to be provided (or taken) in a different way.
Shared utilities: Technology that allows firms to share services via the cloud and/or online platforms.
Semantic tech and data point models: Technology that converts regulatory text into a programming language.
Shared data ontology: A formal naming and definition of the types, properties, and interrelationships of entities.
Robo-Handbook: Interactive echnology that allows firms to understand the impact of regulations on their systems and processes.
Big data analytics: Advanced analytics solutions that can interpret vast amounts of structured and unstructured data that could be stored in ‘data lakes’ (storage repositories).
Risk and compliance monitoring: Technology that allows an always-on, noninvasive surveillance of transactions, behaviour and communications.
Inbuilt compliance: Regulatory requirements can be coded into automated rules which are applied when relevant.
System monitoring and visualisation: Technology that captures and traces all messages created by systems and their interactions.
22.214.171.124 The emerging focus of Reg Tech for regulators may include the following:
Regulatory Reporting: streamlining the existing regulatory reporting structure across the value chain
Risk and compliance monitoring
Protecting Customer interest
Detecting Financial Crime
Technical innovations will have to be monitored in terms of their potential systemic risks. Crucially, it seems difficult to draw up a complete list of the associated risks because of the large spectrum of FinTech businesses. With respect to crowd funding and crowd lending, for example, unless effective control mechanisms are put in place, asymmetric information on creditworthiness may encourage moral hazard on unregulated platforms in the same way as originate‑to‑distribute schemes did during the crisis. For many innovations, consumer protection issues might become important because these innovations are put into effect at the interface with the customer.
While innovative players and new technologies are entering the financial industry with impressive rapidity, regulation should not aim for an artificial separation between FinTechs on the one hand and traditional banking on the other. While there may be good reasons for fostering an innovation‑friendly environment for FinTechs, these should be addressed independently of supervisory and regulatory concerns. Also supervisory authorities risk a conflict of interest between those dissimilar mandates.
Regulators and supervisors need to gear up their organizational structure and human resources (HR) practices to meet the challenges of innovation, in terms of adapted HR hiring, learning and educational programmes. To enhance supervisory effectiveness across the regulatory authorities, the WG recommends the following initiatives to meet the challenges faced by the regulators/supervisors:
Identify organizational structure changes that regulatory agencies can apply for responding to new innovations
Assess and put in place the different skill sets required for regulating/supervising FinTech innovations, including lateral induction
Identify specific technologies that regulatory agencies may benefit from having or may need to have appropriate expertise to supervise.
Realignment of existing supervisory framework
Developing policy stance based on enhanced knowledge
6.3 Banks / NBFCs/Securities market/Insurance Companies
6.3.1 Technological innovations help making the financial system more efficient, especially if they lead to an increase in competition. New technological processes often result in greater user-friendliness. More competition leads to a greater choice of providers and products at a lower price, especially if there is competition in each segment of the value chain. Innovative new entrants provide an incentive for established financial institutions to become more competitive and focus more on their customers, whilst at the same time also offering added value themselves to consumers. Moreover, competition can have a positive impact on integrity in the sector, because customers – pampered by greater choice – demand more transparency and integrity.
6.3.2 Banks may be encouraged to collaborate with FinTech/start-ups to improve their customer experience and operational excellence. Banks may also undertake FinTech activity in areas like payments, data analytics and risk management.
6.3.3 The impact of technological innovations on many incumbents in the banking industry has been limited to date, which may be due to limited technological capabilities and lack of awareness at the consumer level.
6.3.4 Additionally, technological innovations tend to follow a so-called “hype cycle”. According to this concept, there is typically a tendency to overestimate the implications of new technologies in the short term and underestimate the implications in the longer term.
6.3.5 The key risks emerging across various FinTech scenarios are as under:
The potential increase of profitability/solvency risk, and of multiple aspects of operational risk (both systemic and idiosyncratic elements).
While incumbent banks’ business models are already under pressure in the current low interest rates environment and with more stringent regulations, additional challenges are posed by the FinTech developments.
With the rise of FinTech, IT interdependencies between market players (banks, FinTech and others) and market infrastructures are growing, which increases the potential for an IT risk event at a significant market player to escalate into a wider systemic event.
Additionally, within individual banks, the complexity surrounding the delivery of financial services is expected to increase, making it more difficult to manage and control operational risk.
6.4 Data Security, Privacy and Fraud – set of principles/Model code of conduct
Every FinTech company should invest in fraud prevention. Some studies show that it is easier to track frauds undertaken through electronic means than physical fraud. FinTech companies can use technology and analytics to prevent and predict frauds. The onus could be on the FinTech players to utilize their technological expertise, and assist/ engage with regulators to draft appropriate guidelines to prevent fraud. There is dearth of coherent data protection and privacy law in the country and it is suggested to bring this to the notice of the financial sector regulators / Government.
6.5.1 Investment in FinTech and start-ups
Some Governments and regulators are backing disruptors as a way of introducing more competition and transparency and preserving competitiveness of their financial service industry.
Government may take supportive approach to FinTech / start-ups like other sovereigns in Asia. In order to develop and promote Singapore as smart financial center, Government of Singapore through MAS has committed USD 160 mio during next 5 years to the FinTech and Innovation Scheme21. Similarly Hong Kong Government announced in November 2016 USD 370 mio VC Fund investment as part of their drive to position HK as Asia’s FinTech hub22.
Given that FinTech companies are in their infancy but are growing at a rapid pace, the Government may consider introducing tax subsidies for merchants that accept a certain proportion of their business revenues from the use of digital payments as opposed to cash.
6.5.2 Self-regulatory body set up by FinTech companies
A self-regulatory body comprising of representatives of various FinTech companies may be set up to undertake consultation/ engagement with regulators to facilitate the orderly growth of the FinTech industry and address regulatory concerns.
6.6.1 The rise of FinTech has been driven by rising customer expectations for more personalized and digital experiences, increased access to VC funding, reduced barriers to entry, and accelerated advancements in technology.
6.6.2 The requirement of increasing the levels of education/ awareness of customers should be highlighted by all market regulators as well as the self-regulatory body for FinTech companies.
7 List of Recommendations
There is a need to develop a deeper understanding of various FinTech products and their interaction with the financial sector, before regulating this space. [para- 6.1.16 page-61]
The regulatory actions may vary from “Disclosure” to “Light-Touch Regulation & Supervision” to a “Full-Fledged Supervision”, depending on the risk implications. [para- 6.1.16 page-62]
The need to develop a more detailed understanding of risks inherent in platform based FinTech. [para- 6.1.16 page-62]
To identify sector specific FinTech products and study regulatory approaches by various financial sector regulators, frame regulatory approach. [para- 6.1.16 page-62]
To provide an environment for developing FinTech innovations and testing of applications /APIs developed by banks and FinTech companies. [para- 6.1.16 page-62]
An appropriate framework may be introduced for “Regulatory Sandbox/innovation hub”, for Indian context, similar to other regulatory jurisdictions. [para-6.1.16 page- 62]
IDRBT is well placed to act as regulatory sandbox in collaboration with RBI for enabling innovators to experiment their solutions for eventual adoption. [para-6.1.10 page- 59]
In order to identify and monitor the challenges associated with the development of major FinTech innovations and to assess opportunities and risks arising for the financial system from these innovations, a ‘dedicated organizational structure’ within each regulator may be created. [para-6.1.16 page- 62]
Financial sector regulators should engage with FinTech entities in order to chalk out appropriate regulatory response and re-align existing regulatory and supervisory framework. [para-6.1.16 page- 62]
Regulatory and legal reforms are essential to enable the sustained development of a digital financial industry for the future. [para-6.1.16 page- 62]
Partnerships/engagements with regulators, existing industry players, clients and FinTech firms will enable the development of a more dynamic and robust financial services industry. [para-6.1.16 page- 63]
Regulators may decide to use Reg Tech technologies that may facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities. [para-6.1.17 page- 63]
The organizational structure and human resources (HR) practices of regulators need to be geared up to meet the challenges of innovation, in terms of adapted HR hiring profiles, learning and educational programmes. [para- 6.2 page-64]
Identify organizational structure considerations that regulatory agencies can apply in responding to new innovations. [para-6.2 page-64]
Individual regulatory agencies to assess the different skill sets that they have assigned towards evaluating FinTech innovations. [para- 6.2 page-65]
Identify specific technologies that regulatory agencies may benefit from having or may need to have appropriate expertise to supervise. [para- 6.2 page-65]
Realignment of existing supervisory framework. [para- 6.2 page-65]
Developing policy stance enhancing knowledge. [para- 6.2 page- 65]
The adoption of digital channels to replace manual time-consuming processes to empower customers and / or workforce in insurance sector. [para- 126.96.36.199 page-50]
Innovation labs within insurance companies may be established to combine brand and product managers with technological and analytical resources. [para- 188.8.131.52 page-51]
Advanced statistical models may be deployed to understand the correlation between measurable factors and risk (actuarial) using historical data in insurance business. [para- 184.108.40.206 page-51]
There is need for a stand-alone Data Protection Law in the country. [para-5.4.1 page-53]
Given that FinTech companies are in their infancy but are growing at a rapid pace, the Government may consider introducing tax subsidies for merchants that accept a certain proportion of their business revenues from the use of digital payments as opposed to cash. [para- 6.5.1 page-66]
The requirement of increasing the levels of education/ awareness of customers should be highlighted by all market regulators as well as the self-regulatory body for FinTech companies. [para- 6.6.2 page-67]
Banks may be encouraged to collaborate with FinTech/start-ups to improve their customer experience and operational excellence. Banks may also undertake FinTech activity in areas like payment, data analytics and risk management areas. [para-6.3.2 page-65]
Models of engagement and checklist to be developed by each regulator for each activity. [para-6.1.16 page- 63]
FinTech companies take an approach that is more collaborate than disruptive. Insurance companies may collaborate with Insurtech entities or start-ups to provide better customer experience with cost effective manner. [para- 220.127.116.11 page- 51]
|S.No ||Name of Start-up ||Technology offered |
|1 ||Fairassets Technologies India Pvt. Ltd. ||P2P Lending |
|2 ||Tonetag ||Sound mobile based mobile to mobile, mobile to POS payment without internet without Bluetooth solution |
|3 ||Coinn Mobile Technologies Pvt. Ltd ||Bluetooth based Payment solution |
|4 ||Abhar Technologies & Service Pvt. Ltd. ||IOT, Enterprize non IT project management |
|5 ||Neural Brain Technologies Pvt. Ltd. ||Machine learning based Analytics for productivity analytics |
|6 ||Skybits Technologies Pvt Ltd. ||AI and machine learning based solution for email segregation, auto response and face recognition . |
|7 ||FTL technologies Systems Pvt. Ltd. ||Online market place |
|8 ||Vibil Technologies Pvt Ltd ||Machine Learning and OCR based real time eKYC verification with adhaar, RTO ,passport, PAN, Cibil ,Income tax offices. |
|9 ||Signzy Technologies Pvt. Ltd. ||Machine Learning and OCR based real time eKYC verification with adhar, RTO,passport,PAN, Cibil and Income tax offices |
|10 ||S2pay digital ||Payment Solution without buddy and state bank |
|11 ||Lyncbiz India Pvt. Ltd. ||Gamification |
|12 ||VuNet Systems Pvt Ltd ||MLP based Data Analytics(Specially fopr ATM and network) |
|13 ||Paydigital technologies pvt ltd ||Independent payment solution mainly for institutions and Universities. Icollect can independently manage this solution. |
|14 ||Liv artificial intelligence pvt ltd. ||Voice recognition, Artificial Intelligence, Natural Language processing |
|15 ||Propalms Technologies Pvt Ltd (Accops) ||Server Virtualization ,work from home |
|16 ||Prime Chain Technologies Pvt Ltd ||Block chain Technologies |
|17 ||Think Analytics India Pvt Ltd ||Data analytics |
|18 ||Woas Technologies Pvt Ltd.(Wooqer) ||Enterprise WhatsApp and rapid small application development |
|19 ||Active.AI ||Artificial Intelligence, Natural Language processing |
|20 ||Custmore Interactive Solutions Pvt. Ltd. ||Customer engagement plateform |
References / Bibliography
1 M/s Backwaters Tech Pvt. Ltd., Faircent Technologies India and Deutsche Bank and Bill & Melinda Gates Foundation
2 KPMG-The pulse of Fin Tech- https://home.kpmg.com/xx/en/home/media/press-releases/2016/03/kpmg-and-cb-insights.html
3 Drawing on a categorization from WEF, The Future of Financial Services, Final Report, June 2015
4 Committee on Payments and Market Infrastructures, “Digital Currencies,” November 2015.
5 Fintech: Describing the Landscape and a Framework or Analysis by STANDING COMMITTEE ON ASSESSMENT OF VULNERABILITIES of FSB-March 2016
6 In the US, new P2P lending was USD 12 billion in 2014, (USD 7 billion in unsecured consumer loans and USD 5 billion in small business loans). In the UK, P2P platforms originated about EUR 2.7 billion in 2015. Source: Morgan Stanley (2015) “Global Marketplace Lending: Disruptive Innovation in Financials”. Source-Bloomberg
7 Fintech: Describing the Landscape and a Framework or Analysis by STANDING COMMITTEE ON ASSESSMENT OF VULNERABILITIES of FSB-March 2016
8 CGFS, Fixed Income Market Liquidity, January 2016
9 The Pulse of Fintech, KPMG, 2016
10 India emerging a hub for Fintech start-ups, Business Standard, http://www.business-standard.com/article/companies/india-emerging-a-hub-forFintech-start-ups-116051700397_1.html, 17 May 2016
11 India emerging a hub for fintech start-ups, Business Standard website, http://www.businessstandard.com/article/companies/india-emerging-a-hub-for-fintech-start-ups- 116051700397_1.html, accessed on 25 May 2016.
12 Statista website, https://www.statista.com/outlook/295/119/fintech/india, accessed on 25 May 2016, 17 May 2016
13 Application of Blockchain Technology in Indian banking and financial sector by IDRBT-January 2017
15 http://pubdocs.worldbank.org/en/877721478111918039/breakout-DigiFinance-McConaghy-Fin Tech.pdf
19 Watal Committee: http://www.finmin.nic.in/reports/watal_report271216.pdf
|ADLC - Application Development Life Cycle |
|AEPS - Aadhaar Enabled Payment System |
|AFM - Authority for Financial Markets |
|AFS - Australian Financial Services |
|AI - Artificial Intelligence |
|ALMS - Audit Log Management System |
|AMC - Asset Management Company |
|API - Application program interface |
|ASIC - Australian Securities and Investments Commission |
|ASTRI - Applied Science and Technology Research Institute, Hong Kong |
|BCBS - Basel Committee on Banking Supervision |
|BCT - Block Chain Technology |
|BFSI - Banking and Financial Services Industry |
|BHIM - Bharat Interface for Money |
|BIS - Bank for International Settlements |
|CAGR - Compound annual growth rate |
|CBRC - China Banking Regulatory Commission |
|CDP - Customer Data Protection |
|CEC - Credit Eligibility Certificates |
|CFPB - Consumer Financial Protection Bureau |
|CGFS - Committee on the Global Financial System |
|CPMI - Committee on Payments and Market Infrastructures |
|CRISIL - Credit Rating Information Services of India Limited |
|CSR - Corporate Social Responsibility |
|DACR - Detailed Application Control Review |
|DCs - Digital currencies |
|DFAC - Digital Finance Advisory Committee |
|DLT - Distributed ledger technologies |
|DNB -Dutch Central Bank |
|EDR - External Dispute Resolution |
|FCA - Financial Conduct Authority |
|FDIC - Federal Deposit Insurance Corporation |
|FIN -Financial Innovations Network |
|FinTech - Financial Technology |
|FMI - Financial Market infrastructure |
|FOS -Financial Ombudsman Service |
|FSB - Financial Stability Board |
|FSCS - Financial Services Compensation Scheme |
|FSDC-SC - Financial Stability and Development Council - Sub Committee |
|FTIG - Fin Tech and Innovation Group |
|HKMA - Hong Kong Monetary Authority |
|IDR - Internal dispute resolution |
|IDRBT - Institute for Development and Research in Banking Technology |
|IFSC - Indian Financial System Code |
| IIT-KGP – Indian Institute of Technology, Kharagpur |
|IMPS - Immediate Payment Service |
|IOT - Internet of Things |
|IRA - Intelligent Robotic Assistant |
|IRDA - Insurance Regulatory and Development Authority |
|IRMF - Incident Response & Management Framework |
|ISO - International Organization for Standardization |
|JFSA - Japan Financial Services Authority |
|KYC - Know Your Customer |
|LC - Letter of Credit |
|MAS - Monetary Authority of Singapore |
|MDR - Merchant Discount Rate |
|MFD -Mutual Fund Distributor |
|MMID -Mobile Money Identifier |
|MOU - Memorandum of Understanding |
|MSEs - Micro and Small enterprises |
|NACH - National Automated Clearing House |
|NASSCOM - National Association of Software and Services Companies |
|NEFT - National Electronic Fund Transfer |
| NLP – Neuro-Linguistic Programming |
|NMS - Network Management and Security |
|NPCI - National Payments Corporation of India |
|NUUP - National Unified USSD Platform |
|OCC - Office of the Comptroller of the Currency |
|P2P - Peer-to-peer |
|PFRDA - Provident Fund Regulatory and Development Authority |
|PoC - Proof-of-Concept |
|PPI- Pre-paid payment instrument |
|PRA - Prudential Regulation Authority |
|PSP - Payment service provider |
|QR - Quick Response |
|RBI - Reserve Bank of India |
|RTGS - Real Time Gross Settlement System |
|SEBI - Securities and Exchange Board of India |
|SHG - Self Help Group |
|SIEM - Security Incident and Event Management System |
|SMAC - Social media, Mobile computing, Analytics & Cloud |
|SOP - Standard Operating Procedure |
|SSB -Secretarial Standards Board |
|TFFT - Task Force on Fin Tech |
|UIDAI - Unique Identification Authority of India |
|UPI - Unified Payments Interface |
|USSD - Unstructured Supplementary Service Data |
|VC - Venture Capital |
|WBG - World Bank Group |