Policy Update: IFSCA releases Framework for Regulatory Sandbox
Blog: NASSCOM Official Blog
On 19 October, the International Financial Services Centres Authority (IFSCA) released a Framework for Regulatory Sandbox. Under this framework, entities operating in the capital market, banking, insurance and financial services space shall be granted certain facilities and flexibilities to experiment with FinTech solutions in a live environment with a limited set of real customers for a limited period. These features shall be fortified with necessary safeguards for investor protection and risk mitigation.
The circular has been issued in exercise of powers conferred by section 12 of the International Financial Services Centres Authority Act, 2019 to develop and regulate the financial products, financial services and financial institutions in the International Financial Services Centres (IFSC).
Major Highlights of the Framework:
The following entities shall be eligible for testing in the regulatory sandbox:
- All entities registered with Securities & Exchange Board of India (SEBI), Reserve Bank of India (RBI), Insurance Regulatory Development Authority (IRDA) and Pension Fund Regulatory and Development Authority (PFRDA).
- All startups registered with Startup India and meeting the criteria of a start-up as defined in the Gazette notification of the Department for Promotion of Industry and Internal Trade dated February 19, 2019 or later versions.
- Companies incorporated and registered in India.
- Companies incorporated and regulated in Financial Action Task Force (FATF) compliant jurisdictions by a financial services or banking or capital market or insurance or pensions regulator and who are having subsidiaries/ branch offices / representative offices in IFSC.
- Individuals who are citizens of India.
- Individuals from FATF compliant jurisdictions.
2. Eligibility Criteria
- Genuineness of innovation-The solution should be innovative enough to add significant value to the existing offering in the capital market, banking, insurance or pensions sector in India/IFSC.
- Genuine need to test-The applicant should have a genuine need for live testing the solution on real customers. Further, the applicant should demonstrate that the solution cannot be developed without relaxing certain regulations, if any, being sought.
- Limited prior testing-Before applying for testing in sandbox, limited offline testing of the solution should have been carried out by the applicant.
- Direct benefits to users-The solution should offer identifiable benefits (direct or indirect) to the investors or entities or to the capital market at large.
- No risks to the financial system-The solution should have proper risk management strategy to incorporate appropriate safeguards to mitigate and control potential risks to any market participants/users that may arise from the testing of the solution and shall propose appropriate safeguards to manage the risks and contain the consequences of failure.
- Testing readiness of the solution-The applicant should have the necessary resources to support testing in the sandbox and must demonstrate well-developed testing plans with clear objectives, parameters and success criteria.
- Deployment post-testing-The applicant should demonstrate the intention and ability to deploy the solution on a broader scale. To this effect, the applicant should share a proposed sandbox exit and transition strategy.
3. Application and Approval Process
- The applicant shall ensure that the specified eligibility criteria are satisfied while submitting the application to IFSCA.
- If an individual applicant is a student, a certificate issued from Institute/University Dean’s Office for permission to apply for Regulatory Sandbox, should be submitted along with the application.
- At the “Application Stage”, IFSCA shall review the application and inform of its potential suitability for a sandbox within 30 working days from the submission of the complete application. IFSCA may issue guidance to the applicant according to the specific characteristics and risks associated with the proposed solution.
- At the “Evaluation Stage”, IFSCA shall work with the applicant to determine the specific regulatory requirements and conditions (including test parameters and control boundaries) to be applied to the proposed solution in question. The applicant shall then assess if it is able to meet these requirements. If the applicant is able and willing to meet the proposed regulatory requirements and conditions, the applicant shall be granted permission to develop and test the proposed FinTech innovation(s) in the sandbox.
- Upon approval, the application shall proceed towards the “Testing Stage”. The participant shall disclose to its users that the solution shall operate in a sandbox and the potential key risks associated with the solution. The applicant is also required to obtain the user’s acknowledgement that they have read and understood the risks.
- During the testing stage, the applicant shall take prior approval from IFSCA to effect any material changes to the solution.
- Each applicant shall assign a contact person to coordinate with a designated officer of IFSCA.
- The duration of the sandbox testing stage shall be a maximum of twelve months and extendable upon request of the applicant.
- In case an application is rejected at any stage, the applicant shall be informed accordingly. The reasons for rejection could include failure to meet the objective of the sandbox or any of the eligibility criteria. The applicant may re-apply for the sandbox when it is ready to meet the objective and eligibility criteria of the sandbox, subject to an appropriate cooling off period as decided by IFSCA.
4. Evaluation Criteria
The applicant may be evaluated using a scoring process by IFSCA, inter alia, based on the parameters given below:
- Profile of the applicant
- Usage of innovative solution including technology and/or processes
- Identified benefits to the investors and/or the capital market, banking, insurance or pensions sector
- Compilation of meaningful test scenarios and expected/desired outcomes
- Risk measured/graded testing conditions and parameters so as to ensure safety and protection of the markets/investors
- Risk mitigation for high risk testing conditions and parameters
- Appropriate disclosure requirements and protection to their users
- Clearly defined grievance redressal mechanism and user rights
- Adequate disclosure of the potential risks to participating users
- Prior confirmation from users that they fully understand and accept the attendant risks
- Intent and feasibility to deploy the proposed FinTech solution post testing
- The deployment and monitoring strategy post testing (in the event the tests are deemed successful) or the exit strategy (in the event the tests are not successful)
- Any other factors considered relevant by IFSCA
5. Regulatory Exemptions
- To encourage innovation with minimal regulatory burden, IFSCA shall consider exemptions/ relaxations, if any, which could be either in the form of a comprehensive exemption from certain regulatory requirements or selective exemptions on a case-by-case basis, depending on the FinTech solution to be tested.
- Within the overarching principles of market integrity and investor protection, no exemptions would be granted from the extant investor protection framework, Know-Your-Customer (KYC) and Anti-Money Laundering (AML) rules.
- Entities desirous of participating in sandbox shall make an application, including exemption / relaxation being sought from relevant provisions of the applicable regulatory framework.
- Accordingly, regulatory relaxations from various IFSCA regulations may be provided after analyzing specific sandbox testing applications.
Please read the circular for more details regarding the Regulatory Sandbox. A copy of the circular has been attached with this blog.
In case you have any views/comments on this blog, please write to email@example.com