Fintech innovation is challenging traditional regulatory constraints and models for supervision. The mushrooming of cross-sectoral, hybrid financial products from fintech entities requires governance by multiple financial regulators. As such innovation is better served by a harmonious regulatory sandbox (RS), the Reserve Bank of India (RBI) launched a Standard Operating Procedure for an Inter-Operable Regulatory Sandbox (IoRS) last month.

In India, there are four financial sector regulators (banking, securities, insurance, pensions), and each has its own RS framework. This led to calls for an interoperable framework from the industry, which the IoRS now brings by prescribing uniform procedures for inter-sectoral coordination between these multiple RSs. Open to both Indian and foreign fintechs, this provides a single point of access for testing, thereby reducing costs, increasing efficiency, and removing ambiguity on cross-sectoral permissibility. Final authorisations for market launches of a cross-sectoral products, however, will still be required independently from each regulator post successful exit from the sandbox.

Blurring the lines between existing sectoral silos

Traditional financial institutions created product portfolios focused on specific sectors, such as banking, payments, investment, and insurance. Fintechs have long since blurred these sectoral silos with innovation such as API and Banking-as-a-Service driven models, allowing fintechs to move from the traditional product/sectoral segregation to focus on the consumer needs. Starting with the cross-selling of products from different financial institutions to the banking-as-a-platform model, the platform/ecosystem approach allowed the blending of financial services across sectors for a seamless experience for customers. Cross-sectoral innovation can now see a single product seamlessly combining and integrating features across financial sectors.

Consider a neobank or other consumer finance app, for example, offering banking combined with wealth management services. Data analytics may be performed on the customer’s transactions and banking activities to determine investment capabilities or even to automate investment of idle funds in other financial products like securities, P2P lending, and pension funds. Micro-investing, micro-saving, and other similar services could be enabled this way. This type of product would need approval from both the banking and securities regulators.

RSs come with typical regulatory concerns on the lines of consumer protection, identifying potential risks and monitoring, security concerns, company liquidity requirements, and financial soundness, to name a few. With cross-sectoral innovation, while similar, there may be an overlap of concerns across the regulators, or the nuances of the concerns may change. For instance, in the example above, investor knowledge, consent, and data privacy are predominant concerns. With the IoRS, addressing the concerns across regulators and building synergies are a priority.

Similarly, other examples of such cross-sectoral innovation can include:

• regtech and suptech innovation such as common KYC and sharing across financial regulators,
• applying technology like data analytics, artificial intelligence and machine learning across a range of data sources to enable alternative credit scoring,
• building cross-border financial products, or
• blockchain driven cross-sectoral application and interoperability to enable zero-knowledge proof and deal with privacy concerns.

Administration and implementation of the sandbox

Steps have been taken previously in India towards cross-sectoral coordination and collaboration, such as the Account Aggregator Framework, which enables consent based data portability across the four financial sectors. Earlier this year, the Monetary Authority of Singapore and IFSCA signed a Fintech Cooperation Agreement to facilitate collaboration between their RSs for innovative cross-border experiments.

Each of India’s financial regulators - the RBI, the Securities and Exchange Board of India (SEBI), the Insurance Regulatory and Development Authority (IRDA), the Pension Fund Regulatory and Development Authority (PFRDA- draft framework) and the International Financial Services Center Authority (IFSCA) - have notified their own respective RS frameworks. RSs also exist in other sectors, such as under the recent draft Telecom Bill or the former Personal Data Protection Bill, to facilitate innovation in areas like the telecom sector or related to artificial intelligence.

For inter-regulatory coordination, an ‘Inter-Regulatory Technical Group on Fintech’ has been constituted, chaired by the RBI’s new Fintech Department, with representatives from the four financial sector regulators and the Department of Economic Affairs and Ministry of Electronics and Information Technology. Applications have been opened “on tap basis”, meaning there are no prescribed timelines for applications, these may be made and will be considered at any time.

For improved coordination between the regulators, the following key features for the system are laid out:

1. The RBI’s fintech department will act as a single nodal point, i.e., the ‘coordination group’, for all applications.
2. A given product’s ‘dominant feature’ will determine its ‘principal regulator’, whose respective RS framework will determine the terms governing eligibility criteria, regulatory exemptions, design, and evaluation criteria for the application relating to that specific product.
3. The ‘dominant feature’ will be decided with greater weightage to the number of relaxations sought. The type of enhancement to existing products like loans, deposits, capital market instruments, insurance, and pension will also be considered.
4. All other regulators will be ‘associate regulators’, and the Principal Regulator will coordinate with them for the features falling within their remit.
5. The associate regulator will provide inputs and can stipulate conditions within its remit such as boundary conditions and risks to be monitored.
6. Any issues between the regulators will be sorted out by the RBI’s Coordination Group.
7. Indian fintech entities aiming to cater to foreign consumers and merchants and foreign fintech entities seeking entry to India will be directly forwarded to the IFSCA as the principal regulator for consideration under its RS framework.
8. After a successful exit, the entity will approach all the relevant regulators (principal and associate) for authorisation to launch its product in the market.

Position of multi-sector regulatory sandbox overseas

Globally, financial regulators have explored different themes to channel innovations as part of their RSs, ranging from standardization of QR codes to eKYC and digital verification. Multi-sectoral RSs have also been in operation, which can provide guidance to the Indian model as well.

The UK’s Financial Conduct Authority, for example, operates a cross-sector sandbox and released a call for inputs on it from relevant stakeholders in 2019. In Asia, under the Hong Kong Monetary Authority’s (HKMA) Fintech Supervisory Sandbox 2.0 (FSS 2.0) initiative, eligible fintech entities can conduct pilot testing of cross-sector fintech products. The FSS 2.0 initiative, similar to the RBI’s inter-operable regulatory sandbox framework, allows either the HKMA, the Insurance Authority or the Securities and Futures Commission, depending upon the primary activity of the participating entity, to act as the primary point of contact and access the sandbox framework of all regulators concurrently.

On a global level, there is also the Global Financial Innovation Network (GFIN), which was launched in 2019 by the FCA and consists of a network of more than 70 regulators and organisations internationally. Also known as the ‘global sandbox’, the GFIN launched cross-border pilot testing of financial innovations in 2019.  The innovation it supports spans across regtech, retail investments, and virtual assets sectors, among others.

The GFIN Global Sandbox Cohort 1.0 also offers learnings for other jurisdictions. Problems observed  included lack of clarity among applicants as to what cross-border testing meant (with some applying for an introduction to a new regulator/market, some applying to test the same product in multiple markets, and some with genuine ‘cross-border’ solutions), and a lack of clarity as to the scope of each regulator’s authority.

Steps taken in Cohort 1.0 also included specific tools such as:

1. a single digital application form developed to submit application to multiple regulators;
2. a published regulatory compendium describing the regulatory jurisdictions of participating regulators; and
3.  a joint testing plan spanning across sectors to improve efficiency.

The opportunity for shared learnings across sectors

The Indian IoRS experience will thus offer its own regulatory learnings, for domestic and international players alike. Sandboxes are crucial legal and policy tools supporting innovation, as is evidenced by the multiple successful exits from the various cohorts of the RBI’s RS. A cross-sectoral sandbox will remove regulatory silos in terms of providing shared and evidence-based learnings across sectors for regulators and participants, improved customer protection, reduction in vulnerabilities in product design, and a shared awareness amongst the regulators of each other’s needs and concerns.

A research report by the World Bank on Global Experiences from Regulatory Sandboxes suggested that thematic sandbox frameworks help promote specific technologies and policy priorities. The RBI has released different cohorts of its RS framework, ranging from cross-border payments, SME lending, and mitigation of financial frauds. The IoRS framework may also benefit from a similar thematic release of cohorts, combined with a general cohort for any innovation not falling under the specific themes (as with the RBI’s fifth cohort) to prevent restricting the potential for innovation.

Since the focus of the inter-operable regulatory sandbox is not restricted to fintech innovations, innovations in the domain of corporate compliance, regulatory reporting, virtual assets, or use of regtech and suptech technologies, the financial domain could be developed. Further, the benefits of streamlined licensing and reciprocal license arrangements can reduce compliance and transactional costs involved for participating entities and also eliminate the possibility of regulatory arbitrage.

For a full discussion on the latest policy developments each month, do check out Cashfree Payments’ Policy Radar.