A regulatory sandbox is a ‘safe space’ in which businesses can test innovative products, services, business models and delivery mechanisms without immediately incurring all the regulatory consequences. It is an attempt to address frictions between regulators desire to encourage and enable innovation and the emphasis on regulation.
What are the benefits of a regulatory sandbox?
The common objective of a regulatory sandbox is to promote competition and efficiencies through innovation. It would provide for a standardised and publicised framework for dealing with innovations that promotes open and transparent communication between the regulator and the sandbox entity(ies) to facilitate learning from each other. The market would also be well informed about ongoing innovation.
Since regulatory sandbox would be a safe space where live experiments can be conducted in a controlled manner, it would be easier to contain any potential harm to customers and the financial system. It would also result in reducing the time-to-market cycle.
In addition, there are several ways in which innovations may improve financial inclusion. It may help penetrate the excluded and underserved customer segments with the help of affordable products or services that address their needs.
Which regulators have regulatory sandboxes?
The Reserve Bank of India (RBI)
The rising demand for fintech solutions is exposed to increasing levels of risks but at the same time, it may also serve as a ready reservoir for process-related information. Recently, the RBI released the ‘Draft Enabling Framework for Regulatory Sandbox’.
It shall initially begin the testing process with 10-12 select entities through a comprehensive selection process as detailed in the framework under the ‘fit and proper criteria’ for selection of participants in the regulatory sandbox. The eligibility condition includes such a start-up which is working towards innovation, development or improvement of products or processes or services. It further clarifies that the turnover of such start-up shall not exceed Rs 25 crore from the date of its incorporation/ registration.
However, regulatory requirements that shall mandatorily have to be maintained by the applicants are:
Customer privacy and data protection
Secure storage of and access to payment data of stakeholders
It may be noted that entering the regulatory sandbox does not limit the entity’s liability towards its customers. The entities entering the regulatory sandbox must be upfront and, in a transparent way, notify test customers of potential risks and the available compensation, and obtain their explicit consent in this regard.
The detailed end-to-end sandbox process, including testing of the products/innovations by fintech entities, shall be overseen by the Fintech Unit (FTU) at the RBI. Each cohort of the regulatory sandbox shall have five stages with a timeline of six months. However, it is expected that the RBI shall come up with some improvements in its draft guidelines.
The Securities and Exchange Board of India (Sebi)
It is felt that fintech firms should have access to market-related data, particularly trading and holding data, which is otherwise not readily available to them, to enable them to test their innovations effectively. Therefore, Sebi has proposed a framework on “Innovation Sandbox”. The components and structure of the ‘Innovation Sandbox’ are broadly classified into the design, legal and administrative categories.
This sandbox framework is applicable to any entity, which intends to innovate on products, services, and/or solutions for the securities and commodities market. An applicant under this framework must satisfy the following criteria:
Shall be able to postulate that the solution cannot be developed properly without testing in the Innovation Sandbox
Shall have the necessary resources to support testing in the sandbox
Must show testing plans with clear objectives, parameters and success criteria
Shall be able to postulate their post-testing plan
Shall offer identifiable benefits (direct or indirect) to consumers
What lies ahead?
Shall submit a cyber-security compliance certificate
There’s a lot of room for regulatory sandboxes to grow in India. A similar proposal has been introduced by the Insurance Regulatory and Development Authority of India to set up a regulatory sandbox to foster growth and help companies innovative, in a way that provides insurtech with flexibility in dealing with regulatory requirements and at the same time focussing on policyholder protection.
The Pension Fund Regulatory and Development Authority is also considering the regulatory sandbox approach to identify the areas under the National Pension System (NPS) which could utilise fintech for the benefit of subscribers.
The writer is a legal consultant and corporate and fintech advisor