Financial Technology [Hereinafter ‘FinTech’] is gripping the world with its sheer offerings of efficiency, transparency, and fairness. India has risen up to this global demand to acknowledge the increasing need to adopt and use FinTech for the beneficial overhaul of the securities market ecosystem. Securities and Exchange Board of India [Hereinafter ‘SEBI’] through the “Framework for Regulatory Sandbox and Guidelines” [Hereinafter ‘Regulatory Sandbox’] finally acknowledges the market innovations and emerging technological convenience that can change the existing capital markets regime. On 5th June, 2020 SEBI issued1 guidelines in furtherance of the Regulatory Sandbox (Amendment) Regulations, 20202, which now enabled SEBI registered entities to test their latest innovations and technological solutions in a live environment which is real and limited to a defined set of customers.
The Regulatory Sandbox is not a new phenomenon globally, with the United Kingdom adopting it back in 20163 through the United Kingdom Financial Conduct Authority (FCA)’s Regulatory Sandbox. United States on the other hand had setup a Regulatory Sandbox-like framework in 2019 through the U.S. Consumer Financial Protection Bureau4 (CFPB). Therefore, despite the arguable difficulties in enforcement of FinTech products in the capital markets owing to certain policy disbalance, the same is definitely a tested method worldwide though not very widely encouraged. Regulatory Sandbox is a step further to analyse and float a testing ground for new business models and technologies that can benefit investors, markets and the larger economic perspective. In August, 2019, the Reserve Bank of India5 came out with the Regulatory Sandbox guidelines which was later followed by the Insurance Regulatory and Development Authority6.
This paper intends to analyse the very concept of Regulatory Sandbox in the securities market scenario, its background and the intricacies involved therein along with an analysis of the latest guidelines issued by SEBI which intends to cater the FinTech industry in a manner like never before.
Regulatory Sandbox in all aspects promotes ‘learning by doing’ whereby a first-in-hand experience is given to innovators, regulators to reasonably embark upon the benefits and risks that emerging technologies pose and their implications on the capital markets. The Sandbox is most certainly seen as a strong empirical evidence that the regulators can obtain, in the present scenario, SEBI, in order to satisfactorily support useful innovations and attend the risk factor with caution.
SEBI constituted a ‘Committee on Financial and Regulatory Technologies (CFRT)’ under the leadership of Shri T.V. Mohandas Pai7 to deliberate and examine key FinTech developments, opportunities & challenges, and also examine a Regulatory Sandbox framework that could possibly facilitate smooth adoption of modern day FinTech solutions in the Indian securities market. The CFRT recommendations were seen as a stepping stone into this arena which was aimed at enabling innovations to enter the securities market so as to benefit and overhaul the existing mechanism.
In May, 2019, based on the recommendations received, SEBI issued guidelines for ‘Innovation Sandbox’8 which was a similar setup like the updated Regulatory Sandbox, providing a controlled environment to test products but, the main difference was it was offline and included FinTech firms and entities not registered and regulated by SEBI. Innovation Sandbox allowed these entities to create an environment for offline testing of their proposed FinTech solutions in isolation from the live market, which was in pursuance to satisfactory fulfilment of eligibility criteria based on market data made available by the Stock Exchanges, Share Transfer Agents or Depositories.
Later, in a bid to move towards the Regulatory Sandbox framework, SEBI floated a discussion paper9 on “Framework for Regulatory Sandbox” to analyse the viability of a Regulatory Sandbox in the Indian securities market context. Regulatory Sandbox is seen as a successor to the offline method of Sandbox which is also known as the Innovation Sandbox. SEBI was wary of the possible regulatory oversight that could happen which may cause damage to investors and probably the entire market. While envisaging a free flowing, error free and seamless platform to test technologies, the Regulatory Sandbox is being deployed with sufficient safeguards and risk mitigation mechanisms. And now, the Regulatory Sandbox was made official through the June, 2020 circular.
This framework is leading by example as to how customer and investor centric developments can be done while testing technology intensive business models that can truly upscale the securities market.
SEBI has made it clear that every entity registered as market participants and intermediaries under Section 12 of the SEBI Act, 199210, can be a participant eligible for testing within the Regulatory Sandbox. The registered entity can participate on its own or alternatively use services offered by FinTech firms. Currently, there are no relaxations with respect to the eligibility criteria but, it was recommended that FinTech start-ups and firms who are otherwise not regulated by SEBI should be allowed to participate in the Regulatory Sandbox.
SEBI firmly believes in investor protection and maintaining market integrity. While there are exemptions that SEBI may give depending on specific applications that are made to the regulator however, SEBI has categorically decided that no exemptions would be granted to any participating entity from the Anti-Money Laundering rules and existing Know Your Customer (KYC) norms. It is rather fair to keep these two aspects away since they are core to any model of business that aims at being transparent and user friendly.
Exemptions if any will be taken on a case-by-case basis whereby every such applicant willing to obtain services of the Regulatory Sandbox must seek exemptions individually. However, as mentioned above, SEBI is adamant at fostering the basic intrinsic principle of investor safety and transparency and hence, exemptions relating to Risk checks, Customer’s money & assets, confidentiality of information, etc. will not be compromised. SEBI is open to give certain procedural exemptions too which include on merit relaxation of laid down criteria of Net worth, Track Record, Registration fees and Financial soundness. These aspects that are procedurally important may be relaxed and their ceiling can be brought down by SEBI suitably on an individual basis.
Risk mitigation and consumer protection should definitely be the top priority when it comes to implementation of any new experiments. I do firmly agree with the fact that, no changes should be adverse to market conditions in a manner that affect the investors. Further, there is no direct deliberation under protection on the Intellectual Property of FinTech firms. A practical approach towards implementation of the Regulatory Sandbox warrants for a framework that will ensure confidentiality of the IP being used irrespective of it being owned/operated by the entity or a service extended by external FinTech firms. One of the other missing gaps here is also the direct absence of a mandate to consider appropriate liability or indemnity insurance to safeguard user interest. Assuming a customer agrees to participate in the Sandbox while a FinTech solution is being tested, there has to be a redressal mechanism which will reassure the customer that his participation is safely guarded. Reiterating SEBI’s principles of up keeping investor interests more than anything else, this indemnity clause should be considered by the registered entity before entering the Sandbox for any kind of tests. Thus, it is argued that absence of these two clauses are a clear miss both from the entity and the investor/customer interest point of view.
SEBI has divided the eligibility into 7-factors. The evaluation of applications are totally weighed upon the ability of the registered entity to portray the below mentioned aspects to its most optimum advantage. Every application is referred to a department which then takes care of the evaluation and judges the suitability of a FinTech innovation to enter the Regulatory Sandbox on the basis of the following criteria:
“The FinTech innovation sought to be tested in the Regulatory Sandbox must add significant value to the existing offerings in the market.”11 It is important to note that, the genuineness aspect has been left wide and very open which can give broad room for interpretation on a case-by-case basis. The flow chart of how an application proceeds when applied for entry into the Regulatory Sandbox makes it very clear that the department in-charge of evaluating these applications have been given discretion.
This criteria is similar to the first one in terms of evaluation and acceptance of a request. The entity seeking to enter the Regulatory Sandbox should justify its need to test its FinTech developments and must answer why it has to be done on real customers.
Limited offline testing is encouraged by SEBI, it can be done through the Innovation Box which was seen as a predecessor of the Regulatory Sandbox. Having a strong background of offline testing will certainly add to the need for a test under the Regulatory Sandbox conditions.
FinTech innovations are ultimately seen as a tool to simplify the securities market and makeshift the way the markets used to work. SEBI focuses on adding value to the investors or the capital markets at large and hence, only entities that are able to prove identifiable benefits to the investors through their FinTech solutions will be promoted.
Risk mitigation and safeguard mechanism for a consequential failure is of immense importance. The evaluation of every application for live testing through the Regulatory Sandbox is a testament of risk controlling or risk mitigation plan that an entity has put in place. After all, investor interests and the overall wellbeing of the market is of prime importance and no risks can be allowed.
A well-defined operating procedure must be put in place by the entity in order to apprise SEBI of its clear objectives, parameters, etc. involved as part of live testing in the Regulatory Sandbox.
This is the last part of the application that signifies a structured plan and strategy put in place by the entity willing to enter the Sandbox. In simpler terms, the deployment part is essentially the exit strategy and the ability of the entity to deploy the proposed FinTech solution on a larger scale once the real-life testing finishes within the Regulatory Sandbox.
Duration of Regulatory Sandbox testing was about six months initially when the Discussion Paper was floated but now, after NASSCOM inputs on the paper, maximum allowed duration for testing in the Regulatory Sandbox has been capped at a maximum of 12 months which may be extended on an individual basis for another brief period depending on the requests made therein.
SEBI mandates all entities that have tested in the Regulatory Sandbox to submit an elaborate report which will have an exhaustive record of all important statistics relating to the performance of the FinTech tool, challenges faced, findings of the test, performance indicators or milestones, etc. This report has to be submitted within 30 days from the date of expiry of the testing phase allotted by SEBI to every such entity.
The Exit plan of a FinTech innovation after the successful completion of the test period in the Sandbox is extremely crucial. Once the above mentioned reports are submitted and the timeline is adhered of well, SEBI will now determine the future of such FinTech innovation which can be fixed into broadly three possible outcomes12:
As reiterated several times in this paper, time and again SEBI has kept it straightforward when it comes to maintaining market integrity and protecting investor money. SEBI has reserved rights to revoke any approval given to an entity for Regulatory Sandbox testing. Largely, on the following instances or grounds, SEBI can recall the powers given to an entity for conducting tests13:
Thus, these are some grounds when SEBI can revoke or recall any application which was originally granted to a market entity registered with SEBI.
FinTech innovations are acknowledged by SEBI which goes a long way in showing the intentions of the regulator. Having a landmark move like that of introducing innovations to securities market require good backing of data and tangible grounds to believe that it will not backfire.
The following are some benefits that arise out of the introduction and the successful use of Regulatory Sandbox both from the regulator and the testing entity’s point of view:
While on the face of it there do not seem to be many limitations apart from the following few which are apparent:
SEBI is testing the gun before it reaches the battlefield. In other words, before any FinTech innovations hit the market, this is a wonderful and a very practical checkpoint that entities would love to embark upon in order to understand and yield the desired fruit for their innovations. Since SEBI is the only regulator of everything related to capital markets in India, it would surely want to play safe and vigilant. The Regulatory Sandbox acts as wonderful tool that provides empirical data having evidentiary value that highlight the performance of modern day FinTech innovations. At a pilot stage, you don’t expect the mechanisms to be alive and kicking precisely why, this real life like testing conditions with live customers, SEBI is inviting big players who believe their FinTech innovations have the potential of disrupting the way capital markets worked in India.
The Regulatory Sandbox is a tried and tested mechanism around the world with perhaps its introduction going back to 2016 in the United Kingdom. After that, countries like Canada and United States have followed a similar path to introduce a controlled environment which is real life like but not open to the scale that market intends to cater to. Regulatory Sandbox is a big plus in the Indian context and that can be noted by the RBI and IRDAI’s similar trajectory towards introducing it. While FinTech as a concept is new in India and the market potential can be best utilised when there are real life opportunities given to entities. I personally feel the Regulatory Sandbox is a brilliant mechanism with very limited and extremely calculated risk. As stated earlier, this method of testing innovations that intend to benefit people at large in their trade in Indian securities market allows innovators to ‘learn by doing’. Performing real life tasks and getting real time feedback and performance reports is a definite boost for the end product that the innovators are trying to optimize.
The long list of benefits that accrue of the Regulatory Sandbox and their whole framework is a definite plus for both SEBI and the FinTech innovator/entity. A regulator will definitely look at the best market practices and would prefer to inherit those into his area of business. For SEBI, the Regulatory Sandbox acts as an active tool that facilitates or rather bridges the gap between excellent FinTech solutions and its market worthiness. This method of live testing with real time customers helps the regulator to filter only the best and implement them immediately for the benefit of the investors. SEBI runs along the root principle of maintaining integrity and principles of fairness both towards the market operations and the investors basing which this Sandbox provides for an excellent platform that is tried and tested by innovators who stand up to that regulatory expectations and deliver efficient solutions. I believe the Sandbox method of adopting to technological advancements is the right pathway which is echoed through similar paths followed by the Reserve Bank of India and IRDAI. If three leading regulators back a formula, they are certainly not going wrong.
The flip side of the above arguments is the limitations which although are short-lived and very much solvable but still are a preponderance to entities when it comes to their analysis of resources plugged in for testing vis-à-vis their end goal of hitting the market. It would be great if SEBI plays an accommodative role as a market regulator and does not seem to have overreaching vigilance and provides a breather wherever possible for the innovators in order to suck out the best of FinTech innovations. The limitations w.r.t return of the investment made by the market entity can be guaranteed with a plush and detailed exit plan that SEBI can formulate which is both transparent and fair for the innovators. I do agree to the fact that no entity with its innovation would want to go back rejected despite putting in the best possible efforts, resources, and money into their dream project. Afterall, if the entities find light at the end of the tunnel, they will certainly take Regulatory Sandbox seriously and the performance of their innovations would certainly lead to a bright ray of light whereby the same will be accepted and adopted by SEBI ultimately to be implemented in the Indian securities market.
Thus, to conclude, the Regulatory Sandbox is a solid and well structured base that SEBI has articulated to ensure the best of FinTech innovations reach the securities market. For the ultimate benefit and efficient operation of the capital markets, SEBI’s ‘learn by doing’ approach through Regulatory Sandbox is definitely commendable and I am sure this will lead to better regulatory policies and Indian investors will have the right set of FinTech innovations for their benefit.