Let us talk about E-Contracts (II): E-Commerce Business Models

Without any argument, new communication systems, especially digital payment technologies, have supplanted the snail-paced conventional systems of communication and transactions. Business communities and consumers are increasingly using digital means to send and receive information in electronic form. The reason is that the information technology (IT) has abridged the time and distance factor in transacting business. Nowadays, inflow and outflow of information have become instant and momentary. Therefore, one principal contribution of IT is in the field of contract-formation.

Electronic contracts (e-contracts) are born out of the need for speed, convenience and effectiveness. The law has already recognised contract-formation using facsimile, telex and other similar technologies.

Let us envision a contract between an Indian businessman and an English businessman. Away from digital means, one option is that one party first draws up two copies of the contract, signs them and sends (through postal or courier service) them to the other, who, in turn, signs both copies and sends one copy back. The other option would be that the two parties meet somewhere and sign the contract. However, within the digital world, the whole process can be completed in seconds, with both parties simply affixing their electronic signatures to the electronic copy of their contract. There is, thus, no need for tardy dispatching mechanism (postal or courier services) and/or supplementary travelling costs in such a situation.

Before proceeding with the E-Contracts, let us have a brief look at the basics of the business model and kinds of transactions under which e-contracts are mostly used.

E-Commerce Business Models

Electronic commerce (e-commerce), in a very general sense, refers to buying and selling products and services over the internet and the World Wide Web (www). E-commerce, however, in actuality, includes all forms of commercial transactions involving both—organisations and individuals—that are based upon the electronic processing and transmission of data including text, sound, and visual images; and involves transactions over the internet as well. In addition, e-commerce also refers to the effect that the electronic exchange of commercial information may have on the institutions and processes that support and govern commercial activities.

There are several ways of looking at e-commerce:

(1) From a communications perspective, it is the ability to deliver products, services, information, or payments via networks like the internet.

(2) From an interface view, it means information and transaction exchanges: business-to-business (B2B), business-to-consumer (B2C), consumer-to-consumer (C2C), and business-to-government (B2G).

(3) As a business process, e-commerce means activities that support commerce electronically by networked connections. For example, business processes like manufacturing and inventory and business-to-business processes, like supply chain management is managed by the same networks as business-to-consumer processes.

(4) From an online perspective, e-commerce is an electronic environment that allows sellers to buy and sell products, services, and information on the internet. The products may be physical, like cars; or services, like news or consulting, etc.

(5) As a structure, e-commerce deals with various media: data, text, web pages, internet telephony, and internet desktop video.

(6) As a market, e-commerce is a worldwide network. A local store can open a web storefront and find the world at its doorstep—customers, suppliers, competitors, and payment services. Of course, an advertising presence is essential.

Types of Online Transaction

Online transactions can be recognised and categorised in four ways:

Business to Customer (B2C)

It is the transaction where a business entity on one side and an individual customer, on the other hand, conduct business. The expression B2C has been commonly used to refer to a sale by a business enterprise or retailer to a person or ‘consumer’ conducted through the internet. For instance, Flipkart.com which provides facilities for customers to buy goods from the website—is an example of a B2C e-business. In this situation, the website itself serves the purpose of a shop. The B2C transactions can be in relation to both—tangible and intangible products. The focal point of this e-commerce application is on the consumer’s use of a merchant’s web storefront or website. Consumers from any place can browse and order for goods and services online at any time. B2C is an electronic equivalent of the conventional mail-order or telephone-based ordering system.

Business to Business (B2B)

It is the type of e-commerce where there is an exchange of products, services, or information between businesses using the internet, rather than between businesses and consumers. Alibaba.com is the prominent example of B2B model.

Customer to Business (C2B)

Customer to Business (C2B), also known as Consumer to Business, is the most recent e-commerce business model, where individual customers offer to sell products and services to companies that are prepared to purchase them. It is the opposite of the traditional B2C model. Example of this model is blogs or internet forums where the author offers a link back to an online business facilitating the purchase of some product (like a book on Amazon.com), and the author might receive affiliate revenue from a successful sale.

Customer to Customer (C2C)

It is the transaction which involves two or more customers with business entity merely providing a web-based interface to facilitate the consumer to consumer transactions (B2C). The expression C2C generally refers to the sale of a product pertaining to a consumer to another consumer either directly or through an intermediary exclusively dedicated for this activity. One best example of C2C website is Ebay.com, which is an online auction site, where any person can buy and sell, and exchange goods and articles using this website. This website provides the web-based interface (i.e. the website with its database and other functions) and users can transact freely with each other. Another example is Amazon, which in fact, acts as both a B2C and a C2C marketplace.

Recommended Readings

  • Alan Davidson, The Law of Electronic Commerce, Cambridge University Press, (2009).
  • R K Singh, Law Relating To Electronic Contracts (2017)

Simplifying FinTech and FinTech Laws: Key Takeaways for Indian FinTech Industry

The significant advancements in Fintech are directly impacting on the traditional financial sector. The regulators had to be cautious in order to not miss the train and should jump on the wagon of promoting financial innovation and stiff competition in the sector. The newcomers in the sector should be provided certain leniency in form of exemptions from a number of strict compliances which are used to curb the malpractices of the big corporations, for the sake of promoting competition in the market. This post is dealing with key takeaways from reports of different regulators’ committees in India. This is the last post in the series of ‘Simplifying FinTech and FinTech Laws’.

Fintech charged firms and businesses must work in tandem with the regulated entities, e.g. banks and regulated finance providers. The businesses that a bank can undertake are provided under Section 6 of the Banking Regulation Act, 1949 and there is no business outside Section 6 that can operate as the bank. Such provisions, therefore, incentivize banking companies to make fintech innovations in a narrower scope relevant to their operations. The archaic laws make it difficult for banks to undertake fintech innovations that can be of significant utility but are beyond the scope of financial regulation.

The Watal Committee Report noted this, that:

“The current law does not impose any obligation on authorised payment systems to provide open access to all PSPs. This has led to a situation where access to payment systems by new non-bank payments service providers, including FinTech firms, is restricted. Most of them can access payment systems only through the banks, which are also their competitors in the payments service industry. This, according to the Committee, has restricted the fast-paced expansion of digital payments in India by hindering competition from technology firms.”

Forming a comprehensive and non-discriminatory regulatory approach

Regulators and legislators are required to realign their legal approach to the Fintech services. There is a requirement of developing a deeper understanding of various Fintech services and their interaction in a financial environment with other fintech services. To provide the fintech space to work utmost to its potential, it is needed that it gets a level playing field in relation to the traditional banking and non-banking players. The practise of restricting the access of non-bank institutions to payment infrastructure, such as AEPS, has to be reevaluated and the proper steps to be taken. It is required from the end of Government and Regulatory bodies that they should adopt necessary measures in order to provide accessibility to national payment infrastructure and facilities to all fintech firms without any discrimination.

Providing Standards for Data Protection and Privacy

All the fintech companies are required to invest significantly in self-regulating policies to prevent privacy risks. Fintech companies should be provided with the standards of data protection as soon as possible by government and regulators. It is evident that the provisions of the Personal Data Protection Bill, 2019 can significantly affect the growth of Fintech companies. Therefore, the standards adopted for fintech companies by regulators should be reviewed with respect to data protection and privacy concerns. The government and regulators specific to finance of the country should start focusing on the valuation of data that is processed by banking companies and recommend practices to safeguard consumer interests.

Open Data principles should govern the financial sector in order to enhance Competition

The regulators should pay heed to the open data policy among participants of a fintech sector. The regulators should begin with the mandatory norms directing financial service companies to encourage banking institutions to enable participants to access the databases of their rejected credit applications on a specific platform on a consensual basis. The practice of the UK with respect to Open Data Regulations in Banking can be adopted, where banking institutions on the basis of consent framework allow data to be available to banking partners in order to foster competition. Even the RBI Steering Committee on Fintech recommended:

“It also recommends that all financial sector regulators study the potential of open data access among their respective regulated entities, for enhancing competition in the provision of financial services.”

The KYC process should be reformed with respect to the Supreme Court’s Judgment on Aadhaar’s validity

Fintech businesses are the most affected entities due to the striking down of Section 57 of the Aadhaar Act as it invalidated the online KYC process. The online KYC and authentication provided the required efficiency and convenience to fintech firms with respect to their endeavours of on-boarding as many as consumers on their digital platform. It is recommended that alternatives to the mandatory linking to Aadhaar should be adopted in the form of possible video-based KYC, such that the documents as verified must be protected and processed with the prior consent of the consumer.

Other key recommendations

1. It is recommended that the adequate cybersecurity, anti-money laundering and fraud control measures should be adopted by investing in technologies and guidelines that can prevent fraud.

2. Technical innovations should be monitored with respect to the potential risk that innovation carries in operation under the contemporaneous legal landscape of the country.

3. A self-regulatory body to facilitate the needs of fintech is much needed as for the RBI it is still turning out to be difficult to replace the existing regulatory structure. A regulatory mechanism allowing the broader participative consultation approach should be adopted.

4. Regulators should invest in Reg-Tech (“Reg Tech is a sub-set of FinTech that focuses on technologies that facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities. In July 2015 the FCA issued a call for input entitled ‘Supporting the development and adoption of Reg Tech’.”)

5. The majority of economies have adopted the practice of setting up of the regulatory sandboxes catalyzing the fintech innovations. It is recommended that RBI should continue with the introduction of the mechanisms, like regulatory sandboxes, enabling the adaptation of regulatory initiatives which will play a key role in maintaining India’s competitive edge.

Simplifying FinTech and FinTech Laws: Regulatory Initiatives taken by Government and Regulators in India for FinTech

No industry in the economy can boom unless it is supported by the Government in the country it wishes to further expand in. A fine line exists between regulation and obstacles for the industry to boom. In light of this, the Government of India has begun to take initiatives and steps toward the stronger building of fintech in the country, paving the path for this industry to a brighter future. This post will give you a brief overview of all the regulatory initiatives that the Government and Regulators have taken to promote the FinTech in India. This is the fourth post in the series of ‘Simplifying FinTech and FinTech Laws’.

Fintech in the past decade has expanded rapidly. What once emerged as merely as an intersection point of financial services and technology, has now become an important aspect of India’s economy. With the vision of the country towards a digitized and less dependent economy with ‘make in India’, fintech has gained a larger space to expand in and function smoothly. According to the NASSCOM Report ‘Fintech Landing- Unlocking Untapped Potential’, it is because of initiatives in India that have led India to emerge as a leader for the fintech industry worldwide. According to this research by NASSCOM, India alone harbours 2% of the largest start-up base for fintech in the world and also leads in the rate of adoption of fintech at 87% adoption rate.

Not only the initiatives by the Government adversely affect the success of the fintech industry in the country, but the allied regulators of financial institutions play a role as well. These include regulators such as SEBI, RBI, Insurance Sector, etc. Such an encouraging atmosphere for the development of fintech in the country has increased faith in fintech among the consumers in the country, for easier and grass-root adoption and acceptance of fintech.

Initiatives by the Central Government

Encouragement for the Start-Ups

With the policies such as that of make in India and to boost the Indian economy, the start-ups are increasingly supported by the Government. In 2015 itself, over 12,000 start-ups in the area of fintech emerged across the world. In India, the initiative to support the start-ups was launched by the Central Government in 2016, reserving USD 1.5 billion funds to support the start-ups. Under the increased support, he start-ups began to receive in the country, there are more than 600 startups in fintech at present in India. It is in light of such an initiative begun by the Government and supported by the allied stakeholders that India progresses towards the vision of a completely digitalised economy, promoted innovation and leading economy with sustainable growth.
In further aid of this initiative that the Government has now introduced tax reliefs such as 3-year exemption from paying tax for the start-ups along with other exemptions, credit guarantee, etc.

Digitization of the Economy

The current Government fiercely promotes the digitization of the economy. Whether intended or not, the unprecedented demonetization has acted nothing less than a catalyst in increasing the digital payments in the country. Having scaled the benefits of digital payments, it is now increasingly used by the country than retreating back to the physical currency. Such an environment is an ideal environment for the fintech ecosystem to thrive in.

Taxation Reliefs

Apart from the policies of the Government to support the fintech, taxing regime plays a major role in the growth of the fintech industry in the country. The 2016 Budget introduced tax rebates for those traders who transacted more than 50% of their bill digitally. The Ministry of Finance further proposed withdrawal of surcharge on digital payments of cards and online used to avail government services. The surcharges as of now stay relaxed.

Protection of Intellectual Property

The fintech start-ups are supported with ease in the procurement of intellectual property (IP) acquirement. The facilitation in the acquirement of trademarks, patents, designs, etc. has led to an increase in the start-ups under the fintech industry in the country. Moreover, under the start-ups initiative, the Government offers 80% rebates for the patent costs required for the start-ups.

Infrastructural Plans

The Government’s plans to accelerate the economy of the country with digital India and Smart Cities have led to an increase in reliance upon fintech in the country more than ever. Not only the local fintech industry is expected to benefit out of his but the outsourcing and foreign investment are also expected to be increased to further the advancement of the fintech industry in the country.

National Payments Council of India

It is the umbrella organisation for all retail payments in India, under the guidance of RBI and Indian Banks Association. With the increase of multiple usages of mobiles in India and increased acceptance of Unified Payment Interface (UPI), there was a paved way for the National Payments Council in India (NPCI). The expected userbase of smartphones is by 2020 is 500 million. Thus, the digital footprint is expected to rise as well. Initiatives by the NPCI such as that of Rupay Cards have led to fintech adopting such technologies, penetrating further into the traditional banking system in the country.

India Stack

India Stack is a set of Application Program Interfaces that allow entities such as businesses, start-ups, governments and developers to engage in the utilisation of the digital infrastructure. This unique feature of India Stack helps to solve problems in ground level in India and promote the paperless, cashless and presence-less delivery system in India. India Stack mirrors the support system offered to the telecom industry back in the 1990s for the fintech industry in the country. This has enabled the manifold increase in fintech in the country and has facilitated easy adoption of fintech by the innovators, entrepreneurs, other industries and companies. However, after the Aadhaar judgment, the India Stack programme has stopped.

Initiatives by Financial Market Regulators

The financial market regulators (FMRs) role has gravely impacted the fate of the fintech industry in the country. Some of the primary FMRs are discussed herein:

Reserve Bank of India (RBI)

One of the most recent initiative by RBI for the adoption of fintech in the financial market is allowance to set up the regulatory sandbox. This refers to the controlled environment in which live testing of digitally innovative techniques may be conducted in the arenas of e-KYC, retail payments, management of wealth, etc. RBI has also acknowledged the possibility of fintech disruptions in the financial market, in light of which certain regulatory norms have been introduced. However, it is to be noted that these are purely regulatory in nature in benefit of the consumers and fintech industries, without creating a hurdle for the boom of the fintech industry. Moreover, to better understand the nitty-gritty of fintech in influencing the traditional financial market, RBI set up an inter regulatory working group to come up with an appropriate framework for fintech without disrupting its functions. RBI in 2017 released a ‘Report on Working Group on Fintech and Digital Banking’ acknowledging fintech to be a point of attention in today’s era and uncertain regulatory regime to stunt its growth. Thus, RBI persuades other sectors to be better apprised with fintech to come up with better and definable regulatory regime so as to not cause unprecedented or unforeseen loss to this industry and continue with its growth.

However, with no uniform set of guidelines and no particular authority to govern fintech, fintech at present faces loss in this area. The aforementioned market regulators have their own policies for fintech which often overlap and defeat the purpose of facilitating policies to obstacles fintech needs to overpower to ensure its smooth functioning. The grey areas of fintech require to be urgently addressed so that the booming growth does not reduce to stunted growth of the industry India expected to lead in future. It is expected with RBI’s report and acknowledged lacuna in the current fintech ecosystem, changes are soon to begun to take place across all sectors in the financial market to ease the functioning of fintech for greater benefits.

The RBI has also introduced several small fintech spaces in order to invite comments from general stakeholders before issuing any regulation governing new technologically innovative financial products. The RBI has released a ‘Draft enabling Framework for Regulatory Sandboxes’ which proposes guidelines on governing regulatory sandboxes to be established by RBI to check on the R&D of new fintech products and services.
The RBI, as well, has recognized the need for confidentiality and data protection. The RBI’s “Master Circular on Mobile Banking Transactions in India” states that “technology used for mobile banking must be secure and should ensure confidentiality”.

Below is the table that represents how well are such fin-tech regulatory sandboxes faring. This is an independent research initiative by the author.

Country Name of the Regulator Date of Starting Sandbox Name/ Project Name Number of Participants Remarks
The United Kingdom Financial Conduct Authority (FCA) Launched in October 2014- First cohort of applications opened on May 2016 The regulatory sandbox is a part of the project called Innovate by FCA Nearly 375 Applications (Since 2016); Nearly 131 Applications have been accepted. Sources: FCA publication on’Regulatory Sandbox lesson learnt’ https://www.fca.org.uk/publication/research-and-data/regulatory-sandbox-lessons-learned-report.pdf. Also See, Official Webpage of the FCA Regulatory Sandbox, https://www.fca.org.uk/firms/regulatory-sandbox/cohort-1 Following sources have been referred to understand the framework of ‘Regulatory Sandboxes’ in the UK: 1) FCA publication on Regulatory Sandbox https://www.fca.org.uk/publication/research/regulatory-sandbox.pdf; 2) FCA publication on’Regulatory Sandbox lesson learnt’ https://www.fca.org.uk/publication/research-and-data/regulatory-sandbox-lessons-learned-report.pdf; 3) Guide to Financial and Regulatory Innovation https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/701847/UK_finanical___regulatory_innovation.pdf
Singapore Monetary Authority of Singapore Launched in November 2016 There are two kinds of Sandboxes that have been proposed under the MAS supervision: ‘Sandbox’ and ‘Sandbox Xpress’ Nearly 50 Formal Applications have been considered; Half were withdrawn; 1/3rd proceeded without the need of Sandbox; remaining being approved or under review. (till 2019) Source: NUS CBFL working paper 19/04 https://law.nus.edu.sg/cbfl/pdfs/working_papers/CBFL-WPS-1904.pdf The low figures of participation is because MAS is very specifically selective about the applicants and MAS’ view of Sandbox as a last resort to facilitate innovation,
with the primary tool being instituting facilitative regulations in the first place. Further readings are important: https://law.nus.edu.sg/cbfl/pdfs/working_papers/CBFL-WPS-1904.pdf; MAS gidelines on Sandbox https://www.mas.gov.sg/-/media/MAS/Smart-Financial-Centre/Sandbox/FinTech-Regulatory-Sandbox-Guidelines-19Feb2018.pdf?la=en&hash=B1D36C055AA641F580058339 09448CC19A014F7; The MAS Act https://www.mas.gov.sg/regulation/acts/mas-act
Australia Australian Securities and Investments Commission (ASIC) Launched in December, 2016 Fintech Regulatory Sandbox is a part of Project Innovation Hub by the ASIC As set out in ASIC’s Innovation Hub Progress Report as of October 2018, 314 entities requested and received informal assistance, and 67 new AFSLs/ACLs were granted. In 2018–19, the Innovation Hub provided informal assistance to over 190 businesses (fintech and regtech), helping them consider regulatory issues early and where relevant prepare licence or relief applications. Source:ASIC Cooperation Report 2017-18 https://download.asic.gov.au/media/4922434/annual-report-2017-18-published-31-october-2018-section5.pdf & ASIC Cooperation Report 2018-19 https://download.asic.gov.au/media/5314426/asic-annual-report-2018-19-section-5.pdf. The Treasury Laws Amendment (2018 Measures No. 2) Bill 2019 (Bill) could provide an example of ideal specific legislative framework related to Fintech Sandboxes given the number of benefits it proposes. The Bill aims to enhance the existing regime by enabling more businesses to test a wider range of financial products and services, for a longer period of time. The Federal Government anticipates that this will help drive competition in the financial services industry, incentivising financial providers to be more responsive to the needs of consumers. While the Bill broadens the types of credit products and services which are eligible for the regime, it simultaneously imposes stricter requirements on credit services which are already subject to the regime. Sources referred: ASIC expands Sandbox Regime https://www.lexology.com/library/detail.aspx?g=825aafdb-0cf4-4dfd-b6b0-be411bb5f957;
Malaysia Bank Negara Malaysia (BNM) through its cross-functional group the Financial Technology Enabler Group (FTEG) Launched in October 2016 Regulatory Sandbox Till October 2019, 80 applications have been submitted under the Financial Technology Regulatory Sandbox. Source: Assistant Governor Keynote Address at the Takaful Rendezvous 2019 – “Leading in a Disruptive World – Revolutionising Takaful” at https://www.bnm.gov.my/index.php?ch=en_speech&pg=en_speech&ac=841. In 2017, there have been four confirmed participants and while in 2018 , there have been six confirmed participants (in which 1 exited later). Source: The State of Regulatory Sandboxes in Developing Countries, Digital Financial Services Observatory, Columbia Institute for Teleinformation, Columbia University, New York, https://dfsobservatory.com/sites/default/files/DFSO%20-%20The%20State%20of%20Regulatory%20Sandboxes%20in%20Developing%20Countries%20-%20PUBLIC.pdf Sources to refer: 1) BNM has provided a regulatory framework for the ‘Fintech Regulatory Sandbox Framework”. http://www.bnm.gov.my/index.php?ch=57&pg=137&ac=533&bb=file; 2) Infographics explain it all, https://www.myfteg.com/?page_id=1129; 3) The State of Regulatory Sandboxes in Developing Countries, Digital Financial Services Observatory, Columbia Institute for Teleinformation, Columbia University, New York, https://dfsobservatory.com/sites/default/files/DFSO%20-%20The%20State%20of%20Regulatory%20Sandboxes%20in%20Developing%20Countries%20-%20PUBLIC.pdf; 4) FAQs related to Sandbox, https://www.myfteg.com/?page_id=1133.
Hong Kong Hong Kong Monetary Authority Launched in November, 2016 Fintech Supervisory Sandbox (FSS) Nearly 170 Tested Participants [By the end of 2017, 28 fintech products tested (HKMA Annual Report 2017, Pg109, https://www.hkma.gov.hk/media/eng/publication-and-research/annual-report/2017/AR2017E.pdf), then by 2018, 42 products have been tested (HKMA Annual Report 2018, Pg.7, https://www.hkma.gov.hk/media/eng/publication-and-research/annual-report/2018/AR2018E.pdf) and till October 2019, around 92 new technology projects have been tested (Usage of the FSS until the end of October 2019, https://www.hkma.gov.hk/eng/key-functions/international-financial-centre/fintech/fintech-supervisory-sandbox-fss/)%5D. Nearly 84 products have been rolled out in the Market successfully (14 in 2017, 28 in 2018 and 42 till October 2019) Following sources are required to be referred to: HKMA-FSS framework of guidelines, https://www.hkma.gov.hk/media/eng/doc/key-information/guidelines-and-circular/2016/20160906e1.pdf; HKMA Annual Report 2017, Pg109, https://www.hkma.gov.hk/media/eng/publication-and-research/annual-report/2017/AR2017E.pdf.
Securities and Futures Commission (SFC) September, 2017 SFC Regulatory Sandboxes In 2018, there have been 2 firms that have been tested. (Source: https://bfsi.economictimes.indiatimes.com/news/regtech/global-sandbox-by-gfin-to-boost-cross-border-innovation-in-financial-services-fintech-association-of-hong-kong/69376356) Checked all the official reports but they have not provided any explicit number. I have scheduled a call with Syed Musari, Chairman of the HK Fintech Assn. [On call also he said there are 2 only such firms that have been confirmed till now) Following Sources: ‘Circular to announce SFC Regulatory Sandbox’, https://www.sfc.hk/edistributionWeb/gateway/EN/circular/openFile?refNo=17EC63
Insurance Authority (“IA”) Launched in September, 2017 IA Insur-tech Sandbox Since the launch of Insurtech Sandbox until end February 2019, IA received eight sandbox applications and two were completed and rolled out to the market. Source: Discussion Paper, Legislative Council Panel on Financial Affairs, LC Paper No. CB(1) 70/18-19(04), Pg.6, https://www.legco.gov.hk/yr18-19/english/panels/fa/papers/fa20190401cb1-760-4-e.pdf Following sources can be referred to: 1) https://www.ia.org.hk/en/aboutus/insurtech_corner.html#1 ; 2) Discussion Paper, Legislative Council Panel on Financial Affairs, LC Paper No. CB(1) 70/18-19(04), Pg.6, https://www.legco.gov.hk/yr18-19/english/panels/fa/papers/fa20190401cb1-760-4-e.pdf
Bahrain Central Bank of Bahrain’s FinTech and Innovation Unit Launched in May 2017 The Regulatory Sandbox Since its launch in 2017, 35 Fintech participants have been included in the Sandbox. (As provided on the official website in the section of ‘Regulatory Sandbox Register’ at https://www.cbb.gov.bh/fintech/). Although, till 2018 CBB received 48 applications. (Source: CBB Annual Report, https://www.cbb.gov.bh/wp-content/uploads/2019/04/CBB-Annual-Report-2018-English-1.pdf) Following sources: 1) ‘Regulatory Sandbox Register’ at https://www.cbb.gov.bh/fintech/ ; 2) CBB Annual Report, https://www.cbb.gov.bh/wp-content/uploads/2019/04/CBB-Annual-Report-2018-English-1.pdf; 3) The Circular https://cbb.complinet.com/net_file_store/new_rulebooks/c/o/Cover_letter-Regulatory_Sandbox-Amended28Aug2017.pdf
Netherlands De Nederlandsche Bank (DNB) Aand Dutch Authority for the Financial Markets (AFM) as per their MoC (Memorandum of Cooperation) Launched in January 2017 Regulatory Sandbox’ under the Innovation Hub There is no specifc register or data that is available for the number of entities that are strictly part of the Regulatory Sandbox (Even in their guiding paper released in December 2016, they specifically stated in Section 4, at Pg.5, that “such requests are confidential and will be treated as such”.) Although, the regulators have shared that total 650 queries has been received by the Innovation Hub and Sandbox together till 28th August 2019 (Source: Report DNB-AFM, Continuing Dialogue, InnHub and RegSandbox: lessons learned after three years, https://www.dnb.nl/en/binaries/Continuing%20dialogue_tcm47-385301.pdf) Following Sources can be referred to: 1) De Brauw Blackstone Westbroek, https://www.debrauw.com/alert/dnb-afm-create-regulatory-sandbox/; 2) Guiding paper/Framework related to Regulatory Sandbox, https://www.dnb.nl/en/binaries/More-room-for-innovation-in-the-financial%20sector_tcm47-361364.pdf?2020011512; 3) Report DNB-AFM, Continuing Dialogue, InnHub and RegSandbox: lessons learned after three years, https://www.dnb.nl/en/binaries/Continuing%20dialogue_tcm47-385301.pd; 4) European Banking Authority, Report, FinTech: Regulatory sandboxes and innovation hubs, https://www.esma.europa.eu/sites/default/files/library/jc_2018_74_joint_report_on_regulatory_sandboxes_and_innovation_hubs.pdf.)
UAE Financial Services Regulatory Authority Launched in August 2016. Although, the first cohort started in May 2017 FinTech Regulatory Laboratory (RegLab) Until October 2019, 185 Applicants, 74 Participated – [First Cohort: 11 Applicants, 5 Selected (Official Press Release, https://www.adgm.com/media/announcements/abu-dhabi-global-market-admits-first-5-regional-and-international-reglab-applicants); Second Cohort: 22 Applicants, 11 Selected (Official Press Release, https://www.adgm.com/media/announcements/abu-dhabi-global-market-admits-2nd-reglab-cohort-with-11-more-local–global-fintech-firms); Third Cohort: 69 Applicants, 26 Selected (Official Press Release, https://www.adgm.com/media/announcements/abu-dhabi-global-market-admits-3rd-reglab-cohort-with-more-uae-fintech-firms); Fourth Cohort:83 Applicants, 32 Selected (Official Press Release, https://www.adgm.com/media/announcements/adgm-admits-4th-reglab-cohort)%5D. Following sources: 1) The official Guidance, The guidance paper, http://adgm.complinet.com/net_file_store/new_rulebooks/f/i/FinTech_RegLab_Guidance_VER01_31082016.pdf; 2) Entire legal framework and associated papers can be found here http://adgm.complinet.com/en/display/display_main.html?rbid=4503&element_id=13995.

Securities Exchange Board of India (SEBI)

The presence of SEBI has largely affected the financial market for over two and a half decades now. The interface of technology in the financial market has only led to a rise in the financial sector. It has led to efficiency in the system of trading, reduced costs of transactions and an increase in consumer base. Not only this, technology has played a significant role in democratising the financial market. While these remain the immediate effect felt of technology as it entered the financial market, more recent are the machine-based and algorithmic trading. SEBI has warmly welcomed technology in the market with screen-based trading, dematerialisation of shares and using it as a platform to offer nationwide trading. The capital market in India with such innovations backed by SEBI has witnessed the transformation in recent years.

Insurance Sector

The innovation in the insurance sector has always been thought about twice, such that its adoption has remained the slowest in this sector in the financial market. However, the past decade with the rise of fintech has seen the regime of insurance sector change, especially with the digital channels and process automation. Technology has further led to the addition of personal touch and customised services for consumers. The fintech had led to increasing common conscience of the society to repose faith in the insurance sector due to customised services and cost-effective functions. Fintech has ensured that the start-ups in the insurance sector do not act as a tool of disruption in the insurance sector and spread a sense of insecurity amongst the existing companies but act as a collaborator, collate the efforts of all and direct services for the benefit of the consumers.

Recommended Readings:

Solve India’s problems’: Modi launches Rs 100 billion fund, generous tax breaks for Indian start-ups, First Post, 17 January 2016, http://www.firstpost.com/business/pm-modis-grandinitiative-for-indian-start-ups-a-rs-10000-cr-fund-3-year-tax-rebate-2587272.html accessed on 25 May 2016.
Budget 2016: Start-ups get 100 per cent tax exemption for 3 years on profits, 29 February 2016, DNA India, http://www.dnaindia.com/money/report-budget-2016-start-ups-get-100-taxexemption-for-3-years-on-profits-2183981(last accessed on 25 May 2019).

Manisha Shroff, Nikita Nehriya, Ankit Chavan and Praneetha Vasan, Data Privacy: Have Banking Laws in India kept pace with Technology, Indian Law News Vol 9 Issue 2, at https://www.khaitanco.com/PublicationsDocs/IndiaLawNews-KCOcoverageManishaShroff-Copy%20(2).pdf

Simplifying FinTech and FinTech Laws: All the laws that govern digital payments and transactions in India

Over the years, the financial services industry has become increasingly regulated in terms of adoption of technologies for facilitation and disintermediation of transactions. The extensively fragmented laws and regulations certainly make it difficult for any person and entity to objectively find the mandatory requirements that a law imposes upon them. This post will give you a brief overview of fintech laws and the various ways in which they govern our digital transactions. This post is the third one in the series of ‘Simplifying FinTech and FinTech Laws’.

The legal topography that regulates the Fintech services in India is majorly distributed, and there is not a single comprehensive regulation or legislation that governs the Fintech industry in the country. The lack of a complete and comprehensive single set of guidelines or regulations makes it hard to refer to actual authorities that are supposed to govern the Fintech in India. The legislative or regulatory, whichever it is, primarily comprises of:

The Payment and Settlements Act, 2007

The sources of law that actually governs payment in Indian jurisdiction are the Payment and Settlement Systems Act, 2007 (PSS Act) and the Payment and Settlement Systems Regulations, 2008 and rules as issued thereunder. Basically, these are the statutes from which India’s central bank, the Reserve Bank of India, derives power to function and regulate payment and settlement system in India. In accordance with the PSS Act, the RBI has wide discretionary powers to issue orders, directions and rules to financial systems established in India. There are several recommendations (pending), to change the PSS Act and form a new regulatory board named as the Payments Regulatory Board (PRB), while the necessary amendments to the PSS Act still await.

As per the PSS Act, any person inclusive of the non-banking financial companies (NBFCs) which want to undertake the operation of a payment system, may do so as upon taking the authorization by the RBI. The Act provides several eligibility criteria that are required to be fulfilled by that person or company wishing to operate as a payment system. Further, technology facilitators between merchants and banking institutions (that process and settle the transactions), are known as ‘Gateway Service Providers’, doesn’t have to acquire any authorization from RBI. For instance, common gateway service providers are BillDesk, RazorPay, InstaMojo etc.

The PSS Act is the primary legislation that governs the regulation pf [ayments in India. The PSS Act provides the definition of the “payment system” such that:

“a system that enables payment to be effected between a payer and a beneficiary, involving clearing, payment or settlement service of all of them, but does not include a stock exchange”.

Master Direction on Issuance and Operation of Prepaid Payment Instruments

Prepaid Payment Instruments (PPIs) that are pre-loaded values (basically your PayTM or Freecharge wallets) and in some cases that value can be utilized for a specified purpose only as payment (basically Ola Money). PPIs provide the value to existing in a specified form which facilitates the payment for goods and services also in certain cases person to person remittance transactions of money for eg. sending money to your friends or family members. As defined in Rule 2.3 of the Master Directions:

“PPIs are payment instruments that facilitate purchase of goods and services, including financial services, remittance facilities, etc., against the value stored on such instruments. PPIs that can be issued in the country are classified under three types viz. (i) Closed System PPIs, (ii) Semi-closed System PPIs, and (iii) Open System PPIs.”

The Master Directions were issued by the RBI on October 11, 2017, and amended from time to time. It provides the eligibility criteria that is required to be followed by the PPI issuers, provides the thresholds for debits and credits that can be done using PPIs, and also provides the other operational obligations that are required to be fulfilled by a PPI issuer at the time of issuing such instruments to its customers in India. PPIs come into the ambit of the term ‘payment system’ as provided under the PSS Act and henceforth have to comply with the PSS Act and the Master Directions, both. PPIs include brand-specific gift cards, e-wallets like PayTM wallet, Freecharge, Mobikwik, shopping or travelling cards as issued by the Banks themselves, etc.

NPCI Guidelines governing the UPI Payments

UPI payments are governed through the Procedural Guidelines related to UPI and Operating and Settlement Guidelines related to UPI, as issued by the NPCI. As per the contemporary governing framework, the Banks only have the scope to provide UPI payment services to consumers. Banks are authorized to integrate the UPI platform into their payment systems. They operate over the UPI platforms by engaging the services of a technology provider, in such circumstances the Guidelines subject such technology providers and the Banks to strict compliance with certain norms as prescribed by the NPCI.

“The Unified Payment Interface enables architecture and a set of standard Application Programming Interface (API) specifications to facilitate digital payments using a mobile phone.”

Regulations related to Non-Banking Financial Companies (NBFCs)

The primary document of legislation that governs the NBFCs is the Reserve Bank of India Act, 1934 and subsequent to other secondary master directions and rules and guidelines and circulars which regulates the licensing and operation of such companies in India. The RBI has formed a set of thresholds that are required to be fulfilled in order to determine whether a business entity is to classified as a “financial services company” which also requires a license. Majority of lenders that operate digitally fall under the ambit of the term ‘NBFCs’. The most important regulation that holistically governs NBFCs is the Master Direction – Non-Banking Financial Company – Systemically Important Non-Deposit taking Company and Deposit taking Company (Reserve Bank) Directions, 2016, Master Direction – Non-Banking Financial Company –Non-Systemically Important Non-Deposit taking Company (Reserve Bank) Directions, 2016, and Master Direction – NBFC – Acceptance of Public Deposits (Reserve Bank) Directions, 2016.

Master Directions related to P2P lending platforms

The Master Directions- NBFC- Peer to Peer Lending Platform Directions 2017 incentivized a whole lot of activities for P2P platforms. It provided the P2P platforms to act as an intermediary, such that it has to comply with certain strict legal requirements and has to conduct proper due diligence of participants that are using the platform to finance or borrow. The Master Directions make it mandatory for P2P portals to check the creditworthiness in a form of an assessment and perform risk profiling of the borrower’s business or project, and actively share the disclosures with the potential investors or lenders. Further, RBI regulations bar the P2P platforms from lending or raising deposits or cross-sell any product over the portal. They are not required to facilitate any credit guarantee or secured loans. Cross-jurisdictional flows of funds are barred as per the Master Directions. Therefore, in toto, the Directions prescribe the norms that govern lender exposure and aggregate borrowing thresholds in the context of workings of P2P lending platforms in the country.

Guidelines to govern Payment Aggregators/Intermediaries

The RBI’s circular related to“Directions on opening and operation of Accounts and Settlement of Payments for Electronic Payment Transactions involving Intermediaries” as on November 24, 2009, (“Payment Intermediary Circular”), which lays down the legal framework that applies to the operation of payment gateways and intermediaries in India. Such intermediaries are strictly subjected to be in compliance with guidelines related to the operation of intermediary systems in Inda as provided under the Payment Intermediary Circular.
According to the RB I’s recent discussion papers, it has been suggested that the payment gateways and aggregators form a significantly critical link in the transaction flow, and henceforth it is required to regulate the activities as fall under the ambit of the PSS Act, 2007. The RBI has provided that the established contemporary guidelines governing payment intermediaries and gateway providers have to be reviewed in its Monetary Policy Statement for 2018-19.

RBI Guidelines on Payment Banks

The Guidelines on operation of Payment Banks and Guidelines for Licensing of Payment Banks as provided under the RBI’s governing framework elucidates that the governing regulations and measures related to licensing and operation of payments banks in India. The guidelines, among others, lays down the criteria for eligibility for registration or permissible operation and further other such guidelines that govern the working of payment banks. The Reserve Bank of India provides the purpose of setting-up Payment Banks such that:

“Reserve Bank of India says ―The objectives of setting up of payments banks will be to further financial inclusion by providing (i) small savings accounts and (ii) payments/remittance services to migrant labour workforce, low income households, small businesses, other unorganised sector entities and other users.”

Anti-Money Laundering (AML) Regulations and Know Your Customer (KYC) Regulations

Know Your Customer (“KYC”) is a term that indicates the customer identification process. The KYC norms include the prudential efforts made to ascertain the identity and ownership source of accounts, source of funds, the nature of customer’s business, and accountability of operations in the account in connection to the customer’s businesses etc which further assists banking institutions to manage the risks reasonably. The purpose of the KYC guidelines is to avoid and prohibit banks from being used, specifically as criminal essential of money laundering.

The Reserve Bank of India issued the guidelines to banks under Section 35A of the Banking Regulation Act 1949 and Rule 7 of Prevention of Money-Laundering (Maintenance of Records of the Nature and Value of Transactions, the Procedure and Manner of Maintaining and Time for Furnishing Information and Verification and Maintenance of Records of the Identity of the Clients of the Banking Companies, Financial Institutions and Intermediaries) Rules, 2005.

The key takeaway regulatory guidelines that prescribe anti-money laundering (AML) norms for fintech services in India are part of the PMLA, the PML Rule and the KYC norms included in the Master Directions.

Data Protection Regulations and Rules

Fintech is a data-driven industry due to which it faces a challenge or risk related to the data ownership and its security. Such a risk can be superseded by taking certain legal and technical measures only. There are choices of cybersecurity measures that data labelling, optional information sharing and identified data shareholding, which can be the response to various data-driven challenges that the fintech space is facing.
Unauthorized access to customers’ data is a threat to data privacy, which actually violates the fundamental right to privacy, and therefore a significant challenge to the Fintech platforms engage in gathering and storing several forms of financial and behavioural data. India, right now, doesn’t have any comprehensive legislative or regulatory framework that governs data protection. The Information Technology Act 2000 and the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, contemporarily provide for the obligations of corporations or businesses to take reasonable measure in order to protect the personal data of consumers.

Further, the draft Personal Data Protection Bill, 2018, that is in pipeline can be best described such that:

“The draft Personal Data Protection Bill (2018) contains provisions that go beyond just the requirements of the IT Rules. The Bill specifies a notice and consent framework with explicit consent in the case of sensitive personal data. Explicit consent is understood as consent that is informed, clear, and specific along with being free and capable of being withdrawn.”

Recommended Readings:

  1. Aayush Rathi and Shweta Mohandas, Fintech in India: A study of privacy and security commitments, The Centre for Internet and Society, at https://cis-india.org/internet-governance/files/Hewlett%20A%20study%20of%20FinTech%20companies%20and%20their%20privacy%20policies.pdf (last accessed on 12/10/2019).
  2. Dr. R Srinivasan and Prof. M. Subramanian, Payment Banks in India – Demystified, SSRG-IJEMS, Vol. 2 Issue 12 (December 2015).
  3. Department of Payment and Settlement Systems, Discussion Paper on Guidelines for Payment Gateways and Payment Aggregators, Reserve Bank of India, at https://www.rbi.org.in/Scripts/PublicationReportDetails.aspx?UrlPage=&ID=943 (last accessed on 12/10/2019).
  4. Latha Ramesh and Yashika Gandhi, Reserve Bank Regulations for P2P lending platforms, Deccan Herald, at https://www.deccanherald.com/business/economy-business/reserve-bank-regulations-p2p-718950.html (last accessed on 12/10/2019).
  5. Rahul Gochhwal, Unified Payment Interface- An advancement in Payment Systems, American Journal of Industrial and Business Management Vol.7 Iss.10, 1174-1191, at https://www.researchgate.net/publication/320661583_Unified_Payment_Interface-An_Advancement_in_Payment_Systems (last accessed on 12/10/2019).
  6. Shilpa M. Ahluwalia & Himanshu Malhotra, Fintech 2019 in India, Golbal Legal Insights, at https://www.globallegalinsights.com/practice-areas/fintech-laws-and-regulations/india (last accessed on 12/10/2019).
  7. Shaikh Zoaib Saleem, What are prepaid payment instruments?, Livemint, at https://www.livemint.com/Money/Wq5AT6vx1JklC0lRSMbnSI/What-are-prepaid-payment-instruments.html (last accessed on 12/10/2019).