Let us talk about E-Contracts (II): E-Commerce Business Models

Without any argument, new communication systems, especially digital payment technologies, have supplanted the snail-paced conventional systems of communication and transactions. Business communities and consumers are increasingly using digital means to send and receive information in electronic form. The reason is that the information technology (IT) has abridged the time and distance factor in transacting business. Nowadays, inflow and outflow of information have become instant and momentary. Therefore, one principal contribution of IT is in the field of contract-formation.

Electronic contracts (e-contracts) are born out of the need for speed, convenience and effectiveness. The law has already recognised contract-formation using facsimile, telex and other similar technologies.

Let us envision a contract between an Indian businessman and an English businessman. Away from digital means, one option is that one party first draws up two copies of the contract, signs them and sends (through postal or courier service) them to the other, who, in turn, signs both copies and sends one copy back. The other option would be that the two parties meet somewhere and sign the contract. However, within the digital world, the whole process can be completed in seconds, with both parties simply affixing their electronic signatures to the electronic copy of their contract. There is, thus, no need for tardy dispatching mechanism (postal or courier services) and/or supplementary travelling costs in such a situation.

Before proceeding with the E-Contracts, let us have a brief look at the basics of the business model and kinds of transactions under which e-contracts are mostly used.

E-Commerce Business Models

Electronic commerce (e-commerce), in a very general sense, refers to buying and selling products and services over the internet and the World Wide Web (www). E-commerce, however, in actuality, includes all forms of commercial transactions involving both—organisations and individuals—that are based upon the electronic processing and transmission of data including text, sound, and visual images; and involves transactions over the internet as well. In addition, e-commerce also refers to the effect that the electronic exchange of commercial information may have on the institutions and processes that support and govern commercial activities.

There are several ways of looking at e-commerce:

(1) From a communications perspective, it is the ability to deliver products, services, information, or payments via networks like the internet.

(2) From an interface view, it means information and transaction exchanges: business-to-business (B2B), business-to-consumer (B2C), consumer-to-consumer (C2C), and business-to-government (B2G).

(3) As a business process, e-commerce means activities that support commerce electronically by networked connections. For example, business processes like manufacturing and inventory and business-to-business processes, like supply chain management is managed by the same networks as business-to-consumer processes.

(4) From an online perspective, e-commerce is an electronic environment that allows sellers to buy and sell products, services, and information on the internet. The products may be physical, like cars; or services, like news or consulting, etc.

(5) As a structure, e-commerce deals with various media: data, text, web pages, internet telephony, and internet desktop video.

(6) As a market, e-commerce is a worldwide network. A local store can open a web storefront and find the world at its doorstep—customers, suppliers, competitors, and payment services. Of course, an advertising presence is essential.

Types of Online Transaction

Online transactions can be recognised and categorised in four ways:

Business to Customer (B2C)

It is the transaction where a business entity on one side and an individual customer, on the other hand, conduct business. The expression B2C has been commonly used to refer to a sale by a business enterprise or retailer to a person or ‘consumer’ conducted through the internet. For instance, Flipkart.com which provides facilities for customers to buy goods from the website—is an example of a B2C e-business. In this situation, the website itself serves the purpose of a shop. The B2C transactions can be in relation to both—tangible and intangible products. The focal point of this e-commerce application is on the consumer’s use of a merchant’s web storefront or website. Consumers from any place can browse and order for goods and services online at any time. B2C is an electronic equivalent of the conventional mail-order or telephone-based ordering system.

Business to Business (B2B)

It is the type of e-commerce where there is an exchange of products, services, or information between businesses using the internet, rather than between businesses and consumers. Alibaba.com is the prominent example of B2B model.

Customer to Business (C2B)

Customer to Business (C2B), also known as Consumer to Business, is the most recent e-commerce business model, where individual customers offer to sell products and services to companies that are prepared to purchase them. It is the opposite of the traditional B2C model. Example of this model is blogs or internet forums where the author offers a link back to an online business facilitating the purchase of some product (like a book on Amazon.com), and the author might receive affiliate revenue from a successful sale.

Customer to Customer (C2C)

It is the transaction which involves two or more customers with business entity merely providing a web-based interface to facilitate the consumer to consumer transactions (B2C). The expression C2C generally refers to the sale of a product pertaining to a consumer to another consumer either directly or through an intermediary exclusively dedicated for this activity. One best example of C2C website is Ebay.com, which is an online auction site, where any person can buy and sell, and exchange goods and articles using this website. This website provides the web-based interface (i.e. the website with its database and other functions) and users can transact freely with each other. Another example is Amazon, which in fact, acts as both a B2C and a C2C marketplace.

Recommended Readings

  • Alan Davidson, The Law of Electronic Commerce, Cambridge University Press, (2009).
  • R K Singh, Law Relating To Electronic Contracts (2017)

Let us talk about E-Contracts (I): Electronic agents and conclusion of online contracts

The advancements in the internet as means of facilitating contract formation does not, at first read, present a situation different from that applicable to a facsimile or telex. An e-contract can be created either via the exchange of e-mails or by the completion of a document as a website which is submitted to another party electronically. While it is true that to the great extent that e-contracts are modernised methods of contract formation but they don’t require any particular changes to the law. Still, there are some particular issues arising from their electronic form. This post will discuss the international instruments that provide legal recognition to e-contracts and very advanced facets of it.

A contract is concluded if the parties intend to be legally bound, and they reach a sufficient agreement. Conclusion of contract with offer and acceptance. A contract can be concluded by the acceptance of an offer.

There are various ways to conclude e-contracts. The significant and interesting ones are as follows:

Forming contracts via electronic communications (such as e-mails)

The simplest e-contract is concluded by the exchange of text documents via electronic communications, such as e-mail. Offers and acceptances can be exchanged totally by e-mails, or can be combined with paper documents, faxes, telephonic discussions, etc.

Acceptance of orders placed on online marketplaces

The vendor/ supplier can offer goods or services (such as air tickets, software, etc.) through his website. The vendee, in such cases, places an order by completing and transmitting the order form provided on the website. The merchandise may be physically delivered later (e.g., in case of outfits, CDS, books, etc) or be immediately delivered electronically (e.g., in case of e-tickets, software, etc).

Online agreements

In some cases, users are required to accept an online agreement in order to be able to avail the services e.g. clicking on ‘I agree’ while installing software or clicking on ‘I agree’ while signing up for an e-mail account.

The electronic data interchange (EDI)

It is the inter-process of communication of business information in a standardised electronic form. That is, they are contracts used in trade transactions which enable the transfer of data from one computer to another in such a way that each transaction in the trading cycle (for example, commencing from the receipt of an order from an overseas buyer, through the preparation and lodgment of export and other official documents, leading eventually to the shipment of the goods) can be processed with virtually no paperwork. In this case, the data is formatted by means of standard protocols, so that it can be implemented directly by the receiving computer. EDI is, frequently, used to transmit standard purchase orders, acceptances, invoices, and other records, and thus, reduces paperwork and the potential for human errors. In this type of contracts, in contrast to the above methods, there is an exchange of information and completion of contracts between two computers and not an individual and a computer.

Through electronic agents/ bots

It is possible for computer users to instruct the computer to carry out transactions robotically. For instance, in today’s supermarket, the computer updates its inventory as items are scanned for sale. When the stock of an item falls to a predetermined level, the computer is programmed, without human involvement, to contact the computer of the supplier and place an order for replacement stock. The supplier’s computer, exclusive of human intervention, accepts the order and the next morning automatically prints out worksheets and delivery sheets for the supply and transport staff.

These electronic agents are programmed by and with the authority of the purchaser and supplier. The legal status of electronic agents has not been clarified by the courts, but the most common view is that like any other piece of equipment under the control of the owner, the owner accepts responsibility. A computer is a tool programmed by or with a person’s authority to put into operation their intention to make or accept contractual offers.

According to Russell and Norving, ‘An agent is anything that can be viewed as perceiving its environment through sensors and acting upon that environment through effectors. A human agent has eyes, ears, and other organs for sensors, and hands, legs, mouth, and other body parts for effectors. A robotic agent substitutes cameras and infrared range finders for the sensors and various motors for the effectors. A software agent has encoded bit strings as its percepts and actions.’

Such electronic agents and devices have features which facilitate humans in their normal interaction and functions, such as, intelligence, autonomy and pro-activeness. The idea of having intelligent systems—to assist human beings with routine tasks, to shift through an enormous amount of information available to a user and select only that which is relevant—is not novel and a lot of work and results have already been achieved in the field of artificial intelligence (‘AI’).

Legal recognition of electronic agents

The E-COMMERCE DIRECTIVE 2000/31/EC of The European Parliament and of the Council of 8 June 2000 does not take in hand the issue of automated transaction made through electronic agents. The explanatory notes of the proposal of the Ecommerce Directive state that the Member States should refrain from preventing the use of certain electronic systems such as intelligent electronic agents for making a contract. But, the final version makes no reference to electronic agents in the main text or in the recital. The deletion of the proposed text furnishes a sign of the EU’s failure to respond to the tremendous growth of e-commerce. It is also not in consonance with the preamble to the Directive, which states that the purpose of the Directive is to stimulate economic growth, competitiveness and investment by removing many legal obstacles to the internal market in online provision of electronic commerce services. However, the exclusion of the provision giving legal recognition to electronic agents is a step backwards and a failure to recognise the role of electronic agents in fostering the development of e-commerce such as lower transaction costs, facilitate technology and adherence to international conventions.

The United Nations Convention on the Use of Electronic Communications in International Contracts 2005 (hereinafter referred to as the ‘UNCUECIC’) contains provisions dealing with issues such as determining a party’s location in an electronic environment; the time and place of dispatch and receipt of electronic communications and the use of automated message systems for contract formation. Art.12 of the UNCUECIC, which deals with the use of automated message systems for contract formation, states, ‘A contract formed by the interaction of an automated message system and a natural person, or by the interaction of automated message systems, shall not be denied validity or enforceability on the sole ground that no natural person reviewed or intervened in each of the individual actions carried out by the automated message systems or the resulting contract.’ The objective behind the adoption of the uniform rules was to remove obstacles to the use of electronic communications in international contracts, including obstacles that might result from the operation of existing international trade law instruments, and to enhance legal certainty and commercial predictability for international contracts and help States gain access to modern trade routes.

In the USA, the Uniform Electronic Transactions Act, 1999 (UETA) expressly recognises that an electronic agent may operate autonomously, and contemplates contracts formed through the interaction of electronic agents and those formed by the interaction of electronic agents and individuals.

Section 14 of the UETA reads as follows:

In an automated transaction, the following rules apply:

(1) A contract may be formed by the interaction of electronic agents of the parties, even if no individual was aware of or reviewed the electronic agents’ actions or the resulting terms and agreements.

(2) A contract may be formed by the interaction of an electronic agent and an individual, acting on the individual’s own behalf or for another person, including by an interaction in which the individual performs actions that the individual is free to refuse to perform and which the individual knows or has reason to know will cause the electronic agent to complete the transaction or performance.

(3) The terms of the contract are determined by the substantive law applicable to it.

Section 14 of the UETA, which is based upon Article 11 of the UNICTRAL Model Law on Electronic Commerce, deals with ‘automated transaction’. This Section states that contracts can be formed by machines functioning as ‘electronic agents’ for parties to a transaction. It wipes out any claim that lack of human intent, at the time of contract formation, prevents contract formation. When machines are involved, the requirement of intention flows from the programming and use of the machine. It is quite evident that the main purpose of this provision of the UETA is to remove barriers to electronic transactions while leaving the substantive law, e.g., law of mistake, law of contract formation, unaffected to the greatest extent possible. Also, the Uniform Computer Information Transaction Act (UCITA) also has provisions supporting the ability of electronic agents to make binding contracts.

Recommended Readings

  • Wooldridge & Jennings, ‘Intelligent Agents: Theory and Practice’, Knowledge Engineering Review, (June 1995) Vol. 10 No. 2, Cambridge University Press (1995).
  • Alan Davidson, The Law of Electronic Commerce, Cambridge University Press, (2009).
  • R K Singh, Law Relating To Electronic Contracts (2017)

Public health surveillance in India: concerns of an individual’s liberty and privacy amid a pandemic

(This article extensively borrows from another article that authors wrote for and first published on the Leaflet)

The world is grappling with the kind of situation that it has never seen before. The rapid pace of COVID-19 spread made it necessary for the governments around the world to use extreme means and measures that would otherwise be considered Orwellian. These emergency measures by the governments are attempts to effectively enforce a lockdown and strictly prohibit movement of the citizens in a bid to break the chain of infection.

As Governments are attempting to contain the contagious virus, the use of technology for monitoring people undergoing quarantine has doubled in order to combat the spread of the virus. Ordinarily, under such developing Orwellian state of affairs, civil liberty activists and privacy advocates stir commotion; considering the scale of the crisis, they seem to tacitly embrace these measures. It is obvious that this pandemic is reshaping our relationship with surveillance technology, albeit to the fear of some the surveillance that could become a norm.

World under surveillance

Across the globe, countries are expansively deploying tech-enabled surveillance infrastructure of Face Recognition Technology (FRT) based CCTVs, drones and cell phone tracking devices for contact tracing and enforcing quarantine. Growing number of countries such as Israel and South Korea are ‘contact tracing’ using mobile applications or cell phone records. It is a process of mapping travel history of an infected person by analyzing location records of the cell phones. It is followed by pinpointing the other contacts for quarantine that might have come in contact with such a person. Meanwhile, Taiwan has gone a step further in quarantining the traced contacts by deploying an ‘electronic-fence’. If a mobile user’s SIM card is tracked beyond the reach of a network station or found to be switched off, law enforcement authorities quickly approach the suspect.

In India, law enforcement authorities across the nation are increasingly using technology to monitor and restrict the spread of the virus. In several states such as Rajasthan, Punjab and Delhi, local authorities have published a list of personal details, in online media and newspaper, of those suspected or infected of COVID-19. The Karnataka government has taken this to an inordinate level by mandating all quarantined persons to send a selfie with geo-tags through an official app named ‘CoronaWatch’ every hour, except between sleeping time 10 PM to 7 AM. Now, the Ministry of Electronics and Information Technology (MeitY) has also launched an app- ‘Aarogya Setu’, which uses Bluetooth and GPS to alert an individual if they come within six feet of a Covid-19 infected person.

The case of “Public Health Surveillance”

Law enforcement agencies of different countries are carrying out tech-enabled surveillance on their citizens to ensure compliance with the rules of social distancing and lockdown. In normal times, such measures are targeted against terrorists or criminals; while also scrutinized vide privacy and civil liberty concerns.

However, even the World Health Organisation (WHO) has sought to play down privacy concerns in these unprecedented times, by terming the measure as “public health surveillance”. The WHO has simply legitimized the governments’ argument that the extraordinary situation of COVID-19 pandemic necessitates the use of an extraordinary measure of mass surveillance. The public health emergency of such magnitude is being touted as a valid justification for deploying tech-enabled mass surveillance and subversion of individual rights.

Is surveillance a matter of concern for India?

There are certain unique reasons due to which implementation of these emergency measures, in India, are worrisome.

No clarity on the legal basis for surveillance measures

Firstly, in India, neither the central government nor the state governments have provided any legal basis for directing such tech-enabled surveillance measures. For instance, neither of the official press release of the Aarogya Setu app and Karnataka’s ‘mandatory selfie direction mention any legal grounds for such directions nor have they provided any privacy policy with it. The absolute abandonment of civil liberties and privacy in the interest of public health, without the bare minimum legal foundation, portends negative consequences

The government has invoked the Epidemics Diseases Act, 1897 and Disaster Management Act (DMA), 2005 to deal with the COVID-19 outbreak. Both, the colonial era Epidemics Diseases Act and NDMA, do not cover surveillance in their scope. Although, there is an argument that basic residuary power to take ‘necessary’ steps to curb the spread of virus, under the mentioned laws accord a legitimate authority to government for surveillance.

It is unclear why the government has not availed these very basic residuary powers to also notify the standing rules on privacy or lawful manner of deployment of tech-enabled surveillance measures. As a natural consequence, government directives infringing an individual’s right to privacy cannot be tested for their legality without any standing rules for arbitrariness and lack of accountability. This is particularly dangerous in a country like India where a data protection statute does not exist.

The use of unregulated novel technologies for surveillance provides no legal checks and oversight

Secondly, the details regarding the technological capabilities of the government for surveillance are largely a secret. It is the sudden outbreak of pandemic that has forced the government to openly introduce a deluge of unregulated, contemporary and emerging technologies for mass surveillance. There is a growing concern among certain privacy advocates that the tech-enabled surveillance could persist beyond the pandemic once it gets accepted and normalized in the present emergency times. History is witness that world’s most dictatorships and authoritarian regimes emerge amid the crises.

There is no information available about the extent and scope of the government’s capability and techniques. The secrecy about the techniques of surveillance impedes the legislative checks or institutional audits. If the public is unaware of how a technology works (due to non-disclosure by the Executive), the said manner of surveillance then cannot be even challenged in a court of law. Therefore, such secrecy is nullifying the system of checks and balances in favor of the ever-augmenting executive power.

Several surveillance techniques are disproportionate and unnecessary

Thirdly, due to the use of technologies of varying level of invasiveness, there are doubts regarding the necessity and proportionality of such measures in relation to the right to privacy and individual liberty.

The Puttaswamy (I) judgment upheld, explicitly recognized in reference to public health, that to legitimately restrict fundamental rights such as privacy and liberty for implementing a measure, such measure should be proportionate in nature. In the case, the SC held that a government measure is proportionate if it satisfies following four criteria: 1) that the measure should pursue legitimate purpose; 2) that the measure should be rationally connected to the purpose; 3) that there should no less intrusive alternative measure available; 4) that the measure should accrue public benefit greater than the extent of infringement of a constitutional right.

More than half of the population of the country doesn’t have access to the internet services. In the context of such a scenario, how is surveillance through mobile application is a necessary measure? Further, several state governments are taking extreme measures of disclosing the home addresses and other personal details of infected and suspected persons, which grossly fall afoul of three prongs of the constitutional test upheld in the Puttaswamy I judgment. An obviously lesser intrusive measure such as informing at a locality level about the presence of infected cases in areas could have sufficed. Allahabad HC also held such practices, publishing personal details of anti-CAA protestors in public, of the UP government as “arbitrary invasion of privacy”.

Karnataka has rolled out a mobile application which comprehensively discloses the location history and home addresses of persons infected and quarantined. Also, some of the states are publicly listing such details wide in social media channels. Such invariable disclosure of private information of infected and suspected persons has prompted concerns and possibilities of social intimidation.

There have already been reports from across the nation of infected and suspected patients facing the stigmatisation, and various forms of discrimination which are further resulting in a negative social impact. For instance, in Maharashtra, public listing of coronavirus suspects on social media led to several cases of forceful eviction of quarantined people by their landlords.

Such events question the proportionality and necessity of the measure as it would have been a satisfactory measure if the government has alternatively chosen a lesser intrusive measure.

Ways to resolve the concerns

There is no denying that certain limitations can be imposed on civil liberties given the urgency of the COVID-19 crisis. However, in a democratic set up like India it is expected from the government that its actions should be transparent and provide a window to the public to assess the government’s accountability. All the worrisome aspects related to public health surveillance measures can be subdued by making concerted efforts to introduce legal backing for its actions, to establish institutional oversight and to use the least intrusive means.

For providing the legal basis, the government can issue the standing rules that would lay down the legal and accountability measures for the responsible local authorities undertaking public health surveillance. The governments should avail the residual powers under the NDMA and the Epidemic Diseases Act to also issue the ad-hoc rules and guidelines in addition to the emergency surveillance measures. These rules and guidelines will provide the mechanism under which surveillance can be carried out without causing deterrence to an individual’s privacy and liberty.

The government can presently provide such ad-hoc rules for privacy protection based on similar principles as delineated in the Personal Data Protection Bill 2019 (“PDPB 2019”) for the data collection during health emergencies. Clause 12 of the PDPB 2019 exempts the data fiduciaries from taking consent under urgencies like pandemic, but strictly imposes requirements of data minimization or purposes limitation, lawful processing, transparency and accountability. Introduction of such principles will ensure that the information collected surveillance is being handled under the constitutional checks to maintain privacy as much as possible

Such ad-hoc rules will obligate the government as a data fiduciary to follow principle of purpose limitation such that the authorities should only collect the minimum possible data which is sufficient for tracing contact, enforcing quarantine and any other lawful and specific purpose. The government shall use the anonymised data only and adopt all security measures to prevent leaks and maintain confidentiality of personal data of data subject. The rules will also mandate the government to delete the collected data at the earliest after it has been used for the specified purpose. This will automatically shun away the emerging concern that the surveillance’s effect could persist beyond pandemic. Further, it will inhibit the misuse of personal data and abuse of surveillance measures.

The surveillance measures aim to keep people in quarantine and check the spread of infection for their benefit, therefore it is suggested that the government should hold no secrets about its surveillance techniques and manners. It should adopt a method of “Public Notice” system such that the local district administration has to notify the model of surveillance to the public before conducting surveillance.

At the very least, this notice should disclose the legal rules governing the tech-enabled surveillance measure, and its purpose. It should be clear on the authorization required for the retention, access, and use of information collected through the use of such novel technology. Such a notice would provide the transparency in the process of imposition of surveillance and allow the legislature and public to exercise meaningful control and oversight over the manner of deployment of unregulated technologies for surveillance.

Parting note

Unarguably, the present situation calls for the governments to take substantial measures to protect the lives and health of public at large, but this should not happen in the utter disregard of constitutionally recognized rights to privacy and individual liberty. The policies and techniques of government should be legitimate and proportionate in order to maintain the democratic principles of public trust and transparency. There is no hard choice between public health and individual’ right to privacy and liberty. Both can mutually co-exist under the legal framework that guarantees the challenge to unnecessary expansion of the surveillance regime.

As pointed out by Deborah Brown, senior digital-rights researcher at Human Rights Watch, “surveillance measures should come with a legal basis, be narrowly tailored to meet a legitimate public health goal, and contain safeguards against abuse”.

Therefore, the government should definitely focus on the situation of urgency for many, instead of investing focused efforts in ensuring rights for few but should not absolutely ignore its accountability towards any section of the community. These fundamental rights are lung to the edifice of our entire constitutional system. The government should make efforts to prevent any injuries to it as much as possible.

Simplifying FinTech and FinTech Laws: Trends and Regulatory Challenges related to FinTech in India

In the second quarter of 2019, Indian mobile payment leader PayTM surpassed China in the number of deals. Such a feat has been achieved while India is still an evolving fintech market in comparison to the developed fintech market like China. Red-tapism and the immense number of laws are the reasons of slow down for the FinTech market in India, but strict regulations are inevitable when it comes to a financial or technological company. The Steering Committee on FinTech related issues constituted by the Ministry of Finance, Department of Economic Affairs, submitted in September 2019 its report indicating various trends and challenges related to FinTech in India. This post discusses the same in brief. This post is the second one in the series of ‘Simplifying FinTech and FinTech Laws’.

Suggestion by the Steering Committee on Issues related to FinTech
Suggestions by the Steering Committee on Issues related to FinTech. Source: Economic Times

Trends related to Fintech in India

The FinTech sector in India is thriving and growing expansively, enabled by a large consumer base, innovatively boosted startups and balanced regulatory policies in the form of ‘Digital India’ programme. The Indian Fintech industry has grown by 282% in the last decade and has reached the valuation of USD 450 million in 2015. Currently, there are more than 400 fintech companies that are working in India and the investments are to be fueled with 170% by 2020. The Indian fintech market is expected to grow by USD 2.4 million by 2020 from the present USD 1.2 billion, as per NASSCOM report. The transactional value of Indian fintech sector is evaluated to be USD 33 billion in approx in 2016 and is further forecasted to reach the point of USD 73 billion by 2020.

Figures based on banks people per bank
Source: Bloomberg

FinTech facilities in India

The primary facilities offered by companies operating in the space of fintech are:

Pre-paid Payment Instruments

Also known as PPIs, this instrument enables the user to engage in the purchase of products that include products relating to financial services as well. To be able to purchase the products, a value entered into the e-wallets in the PPIs so as to make purchases against that value. There are 3 types of PPIs: Closed, semi-closed and open systems. Depending on the type, one may also have the facility to withdraw cash from the PPIs. Other than the banks, they can only be issued by institutions authorized to function in the arena of e-wallets or pre-paid card services.

UPI Payments

Managed by the National Payments Corporation of India, the UPI (Unified Payment Interface) provides a platform for quicker real time-based transactions, facilitating ease for the smartphone users to enter into multiple transactions with a lower cost than what the traditional method demands. Constituting a major part of the consumer behaviour in the market, the UPIs enable universality to the transactions they wish to enter in and engage in the greater number with the traders.

Digital Transactions

In the traditional financial market, it was only the banks that could lend money. However, with the convergence of technology and financial market, loans nowadays are even dispersed by non-banking financial companies, also known as NBFCs. The NBFCs with their interactive and user-friendly applications have attracted wide userbase in the digital arena to enter into credit purchasing, loan system after verification.

Lending Platforms

These lending platforms offered are Peer to Peer based. Such platforms bring together willing lenders and borrowers to enter into regulated transactions. As per the guidelines issued by RBI in this regard, the lending platforms can only be offered by the registered non- banking companies in India.

Online Sale and Purchase

The recent trends amongst many have also been that of online sale and purchase. To facilitate the same there requires to be a system whereby an entity collects payments form the purchases and send it across to the sellers. The entities involved in this function are known as payment aggregators or intermediaries. These entities electronically consolidate the payments done and transfer the same to the sellers.

Banking Services

Once begun as a measure to penetrate into the grassroots level of society the banking system and provide ease to the customers, digital banking services by the payment banks have now become a feature of the payment banks. The RBI has allowed payment banks to offer basic services involved in smooth banking by the customers online. This includes facilities such as accepting deposits (though RBI has placed a limit on it), view transactions, transfer funds, etc. However, this arena remains strictly regulated for not all facilities remain digitally available such as issuing credit cards.

FinTech Investments by US Banks
Source: Bloomberg

Regulatory Challenges to Fin-Tech in India

While in India, digital finance firms are thriving as the government is continuing to issue pro-startup regulations and policies, the central regulatory body for Fintech i.e. the Reserve Bank of India, still suffers due to a traditionally rooted and established infrastructure which cannot be easily replaced with the updated regulatory framework that matches the advancements of technology.
Indian market is already recognized as the conservative and restrictive market and henceforth makes it difficult for Fintech firms to further instil the confidence in adopting the Fintech services in the absence of any concrete regulatory framework.
The commendable steps have been taken by the Indian government and regulatory institutions in a prompt manner, however, policies and regulations have to match the pace with which technological advancements in the finance sector taking place. This is much needed to ensure secure a transparent growth of Fintech in India.

Regulatory Uncertainty in the Fintech Sector

The foremost challenge that the regulator for the fintech sector has to dealt with by it the lack of regulations. Moreover, if there are regulations then to consolidate them is another major challenge. There is a requirement to “to support the formulation of policies that foster the benefits of fintech and mitigate potential risks”. Henceforth, a regulator or policy-maker has to work in the directions of “the modification and adaptation of regulatory frameworks to contain risks of arbitrage, while recognizing that regulation should remain proportionate to the risks.”

Digital On-boarding and Financial Inclusion

The two significant challenges that one can see as the huge mountainous tasks in the Indian context are: firstly, making the fintech platforms accessible to every Indian and secondly, analyzing the risks that are potentially present in trying out a scheme to provide digital onboarding. The Supreme Court recently decided upon the constitutionality of the Aadhaar, the ambitious government project to provide a unified identity. Aadhaar has been held constitutional but Section 57 of the Aadhaar Act was struck off. Section 57 provided the mandatory verification and linking procedure for consumers to avail a company’s service. The judgment is having serious implications on the government’s efforts to provide frictionless onboarding of consumers.

“The judgement impacted the delivery of financial services across verticals including bank account opening, loans, mutual funds and insurance. Though the judgement allows voluntary use of Aadhaar by consumers, there are multiple interpretations of it and the Unique Identification Authority of India (UIDAI) has resorted to safer approaches to avoid any more legal battles and stopped services to private entities altogether.”

Low Credit for Startups

Investors in the market are now hesitant to invest in fintech startups. The investors are baulking as there have been quite a number of bad loan incidents. The big setback to the fintech industry as well as the financial sector came into the form of IL&FS breakdown. The company defaulted against the inter-corporate deposits and commercial papers or borrowings. The incident has affected the whole fintech industry as the crisis included lending businesses that were key to a number of NBFCs as a funding source.

e-NACH crisis

The Apex Court’s judgment brought down to stoppage, another popular mode of financing which is also the foremost mode of debit for lenders, MFs and insurance, as in pulling money from customer’s account. This is yet another judgment that has slowed down the advancement and has promoted the traditional manner of physical registrations.

Data Protection

Both the traditional banking system and the fintech services gather a large number of data records from various of their clients, which contains a profile of behavioural and financial information. Though the utility of such data is positive when it is used for a specific purpose of improving the services, it leads to giving way to a heap of privacy issues as well, especially when the financial service provider engages a third party’s technology services.

The judiciary recognized the risk of data privacy to the banking sector’s consumer in the case of Punjab National Bank v Rupa Mahajan Pahwa, “in which Punjab National Bank had issued a duplicate passbook of a joint savings bank account, held between the petitioner and her husband, to an unauthorized person”.

Other Challenges to the Fintech system in India

In terms of regulatory standards, India lacks in providing a comprehensive cybersecurity framework to reduce the cyber-crime issues. The competition law has also, in some sort of stages, have failed to control the domination of certain advance fintech NBFCs.

Recommended Readings: