Enter sandbox


Dear Editor,

In an article on the regulatory sandbox proposed by the Reserve Bank of India (RBI), Shilpa Mankar Ahluwalia gave a comprehensive overview on the guidelines. While she raised concerns such as restrictive eligibility criteria, protection of data, exclusion of cryptocurrency from the purview of the RBI’s sandbox, necessity to work with other market regulators and transparency in selection process, there are other legal and regulatory gaps under: 1) RBI’s draft enabling framework for regulatory sandbox (RBI framework); 2) innovation sandbox introduced by the Securities and Exchange Board of India (SEBI Framework) and 3) draft Insurance Regulatory and Development Authority (IRDAI regulatory sandbox) Regulations, 2019.

Lessons from global regulators who have experimented with sandboxes in emerging and developed economies may be applied in further refining the frameworks.

First, clauses 6.2 and 6.6 of the RBI framework are uncertain on whether the RBI can provide legal waivers or regulatory relaxations during the sandbox period. The guidelines require unambiguous drafting for regulatory clarity.

Second, the RBI framework is restrictive by allowing only startups to participate and imposing a high financial threshold of ₹500,000 (US$6900) for entry. This is different from SEBI and IRDAI frameworks, which are inclusive and do not impose such barriers to entry, focusing exclusively on innovation. The RBI must relook at its eligibility criteria to bring uniformity in approach with other regulators.

Third, issues such as, 1) leak of customer related confidential information, 2) taking customer consent before using their data during sandbox period, and 3) affixing responsibility for leaks, is not dealt appropriately under any framework. SEBI framework envisions a confidentiality agreement and an IRDAI report by Randip Singh Jagpal mentioned affixing responsibility for data preservation with customers or third-party vendors. However, this does not find any place under the current frameworks and it severely undermines the privacy of customers and risks intellectual property rights violations.

Fourth, the duration of sandboxes under the frameworks are different with the RBI allowing six months plus an extension, SEBI allowing 24 months and the IRDAI allowing 12 months. Such short periods may not be enough to gauge the benefits or risks of innovative technology. The sandbox duration could be proposed by the applicant, or kept flexible, changing on a case-to-case basis.

Fifth, the RBI framework has list of negative products, services, technologies that cannot be tested in sandboxes. However, the SEBI and IRDAI frameworks do not envisage such lists, which lead to contradictions in positions taken by different regulators. Other regulators can either provide a similar negative list or permit everything to be experimented. For example, the risks or benefits associated with virtual currencies (under the RBI’s negative list) can only be identified by allowing its operation in an isolated environment with minimal effect on markets and consumers. A relook at the negative list is also important for global parity since the UK allows virtual currency in sandboxes.

Sixth, India must enter into fintech bridge agreements such as the ones between UK and Australia and Hong Kong and UK, which enables it to actively collaborate with world governments, Fintech industry bodies, regulators and companies in the sector, while learning and adopting suitable models for growth of its own Fintech sector.

Seventh, for regulatory clarity or uniformity, the three frameworks must be consolidated under one set of guidelines headed by a common body comprising representatives from all regulatory bodies with the sole objective of promoting innovation and providing benefit to customers.

Finally, to reduce subjectivity and discretion under the frameworks, regulators must publish template application forms and disclose composition of the fintech unit (in case of the RBI Framework). The RBI and IRDAI may consider adopting the objective and key result areas document envisaged under the SEBI framework, which will provide an objective oversight of the sandbox process.

Ayushi Mishra
Shardul Amarchand Mangaldas & Co
New Delhi New Delhi


We want to hear from you.
India Business Law Journal welcomes your letters.
Please write to the editor at IBLJ@vantageasia.com

Letters may be edited for style, readability and length, but not for substance.

Due to the quantity of letters we receive, it is not always possible to publish all of them.