In the recent past, the adoption of technology has caused significant disruption in financial services sector and the financial ecosystem as a whole. New age Indian companies are developing various technological solutions to address existing gaps in the financial market including access to credit, adoption of digital payments, sale of financial products on e-commerce platforms, etc. With a view to encourage and support adoption of such technological solutions in a structured manner, three Indian financial services regulators, Reserve Bank of India (RBI), Securities and Exchange Board of India (SEBI), and Insurance Regulatory and Development Authority of India (IRDA) have proposed establishment of their respective regulatory sandboxes, which are controlled environments for live testing of new products, processes, or services for which appropriate regulatory relaxations could be considered by the regulators.

The Pension Fund Regulatory and Development Authority had also released the final report of its constituted group on regulatory sandbox, and may issue draft regulations in the near future. The proposals from various regulators on regulatory sandboxes are pursuant to the recommendations made by the inter-regulatory working group on fintech and digital payments set up by the RBI in July 2016. Regulatory sandboxes are intended to encourage innovative use of emerging technology which could potentially benefit Indian consumers, and result in deepening penetration of financial services in India.

Key proposals

The table below outlines the key aspects of regulatory sandboxes proposed to be introduced by RBI, SEBI, and IRDA.

Type of fintech solutions
  • Innovations in retail payments, digital know-your-customer (KYC) solutions, cyber security products, data analytics, applications under blockchain technologies, microfinance, innovative small savings, remittances, mobile banking, and artificial intelligence are permitted for sandbox testing
  • Fintech solutions relating to credit registry, credit information, cryptocurrency, crypto asset services, initial coin offerings, and chain marketing services will not be accepted for testing
  • Innovations which provide identifiable benefits to the securities market, and result in increased financial inclusion, especially in tier 2 and 3 cities and rural areas
  • Solutions should be beneficial to investors, capital raising entities, and Indian capital market and economy
Insurance technology solutions which are beneficial to policy holders, including insurance solicitation or distribution, insurance products, underwriting, and policy and claims servicing
Scope of regulatory relaxations
  • Regulatory relaxations may be considered on a case-to-case basis and will expire at the end of the sandbox process
  • No regulatory relaxations will be entertained for compliance with data protection and privacy laws, KYC, anti-money laundering (AML), and combating of financing of terrorism (CFT) requirements
  • Regulatory relaxations may be considered on a case-to-case basis during testing period
  • Indicative list of relaxations include stipulations pertaining to maintenance of net worth, track record and financial soundness, payment of registration fees, and applicability of guidelines issued by SEBI such as those pertaining to technology risk management and outsourcing
  • No regulatory relaxations will be entertained for compliance with data protection and privacy laws, KYC, AML and CFT requirements, risk checks, handling of customer's assets by intermediaries, and principles of investor protection framework
  • Regulatory relaxations may be considered on a case-to-case basis for a maximum period of 1 year
  • No regulatory relaxations will be entertained for compliance with data protection and privacy laws
Key eligibility conditions for sandbox testing applications
  • Only a start-up as defined by the Government of India can apply (i.e. entities not older than 7 years which have not generated annual turnover exceeding INR 25 crores in the past)
  • Applicants should have net worth of at least INR 50 lakhs
  • Compliance with 'fit and proper' criteria by promoters and directors
  • Testing process will begin with 10-12 selected applicants
  • Only a SEBI registered market participant can apply either on its own, or through a fintech firm
  • Market participants include merchant bankers, underwriters, portfolio managers, stock brokers, share transfer agents, debenture trustees, and investment advisers
  • Insurance companies and insurance intermediaries can apply
  • Insurance intermediaries include insurance brokers, corporate agents, third party administrators, surveyors and loss assessors
  • Any entity having a net worth of at least INR 10 lakhs can also apply
  • Application fees of INR 10,000 plus taxes
Broad overview of process and timelines
  • Process overseen by the Fintech Unit of RBI
  • Cohort approach to be followed wherein applications will be accepted and processed during specified periods to be announced
  • Process would span across 5 stages with a proposed timeline of 6 months
  • Process overseen by the Market Regulation Department of SEBI with guidance from the Committee on Financial and Regulatory Technologies of SEBI
  • Rolling approach to be followed wherein applications can be made anytime
  • Process would span across 3 stages with a proposed timeline of around 12 months
  • Process overseen by chairperson of IRDA
  • Cohort approach to be followed
  • Testing to span across 5 stages with a proposed timeline of 6 months
  • Process would broadly span across 3 stages with testing timeline of 6 months
  • No visibility on application, review, and evaluation timelines
  • Draft IRDA regulations indicate that sandbox framework will remain in force for a period of 2 years only

SEBI's Innovation Sandbox

In addition to its proposed regulatory sandbox, SEBI has also exercised its powers under the Securities and Exchange Board of India Act, 1992 and the Depositories Act, 1996 to direct stock exchanges, depositories, and registrar and transfer agents to implement a framework for an 'innovation sandbox', under which any person not regulated by SEBI may test fintech solutions for the securities and commodities market by using securities market related data (including data relating to depository holding, KYC, trading, and mutual fund transactions) made available by such exchanges, depositories, and agents. Such data is proposed to be shared for offline testing purposes (outside the live market) through application program interface (APIs) which would be circulated to selected applicants. SEBI has mandated formation of an independent governance body and a steering committee (consisting of representatives of stock exchanges, depositories, and registrar and transfer agents) to supervise the operation of the innovation sandbox, and issue related operating guidelines. SEBI has also prescribed that the entire sandbox participation process must be implemented in a digital environment, and must be completed within a period of 2 years.


The proposals by various financial services regulators on regulatory sandbox should encourage fintech start-ups and businesses to develop and explore innovative products and services while liaising with the regulators. Financial services regulators are now looking to follow an experimentation-based approach (as against a ban-first, regulate-later approach) to regulation making based on empirical evidence collected pursuant to the testing of technological solutions in the market. This is an encouraging sign. Having said that, the net worth eligibility criteria proposed by RBI and IRDA for participation in the regulatory sandbox may act as entry barriers for genuine fintech start-ups who are still in the stage of tech development, and have not raised investments for their proposed businesses. The proposal by IRDA to limit its regulatory sandbox for a period of 2 years may potentially impede the intended benefits of the sandbox, and affect its continuity in the long term. Overall, the introduction of regulatory sandboxes as a concept in the Indian financial market is an extremely positive development. While the specifics of each sandbox will evolve over time, the regulators should be lauded for taking this promising step.

The content of this document do not necessarily reflect the views/position of Khaitan & Co but remain solely those of the author(s). For any further queries or follow up please contact Khaitan & Co at