By Prabal Goel, Chief Compliance Officer – Business & Legal
In recent years, the financial technology (fintech) sector has seen exponential growth, revolutionizing the way we conduct financial transactions and manage our money. However, with innovation comes the need for regulation to ensure consumer protection, financial stability, and market integrity. In India, the Reserve Bank of India (RBI) plays a pivotal role in overseeing the fintech industry, setting guidelines and regulations to promote a safe and efficient ecosystem. Compliance with RBI’s guidelines is essential for fintech firms to thrive in this rapidly evolving landscape. RBI’s regulatory framework for fintech encompasses various aspects, including licensing, data protection, outsourcing, KYC, digital lending and customer due diligence. In recent years, RBI has been increasingly vigilant in assessing the compliance of fintechs with the regulations issued by RBI and has been proactive in taking measures to tackle non-compliance.
RBI regulates fintechs through a variety of instruments, including by use of Regulations (both statutory and non-statutory), Circulars (including Master Circulars), Circular Letters, Directions (including Master Directions), Guidelines, Policy Statements, Guidance Notes, Press Releases, Standards, Mailbox clarifications, Advisories, D.O. Letters, and General Instructions. A lot of these regulations govern certain types of fintechs directly; examples of these regulations would be NBFC – Peer to Peer Lending Platform (Reserve Bank) Directions, 2017 which governs P2P lending platforms. Sometimes, RBI regulates indirectly by regulating the banks and NBFCs associated with them. We see this in operation in the case of Directions on Managing Risks and Code of Conduct in Outsourcing of Financial Services by NBFCs, whereby RBI governs the party outsources any activities, generally performed by itself, to some other party.
RBI also constituted Regulations Review Authority 2.0 in 2021 in order to enable ease of compliance. This demonstrates an active push to ensure that the RBI is a step ahead of the curve to facilitate orderly growth of the banking and finance sector without curbing innovation. On the other hand, RBI has becoming increasingly tight in ensuring consumer due diligence and ensuring that the regulated entities follow RBI KYC norms scrupulously. Increasingly, RBI has reiterated its commitment towards ensuring no tolerance towards persistent non-compliance with its norms. Achieving and maintaining compliance with RBI’s regulatory guidelines can, sometimes, be a complex and challenging task for fintech firms, especially for startups and smaller players with limited resources and expertise and more particularly, in a business environment where the governance has, regrettably, had a history of prioritizing business revenues and efficiency ahead of compliance. To navigate the regulatory landscape effectively, fintech companies must invest in robust compliance frameworks, engage with regulatory authorities, and stay abreast of regulatory developments and updates. It is in this light that RegTech or the technology which makes regulatory compliance more efficient through automated processes and lowers the costs of compliance, acquires lot of currency.
It is anticipated that in coming years, RegTech would assume a vital role in the operations of several fintechs. The key drivers of RegTech have been and are expected to be technologies based around cloud computing, Big Data, API and most importantly, blockchain. The biggest roadblock to wider adoption of RegTech is the competencies around knowledge of the regulatory requirements. It is often seen that especially in case of regulatory interpretation, there are often ambiguities and despite the adoption of best drafting practices, even contradictions between regulations. In a business environment driven by startups with less than ideal compliance culture, reliance on RegTech, particularly cheap RegTech, can be disastrous, since such RegTechs may often have skimped on developing the regulatory knowhow. Again, a RegTech which provides solutions tempered by several qualifications about its capabilities, may not really be solving modern fintech regulatory compliance problems. Nevertheless, RegTech has the potential in standardized environments, which is reflected in the projected jump to the tune of 4 times its current valuation by 2028- the valuation of the industry, by some estimates, in 2023 is $1.37 billion in 2023 and is expected to swell to $6.64 billion by 2028. Whether this projected increase is ever achieved will be a question that time will answer, but one thing is certain- the success of RegTech as a method to achieve compliance will be determined by the agility of RegTech to keep pace with the ever-changing regulatory requirements.