IFSCA Issues Framework for FinTech Entity in International Financial Services Centers (IFSCs)
The International Financial Services Centres Authority (IFSCA), in furtherance of its mandate to develop and regulate financial products, financial services and financial institutions in the International Financial Services Centres (IFSC) and to encourage promotion of financial technologies (‘FinTech’) across the spectrum of banking, insurance, securities, and fund management in IFSC has issued a detailed “Framework for FinTech Entity in the IFSCs”.
The “Framework for FinTech Entity in the IFSCs” is aimed at giving boost to the establishment of a world class FinTech Hub at GIFT IFSC comparable with other International Financial Centers (IFCs). The framework proposes to cover (i) financial technology (FinTech) solutions resulting in new business models, applications, process or products in areas/activities linked to financial services regulated by IFSCA and (ii) advanced/innovative technological solutions which aid and assist activities in relation to financial products, financial services and financial institutions (TechFin).
The framework provides for a dedicated Regulatory Sandbox for FinTech products or solutions namely IFSCA FinTech Regulatory Sandbox and empowers IFSCA to grant Limited Use Authorization within FinTech Regulatory Sandbox to the eligible financial technology entities in IFSC. This would enable them to apply and avail Grants under the IFSCA FinTech Incentive Scheme 2022.
Further, it also enables some class/categories of technology companies having (i) a deployable advanced/innovative technology solution which aids and assists activities in relation to financial products, financial services, financial institutions and, (ii) credible track record including financial performance, to obtain Direct Entry (Authorization by IFSCA) by IFSCA without entering into the Regulatory Sandbox.
The framework also incorporates the Inter Operable Regulatory Sandbox (IoRS) mechanism. IoRS is a proposed mechanism to facilitate testing of innovative hybrid financial products / services falling within the regulatory ambit of more than one financial sector regulators. IFSCA will facilitate Indian FinTech’s seeking access to foreign markets and foreign FinTech’s seeking entry into India.
The framework proposes a Regulatory Referral mechanism which shall be governed as per the provisions of the Memorandum of Understanding (MoU) or collaboration or special arrangement between IFSCA and corresponding overseas Regulator(s)
IFSCA endeavors to support FinTech firms for proof of concept (PoC), minimum viable product (MVP), prototype development, product trials, commercialization, and global market access etc.
The GIFT-IFSC offers the unique advantage of being a separate financial jurisdiction within India which is treated like an offshore jurisdiction from FEMA angle with no restriction on currency convertibility. The framework issued by IFSCA, a unified regulator for Banking, Capital Markets, Insurance and Funds Management in IFSC, would enable FinTech firms having innovative ideas or solutions across the banking, capital or insurance sector to have seamless interaction with a single regulator.
*****
International Financial Services Centres Authority
CIRCULAR
F.No. 521/IFSCA/FinTech/FE Framework/2022-23
April 27, 2022
Subject: Framework for FinTech Entity in the International Financial Services Centres (IFSCs)
Considering the importance of financial technology solutions or FinTech in promoting innovation of ideas and solutions in financial services market in the IFSC in India, a framework for authorization of FinTechs in IFSC has been provided as under:
Applicability
(1) This framework shall apply to all eligible Domestic or Foreign entities, desirous of obtaining authorization as FinTech Entity (FE) from International Financial Services Centres Authority (IFSCA), for participating in or undertaking one or more of the permissible activities under this framework.
Definitions
(2) In this framework, unless the context otherwise requires, the terms defined herein shall bear the meaning as assigned to them below and their cognate expression shall be construed accordingly: –
(a) ‘Act’ means the International Financial Services Centres Authority Act, 2019 (50 of 2019);
(b) ‘Applicant’ means an entity who makes an application to the Authority for getting authorization as FinTech Entity under this framework and includes but is not limited to financial institutions, financial technology companies, and technology firms partnering with or providing support to such businesses;
(c) ‘Authority’ means the International Financial Services Centres Authority;
(d) ‘Cohorts or special programmes’ means business programmes run by companies or incubators that support early-stage, growth-driven FinTech companies through education, mentorship, etc. ;
(e) ‘Domestic FinTechs’ means an entity that is not a ‘Foreign FinTech’;
(f) ‘Domestic financial sector regulator’ shall mean all or any of the domestic financial services regulators namely the Reserve Bank of India, the Securities and Exchange Board of India, the Insurance Regulatory and Development Authority of India and the Pension Fund Regulatory and Development Authority.
(g) ‘Evaluation Committee’ means an internal committee constituted by the Authority for screening, evaluation and processing of applications made under this Framework.
(h) ‘FinTech’ includes financial technology solutions which result in new business models, applications, process or products in financial services regulated by the Authority or advanced/innovative technology solutions which aid and assists activities in relation to financial products, financial services and financial institutions;
(i) ‘FinTech Entity’ means an entity authorized by the Authority under the appropriate framework and shall include both Domestic and Foreign FinTechs ;
(j) ‘Foreign FinTechs’ means a non-resident entity from outside India engaged in the FinTech activity;
(k) ‘Innovation Sandbox’ means a testing environment where FinTech Entities can test their ideas and solutions in isolation from the live market that may add value to the financial products or financial services offered in IFSC based on market related data made available to them by Financial Institutions operating in IFSC;
(l) ‘Inter-Operable Regulatory Sandbox’ or ‘IORS’ means a testing environment for innovative hybrid financial products / services falling within the regulatory ambit of more than one domestic financial sector regulator;
(m) ‘Regulatory Sandbox’ means a live environment with a limited set of real customers for a limited timeframe wherein entities operating in the capital market, banking, insurance and other financial services space in IFSC shall be granted certain exemptions / relaxations from applicability of certain regulatory provisions for experimenting FinTech ideas and solutions;
(n) ‘Overseas regulatory referral ‘refers to a co-operation mechanism between the Authority and any overseas financial sector regulator for facilitating the FinTechs that would like to operate in each other’s jurisdictions.
(3) Words and expressions used and not defined in this framework but defined in the applicable Laws, and in particular, under the Act, or any rules or regulations made thereunder shall have the same meanings respectively assigned to them in those Acts, rules or regulations or any statutory modification or re-enactment thereto, as the case may be.
Chapter I : Authorization
Eligibility
(4) An Applicant who satisfies any of the following conditions shall be eligible to make an application to IFSCA for Authorization under this Chapter:
(i) Where the Applicant is from India:
a) An entity registered with Department for Promotion of Industry and Internal Trade (DPIIT) as a start-up entity relating to FinTech; or
b) An entity incorporated as a company under the Companies Act 2013, or as a Limited liability Partnership (LLP) under the Limited liability Partnership Act, 2008 or a ‘Branch’ of an Indian company or LLP in IFSC; or
c) An entity working directly or indirectly in the ecosystem regulated by domestic financial sector regulator.
(ii) Where the Applicant is from Outside India – An entity from FATF compliant countries/jurisdictions;
(5) The Applicant proposes to use technology in its core product or service, business model, distribution model or methodology to solve the problem being targeted.
(6) The Applicant must have:
(a) a deployable solution/working product; and
(b) a revenue earning track record in at least one of the last three financial years.
Permissible Activities
(7) An Applicant shall be permitted to undertake one of the following activities under this Chapter:
(a) Provide a financial technology (FinTech) solution which results in new business models, applications, process, or products in financial services regulated by the Authority. An illustrative list is at Annexure-I ;
(b) Provide an advanced or emerging technology solution in allied areas/ activities which aid and assist activities in relation to financial products, financial services and financial institutions (TechFin). An illustrative list of allied areas/activities is at Annexure-I.
Application Process and Evaluation
(8) An Applicant meeting the eligibility criteria under this Chapter shall apply to the Authority by way of an application at Annexure-II.
(9) The application shall be signed by an Authorized person of the Applicant.
(10) The application complete in all aspects shall be submitted at [email protected], through electronic mail.
(11) The application shall be subject to an evaluation process conducted by the Evaluation Committee and outcome of the application shall be informed to the Applicant. The process flow of dealing with an application is at Annexure- IV.
Authorization as FinTech Entity (FE)
(12) The Authority may, after examining the application and on being satisfied that the applicant has fulfilled the eligibility criteria, grant Authorization to the Applicant as a ‘FinTech Entity’, subject to the conditions that the Applicant:
(a) separately incorporates an entity in the IFSC; or
(b) establishes a branch or a subsidiary of an Indian or foreign incorporated entity in IFSC.
(13) In case the Authority is of the opinion that the Authorization under this Chapter cannot be granted, it shall communicate the deficiencies to the Applicant giving it thirty days’ time to rectify them.
(14) If the Applicant fails to rectify such deficiencies to the satisfaction of the Authority within the specified time, the Authority may refuse to grant Authorization.
Maintenance of Books of Accounts, Records and Documents
(15) Every FinTech Entity shall maintain its records, documents and books of accounts in such freely convertible foreign currency other than INR, as may be declared by the Applicant at the time of making an application under this Part.
Submissions of Report / Information
(16) Every FinTech Entity shall furnish the following information to the IFSCA:
(a) Duly certified copy of its audited annual financial statements within 30 days of its finalization.
(b) Details of regulatory action, if any, within 15 days from the date of receipt of notice for initiation of regulatory action.
(17) Every FinTech Entity shall submit the financial information to the IFSCA in US Dollar, unless otherwise specified by the IFSCA.
(18) The IFSCA from time to time may call for any information, documents, or records as it may deem necessary from the FinTech Entity.
Compliance With Other Requirements
(19) The FinTech Entity shall appoint an authorized person, in accordance with the requirements stipulated under its constitutional documents, for representing FinTech Entity before the Authority and for ensuring compliance with the applicable regulatory requirements.
(20) The FinTech Entity shall at all times comply with the applicable and relevant regulatory obligations, standards, policies and guidelines.
Action in Case of Default
(21) If a FinTech Entity fails to comply with any of the requirement under this framework and/or any other applicable laws, the IFSCA may take appropriate action as it deems fit, after giving a reasonable opportunity to make its written submissions.
(22) If at any stage it is found that the Authorization was obtained on the basis of incomplete or wrong information /disclosure, the Authorization granted may be withdrawn/cancelled by the Authority.
Currency for conduct of business
(23) The FinTech Entity shall transact in freely convertible foreign currency only. However, the FinTech Entity may defray their administrative expenses in INR by maintaining an SNRR account.
Chapter II : Sandbox
Permissible Activities
(24) An Applicant shall be permitted to undertake one or more of the following activities under this Chapter subject to fulfilment of the following requirements:
(a) Test FinTech ideas or solutions in IFSCA FinTech Regulatory Sandbox; or
(b) Develop and test FinTech ideas or solutions in IFSCA FinTech Innovation Sandbox; or
(c) Test FinTech ideas or solutions in Inter- Operable Regulatory Sandbox (IoRS) ; or
(d) Provide FinTech ideas or solutions in the Overseas Regulatory Referral mechanism/FinTech Bridge offered by IFSCA.
Part A
IFSCA FinTech Regulatory Sandbox (FRS)
Eligibility
(25) An Applicant who satisfies any of the following conditions shall be eligible to make an application to IFSCA under this Part:
(i) Where the Applicant is from India:
a) An entity registered with Department for Promotion of Industry and Internal Trade (DPIIT) as a start-up entity relating to FinTech; or
b) An entity incorporated as a company under the Companies Act 2013, or as a Limited liability Partnership (LLP) under the Limited liability Partnership Act, 2008 or a ‘Branch’ of an Indian company or LLP in IFSC; or
c) An entity working directly or indirectly in the ecosystem regulated by domestic financial sector regulator.
(ii) Where the Applicant is from Outside India – An incorporated entity or a branch of an incorporated entity from FATF compliant countries/jurisdictions;
(26) The Applicant proposes to use innovative technology in its core product or service, business model, distribution model or methodology to provide financial services that are or likely to be regulated by the Authority.
Eligibility Criteria for the Proposed Solution
(27) The proposed solution by the applicant must exhibit following:
(a) Genuineness of innovation
The idea or solution should be innovative enough to add significant value to the existing offering related to financial service or financial product regulated by IFSCA.
(b) Genuine need to test
The applicant should have a genuine need for live testing the solution on real customers/investors. Further, the applicant should demonstrate that the idea or solution cannot be developed/deployed without relaxing certain regulatory requirements, if any, being sought.
(c) Limited prior testing
Before applying for testing in sandbox, limited offline testing of the idea or solution should have been carried out by the applicant.
(d) Direct benefits to users
The idea or solution should offer identifiable benefits (direct or indirect) to the customers/investors or entities or to the Banking, Capital Market, Funds Management, Insurance sector etc at large.
(e) No risks to the financial system
The idea or solution should have proper risk management strategy to incorporate appropriate safeguards to mitigate and control potential risks to any market participants/users that may arise from the testing of the idea or solution and shall propose appropriate safeguards to manage the risks and contain the consequences of failure.
(f) Testing readiness of the solution
The Applicant should have the necessary resources to support testing in the sandbox and must demonstrate well developed testing plans/scenarios and expected outcomes with clear objectives, parameters and success criteria.
(e) Deployment post-testing
The Applicant should demonstrate the intention and ability to deploy the idea or solution on a broader scale. To this effect the applicant should share a proposed sandbox exit and transition strategy.
Application Process for IFSCA FinTech Regulatory Sandbox (FRS)
(28) An Applicant meeting the eligibility criteria under this Part shall apply to the Authority by way of an application at Annexure-III.
(29) The application form shall be signed by an Authorized person of the applicant.
(30) The application complete in all aspect shall be submitted at [email protected], through electronic mail.
(31) The application shall be subject to a screening process and the applicant shall be informed of its potential suitability for a sandbox within 30 working days from the submission of the complete application which includes all information necessary for assessment. IFSCA may communicate with the applicant while screening the application and issue guidance to the applicant according to the specific characteristics and risks associated with the proposed solution.
(32) The applicants who participated in the Authority’s supported Cohorts or Special Programmes may be given relaxation from such stages of the application screening process as may be deemed fit by the Authority provided the applicant fulfil the eligibility criteria in clause 25, 26 and 27 under this Part.
(33) In case an application is found to be deficient/incomplete, the Authority shall communicate the deficiencies to the Applicant giving it thirty day’s time to rectify them. If the Applicant fails to rectify such deficiencies to the satisfaction of the Authority within the specified time, the application may be rejected after the expiry of the said period. The flowchart depicting the stages and process involved in the applications made to FRS is at Annexure- V
Approval Process within IFSCA FinTech Regulatory Sandbox
(34) The applicant shall assign a contact person to coordinate with a designated officer of IFSCA.
(35) At the Evaluation stage, the evaluation committee shall work with the applicant to determine the specific regulatory requirements and conditions (including test parameters and control boundaries) to be applied to the proposed solution in question. The time required to fully assess the application is dependent on its completeness and complexity, and the specific legal and regulatory requirements involved. If the applicant is able and willing to meet the proposed regulatory requirements and conditions, the applicant shall be granted permission to develop and test the proposed FinTech innovation(s) in the sandbox.
(36) IFSCA may accord the applicant Limited Use Authorization as “FinTech Entity (FE)” to develop and test the proposed solution in the IFSCA FinTech Regulatory Sandbox.
(37) Upon limited use authorization, the FinTech Entity shall proceed towards the “Testing Stage”. The FE shall disclose to its users that the solution shall operate in a sandbox and the potential key risks associated with the solution. The FE is also required to obtain the user’s acknowledgement that they have read and understood the risks associated with the solution.
(38) During the testing stage, the FE shall take prior approval from IFSCA to affect any material changes to the solution.
(39) The duration of the sandbox testing stage shall be a maximum of twelve months which may be extended further by six months upon request of the FE.
(40) In case an application is rejected at any stage, the FE shall be informed accordingly. The reasons for rejection could include failure to meet the objective of the sandbox or any of the eligibility criteria. The FE may re-apply for the sandbox when it is ready to meet the objective and eligibility criteria of the sandbox, subject to an appropriate cooling off period as decided by IFSCA.
Evaluation Criteria within Sandbox
(41) The Applicant may be evaluated within Sandbox by IFSCA, inter-alia, based on the parameters given below:
(i) Profile of the FE;
(ii) Usage of innovative solution including technology and/or processes;
(iii) Identified benefits to the customers/investors and/or the Capital Market, Funds Management, Banking, Insurance etc.;
(iv) Compilation of meaningful test scenarios and expected/desired outcomes;
(v) Risk measured/graded testing conditions and parameters so as to ensure safety and protection of the markets/investors ;
(vi) Appropriate disclosure requirements and protection to their users;
(vii) Clearly defined grievance redressal mechanism and user rights ;
(viii) Adequate disclosure of the potential risks to participating users;
(ix) Prior confirmation from users that they fully understand and accept the attendant risks ;
(x) Intent and feasibility to deploy the proposed FinTech solution post testing;
(xi) The deployment and monitoring strategy post testing (in the event the tests are deemed successful) or the exit strategy (in the event the tests are not successful);
(xii) Any other factors considered relevant by IFSCA.
Regulatory Exemptions
(42) The Authority may consider granting exemptions/ relaxations if any, which could be in the form of exemption from certain regulatory requirements, depending on the FinTech solution to be tested. However, no such exemptions would be granted from the customer/investor protection /Know-Your-Customer (KYC) requirements and Anti-Money Laundering (AML) rules.
(43) Entities desirous of seeking exemption / relaxation from relevant provisions of the applicable regulatory framework of the Authority shall necessarily document the exemptions required during the application process.
(44) Regulatory relaxations from various IFSCA regulations may be considered after analyzing specific sandbox testing applications. A reference list is given at Annexure-VII with examples of the regulatory requirements that will be mandatory and those for which Authority may consider granting relaxation during the sandbox testing.
Submission of test related information
(45) During the testing period, the Authority may require the FE to submit information/ interim reports including:
(i) Key performance indicators, milestones and statistical information;
(ii) Key issues arising as observed from fraud or operational incident reports; and
(iii) Actions or steps taken to address the key issues identified above.
(46) The FE shall submit a final report containing the following information to IFSCA within thirty days from the expiry of the testing period:
(i) Key outcomes, key performance indicators against agreed measures for the success or failure of the test and findings of the test;
(ii) A full account of all incident reports and resolution of user complaints, if any; and
(iii) Key learnings from the test.
(47) The interim and final reports must be affirmed by a person so authorized by the FinTech Entity.
(48) The FE must ensure that proper records of the conducted tests are maintained for review by the Authority. Further, the FE shall maintain such records for a period of five years from the date of completion of testing/ exit from the sandbox.
Obligation of the FE towards the user
(49) The FE shall ensure that before signing up, the user has read, understood and acknowledged the associated risk of using the solution.
(50) The FE shall disclose in clear terms whether the users will be compensated for any losses incurred during the sandbox testing phase. In this regard, the FE shall disclose the protection and compensation terms that it will offer to the users and seek an informed consent from the user before engaging the user in the sandbox testing phase.
Extending or Exiting the IFSCA FinTech Regulatory Sandbox
(51) At the end of the testing period, the Limited Use Authorization as FinTech Entity granted to the Applicant including the legal and regulatory requirements relaxed by the Authority, shall expire.
(52) Upon completion of testing,
(a) The Authority shall decide whether to permit the FinTech innovation to be introduced in the market on a wider scale.
(b) In the case where FinTech innovation may be allowed to be introduced on wider scale, one of the following conditions must be met:
(i) the FE may carry out a regulated businesses based on applicable licensing, recognition or registration criteria under various IFSCA regulations; or
(ii) the FE may be allowed to conduct business with modified regulatory dispensation, as specified by the Authority, subject to successful demonstration that its solution is reliable and its internal control procedures have adequately addressed the risks identified.
(c) In case where FinTech innovation may not be allowed to be introduced on wider scale,
(i) the FE may employ an exit strategy or;
(ii) the FE may request for an extension period to continue testing
(53) The FE may exit the sandbox on its own by giving a prior written notice of thirty working days to the Authority, of its intention to exit the sandbox.
(54) The FE shall ensure that any existing obligation to the users of the FinTech innovation(s) in the sandbox are completely fulfilled or addressed before exiting the sandbox or before discontinuing the sandbox testing.
(55) The FE shall maintain records of acknowledgement of all its users stating that all the obligations towards the users have been met. These records shall be maintained by the FE for a period of five years from the date of exit from the sandbox.
Revocation of Approval
(56) IFSCA may revoke the approval to participate in the sandbox at any time before the end of the testing period, if the FE:
i) Fails to put in place risk mitigating measures;
ii) Submits false, misleading or inaccurate information, or has concealed or failed to disclose material facts in the application;
iii) Contravenes any law which adversely affects its functioning in IFSC;
iv) Suffers a loss of reputation that is likely to impact the engagement of the users with the product or solution;
v) Order for initiation of insolvency or liquidation process has been passed against it or its parent;
vi) Compromises the digital security and integrity of the service or product or elevates the risk of a cyber-security attack;
vii)Carries on business in a manner detrimental to users or the public at large;
viii) Fails to effectively address any technical defects, flaws or vulnerabilities in the product, service or solution which gives rise to recurring service disruptions or fraudulent activities; or
ix) Fails to implement any directions given by the Authority.
(57) Before revoking the approval to participate in the sandbox, the Authority shall:
i) Give the FE a prior notice of its intention to revoke the approval; and
ii) Provide an opportunity to the FE to file written submissions to the Authority on the grounds for the proposed revocation.
(58) Notwithstanding anything contained in the clause 56 where the Authority is satisfied that in the interest of the FE, its users, the financial system or the public in general, it is necessary to do so, it may revoke the approval immediately without prior notice and provide the opportunity to the FE to respond after the effective date of revocation.
(59) Upon revocation of an approval, the FE must:
i) Immediately implement its exit plan and discontinue the usage of the product, process, service or solution by all users;
ii) Notify its users about the cessation and their rights of grievance redressal, as applicable;
iii) Comply with obligations imposed by the Authority to dispose of all confidential information including user’s personal information collected over the duration of the testing;
iv) Submit a report to IFSCA on the actions taken, within thirty days from the revocation; and
v) Comply with any other directions given by the Authority. Authorization as FinTech Entity (FE)
(60) Upon successful exit from the Sandbox, the FE who desires to carry out its business as FinTech under any existing or the modified regulatory dispensation specified by the Authority, shall be Authorized as “FinTech Entity” to operate under the appropriate regulatory regime.
(61) The Applicant authorised by IFSCA as “FinTech Entity” shall:
(a) Separately incorporate an entity in the IFSC; or
(b) Establish a branch or a subsidiary of an Indian or Foreign incorporated entity in IFSC.
PART B
IFSCA FinTech Innovation Sandbox (FIS)
(62) FinTech firms may access the “Innovation Sandbox”, which will be a testing environment where FinTech firms can test their solutions in isolation from the live market, based on market related data made available by the regulated entities in IFSC.
(63) The Regulated entities operating in IFSC shall put in place the necessary systems and infrastructure for operationalizing the Innovation Sandbox.
(64) The clauses governing the eligibility criteria for the Applicant and proposed solution (refer clauses 25 to 27 above), application and screening process (refer clauses 28 to 41 above) under Part A of this framework shall be applicable mutatis mutandis to the IFSCA FinTech Innovation Sandbox (FIS) except for clauses which deal with regulatory exemption (refer clauses 42 to 44 above) and obligations towards the user (refer clause 49 and 50 above).
(65) The Authority may after considering the application and on being satisfied that the applicant has complied with the conditions laid down under this part, grant the applicant ‘Limited Use Authorization ‘as a ‘FinTech Entity’ to develop and test the proposed solution in the IFSCA FinTech Innovation Sandbox.
(66) At the end of the testing period, the Limited Use Authorization as FinTech Entity granted to the applicant shall expire.
(67) Upon successful exit from the FIS, the applicant shall be eligible to apply for IFSCA FinTech Regulatory Sandbox.
(68) The FE may exit the sandbox on its own by giving a prior notice of 30 working days to IFSCA, in writing, of its intention to exit the sandbox.
(69) Clause 45 to 48 pertaining to submission of test related information under Part A of this framework shall apply mutatis mutandis to this Part.
(70) Clause 56 to 59 pertaining to revocation under part A of this framework shall also be applicable to this Part.
(71) The flowchart depicting the process and stages involved for applications made to FIS is depicted at Annexure-VI.
PART C
Inter-operable Regulatory Sandbox (IoRS) with IFSCA as Principal Regulator
(72) Foreign FinTechs seeking entry to India shall be considered for IoRS provided that entity must have a financial technology product / service whose business models / activities / features fall within the remit of more than one domestic financial sector regulator. They would act as Associate Regulator(s) under IoRS.
(73) The applications received by the Authority from domestic sector regulator(s) /Co-ordination Group of IoRS shall be subjected to the same application and screening process, for entry into IoRS, as mentioned under clause 28 to 33 under Part A of this framework.
(74) The Authority, in consultation with Associate Regulator(s), shall reserve the right on the admissibility of the hybrid product/solution/innovation as per its FinTech Regulatory Sandbox Framework and accordingly communicate to the Applicant.
(75) Post successful exit from the IoRS, the entity shall approach the Authority and the Associate Regulator(s) for authorisation and seeking regulatory dispensation before launching the product in the market.
(76) The whole process shall be in compliance with Standard Operating Procedure (SoP) as specified by co-ordination group for IoRS (under the aegis of Inter Regulatory Technical Group on FinTech).
PART D
Overseas Regulatory Referral Mechanism /FinTech Bridges of IFSCA
(77) An Applicant seeking to access the Overseas Regulatory Referral Mechanism /FinTech Bridges of IFSCA shall be governed as per the provisions of the Memorandum of Understanding (MoU) or collaboration or special arrangement between the Authority and corresponding overseas Financial Sector Regulator(s).
Chapter III: Miscellaneous
Fees
(78) A FinTech Entity shall pay such fees and charges as specified in Annexure VIII to this circular.
Power to remove difficulties, specify procedures and issue clarifications
(79) In the event of any difficulty in giving effect to this framework or to ensure effective operation of this framework, the Authority may specify the necessary norms, procedures, processes, manners and may also provide relaxations, by way of guidelines or circulars.
(80) This circular is issued in exercise of powers conferred by section 12 of the International Financial Services Centres Authority Act, 2019 to develop and regulate the financial products, financial services and financial institutions in the IFSCs.
Your faithfully,
Sd/-
Joseph Joshy
Chief Technology Officer
Encl: As above
INTERNATIONAL FINANCIAL SERVICES CENTRES AUTHORITY
(Framework for FinTech Entity in the IFSCs)
Annexure -I
Illustrative list of Areas/Activities under FinTech and TechFin
A. An illustrative list of permissible FinTech areas/activities linked to financial services regulated by IFSCA is given below
| I. Banking Sector | II. Capital Markets and Funds Management | III. Insurance sector |
| (a) Remittance and payments
(b) Digital lending (c) Buy Now Pay Later (d) Crowd Lending (e) Digital Bank (Neo Banking/Challenger bank) (f) Open banking
|
(a) Crowd funding
(b) Personal finance (c) Wealth Tech (d) Robo Advisory (e) Sustainable Finance products (f) Alternate trading platforms
|
(a) InsurTech
(b) Innovative technologies for insurance life cycle (underwriting, claims management of life/health products etc.) (c) Digital innovation for global health insurance cover (d) Innovation in commercial insurance (e) Digital platform for settlement of balances between insurance companies (f) Open insurance. (g) Embedded insurance (h) Cyber insurance |
B. An illustrative list of allied areas/activities aiding and assisting activities in relation to financial product, financial services and financial institutions (TechFin) is given below:
(a) Agri Tech
(b) Accelerators
(c) Climate/Green/Sustainable Tech
(d) Defence Tech
(e) Regulatory Tech
(f) Space Tech
(g) Supervisory Tech
(h) Technology solution supporting Digital banking (example Core Banking etc.)
(i) Technology solution aiding Trade Finance
(j) Solutions/services for BFSI domain leveraging:
(i) Artificial Intelligence/Machine Learning/
(ii) Big Data
(iii) Biometrics
(iv) Chatbots
(v) Cyber security
(vi) Digital Identity/KYC/AML/CFT
(vii) Distributed Ledger Technology
(viii) Fraud detection/prevention
(ix) Internet of Things (IoT)
(x) Longevity Finance
(xi) Metaverse including Augmented Reality and /or Virtual Reality
(xii) Quantum Tech
(xiii) Web 3.0
*********
INTERNATIONAL FINANCIAL SERVICES CENTRES AUTHORITY
(Framework for FinTech Entity in the IFSCs)
Annexure-II
Application Form for Authorization
| 1. Applicant’s Information | ||
| Sr. No. | Description | Response |
| 1.1 | Name of the Applicant, complete address of the registered office and principal place of business of the applicant, if any | |
| 1.2 | Legal form of the applicant | |
| 1.3 | Date of Incorporation and date of commencement of business of the applicant | |
| 1.4 | Country(ies) in which the Applicant operates | |
| 1.5 | Shareholding pattern of the Applicant | |
| 1.6 | Name and addresses of Directors/Chief Executives/Key Managerial Personnel | |
| 1.7 | Corporate identification number or any document of similar nature and Registration no. (if registered with a regulator) | |
| 1.8 | Address of the IFSC office (if any) | |
| 1.9 | Details of the Authorized Representative:
a) Name b) Designation c) Contact No d) Email id |
|
| 1.10 | Is the Applicant and the Authorized Representative based in a Financial Action Task Force (FATF) compliant jurisdiction? ( Name of the Jurisdiction) | ( ) |
| 2. Details of the Parent/Promoter of the Applicant | ||
| Sr. No. | Description | Response |
| 2.1 | Name of the Parent / Promoter | |
| 2.2 | Date of incorporation/ establishment of the Parent / Promoter | |
| 2.3 | Legal form of the Parent / Promoter | |
| 2.4 | Corporate identification number or any document of similar nature and Registration no. (if registered with a regulator) | |
| 2.5 | Address of the registered office of the Parent / Promoter | |
| 2.6 | Address for correspondence and principal place of business of the Parent / Promoter | |
| 2.7 | Contact details of the primary coordinator (s) of the parent or promoter
a) Name b)Designation/Relationship with Parent or Promoter b) contact number and c) email |
|
| 2.8 | Is the parent based in a Financial Action Task Force (FATF) compliant jurisdiction?
( Name of the Jurisdiction) |
|
| 3. Details about ongoing FinTech Activity (if any) and Proposed Solution | ||
| Sr. No. | Description | Response |
| 3.1 | Is the Applicant’s FinTech business already active in India or IFSC or overseas? If yes then please provide details. | |
| 3.2 | Provide a brief description of the FinTech activities being undertaken by the Applicant and its core businesses including but not limited to:
a) registration with other regulators; b) affiliation to prominent societies; c) Accreditations; d) significant achievement; e) financial standing including avenues for funding and f) Profile of key personnel. |
|
| 3.3 | Which of the following permissible FinTech area/activity has the Applicant applied for Direct Authorization:
a) A financial technology solution which results in new business models, financial services regulated by the b) An advanced or emerging technology solution in areas/activities which aid and assists activities in relation to financial products, financial services and financial institutions. (Pl refer to illustrative list of Allied activities under Annexure-I of the Framework) |
|
| 3.4 | Does the Applicant have a deployable solution/working product | |
| 3.5 | Provide a short summary of the proposed solution including but not limited to:
a) Objective of the proposed FinTech solution or the statement of purpose ; b) Key benefits to the users and markets ; c) Business Model, including asset deployment and sources of revenue ; d) Target users ; and e) Compliance obligations |
|
| 3.6 | Summary of the technical solution including but not limited to:
a) Technical architecture ; b) Usage of Artificial Intelligence and Machine Learning, if any ; c) Cyber resilience: VAPT results, if any ; d) Certification from Common Criteria Recognition Arrangement (CCRA), if any; e) Business Continuity Plan, if any ; and f) Any other certifications, if any |
|
| 3.7 | Does the Applicant have a revenue making track record in at least one of the last three financial year from the proposed solution | |
| 3.8 | Awareness of similar offering in India or other countries. Details, if any | |
| 4. Legal and Regulatory Assessment | ||
| Sr. No. | Description | Response |
| 4.1 | Describe how the regulatory requirements will be met as per the existing regulations, guidelines, circular etc of IFSCA in case the applicant chooses to do permissible activity under 3.3. (a) | |
| 4.2 | Legal opinion sought on the proposed FinTech solution, if any | |
| 4.3 | Current orders or proceedings pending against the FinTech firm in India/IFSC and abroad (if any) | |
| 5. Documentary Requirements | ||
| 5.1 | Certified Copy of the incorporation certification/registration document of the Applicant or Parent / promoter as may be applicable | |
| 5.2 | Certified copy of Constitutional documents ( such as Memorandum and Articles of Association/limited liability partnership agreement or any document of similar nature) of the Applicant or Parent/promoter, as may be applicable | |
| 5.3 | Certified copy of last 3 years audited consolidated financial statements of the Applicant and Parent/Promoter, as may be applicable | |
| 6. Declaration to be submitted by the applicant in the following format on its letter head and the same shall be duly signed by an Authorized signatory, or compliance officer in the case of a company or startup. | ||
| We hereby solemnly declare and agree that:
(1) the information provided in the application is complete and true in all respects and the supporting documents enclosed therewith are authentic and true copy of the original. (2) we shall notify the International Financial Services Centres Authority (3) as a condition of authorization, we shall abide by regulations, guidelines and such operational instructions/directives as may be issued by the International Financial Services Centres Authority from time to time. For and on behalf of M/s_______________ AUTHORISED SIGNATORY with seal Date: Place: 7. The application complete in all aspects shall be submitted at fe-[email protected], through electronic mail. |
||
INTERNATIONAL FINANCIAL SERVICES CENTRES AUTHORITY
(Framework for FinTech Entity in the IFSCs)
Annexure -III
Application Form for IFSCA FinTech Regulatory / Innovation Sandbox
| 1. Applicant’s Information | ||
| Sr. No. | Description | Response |
| 1.1 | Name of the Applicant, complete address of the registered office and principal place of business of the applicant, if any | |
| 1.2 | Legal form of the applicant | |
| 1.3 | Date of Incorporation and date of commencement of business of the applicant | |
| 1.4 | Country(ies) in which the Applicant operates | |
| 1.5 | Shareholding pattern of the applicant | |
| 1.6 | Financial Standing of the applicant, including any funding raised and avenues for funding | |
| 1.7 | Name, address and profile of Directors/Chief Executives/Key Manager Personnel | |
| 1.8 | Corporate identification number or any document of similar nature and Registration no. (if registered with a regulator) | |
| 1.9 | Details of the Authorized Representative:
a) Name b) Designation c) Contact No d) Email id |
|
| 1.10 | Details on following, if any
a) Affiliation to prominent societies b) Accreditations c) Significant achievements |
|
| 1.11 | Does the applicant have a presence in India/ IFSC? If yes then please provide details | |
| 1.12 | Is the applicant business already active in IFSC or overseas? If yes then please provide details. | |
| 1.13 | Legal and regulatory status of the applicant (registration, licensing, authorization, approval, recognition etc.) with regulators in India or overseas | |
| 1.14 | Current orders or proceedings pending against the applicant in India/IFSC and abroad (if any) | |
| 2. Details of the Proposed Solution to be tested in Sandbox | ||
| Sr. No. | Description | Response |
| 2.1 | Details of the proposed FinTech solution, including :
i. Objective of the proposed FinTech solution and the problem statement to be addressed. ii. Details how the solution constitutes a significantly different offering in the market place (genuineness of innovation) iii. Benefits of the proposed financial service/product, and how these are enabled by the technology innovation iv. Key benefits to the users and markets v. Awareness and Assessment of a similar offering prevalent in other jurisdictions |
|
| 2.2 | Business model and Use Cases.
For each use case, provide an end-to-end illustration on how the proposed FinTech solution will be made available, including where applicable: i. The interactions and money flows between the applicant, the applicant’s target customers and the applicant’s business partners (if any). ii. The entity that will be holding the applicant’s customers’ monies. iii. The remuneration structure of the applicant and the applicant’s business partners (if any). iv. Asset deployment and sources of revenue . Target users . Compliance obligations i. Time period for testing |
|
| 2.3 | Summary of the Technical Solution including but not limited to:
i. Technical architecture ii. Usage of Artificial Intelligence and Machine Learning, if any . Cyber resilience: VAPT results, if any iii. Certification from Common Criteria Recognition Arrangement (CCRA), if any iv. Business Continuity Plan, if any i. Relevant certifications, if any |
|
| 3. Sandbox Readiness: Details of the proposed Sandbox Design | ||
| Sr. No. | Description | Response |
| 3.1 | Illustrate the aspect of the FinTech solution that will be tested, including specific testing of technological innovation in the proposed solution. | |
| 3.2 | The test criteria and expected outcomes | |
| 3.3 | Describe the experiments and use case that will be tested in the sandbox | |
| 3.4 | Define success for a test and the Key Performance Indicators that would be used to monitor and assess the progress of the experiment. | |
| 3.5 | Readiness of the prototype and development timeline, including an estimate on the readiness to provide an end-to-end demonstration of the proposed FinTech solution
(Tentative start and end date of sandbox testing) |
|
| 3.6 | Details of users including but not limited to:
i. Number of participating customers ii. Profile of customers (retail, institutional, etc.) iii. Process for enrollment and acquisition of customers iv. Requirement of KYC v. User awareness required/conducted vi. Whether consent required /has consent vbeen obtained vii. Arrangements to limit loss if applicable e.g. Margin, stop loss thresholds etc. viii. User compensation if any ix. Value at risk per user x. Transaction thresholds per user |
|
| 3.7 | Describe the Controls to be put in place to manage risk and failure in the sandbox including money laundering, terrorism financing, technology risk etc | |
| 4. Deployment post-testing | ||
| Sr. No. | Description | Response |
| 4.1 | Describe how the regulatory requirements will be met post successful sandbox testing | |
| 4.2 | Provide a deployment strategy post successful sandbox testing including the timelines for full scale deployment | |
| 4.3 | Provide a clear strategy to monitor the outcomes in the live scenario | |
| 4.4 | Provide exit and transition strategy if the deployed solution turns unviable and the tests are unsuccessful | |
| 5. Details of the applicable IFSCA legal/regulatory requirements and the relaxation sought to deliver the proposed FinTech solution |
||
| Sr. No. | Description | Response |
| 5.1 | State all the legal and regulatory requirements (rules, regulations, guidelines, circulars etc) applicable on the applicant | |
| 5.2 | State the specific legal and regulatory requirements that the applicant is seeking IFSCA to relax for the duration of the sandbox, and provide justifications | |
| 5.3 | Include a legal opinion, if available, from a qualified legal practitioner on the relevant laws administered by IFSCA to the facts of the case | |
| 5.4 | Describe how the applicant intends to meet the all legal and regulatory requirements before exiting the sandbox | |
| 6. Declaration to be submitted by the applicant in the following format on its letter head and the same shall be duly signed by an Authorized signatory, or compliance officer in the case of a company or startup. | ||
| We hereby solemnly declare and agree that:
(1) the information submitted in the application, including the attachment sheets, is complete and true and the supporting documents enclosed therewith are authentic and true copy of the original. (2) we shall notify the International Financial Services Centres Authority immediately of any material change in the information provided in the application. (3) as a condition of Authorization, we shall abide by regulations, guidelines and such operational instructions/directives as may be issued by the International Financial Services Centres Authority from time to time. For and on behalf of M/s___________________ Date: 7. The application complete in all aspects shall be submitted at [email protected], through electronic mail. |
||
*****
Annexure-V
Annexure-VI
INTERNATIONAL FINANCIAL SERVICES CENTRES AUTHORITY
(Framework for FinTech Entity in the IFSCs)
Annexure-VII
REQUIREMENTS WHICH CANNOT NOT BE RELAXED AND WHICH MAY MERIT RELAXATION
(FOR ILLUSTRATIVE PURPOSE)
The following table provides examples of the legal and regulatory requirements that IFSCA may consider relaxing for the duration of the sandbox, as well as those which IFSCA intends to maintain. It must be emphasised that the examples outlined in the table are not exhaustive. Depending on the proposed FinTech idea or solution, the applicant involved and the application made, IFSCA shall determine the specific legal and regulatory requirements which it is prepared to relax for each case.
| Requirements for which relaxation cannot not be considered | Requirements that may merit relaxation |
| Confidentiality of customer information | Net worth |
| Fit and proper criteria particularly on honesty and integrity | Track record |
| Handling of customer’s moneys and assets by intermediaries | Registration fees |
| Prevention of money laundering and countering the financing of terrorism | IFSCA Guidelines, such as technology risk management guidelines and outsourcing guidelines |
| Risk checks (like price check, order value check, etc.) | Financial soundness |
| Principles of KYC | Board composition |
| Management experience | |
| Asset maintenance requirement |
INTERNATIONAL FINANCIAL SERVICES CENTRES AUTHORITY
(Framework for FinTech Entity in the IFSCs)
Annexure -VIII
FEES
1. Following Fee structure shall be applicable for all Applicants in case of Authorization
(a) Application Fee : USD 500
(b) Authorization Fee : USD 1,500 (Annual)
2. Following Fee structure shall be applicable on Foreign FinTech Applicants in case of IFSCA FinTech Regulatory/Innovation Sandbox (Limited Use Authorization)
(a) Application Fee : USD 100
(b) Limited Use Authorization Fee: USD 500
(c) Extension Fee (post 12 months): USD 500
.3. For manner of payment for the above fees, refer to the circular “Account Details for fee to be remitted to IFSCA” dated September 08, 20211.
*******
