The International Financial Services Centres Authority (IFSCA) issued the IFSCA FinTech Sandbox Framework, 2026 FAQs to clarify the operation of its updated sandbox regime, effective from March 16, 2026, replacing earlier sandbox-related frameworks while preserving actions already taken under previous regulations. The Framework establishes four types of sandboxes: the FinTech Regulatory Sandbox, FinTech Innovation Sandbox, Inter-Operable Regulatory Sandbox, and Overseas Regulatory Referral Mechanism/FinTech Bridge. Eligible domestic and foreign entities may apply through a two-stage process via the SWIT portal. Applications are evaluated based on innovation, user benefit, testing requirements, risk management, consumer protection, and deployment feasibility. The testing period is capped at 12 months, extendable by six months. The Framework prescribes disclosure obligations, reporting requirements, financial conditions, exit procedures, and grounds for revocation, while enabling controlled market exploration and permitting regulatory relaxations in appropriate cases.
International Financial Services Centres Authority
IFSCA FinTech Sandbox Framework, 2026 – Frequently Asked Questions (FAQs)
A. About the Framework
1. What is the IFSCA FinTech Sandbox Framework and why has it been issued?
The IFSCA FinTech Sandbox Framework provides eligible entities a controlled and monitored environment to develop and test innovative financial technology ideas, products, and solutions. It has been issued building on the outcomes of the earlier FinTech Entity Framework 2022 (FE Framework), evolving global FinTech trends, and stakeholder feedback, with the aim of further supporting innovation across banking, capital markets, insurance, fund management, and other segments in the IFSC.
2. When does this Framework come into effect and does it replace earlier circulars?
This Framework comes into effect immediately from March 16, 2026. All earlier circulars, frameworks, guidelines, and regulatory instruments relating to Sandbox activities in IFSCs including the FinTech Entity Framework, 2022 and Framework for Regulatory Sandbox 2020 stand superseded with immediate effect. However, actions taken under earlier instruments remain valid. Entities holding a valid Limited Use Authorisation under the FE Framework shall continue under that Circular until their existing authorisation expires.
B. Types of Sandboxes
3. What types of sandboxes are available under this Framework?
Four types of sandboxes are available:
i. IFSCA FinTech Regulatory Sandbox (FRS) – Controlled live testing with a limited set of real customers, with possible regulatory relaxations/exemptions.
ii. IFSCA FinTech Innovation Sandbox (FIS) – Testing in isolation from the live market using market-related data made available by Financial Institutions operating in IFSCs, without requiring physical presence in the IFSC.
iii. Inter-Operable Regulatory Sandbox (IoRS) – For hybrid financial products/solutions falling within the ambit of more than one Domestic Financial Sector Regulator and/ or IFSCA.
iv. Overseas Regulatory Referral Mechanism / FinTech Bridge – A co-operation mechanism between IFSCA and overseas financial sector regulators for cross-border sandbox access.
4. Does an entity operating under the FIS have any different obligations compared to the FRS?
Yes. Two important provisions of the Framework do not apply to FinTech Sandbox Entities (FSEs) operating under the FIS – namely, the user consent and compensation disclosure requirements (clause 20) and the books of accounts and currency requirements (clause 28). All other provisions of Part I of the Framework apply equally to FIS entities.
5. What happens after a successful exit from the Inter-Operable Regulatory Sandbox (IoRS)?
Post successful exit from the IoRS, the entity shall approach IFSCA and/or the Associate Regulator(s), as the case may be, for authorisation and seeking regulatory dispensation before launching the product(s)/solution(s) in the market. The entire IoRS process shall be conducted in compliance with the Standard Operating Procedure (SOP) of the co-ordination group available on the IFSCA website.
C. Eligibility
6. Who is eligible to apply under this Framework?
Both domestic and foreign entities may apply. Domestic applicants may include companies, LLPs, partnership firms or their Branches in IFSC, DPIIT-registered FinTech start-ups, entities regulated by a Domestic Financial Sector Regulator, and individuals or groups affiliated with recognised research/academic institutions, incubators, or accelerators in India.). Foreign applicants eligible to apply under this Framework shall include: (a) Foreign FinTechs, being non-resident entities engaged in FinTech activities and established or incorporated outside India; and (b) foreign legal persons, or individuals or groups of individuals affiliated with duly recognised research or academic institutions, incubators, or accelerators outside India; provided in both cases that such applicants are based, incorporated, or operating from a jurisdiction that has not been identified by the Financial Action Task Force (FATF) as a ‘High-Risk Jurisdiction subject to a Call for Action’.”
7. What must the proposed FinTech idea/product/solution satisfy?
The proposed idea/product/solution must use innovative technology in the core product, service, business model, or distribution model relating to financial products or services regulated or likely to be regulated by IFSCA. It must have the potential to significantly enhance existing financial services or products, a genuine need for testing in a controlled environment, clearly identified direct benefits to users or the financial ecosystem, and adequate risk management strategies to prevent any adverse impact.
D. Application Process
8. What is the step-by-step application process?
The process involves two stages:
- Stage 1 – Preliminary Application: Submit through the SWIT (Single Window IT System) portal. The Authority will examine it within thirty (30) days to assess suitability of the proposed idea/product/solution. [https://ifsca.gov.in/Pages/Contents/HowToApply
- Stage 2 – Final Application: Only after the Authority confirms acceptance of the Preliminary Application can the Applicant submit a Final Application through SWIT, along with the applicable fee as per the IFSCA Fee Circular dated April 08, 2025. An Applicant cannot directly submit a Final Application without a prior accepted Preliminary Application [https://ifsca.gov.in/Pages/Contents/HowToApply]
The applications are to be submitted only via SWIT Portal [www.swit.ifsca.gov.in]
9. What fees are applicable and where is the fee structure available?
Applicable fees are prescribed under the IFSCA Fee Circular dated April 08, 2025, as amended from time to time. Fees are payable at the time of submitting the Final Application through the SWIT portal.
10. What are the supporting documents required for the application under the IFSCA FinTech Sandbox Framework?
The supporting documents applicable to IFSCA FinTech Sandbox Framework may be referred in Annexure I.
E. Evaluation & Approval
11. On what key parameters will the application be evaluated?
Applications will be evaluated on, inter alia: the profile of the Applicant; usage of innovative technology/processes; benefits to customers/investors and the ecosystem; meaningful test scenarios and expected outcomes; risk-graded testing conditions; consumer protection mechanisms and data management practices; appropriate disclosure requirements and protection to users; clearly defined user rights and grievance redressal; and the intent and feasibility to deploy the solution post-testing.
12. Does the Framework permit market exploration for developed products within the IFSC financial services market?
Yes. The Framework expressly enables FinTech Sandbox Entities to undertake market exploration for their developed products within the financial services market in the IFSC during the Testing Stage. Applicants may refer to clause 12(m) relating to evaluation of an Applicant’s intent to undertake market-exploration activities within the IFSC and clause 19 relating to testing during the Testing Stage. Such activities, where permitted, shall be subject to the Boundary Conditions and other terms and conditions specified by the Authority..
13. Can the Authority grant regulatory relaxations or exemptions?
Yes. Applicants may seek specific regulatory relaxations/exemptions by specifying them in the application along with relevant documents. The Authority reserves the right to grant, refuse, or grant with modifications such relaxations as it deems fit, after analysing the specific sandbox testing application.
14. What is the approval timeline and what is ‘In-Principle Approval’?
If satisfied that the Final Application fulfils the prescribed conditions, the Authority may grant an ‘In-Principle Approval’ within sixty (60) days. The Applicant must then fulfil conditions specified therein, which may include having at least one Testing Partner within thirty (30) days, unless extended by the Authority.
F. Testing Stage
15. How long is the Testing Stage and can it be extended?
The Testing Stage has a maximum duration of twelve (12) months. This may be extended by a further six (06) months at the discretion of the Authority, upon receipt of a written request from the FSE.
16. What are Boundary Conditions and can the FSE change its product during testing?
Boundary Conditions are the parameters specified in the Limited Use Authorisation letter, such as restrictions on duration, customer type, transaction limits, and geographic scope, within which the FSE must operate. Any material changes during the Testing Stage that may have a bearing on the Limited Use Authorisation must receive prior written approval from the Authority before being affected.
17. Do I need to be physically present in GIFT IFSC?
It depends on the sandbox type:
i. Under FRS: Physical presence is generally not required; however, it is mandatory if testing involves holding customer funds requiring a bank account with an IFSC Banking Unit, or as directed by the Authority
ii. Under FIS: Physical presence is not required; testing may be conducted fully remotely
iii. Under IoRS and FinTech Bridges: Governed by applicable SOP/MoU terms
18. What are the key obligations of the FSE towards its users during the Testing Stage?
The FSE must disclose the idea/product/solution being tested and inform users in writing of potential key risks. It must obtain written acknowledgment of risks from users, disclose whether compensation will be provided for potential losses during testing, and obtain express written consent before engaging users in sandbox testing. All these must be completed prior to onboarding any user.
19. What are the reporting obligations during and after the Testing Stage?
During the Testing Stage, the FSE must submit monthly status reports (affirmed by its authorised representative) before the 10th of every succeeding month, covering key performance indicators, milestones, statistical information, fraud/incident reports, and actions taken. Any regulatory order affecting the FSE must be reported within fifteen (15) days of receipt. Within thirty (30) days of expiry of the Testing Stage, the FSE must submit a final report covering key outcomes, performance indicators, incident reports, user complaint resolutions, and key learnings. All testing records must be maintained for seven (7) years from the date of exit from the sandbox.
G. Financial Requirements
20. What are the currency and financial reporting requirements?
FSEs operating under the FRS must transact in foreign currency as specified in the First Schedule of the IFSCA (Banking) Regulations, 2020, though administrative expenses may be defrayed in INR. Records must be maintained in freely convertible foreign currency (other than INR) and financial information submitted to the Authority in US Dollars. Audited annual financial statements must be furnished within thirty (30) days of finalisation, along with a statement or independent third-party certificate covering sandbox financials.
H. Exit & Revocation
21. What happens when the Testing Stage ends or the FSE wishes to exit early?
The Limited Use Authorisation, along with all regulatory relaxations/exemptions, expires at the end of the Testing Stage. An FSE may apply for early exit by providing detailed written reasons, but exit is permitted only with the Authority’s approval. Before exiting, the FSE must ensure all obligations to users are fully complied with or addressed.
22. On what grounds can the Authority revoke the Limited Use Authorisation?
The Authority may revoke the authorisation if the FSE obtained it on the basis of incomplete or wrong information; fails to put in place risk-mitigating measures; submits false or misleading information; violates statutory/regulatory requirements adversely affecting its functioning; suffers reputational loss impacting user engagement; faces insolvency/liquidation proceedings; compromises digital security of the IFSC financial market; carries on business detrimental to users or the public; fails to address recurring technical defects or vulnerabilities; or fails to comply with the Framework or directions of the Authority.
23. Is prior notice given before revocation and what must the FSE do after revocation?
Yes, prior notice and an opportunity to file written submissions shall be given before revocation. However, the Authority may suspend the authorisation without prior notice if it is of the opinion that it is necessary or expedient to do so in the interest of the financial services market or the public. Upon revocation, the FSE must immediately implement its exit plan, notify users of their grievance redressal rights, dispose of all confidential user information, and submit an exit action report to the Authority within thirty (30) days.
I. Permissible Activities
24. What financial sectors and activities are covered under this Framework?
Applicants may develop and/or test FinTech solutions linked to Capital Markets (corporate finance, sustainable finance, market infrastructure, investment funds), Banking (finance company, aircraft/ship leasing, payment services and systems), Insurance or Re-Insurance, Pension, Metals and Commodities, Foreign University, Financial Support Services as per Appendix-2, compliance and supervision activities, and any other area permitted by the Authority.
25. What TechFin and Ancillary Services are permitted under Appendix-2?
Appendix-2 covers a broad range of permitted services. Key Ancillary Services include actuarial, advisory, auditing, compliance management, legal, risk management, valuation, fund administration, and family office support services, among others. Key TechFin Services include AI/ML, big data and analytics, cybersecurity, cloud computing, digital identity/KYC/AML/CFT, fraud detection/prevention, Distributed Ledger Technology (DLT), RegTech, supervisory technology, quantum tech, Web 3.0, and space tech, among others. Applicants should refer to the full list in Appendix-2 of the Framework.
J. Contact & Further Information
26. Who should be contacted for queries and where can the full Framework be accessed?
For any queries or clarifications, applicants may contact the Division of FinTech Sandbox, Department of Technology, IFSCA at fe-sandbox@ifsca.gov.in. The complete text of the Circular and Framework is available on the official IFSCA website at www.ifsca.gov.in.
K. Annexures
27. What is the purpose of Annexure I and Annexure II?
Annexure I provides an checklist of supporting documents that may be required during the application process and Annexure II provides reporting formats for facilitating compliance with the reporting requirements under the Framework. The applicable requirements shall be governed by the IFSCA FinTech Sandbox Framework, the relevant application forms, instructions available on the SWIT Portal and such other directions as may be issued by the Authority from time to time.
