Self-policing fintech

India’s banking regulator wants the fintech sector to form self-regulatory organisations, but diverse interests in the industry aren’t the only challenges in making this happen. Freny Patel reports

India is home to one of the world’s fastest growing financial technology industries, with the fintech market estimated to reach USD2.1 trillion by 2030 according to Invest India, the country’s investment promotion agency.

The phenomenal growth of the fintech industry involves leading players in payments, digital lending, insurance and personal finance such as Google Pay, Paytm, Razorpay, Lendingkart, Shiksha Finance, MoneyTap, Instamojo, Pine Labs, ZestMoney, Policybazaar, InCred and a host of others.

Fitch Ratings said in a report last year that Indian regulators remain generally keen to encourage innovation in digital financial services. However, the rapid pace of fintech innovation complicates efforts to match regulation to the sector’s evolving risks.

India is not alone in facing the challenge of regulating fintech. While the sector promotes financial inclusion, regulators across the Asia-Pacific (APAC) region, especially post covid-19, increasingly face risks related to cybersecurity, consumer protection and other operational risks associated with fintech.

The pandemic exacerbated existing challenges in regulating the fintech space and introduced new ones. The majority of regulators in APAC identified access to timely data as a key challenge, while the lockdown made co-ordination between domestic regulators and agencies equally challenging, and impacted their ability to perform their core functions while working remotely.

“Enforcement is likely to be a major challenge in light of the proliferation of unlicensed lenders and limited resources among regulators,” said the Fitch Ratings report.

However, the sustainability of any financial system is about balancing the needs of the future against the wants of today, observed the Reserve Bank of India (RBI) executive director Ajay Kumar Choudhary at a fintech conclave earlier this year. He said it was always challenging for regulators to strike the right balance between innovation and managing risks.

RBI calls for self-regulation

India’s central bank has opted for the fintech industry to determine how to go about this, with Choudhary explaining that “it is desirable that this balance should come from within the fintech sector”.

Vinu Peter Immanuel, a New Delhi-based associate partner at Dentons Link Legal and member of the venture capital, technology and emerging growth companies practice group, points out that existing regulations governing fintech companies were made more from the perspective of traditional banking practices. As a result, he says, they are not suitably watertight to regulate practices related to the online collection of know-your-customer documents, security and the execution of loan contracts.

Jyotsna Jayaram, a Bengaluru-based partner in TMT practice at Trilegal, says: “Innovative regulatory methods are the need of the hour to ensure that innovation and commercial needs are protected while also ensuring consumer interests are secured.”

A self regulatory organisation (SRO) can take into account specific evolving business models and practical issues while coming up with governance processes and self-regulation for the industry, says Jayaram.

The RBI is adopting policies to monitor the thriving fintech sector more closely, while ensuring that innovation is balanced with risk management. The authority has called on fintech companies to establish their own SROs.

The SRO model would monitor the misconduct of entities and protect consumer rights and high governance standards, RBI deputy governor MK Jain said in March this year. “The role of such an SRO can include setting the standards for conduct, as well as acting as a bridge between the sector and regulators,” said Jain.

The idea behind fintech companies organising themselves under an SRO model was to keep a check on the misconduct of entities while protecting consumer rights and governance standards, said Jain.

The RBI had first come out with the SRO model in the payments space in 2020. However, its remit was limited to regulated payment system operators, which includes banks, card networks and wallet operators, among others, says Prashanth Ramdas, a Bengaluru-based partner in the banking, finance and fintech practice at Khaitan & Co.

Big, broad sector

SROs would be best placed to address critical gaps in the regulatory fintech landscape and establish codes of conduct and behavioural standards for market players, without overburdening the existing fintech players and upcoming market entrants with increasing compliance, says Jayaram.

While the RBI is keen to adopt a self-regulatory approach to sustain industry growth, it has been difficult for the industry to come together and establish an SRO.

“Fintech is a big and broad sector with multiple specialised areas including digital payments, digital lending and account aggregation,” says Ramdas.

The digital payments industry also consists of other multiple stakeholders who are not directly regulated by the RBI, such as UPI [unified payments interface] service providers, and business correspondents, which are partner organisations that provide financial and banking services to customers in areas where banking services are sparse.

“Hence, there is a need to ensure that industry bodies adequately represent all the regulated and unregulated stakeholders and ensure that they meet the basic ethical and professional standards,” says Ramdas.

He says certain industry organisations already exist, including the Payments Council of India, the Digital Lenders Association of India, the Fintech Association for Consumer Empowerment and Sahamati.

Immanuel adds: “The recognition of a self-regulatory body by the RBI would ensure that there would be standardisation of certain rules applicable to companies that carry on fintech business such as security practices, pricing guidelines and customer grievance redressal mechanisms.” As a member of an SRO, a fintech company would be recognised and have the legal backing of the organisation.