RBI Fintech Initiative: Sandbox

Ritesh KaraleCyber SecurityLeave a Comment

RBI Fintech Initiative: Sandbox

Finance Technology, popularly known as Fintech, is an emerging field of technology that combines both technology and financial services. India’s Fintech sector has grown significantly in the past few years. The industry accounted for a 14% share of the global investment and was ranked second on the deal volume. This growth has led many companies to capitalise on the sector’s potential by trying to develop new products and services to attract clients. This led to the Reserve Bank of India (RBI) launching an enabling framework for fintech companies to test their products and services. RBI’s vision here is to provide a regulatory environment for such companies to innovate and test their creativity before launching.

RBI’s Sandbox and its Features

RBI introduced the Regulatory Sandbox (RS) in 2019 to facilitate innovation in Fintech. The framework allows companies to test their products or services live before launching them to the masses. Companies may temporarily receive regulatory exemptions depending on the specific service or product.

1. Entities Covered

The 2019 notification highlights the type of firms eligible to participate in this initiative. Fintech companies, including startups, banks, and financial institutions, are subject to the criteria mentioned in the guidelines. This includes LLPs or partnership firms that partner with or support financial service businesses offering financial services. Mandatory requirements include customer privacy, local data storage, and adherence to statutory security measures.

2. Products and Services Supported

The RS framework encourages firms to innovate on certain products, services, or technology. For instance, it promotes services like retail payments, digital KYC, digital identification services, and cyber security products. Similarly, RBI urges technological innovations like data analytics, blockchain-based applications, artificial intelligence, machine learning, and Application Program Interface (API) services. These are some of the innovations that the Sandbox is designed to foster.

The list excludes credit registry, credit information, cryptocurrency or crypto-assets services, and chain marketing services. The potential reasons for excluding the above include regulatory and legal considerations, consumer protection, and risk management.

3. Benefits of Protected Environment

RBI may provide certain exemptions or relaxations to firms at its discretion and on a case-to-case basis. These exemptions may include relaxations in liquidity requirements, board composition, financial soundness, and track record.

In a sandbox environment, service providers can experience their services firsthand before launching them to the public. The empirical data and user’s experience can help them to ease their services or products. This will further help in risk management and may lead to a substantial decrease in the associated risks. Second, the early deployment will give them more in-depth insight into the running cost of the product or service. This will provide additional time to analyse and reduce costs wherever necessary. Thirdly, it will create an atmosphere of innovation in the sector. Lastly, consumers would safely yet cheaply access a particular technology-based application, enabling them to trust the fintech sector.

Such benefits and a protected environment mustn’t imply a lawless landscape. RS promises several emotions but does not provide any legal waiver or absolution of liability. Any firm that applies for RS must consider the repercussions for their unauthorised acts. After successful sandbox testing, a firm is still obliged to meet the conditions of regulatory approvals and statutory requirements.

RBI’s Sandbox vis-à-vis FCA’s Sandbox

RBI’s Regulatory Sandbox is not the first attempt to promote innovation in the fintech sector. The UK’s Financial Conduct Authority (FCA) launched a similar safe space for businesses to innovate in 2017. Overall, 90% of the firms in the first cohort led to the successful deployment of their products or services to the masses. FCA has also set in motion a safe space for digital data in the fintech sector called Digital Sandbox. This initiative allows firms to access GDPR-compliant data sets in a secure environment. The firms can experiment and analyse sensitive data under the guidance of industry experts in a safe environment. FCA substituted the cohort-based approach with an always-open model, inviting multiple firms to foster innovation in the sector.

RBI’s application process took a similar approach, accommodating the always-open and cohort approaches. RBI has used the On-Tap application process, allowing firms to submit their applications anytime. Meanwhile, RBI has also used the cohort approach and selected 8 firms to participate in its 2022 cohort. It has promised to conduct cohorts in the future on selected or closed themes for the firms to participate in.


The fintech sector in India has limitless opportunities that need to be explored in a safe environment. The FCA’s Sandbox in the UK has emerged as a popular and successful initiative helping UK firms innovate. As the fintech sector in India advances and becomes a leading sector in the economy, RS needs to foster innovation and rapid change. Such changes will lead to increased adaptability and inclusion of different sectors. The recent enactment of the Digital Personal Data Protection Act, 2023 reiterates the importance of protecting personal data in the Indian context. The fintech sector comprises sensitive data, and the need to secure it is quintessential. This seeks a mechanism to foster innovation to secure such data. The next step for the sector is to understand and analyse digital sandboxes to keep in tune with our data-centric world.

Leave a Reply

Your email address will not be published. Required fields are marked *