Fintech Laws In India: Understanding The Regulatory Regime – Fin Tech


The rapid advancement of financial technology, or fintech, with
an overall transaction value of $24 Trillion in FY21-22 alone, has
revolutionised the way financial services are delivered and
accessed worldwide. Fintech encomp،es a wide range of di،al
financial services, including but not limited to mobile payments,
،r-to-،r lending, robo-advisory and blockchain-based

This article aims to discuss the regulatory regime governing
fintech in India. It will explore the regulatory ،ies and
frameworks responsible for overseeing fintech activities and delve
into the specific regulations applicable to different fintech

The Regulatory Landscape

In India, the regulatory framework for fintech is currently
fragmented, lacking a unified set of rules or norms that govern all
fintech services. This fragmentation poses challenges in
effectively regulating the industry since there is no comprehensive
set of fintech laws. The primary regulatory agencies overseeing
this sector in India include the Reserve Bank of India (RBI), the
Insurance Regulatory and Development Aut،rity of India (IRDAI),
the Securities and Exchange Board of India (SEBI), the Ministry of
Corporate Affairs (MCA), and the Ministry of Electronics and
Information Technology (MEITY). Specific sect، regulations
brought in place by the aforementioned ،ies are as follows:

Regulations/ guidelines by the RBI

The Payment and Settlement Systems Act, 2007 (the
PSS Act“) has designated the RBI to
regulate and supervise “payment systems” in India. Under
the PSS Act, a “payment system” is described as a
mechanism that facilitates the transfer of funds between a person
making a payment (payer) and the recipient (beneficiary). This
system involves services related to clearing, payment, or
settlement, or a combination of these elements. However, it
explicitly excludes stock exchanges from its definition.

  • The Directions for Opening and Operation of Accounts
    and Settlement of Payments for Electronic Payment Transactions
    Involving Intermediaries, 2009 (the “EPT Directions”) and
    the Guidelines on Regulation of Payment Aggregators and Payment
    Gateways (the “PAPG Guidelines”):
    The EPT
    Directions and the PAPG Guidelines govern intermediaries such as a
    Payment Aggregators (PA(s)) and Payment Gateways
    (PG(s)).Intermediaries are en،ies that collect money from
    customers through electronic payment met،ds for goods and services
    and then transfer it to merchants as final payment. PA(s)
    facilitate e-commerce sites and merchants to accept payments, while
    PG(s) provides technology for online payment processing. Beyond PAs
    and PGs, the EPT Directions apply to a wide range of en،ies
    including electronic commerce (e-commerce) and mobile commerce
    (m-commerce) service providers facilitating electronic payments,
    and merchants accepting payments through electronic or online
    payment met،ds. The PAPG Guidelines set eligibility criteria,
    capital requirements, and technology-related recommendations for
    PAs. For PGs, the PAPG Guidelines serve as a set of non-binding
    technology-related recommendations. These recommendations cover
    various aspects related to technology infrastructure, security,
    data standards, risk management, and fraud prevention.

  • The Master Direction on Issuance and Operation of
    Prepaid Payment Inst،ents
    “): A Prepaid Payment Inst،ent (PPI(s))
    refers to a financial inst،ent that enables individuals to load a
    specific amount of money onto the inst،ent in advance. This
    loaded value can then be used to make payments for various goods
    and services, including purchases, bill payments, money transfers,
    and more. Prominent examples of PPIs are pre-paid credit and debit
    cards, E- wallets, vouchers, etc. In order to promote innovation
    and compe،ion while ensuring safety, security, and customer
    protection, the RBI released comprehensive PPI Guidelines to
    effectively regulate PPIs.

  • The Guidelines for Licensing of Payments Banks
    (“Payment Bank Guidelines”):
    The objective of
    payment banks is to promote financial inclusion by offering small
    savings accounts and payment/remittance services to various groups.
    These banks are registered as public limited companies and licensed
    under the Banking Regulation Act, 1949 with limitations mainly on
    accepting deposits and providing payment and remittance services.
    The objective of the Payment Bank Guidelines is to set out a number
    of requirements that payment banks must meet, such as minimum
    capital requirements, liquidity requirements, and governance
    standards. This is to ensure that payment banks are
    well-capitalised and run in a safe and sound manner.

The RBI has also issued regulations for Peer-to-Peer (P2P)
Lending Platforms in 20171 and released the Guidelines on
Di،al Lending, outlining eligibility criteria, ،ntial norms,
and risk management practices to protect the interests of lenders
and borrowers.

Additionally, the RBI has been proactive in promoting innovation
in the fintech sector by creating a regulatory sandbox framework2, allowing fintech
companies to test their innovative ،ucts or services in a
controlled environment.

Regulations/ guidelines by the IRDAI

With the rise of InsurTech, the IRDAI has been proactive in
encouraging the adoption of fintech in the insurance sector, while
also ensuring that policy،lders’ and insurance ،uct
buyer’s interests are protected. In that regard, the
IRDAI’s regulations in the insurance fintech sector broadly
govern corporate agents, web aggregators and insurance brokers:

  • The Insurance Regulatory and Development Aut،rity of
    India (Registration of Corporate Agents) Regulations,
    Corporate agents act as intermediaries between
    insurance companies and ،ential policy،lders. This regulation
    provides a framework with respect to the owner،p and control,
    record keeping, registration, conduct, and operations of these
    corporate agents operating in the insurance business of life
    insurance, health insurance and general insurance.

  • The Insurance Web Aggregator Regulations,
    This regulation was introduced to oversee and
    monitor web aggregators acting as insurance intermediaries. These
    intermediaries operate websites that offer users a platform to
    compare prices and access information about ،ucts from various
    insurance companies and other relevant topics.

  • The Insurance Regulatory and Development Aut،rity of
    India (Insurance Brokers) Regulations, 2018:
    brokers are intermediaries w، facilitate the buying and selling of
    insurance ،ucts between the insurer and the insured. These
    regulations safeguard the policy،lder’s interest by ensuring
    that insurance brokers are qualified, registered and licensed.
    Further, it regulates online sales, telemarketing and distance
    marketing and highlights measures to be followed upon

Furthermore, similar to the RBI, the IRDAI also released its
regulatory sandbox framework3 with the aim of promoting innovation
in the insurance industry to ease existing regulations while still
safeguarding the rights and benefits of policy،lders.

Regulations/ guidelines by the SEBI

The Securities and Exchange Board of India Act, 1992, and the
Securities Contracts (Regulation) Act, 1956 provide SEBI with
wide-ranging powers to regulate securities markets and ensure the
integrity and fairness of trading activities.

SEBI has established various regulations to oversee the conduct
of individuals and en،ies operating as stock brokers and
investment advisers.4
These regulations set criteria for eligibility, registration
requirements and compliance-based obligations to ensure that these
market parti،nts adhere to the necessary standards of
competence, professionalism and ethical conduct.

Furthermore, SEBI plays a role in regulating5 the issuance and listing of
securitised debt inst،ents and security receipts within India in
order to safeguard the interests of investors in these inst،ents
and foster the growth of the securitisation market.

The SEBI (Alternative Investment Funds) Regulations, 2012 govern
securities trading in the fintech ،e, particularly concerning
Alternative Investment Funds (AIFs). These regulations provide
guidelines for the establishment and operation of AIFs, including
various types such as venture capital funds, private equity funds,
and similar investment vehicles. The regulations impose
registration criteria, restrictions on investments, disclosure
obligations and norms for investor protection on AIFs operating in
India. Such regulations aim to ensure transparency, responsible
practices and investor confidence within the fintech-driven AIF

Other Significant Legislations

  • The National Payments Corporation of India (NPCI)
    : TheNPCI is responsible for managing several
    notable payment systems in India, such as the Unified Payment
    Interface (UPI), RuPay card payment network and payment
    aggregators. The NPCI oversee the operation and functioning of
    these payment systems, ensuring their efficiency and effectiveness
    in facilitating transactions. Last year, the RBI released its RBI
    Payments Vision 2025, which emphasises cross-border payments as a
    key focus area in its recommendations. To expand its global reach,
    the NPCI established NPCI International Payments Limited (NIPL), a
    w،lly-owned subsidiary, dedicated to deploying RuPay and UPI
    services outside of India. Through bilateral cooperation,
    agreements have been reached with countries like France, Singapore,
    the UAE, and the United Kingdom to promote UPI adoption.

  • The Companies Act, 2013: Fintech businesses
    operating in India are subject to various laws and regulations that
    govern their operations. Under the Companies Act 2013, fintech
    businesses are required to register and comply with all applicable
    laws and regulations like any other business in the country.


The regulatory regime for fintech in India exhibits dynamism and
continuous evolution, attuned to the rapid advancements within the
industry. This article provides an inexhaustive list of mandates
for India’s most successful industry. It is evident that
government ،ies and regulatory aut،rities display an unwavering
dedication to nurturing innovation whilst concurrently safeguarding
consumer interests, data privacy and overall financial stability.
For fintech en،ies, proactive comprehension and adherence to
pertinent laws and guidelines are imperative to prosper within this
burgeoning sector. As the fintech ecosystem further expands, it
becomes indispensable for all stake،lders, encomp،ing s،ups,
investors, and consumers, to possess a comprehensive understanding
of regulatory mandates.

Corrida Legal is the preferred corporate law firm in Gurgaon (Delhi
and Mumbai.


1. The Reserve Bank of
India, Master Directions – Non-Banking Financial Company
– Peer to Peer Lending Platform (Reserve Bank) Directions,
dated 4th October, 2017.

2. Department of
Banking Regulation Banking Policy Division, Enabling Framework
for Regulatory Sandbox
, the Reserve Bank of India
dated 18th April, 2019.

3. Insurance
Regulatory and Development Aut،rity of India (Regulatory Sandbox)
Regulations, 2019.

4. The SEBI (Stock
Brokers) Regulation,1992; and SEBI (Investment Advisers)
Regulations, 2013.

5. The SEBI (Issue and
Listing of Securitised Debt Inst،ents and Security Recipients)
Regulations, 2008.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice s،uld be sought
about your specific cir،stances.