India’s Evolving FinTech Laws & Compliances


FinTech has gotten a lot of attention in recent years. Fintech garnered substantial amounts of FDI, comprehensive government responses, and even significant market acceptance. However, today’s definition of FinTech is payment systems that leverage technology such as PayTM and Gpay – does not always reflect its origins.

Originally, Diners Club Cards (early iterations of Credit Cards) were hailed as the pinnacle of FinTech; however, a common pattern with FinTech in the 20th century was that, like Diners Club Cards, these technological advancements were pioneered by legacy institutions (conventional banks, NBFCs, clearing houses, and so on), and that Fintech advancements in the 20th century were regulated solely due to this fact.

Payment Aggregators and Payment Getaways, on the other hand, have published a FinTech book in recent years (hereinafter referred to as PAs and PGs). Due to their low cost of compliance, these organizations are not as heavily regulated as Financial Institutions and are able to deliver excellent services to end-customers at a competitive price.

Legal scenario in India

The payments industry has a rather well-developed regulatory structure. In India, pre-paid payment instruments (PPIs), debit cards (by volume), and the RTGS and NEFT systems are used to make digital payments (by value). In India, the Payment and Settlement Systems Act, 2007[i], is the main piece of law that governs payment systems. The RBI does, however, periodically publish rules and regulations governing various aspects of the payments network.

PPIs, on the other hand, are primarily regulated by the Reserve Bank of India’s Master Direction on Issuance and Operation of Prepaid Payment Instruments. PPIs are also divided into three groups:

  1. Closed System Payment Instruments – These payment systems are used to make purchases of products and/or services within the ecosystem of the service provider. Cash withdrawal is not permitted by CSPIs. CSPIs are not recognized as payment systems since they do not allow payments and settlement for third-party services. Ola Money, MakeMyTrip Wallet, and BookMyShow Wallet are just a few examples.
  2. Semi-Closed System Payment Instruments – These are payment mechanisms that may be used to buy products and services as well as get financial services at a group of specified designated merchant locations/ businesses that have agreed to accept the payment instruments under a particular contract with the issuer. Take, for instance, Paytm Wallet.
  3. Open System Payment Instruments – These are payment methods that may be used to buy products and services, as well as to access financial services such as money transfers at any merchant location that accepts them, and to withdraw cash from ATMs. Poga, for example.

Uber and Oyo, for example, are subject to the PSSA and related RBI laws and regulations since they direct payments from customers to suppliers.

Payment Aggregators are organizations that allow e-commerce sites and/or merchants to accept several payment instruments from consumers once they have completed their payment responsibilities through Fintech, eliminating the need for each merchant to develop their own payment-integration system. PAs help retailers connect with their consumers. Payment Gateways are organizations that provide for the underlying technological infrastructure to direct and speed the completion of an online payment transaction while avoiding any involvement in the money handling. The RBI has announced the PAPG Guidelines (Guidelines on Regulation of Payment Aggregators and Payment Gateways), which are seen as a positive step forward in the direction of stronger Fintech regulation.

Fintech businesses were obliged to do KYCs under the stricter rules of the Prevention of Money Laundering Act, 2002; nevertheless, e-KYCs were done using Aadhaar[ii] due to the huge cost reductions. However, in the landmark judgment of Justice Puttaswamy (Retd.) v. Union of India[iii], the Hon’ble Supreme Court of India struck down provisions of the Aadhaar Act that allowed private organizations to utilize an individual’s Aadhaar number to confirm their identity. As a result, businesses were no longer permitted to use the Aadhaar Regulations-approved verification services.

The introduction of crypto currencies is another significant step in the Fintech industry. Crypto currency is a digital form of currency protected by encryption, with the majority of transactions taking place on decentralized networks based on blockchain technology, which is a distributed ledger maintained by a separate network of computers. Crypto currencies are distinguished by the fact that they are not issued by a central authority, making them – in principle – immune to government intervention.

The RBI, on the other hand, has long had a negative attitude toward crypto currencies, effectively prohibiting them through its numerous notifications. Nonetheless, in the case of Internet and Mobile Association of India v. Reserve Bank of India[iv], the Hon’ble Supreme Court of India struck down the RBI Circular, lifting the ban on bitcoin trading in India. However, it should be emphasized that, in overturning the RBI Circular, the Hon’ble Court concluded that the RBI can regulate or prohibit “anything” that may constitute a danger to or have an impact on India’s financial system, even if the activity does not fall within the credit or payment systems.

Regulations for Fintech industries

Existing authorities such as the RBI and other authorities such as SEBI and the IRDAI are in charge of the fintech industry. Despite the fact that there have been several requests for the establishment of an independent authority to regulate the payments sector, all of them have been denied.

In addition, regulatory approaches have been gaining traction in the worldwide environment. The RBI created an Enabling Framework for Regulatory Sandbox in support of this. FinTech enterprises, including start-ups, financial institutions, and any other organization affiliating with or giving assistance to financial services, are eligible to participate in the sandbox, according to the Framework. The regulatory sandbox is intended to inspire ideas that are being suggested for implementation in the Indian market in areas such as:

  • There is a lack of regulations.
  • There is a requirement to temporarily relax rules in order to facilitate the suggested innovation.
  • The proposed innovation offers a significant increase in the efficiency and effectiveness of financial service delivery.

Segment-wise Compliances

intech companies began as startups, while others have simply expanded their services online. Fintech companies have been classified in a variety of ways. Payments and remittance, lending platforms, personal finance, blockchain and crypto currencies, insuretech, business solutions, and investing platforms are just a few of the possibilities. Classifying a startup into one of the categories has become a difficult process. The majority of them have begun to offer numerous services, which has complicated the categorization process. Regulations and investments fluctuate depending on the industrial category. An overview of several rules and compliances, section by segment:-

  1. Payments and Remittance – The payments industry is the most important component of the fintech business. Since its beginning, this industry has experienced tremendous expansion, attracting a large number of investors. The demonetization of currency resulted in broad acceptance of the payments industry. According to a study conducted by ASSOCHAM – PWC India, digital payments in India would double to roughly 135.8 billion dollars by 2023. Around half of all payment-related companies are mobile/digital wallets, point-of-sale systems, and payment gateways. The Reserve Bank of India established a ‘High-level Committee on Deepening Digital Payments’ earlier this year.

The Payments sector has seen a lot of developments in recent years, from digital wallets to Payments Bank and UPIs. For digital payments, digital/mobile wallets were the preferred method. They were closed/semi-closed prepaid payment instruments that could be used for recharge, e-commerce, and shopping inside the same platform. KYC requirements for different prepaid payment instruments have been established by the RBI in its “guidelines for prepaid payment instruments.” KYC has become a requirement for using mobile/digital wallets, which are often semi-closed PPIs. Semi-closed PPIs are divided into two categories by the RBI: (i) PPIs up to Rs 10,000, for which just the minimum information of the PPI holder is required, and (ii) PPIs up to Rs 1 lakh, for which a full-fledged KYC is required. Customers of these wallets must complete at least a basic KYC in order to use the wallet and take advantage of some of its benefits.  The RBI has also told PPIs to keep suitable data and security management mechanisms in place to protect payment-related data and prevent fraud during online transactions.

  1. Financial Lending – In recent years, the Indian fintech industry has seen a boom in digital lending platforms. P2P lending and SME lending startups have exploded in India, completely changing the lending sector, which was formerly dominated by banks. Lending platforms make it easy to get a loan with minimal paperwork and in a short amount of time. MSME businesses in India profited immensely from these services, particularly when requesting for bank loans entailed cumbersome procedures with a low likelihood of acceptance. These platforms utilize machine learning and artificial intelligence (AI) to replace traditional techniques for assessing a borrower’s creditworthiness. Integration of numerous APIs through platforms such as Indiastack has aided the lending industry in India significantly.
  2. Personal Finance and Investment Platforms – Personal finance and asset management organizations were able to enter deeper segments of the market because to the rising usage of the internet and smartphones. The simplicity with which women and youth may invest and manage their own finances has drawn a bigger audience. When contrasted to conventional institutions, these platforms use current technology to make the entire process of investing and asset management easier.

The SEBI is the regulatory body in charge of this sector of the fintech industry. Several established players have already expanded their online services. There are stockbrokers registered with SEBI and members of the NSE and BSE, such as Zerodha. Companies that provide online trading must adhere to the NSE, BSE, and MCX trading member requirements. There are additional firms that provide personal financial and wealth management advising services. SEBI requires these companies to get a Registered Investment Advisor certificate (RIA). SEBI (Investment Advisers) Regulations were introduced in 2013 to govern these organizations. According to the standards, RIAs are required to give specific disclosures to their customers, such as their remuneration and other significant elements of the products/securities. They must also keep copies of documents such as risk profiles, KYC information, customer agreements, and financial advice offered, among other things. A compliance officer should be hired to ensure that the regulations’ compliance obligations are met. The ‘Association of Mutual Funds in India’ registers asset management firms that deal with mutual funds as distributors (AMFI). AMFI is a self-regulatory organization of SEBI-registered mutual funds that establishes criteria for mutual fund distributors.

  1. Insurtech – In India, online insurance services are still in their early stages. Consumers do not have a high level of confidence in this category. These platforms track the specific demands of clients via IoT-enabled services. For this sector, the IRDAI is the primary policymaker. Insurance brokers and online aggregators are the most common businesses operating in this sector. Insurance brokers may be found both online and offline and they operate as a middleman on behalf of their clients, assisting them in selecting the appropriate package. The insurance company pays a commission to insurance brokers. Aside from pay, they may be paid a fee by the client for expert services like as risk assessment, which will not be based on a proportion of the premium or claim amount. The IRDAI has established a code of conduct for these brokers to follow. They must follow the IRDAI (Insurance Brokers) Regulations of 2018.
  2. Cryptocurrencies/Blockchain-Based Business – The number of enterprises in this sector in India is dwindling. India is only second to the United States in terms of the number of blockchain developers. In India, the regulatory framework for crypto-related firms is not favorable. In 2018, When the RBI issued circular prohibiting banks in the nation from dealing with cryptocurrency exchanges and businesses, since then, several Indian firms in this field have relocated to foreign jurisdictions. A committee appointed by the Finance Secretary has suggested a full ban on cryptocurrency trading, ownership, mining, and use. Violations might result in severe fines, jail, or both, according to the suggestion. The country’s tight and ambiguous laws create an unfavorable climate for companies in this field. Only a handful of them are still alive, hoping for more favorable regulations. The Indian government, on the other hand, has stated that it is eager to promote the usage of blockchain technology, which is the underlying technology underpinning cryptocurrencies. Blockchain/crypto-related firms may not emerge in India until clear policies are in place.

The government of India is going to introduce a new bill entitled “Cryptocurrency and regulations of official digital currency bill” 2021. The New Bill the government recognizes the grey area of cryptocurrency regulations and wants to outright ban all private cryptocurrencies. However, it remains unclear if all types of cryptocurrency would fall under the scope of private cryptocurrency. Furthermore, in the month of March 2021, according to the newest amendments to Schedule III of the Companies Act, 2013, the Government of India has mandated that companies report their cryptocurrency assets beginning with the next financial year. That is to say, businesses must now declare profit or loss on cryptocurrency/virtual currency transactions, the value of their holdings, and details of any deposits or advances received for the purpose of trading or investing in cryptocurrency/virtual currency. People working in the crypto business have greeted this decision with open arms, since it is understood that it would allow all Indian enterprises to carry cryptocurrency on their balance sheets.


The Indian financial services sector is distinct from its western competitors; rather than a lack of convenience, the demand for financial inclusion has fueled the rise of financial service providers and related services in India. As a result, despite the fact that total financial service penetration remains low, adoption rates are substantially greater, presenting lucrative commercial potential. Furthermore, cheap data prices in India and the ever-decreasing cost of cellphones tremendously aid Fintech firms’ development.

Despite this, many authorities and new regulations make the Indian FinTech ecosystem difficult to navigate for international businesses. The sheer magnitude of the market, along with several flaws in present legislation, makes this a highly attractive possibility. One can only think how the sector will expand as indigenous services such as UPI move closer to become international services — it is, without a doubt, an exciting time for the Fintech area and the laws that surround it.


[i] Act no. 51 of 2007

[ii] Section 57 of the Aadhaar Act 2016

[iii] Justice Puttaswamy (Retd.) v. Union of India, Writ Petition (Civil) No. 494 OF 2012

[iv] Internet and Mobile Association of India v. Reserve Bank of India, Writ Petition (Civil) No.528 of 2018 with Writ Petition (Civil) No.373 of 2018




  1. Vinod Joseph, Deeya Ray and Protiti Basu, Fintech Laws In India – A Primer,(Apr. 08, 2020), Mondaq–a-primer
  2. Mansukhlal Hiralal & Company, Digitalization Of The Indian Economy|Payment Systems, ( Sep. 01, 2017),
  3.  Jake Frankenfield, Cryptocurrency,(May 25, 2021), Investopedia
  4. Probir Roy Chowdhury and Vishnu Nair, FinTech Comparative Guide,(Mar. 20, 2020) Mondaq
  5. M Arjun, Unique Legal Structuring, Contracts and Compliance for Fintech Business,(Sep. 24, 2019),
  6.  Kashish Khattar, All you need to know about Fintech in India,(Oct.11, 2018),
  7. Ahlawat and associates, The legality of cryptocurrency in India,( Apr. 19, 2021),


0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *