Regulation in the fintech era

India has been at the forefront of financial technology adoption. Fintech companies, which number more than 2,500 in the country, are disrupting business models and changing the long-running status quo in the financial services industry. The impact of the disruption caused by fintechs is most felt by the traditional banking market.

Over the years, the financial services industry has become increasingly regulated. As regulation crept into every facet of business, business models started evolving with regulations as the focal point. As regulations especially around capital requirements became more stringent, regulatory compliance become a barrier to entry. All this while, traditional financial services players continued to cement their business models primarily with regulations in mind. When fintech companies came along, regulations were rarely the focus of their business model and instead focussed on customer convenience, fee-based models, use of new age technologies, and speed of transaction execution. Most importantly, they tapped regulatory whitespaces—unregulated parts of the financial services value chain. These whitespaces exist because often regulators have not been able to keep up with innovation and also because the scope of a regulator’s authority does not cover all possible business models imagined by a fintech.

In the recent past, however, regulators have been working towards addressing regulatory whitespaces as fintechs become larger and concerns about consumer protection start to surface. At the same time, fintech companies are also looking to get into regulated businesses, banking on their superior technology platforms and at times large customer base. These changes are causing intersections between regulatory landscapes of fintech companies and traditional financial services players.

The segments that have seen such intersections include peer-to-peer (P2P) lending and payments. In the P2P lending space in India, there were over 25 lending platforms operating prior to the advent of regulations from the Reserve Bank of India (RBI). With the advent of RBI regulations requiring companies to obtain an NBFC-P2P licence from the regulator, entry to this space has become onerous. Moreover, add-on requirements such as capping single lender exposure across all P2P lending platforms have changed the customer acquisition mindset and business models of P2P lending platforms. This regulatory change has largely resulted in aligning P2P lending models more closely with traditional NBFC models. On the other hand, payment-oriented fintechs snapped up the opportunity to become payment banks offering themselves to regulation and aligning their business models more closely with traditional banks. As newer fintechs continue to explore and try to discover new regulatory white-spaces, more mature ones are seeking ways to align themselves with traditional models to compete more directly with traditional players. Fintechs are essentially seeking a runway where regulatory whitespaces enable unimpeded business model exploration and growth. At the end of the runway, they are seeking closer alignment with traditional models as their business models take flight. Regulators are faced with the difficult challenge of determining how long the runway should be and in which segments should regulatory white spaces be allowed to continue to exist.

Regulators have become more wary about fintechs with a view on customer protection, systemic risk and more recently data privacy. At the same time, regulators recognise that new business models introduced by fintechs are irreversible and innovation is in the interest of consumers. Allowing fintechs some runway with the eventual goal of bringing parity between them and traditional financial service providers is a tight balancing act.

Recently, the RBI, the Securities and Exchange Board of India, and the Insurance Regulatory and Development Authority published draft frameworks for regulatory sandboxes for fintech companies to operate and test their product or services in a ‘controlled’ regulatory environment. While generally considered as a forward-thinking move for general fintech adoption in India, there are still several concerns including non-provision of inter-operability of sandboxes hosted by each regulator for testing more than one product or service from a fintech company, non-provision of a virtual testing environment for testing the product or service with live customers, initial capping of the number of fintech companies for consideration in the sandbox, additional requirement of seeking licences separately from the time of participating in the sandbox and specific eligibility criteria on net worth. Lack of inter-operability between sandboxes reaffirms regulators’ approach of keeping fintechs within their scope of authority. Furthermore, the sandboxes and limitations thereon are an attempt by regulators to both understand fintech business models better and provide them a more controlled runway.

As the boundaries between financial services and non-financial services start to blur with ecosystem or open banking, fintech players are likely to seek out more regulatory whitespaces. The distinction between an online marketplace and trading platform is likely to blur as fintechs creep into gold trading, commodity trading and capital market platforms. Cross-border payments and remittances which was traditionally the forte of banks are increasingly becoming the domain of fintechs as they offer lower cost solutions. Fintechs today continue to leverage the existing banking infrastructure either by white labelling their offerings or leaving the regulated portion of the business model with banks. However, as the customer base grows, fintechs are likely to create business models that are partially regulated or have overlapping regulators.

Creating parity in regulations between fintechs and traditional players without stifling innovation will require regulators to move from a rule-based to a principle-based approach. Current regulations are very specific to a business model or product. Moving to broader principle-based frameworks is important to ensuring fair regulations that have less scope for white spaces. Creating parity in regulations will also require broadening of the regulatory scope to cover non-financial services players within the regulatory ambit depending on the activities they undertake. Where business models intersect regulatory domains, joint regulations and joint oversight will be warranted. This would also require regulators to share information and data on systemic risk seamlessly among themselves. More importantly, regulators will be required to merge supervision of different regulated entities supervised by them into a common framework and through use of a common barometer.

Creating parity in regulations is also critical for managing systemic risk as the fintech footprint has the ability to introduce new variables to the systemic risk equation. Collecting and analysing data, setting macro-prudential guidelines and use of tools for regulatory intervention are important for aligning systemic risk management across fintechs and traditional financial services players.

Regulators are expected to pivot their approach in order to demonstrate speed, agility and inclusiveness in their regulatory expectations and mandates. At the same time, regulators are expected to ensure that their approach does not stifle innovation. The key lies in allowing regulatory whitespaces to exist until the risk is perceived to be low and aligning regulatory expectations with a traditional player once a fintech reaches scale. Early regulatory enforcement can destroy innovative business models and delays in regulatory intervention can cause unmanageable systemic risk. Creating a level-playing field should not mean a one-size fits all regulation. At the same time, when scale is comparable, convergence through broader principle based regulatory frameworks and focus on macro-prudential control can allow for innovation and risk management to stay balanced.

Views are personal.

Muzammil Patel is the managing director at Acies Consulting, a technology-centric consulting firm. Rahul Murthi is an executive director at Acies Consulting and also the head of Acies Ventures, a division of Acies Consulting that focuses on strategic investments primarily in the financial services space.