RBI Regulatory Sandbox

Each candidate must meet the following requirements:

(a) It must be an Indian-incorporated and registered firm or an Indian-licensed bank. Furthermore, financial institutions established under an Indian legislation would be eligible.

(b) According to its most recent audited balance statement, the firm must have a minimum net value of Rs. 25 lakh.

(c) The entity's promoter(s)/director(s) must be fit and appropriate according to the requirements outlined in Annex

• According to Annex

• each director must sign a statement and provide an assurance to this effect.

(d) The entity's and its promoters'/directors' bank accounts should be in good standing.

(e) The promoter(s)/director(s)/entity's credit history must be adequate.

(f) It should indicate that the products/services are technologically ready for commercial deployment.

(g) The firm must show mechanisms to guarantee compliance with current consumer data protection and privacy regulations/laws.

(h) Adequate protections shall be established into its IT systems to protect it against unauthorised access, modification, destruction, disclosure, or dissemination of records and data.

Regulatory Sandbox Enabling Framework

I The organisation should have a solid IT infrastructure and management resources. The IT systems utilised for end-to-end sandbox processing must ensure information processing integrity from beginning to finish.

The entities must also meet the following requirements:

(a) The suggested FinTech solution should highlight an existing gap in the financial ecosystem and show how it would fix the issue, benefit customers or the industry, and/or execute the same function more effectively. Alternatively, applicants should demonstrate that there is a relevant regulatory barrier preventing the product/service from being deployed at scale, or that a genuinely innovative and significantly important product/service/solution is proposed for which relevant regulation is required but not present.

(b) The RS experimentation's test scenarios and anticipated results should be clearly stated, and the sandbox entity should report to the RBI on the test progress on an agreed-upon timeline.

(c) In order for the RS to be effectively conducted while adequately safeguarding consumers' privacy, the required boundary criteria (see to section 6.7) must be explicitly established.

(d) In the event that the planned FinTech-driven financial service must be stopped or may proceed to be launched on a larger scale after quitting the RS, a suitable departure and transition strategy shall be explicitly established.

(e) Before being admitted to RS for testing, candidates must provide the findings of their Proof of Concept (PoC)/testing of use cases, as well as any relevant past experiences.

(f) Significant risks associated with the proposed FinTech solution or financial service must be analysed and a mitigation strategy must be produced.

The RS is a new regulatory effort designed to promote responsible innovation in financial services while closely monitoring and mitigating risks. Entities for a cohort must, among other things, meet the fit and suitable standards outlined in paragraphs 6.5.1 and 6.5.2 above. If there are a high number of applications, compliance with fit and suitable criteria will be required, and the final selection will be based on the uniqueness of the invention and the potential advantage that the product/service delivers to the consumers/industry.