Image Source:

This article is written by Mayank Bansal and Shruti Gupta, pursuing a Diploma in Cyber Law, Fintech Regulations and Technology Contracts from Here they discuss “What is RBI and IRDA Regulatory Sandbox and its Role in the Financial Sector?”.


The Indian FinTech market has been on a growth trajectory, as a source of innovation and entrepreneurship in the financial technology (fintech) space. Over 1500+ fintech companies have set up operations in India since 2012, with India ranking 2nd globally in fintech adoption. The innovations and disruptions in the financial sector have occurred in an environment where no adequate guidelines were defined. For example, mobile wallets were developed in a regulatory space in the late 2000s of the thriving telecom sector. The Reserve Bank of India (RBI) issued guidelines for their operations, i.e. limiting the amount of money that can be saved in a wallet, therefore restricting the major systemic risks that wallets could have caused.

In order to evaluate the regulatory outline and respond to the dynamics of the fast-evolving FinTech scenario, the Reserve Bank of India (RBI) formulated an inter-regulatory in July 2016, a Working Group (WG) to report on all the aspects of FinTech and its implications thereon.

Download Now

The WG recommended establishing a system for a Regulatory Sandbox (RS) within a defined space and time, where the financial sector regulators may provide the necessary regulatory guidance, so as to increase productivity, mitigate & manage risks & create new opportunities for consumers.

Furthermore, the market regulator SEBI and insurance regulator IRDAI has announced initiatives to encourage tech start-ups, especially fintech, by making data and systems available to them through the RS.

What is Regulatory Sandbox? 

Almost all of us had come across “sandboxes” in our childhood, these were the areas filled with the sand where we used to play and build structures of sand by using our creativity. But lately, with the advancement in technology, this term “sandbox” has acquired one new meaning. Now, this term is used in a technological world for providing a closed environment used for live testing the benefits, safety, and viability of new technologies/products before they are released in the market. Typically, the participating companies in the regulatory sandbox, release their innovation in the protected environment to the limited customers for a short period of time without having to worry about certain constraints and liabilities. 

Purpose of RS

  • A regulatory sandbox is a framework set up by a regulator that allows FinTech entities (start-ups and other innovators) to perform live experiments in a controlled environment.
  • To encourage accountable innovation in financial services & promote efficiency & providing benefit to the consumers. 

Benefits of Regulatory Sandbox

  • The sandbox mechanism helps these market players to conduct live testing of their innovations, in a regulated environment, where regulation is absent or may be too stringent for the entity.  
  • This mechanism also helps the market players to test the viability of their products without spending on larger and expensive rollouts. 
  • The regulatory sandbox helps the market player to launch their innovation, business models, and products at a lower cost and in less time.
  • This mechanism further helps the market regulators, in examining the need for changing existing regulation to accommodate the innovations.

Draft Guidelines for Regulators in India

Relying on the benefits of the regulatory sandbox, and on the report published by the NITI Aayog, in which it was they stated, that “India is one of the fastest developing fintech markets throughout the world and Niti Aayog has further projected that around $1 trillion or 60% of retail and small and medium-sized enterprises credit will be digitally disbursed by 2029.” The Reserve Bank of India (RBI) on 18th April 2019, issued a “Draft enabling framework for Regulatory Sandbox for public comments. The RBI regulatory sandbox aims at providing a protected environment to fintech corporations to promote their innovations for testing the viability of their products without the need for expensive roll-out. 

Just after the announcement of RBI regulatory sandbox, The Insurance Regulatory and Development Authority of India (IRDAI) issued their notification “Insurance Regulatory and Development Authority of India (Regulatory Sandbox) Regulations, 2019with the objective to facilitate innovation in the insurance sector by way of relaxing the prevailing regulations for limited scope and limited time, while at the same time protecting the interest of policyholders.

Eligibility Criteria

  • Draft Enabling Framework for Regulatory Sandbox – RBI

According to RBI guidelines, the target applicants to its Regulatory sandbox would be the FinTech firms, which essentially meets the conditions of start-ups prescribed by the government. Adding to it these fintech firms should be working in the area, which currently does not have any government regulations, or where there is a need to ease some regulations or in cases where such fintech corporations promise the ease/effectiveness of delivery of financial services. 

Further, the RBI framework also includes a list of indicative innovative products, services, and technologies that could be considered for testing under its regulatory sandbox scheme. 

List of Innovative Products and Services are as follows:

  • Retail Payment Mechanism
  • Money transfer services
  • Lending services at marketplace
  • Digital KYC
  • Services related to financial advisory
  • Services which helps in managing the wealth of the individual
  • Digital identification services
  • Smart Contracts
  • Products related to cybersecurity

List of innovative technologies are as follows:

  • Mobile applications related to Payments, Digital identity, etc.
  • Data Analytics
  • API’s related to finance
  • Applications built on a blockchain mechanism
  • AI and machine learning applications

At the same time, RBI framework also prohibits certain products, services, and technologies which might not be accepted for testing under its Regulatory Sandbox Scheme, this is as follows:

  • Credit Registries
  • Any kind of Credit information’s
  • Services related to Crypto Currency/Assets
  • Any kind of Trading, Investing or settlement in Crypto
  • Initial Coin Offering
  • Chain Marketing Services
  • Any Product or Service, which is specifically banned by the Regulators or Government

RBI framework further imposes a condition on the participants that their companies should be registered and incorporated in India and meet the criteria of start-ups as per the Government of India. Also, such an entity shall have a minimum net worth of Rs. 50 lakhs as per its latest balance sheet.

This shows that the RBI guideline provides a long list of eligibility requirements which is necessarily required to become a part of RBI Regulatory Sandbox. However, I believe that some of the conditions required by this framework are very difficult to satisfy for small and new start-ups. 

Entry Criteria

All FinTech companies including start-ups, financial institutions, banks & other companies venturing with or providing support to financial services businesses, are eligible to avail RS system, subject to the compliance of the guidelines as stipulated by the RBI. Entities applying for the RBI’s regulatory sandbox should have a net worth of Rs. 25,00,000/- (Rupees Twenty Five Lakhs only) & should be incorporated and registered in India or have license to operate in India. The RBI’s April 2018 draft guidelines, had a very narrow definition, wherein the companies would be allowed RS if their net worth is of Rs. 50,00,000/- (Rupees Fifty Lakhs only), the said guidelines were further revised wherein the net worth requirement was changed to Rs. 25 Lakhs only.

The Regulatory Sandbox is an initiative to encourage responsible innovation in the financial sector, and monitoring, mitigating & containing their risks. The selection of entities shall be based on conformity of the fit and proper criteria as stipulated in the guidelines. The compliance with fit and proper criteria is a necessary condition & the final selection is based on originality of the innovation & the potential benefit the consumers enjoys with such product/services.

Exclusions from RBI’s sandbox testing

The RBI reserves the right to publish any relevant information about the RS applicants on its website, for the purpose of knowledge transfer & association with other international regulatory authorities, without disclosing any proprietary & intellectual property rights related information.

  • Insurance Regulatory and Development Authority of India (Regulatory Sandbox) Regulations, 2019

On 26th July 2019, IRDAI has notified its Regulatory Sandbox regulation. Under the IRDAI regulation, the eligible applicant shall be an insurer or an intermediary or any other person (except individual) having a minimum net worth of 10 lakh Rupees in the previous financial year or any other person recognized by the IRDAI Authority. An eligible applicant may apply for one or more categories namely “(1) Insurance Solicitation or Distribution (2) Insurance products (3) Underwriting (4) Policy and Claims Servicing (5) or any other category recognized by the IRDAI authority, for promoting or implementing their innovation.  Although the permission to become part of regulatory would only be granted, if the chairmen is satisfied that the applicant (a) promotes the innovation which is beneficial to insurance in India (b) Innovation is in the interest of policyholders (c) innovation is necessary for the orderly growth of the industry (d) innovation, would in certain way promote the insurance penetration in the country (e) or innovation meets the necessary criteria as specified by the IRDAI Authority. 

Others – Regulatory Sandbox

Pursuant to SEBI’s guidelines, all entities registered under the SEBI Act, 1992, are eligible for testing in the sandbox, even if they are utilising the services of a FinTech company. The registered entity will be the principal applicant & will be solely responsible for testing the solutions in the sandbox. SEBI is also considering granting a limited registration to the entities, interested to test in the sandbox, with them being exempt from its regulatory requirements.

Furthermore, Maharashtra has created policies to promote & encourage more FinTech start-ups, launched a sandbox through which it will expose bank Application Programming Interfaces (APIs) to FinTechs’ to promote open banking initiatives. Major banks such as HDFC Bank, ICICI Bank and YES Bank have also launched initiatives where developers were invited to create new solutions/ applications through their banking APIs.

Testing Process

  • Draft Enabling Framework for Regulatory Sandbox – RBI

As per the framework set up by the RBI, the Regulatory Sandbox would work by selecting the limited number of entities (10-12 entities), which are selected through a comprehensive selection process, who pass the eligibility criteria set up by the framework. The estimated time to complete the testing under Regulatory Sandbox is 6 months, by this, all the testing must be completed. Although, an entity could ask for the extension of the sandbox period. However, such an entity shall place an application for an extension to the RBI at least one month before the expiration of the sandbox with the reasons for the extension. 

Further, the framework includes 5 mandatory phases/stages of testing, which every Sandbox entity is required to complete. These stages of testing are as follows:

The Regulatory Sandbox framework allows the RBI to relax certain prevailing regulatory requirements for Sandbox Entities during the testing period on case to case basis. However, draft mandatorily requires certain regulations that must be necessarily be complied such as Privacy of customers, secure storage and access to payment information of stakeholders, protection of transactions and KYC/AML/CMT requirements and any other statutory restrictions.  

  • Insurance Regulatory and Development Authority of India (Regulatory Sandbox) Regulations, 2019

Although, IRDAI is silent on the testing procedure in its regulation. However, it necessarily states the timeline for testing under its Regulatory Sandbox. The timeline prescribed in the IRDAI regulation is similar to those set in the RBI framework. Therefore, permission for testing in the IRDAI regulation is also set for 6 months. However, unlike the RBI framework, the IRDAI has prescribed that an entity could be granted an extension for a maximum period of 6 months to complete the test. This means that all the testing procedures shall be necessarily be completed within a period of 12 months. 

Regulatory Sandbox in Abroad – Australia, Singapore & U.K

Globally Regulatory Sandbox mechanism is seemed like a safe platform for innovators to test their products and services, under a relaxed environment wherein certain regulation relaxation might be granted by the regulators for a specified period of time. The Australian Securities and Investments Commission (ASIC) released its detailed Regulatory Sandbox framework in May 2016 allowing eligible Fintech entities to test their innovations in Regulatory Sandbox, without holding an Australian Finance Service license (AFS). This allows the eligible entities to test their innovation, without spending any time on the licensing process.

Click Above

The Financial Conduct Authority (FCA) of the U.K. introduced its Regulatory Sandbox framework in June 2016, which includes various kinds of regulatory co-operation with certain conditions such as restricted authorization, individual guidance, individual steers, and waivers, etc. The Monetary Authority of Singapore (MAS) also issued its Regulatory Sandbox guideline in November 2016. MAS in its Regulatory Sandbox regulation stated that they would be providing regulatory support to eligible entities by relaxing certain regulations during the testing process. 

The Regulatory Sandbox framework set by the RBI and IRDAI borrowed many essential features from the U.K. and Singapore regulations. However, the regulatory framework set by the RBI and IRDAI missed one very essential feature, which Singapore and U.K. permit in their regulation. Singapore and U.K. permit the regulated financial institution to participate in its Regulatory Sandbox, whereas the framework of RBI and IRDAI only allows start-ups registered in India, to apply for Regulatory Sandbox.

Further, Australia, Singapore, and the U.K. have innovation hub agreement/ fintech bridge agreement with each other, which facilitates the entry of innovative Fintech corporations from one jurisdiction to their respective Regulatory Sandbox. However, India also lacks this essential feature in its regulatory framework.


The sandbox is expected to provide temporarily relaxed regulatory norms for the conceptualisation of new solutions or products on a small scale before a potential scale up. This is a first-of-its-kind initiative by the regulator in India and is expected to provide a boost to organisations and start-ups that wish to enter the industry. A defined sandbox allows the eligible entities to test their innovative products/solutions, had led to an increase in the global investment in such entities, as the trust has been established because of the regulated environment provided to the FinTech entities, for testing the products/solutions, in a framework wherein the rights and limitations are defined and therefore evidencing that the same is duly regulated by an authority. 

The regulatory sandbox is a stimulating prospect for the country’s innovative FinTech companies. In India, regulators want to promote product & service innovation through sandboxes for each sector. India’s regulatory sandboxes are still at an emerging stage & regulators are still attuning their rules. The RS plays a vital role in the growth, investment & adoption of innovation in the FinTech industry and thereby providing protection to the interest of the consumers.



Students of Lawsikho courses regularly produce writing assignments and work on practical exercises as a part of their coursework and develop themselves in real-life practical skill.

LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join:

Follow us on Instagram and subscribe to our YouTube channel for more amazing legal content.


Please enter your comment!
Please enter your name here