fintech sector in india

Legal Requirements and Compliances required in India for Fintech Startups

The aggregate size of the Indian fintech market is $31 billion, which makes it the third-largest fintech ecosystem across the globe, after USA and China, according to a report by Blinc Invest.[1] The rapid growth of this sector can be attributed to government backing of digitalization in the country, an increase of tech-savvy citizens, more mobile users, the building of digital networks and streamlining of financial processes. However, due to the lower penetration of financial services, India is still a largely untapped market for fintech. The favourable ecosystem and untapped opportunities imply that there is huge scope for the growth of fintech in India. However, in order to take advantage of this opportunity, it is necessary to be acquainted with the fintech law for startups in India. Thus, this article seeks to cover the legal requirements and compliances for fintech startups in India.

What is the meaning of “fintech”?

Fintech is the abbreviated form of the term “financial technology” which is an innovation that seeks to compete with traditional methods of delivery of financial services. It aims to use new and emerging technology to enhance and automate financial activities, for example – the use of smartphones for investing and trading in financial markets, buying cryptocurrencies online, etc. Fintech organizations are thus, financial institutions which provide financial assistance, management, and planning services to other individuals or entities via digital mediums. Such an organization differs from a bank in various aspects. It requires in-depth preparation and knowledge of the legal requirements for starting a fintech start-up in India. 

Types of services provided by Fintech startups in India

There are mainly 4 categories of services provided:

1. Payment services (such as e-wallets and mobile payments);

2. Peer-to-Peer lending (known as P2P lending);

3. Retail banking services, Customer to Business (C2B) and Business to Customer (B2C);

4. Personal consultation services for savings and finance.

Legal Requirements for a Fintech startup in India

1. Selecting the business structure

Before you start your startup, it is essential to select a business structure for your organization. The Business structure can be any one of the following types:

One Person Company (OPC) 

Section 3(1)(c) of the Indian Companies Act, 2013 provides that a single person can form a company for any lawful purpose. So, if you only have one owner but wish to operate as a business, you may opt for this business structure as it is a unique blend of business and sole proprietorship.

Limited Liability Partnership (LLP) 

An LLP is a blend of a company and a partnership, where the limited liability of all the partners is restricted to their respective shares.

Private Limited Company (PLC)

Here, the company has its own set of rights and liabilities independent from those of the owners, and the directors and shareholders of the company have no personal responsibility towards the creditors. This is the most widely used and preferred framework in the fintech market of India.

2. GST Registration

The startup would be required to apply for GST registration and obtain a GSTN for their business. There are various benefits of registration, such as availing input tax credit, easy registration on e-commerce websites, competitive advantages compared to other businesses, lesser compliances etc.

3. Contracts, Agreements and Policies

Every company must have its own set of legal documents. Businesses usually hire legal experts for drafting and customizing legitimate documents as per the requirements of that business. The agreements, contracts and policies that are required include, but are not limited to, the following:

  •   Privacy policy
  •   Cookie policy
  •   Terms and conditions
  •   User policy
  •   Employment agreement
  •   IP licensing agreement
  •   Co-founders agreement / Partnership agreement (as applicable)
  •   Vendor agreement
  •   Product development agreements

4. Intellectual Property registration

Startups must acquire Intellectual Property (“IP”) protection to prevent the infringement of their website content, web/app design, brand name, logo, brochure, etc. Getting all the IP registered will help safeguard the brand, and distinguish the brand from its competitors and the business will be entitled to seek legal remedies in case of any violation of the registered IP. Copyright, trademark, patents, trade secrets, and industrial designs are a few examples of IP that are protected by law.

5. Domain name

For a technology-based organization, having a registered domain name and a fully developed website is a must for establishing its presence on the internet and coming up in search engine results. Registering the domain will help prevent others from cyber-squatting, which refers to the unauthorized use and registration of a domain name, identical or similar to an established business’ domain name to take advantage of the goodwill or customer base of that business.

6. Licensing

The licensing norms and regulations depend upon the category of services being provided by the Fintech Startup in India.

1. In case the startup provides payment services, it must be registered with the Reserve Bank of India (“RBI”).

2. For retail service providers, licensing is necessary for executing lending and depositing services for Micro, Small, and Medium Enterprises (“MSME”).

3. In the case of financial management and investment services, the fintech company must be registered as a Non-Banking Financial Company (“NBFC”) prescribed by the RBI.

Compliances for fintech startups in India

There is no dearth of the legal requirements and compliances required for operating a fintech startup in India, which gets further complicated as most fintech companies offer a variety of services to their customers. Some necessary compliances are as follows:

1. Payment gateways

All interactions pertaining to payment aggregators and payment gateways must be made via a bank – between the payment gateway and the RBI. This is necessary for safeguarding digital transactions. Payment gateways generally maintain certain requirements for protecting and securing digital transactions such as the Payment Card Industry Data Protection Standard (PCI DSS). All payment aggregators and payment gateways are intermediaries that facilitate payments online in accordance with the Circular on Guidelines on Regulation of Payment Aggregators and Payment Gateways, 2020 (“Payment Intermediary Guidelines”).[2]

2. Digital wallets

If the startup provides e-wallet or mobile wallet services, it must comply with Know Your Customer (“KYC”) requirements. The RBI has outlined KYC specifications in its “Master Direction- Know Your Customer (KYC) Direction 2016”[3] and “Guidelines for Prepaid Payment Instruments.”[4] 

3. Insurance aggregators

Insurance aggregators which provide information about various insurance products are regulated by the Insurance Regulatory and Development Authority (“IRDA”) and must comply with the IRDAI Insurance Web Aggregators Regulations, 2017.

4. Lending platforms

Lending platforms that have acquired the P2P NBFC license must post the platform’s default rates on their website and provide lenders and borrowers with adequate information to enable clear decision making. Such platforms are governed by the Master Directions – NBFC – Peer to Peer Lending Platform (Reserve Bank) Directions, 2017.[5]

5. Data protection

Since all financial companies, by their very nature, collect personal and/or sensitive information of individuals, they must comply with the Information Technology Act, 2000 (“IT Act”) and its relevant rules and regulations such as the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”). This is done to protect the data, manage and report security breaches and to avoid legal complications. Corporate entities are mandated to acquire permission from the information provider before revealing any confidential data, subject to certain exceptions.

Conclusion

Fintech startups focus on utilizing new and emerging technologies such as artificial intelligence, machine learning, blockchain, etc., for providing financial services, which makes them faster and much more efficient. They also play a role in enhancing financial inclusion and targeting new demographics.

However, the process of launching a new fintech startup is complicated, to say the least, and it is of grave importance that new players understand the legalities and regulations of India’s fintech policies before venturing into this field. This will help avoid legal complications in the future and allows the new players to take advantage of any government benefits or incentives that have been laid out for fintech organizations.


[1] https://blincinvest.com/fintech

[2] https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11822&Mode=0

[3] https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=11566

[4] https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=11142

[5] https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=1113

Leave a Comment

Your email address will not be published.

Ahlawat & Associates