Image Source: Getty
India’s fintech sector has lately witnessed remarkable growth, reaching US$ 689 billion in 2023 and is projected to hit US$ 2.1 trillion by 2030, increasing at an 18 percent CAGR between 2023 to 2030. Digital transformation of finances, driven by smartphone adoption, UPI, and financial inclusion initiatives, has boosted digital payments, expected to potentially reach USD 7 trillion by 2030. However, challenges remain, as indicated by the 33% drop in India’s fintech equity funding and its 39th rank in the IMD Competitiveness Index (2024). It is to counter these trends and boost the fintech sector through targeted and responsible innovation, successful mitigation of associated risks, enhanced financial inclusion and ultimately help realise India’s vision of a USD 5 trillion economy that regulatory sandboxes were introduced by the Reserve Bank of India (RBI), Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority (IRDAI), and later International Financial Services Centres (IFSC).
Digital transformation of finances, driven by smartphone adoption, UPI, and financial inclusion initiatives, has boosted digital payments, expected to potentially reach USD 7 trillion by 2030.
The Indian Landscape
A fintech regulatory sandbox is a controlled environment where startups and companies can test innovative financial products, services, and business models under relaxed regulatory oversight. Defined by the UK Financial Conduct Authority (FCA) as a “safe space”, it allows experimentation in live market settings without immediately facing full regulatory consequences. This reduces uncertainty, lowers entry barriers, and fosters innovation. If an experiment fails, the sandbox minimises risks to consumers and financial stability. Additionally, it helps policymakers understand emerging technologies, enabling more effective regulations. By balancing innovation with oversight, sandboxes support both business growth and regulatory adaptation to new financial technologies[1]. Fintech sandboxes began in 2016 with the FCA opening the 1st ever sandbox followed shortly after by Singapore. With nearly 60 countries running 73 sandboxes as of today, sandboxes have now become a global phenomenon extending to areas beyond finance.
Fintech sandboxes began in 2016 with the FCA opening the 1st ever sandbox followed shortly after by Singapore.
These Indian regulatory authorities mentioned above have designated ‘focus areas’, where they encourage responsible fintech innovation; and have individual policies for nurturing such solutions/products, culminating in their eventual release in the market upon successful completion of all stages of the sandbox. While similarities exist among all these policies they exhibit significant divergences in their approach, compliance requirements and exemptions among others.
- Understanding objectives: While all of them seek to promote fintech innovation through controlled testing environments ensuring regulatory oversight, there are divergences in their ways of operating and points of emphasis. RBI focuses on responsible innovation by allowing live testing of financial technologies. SEBI facilitates securities innovation by providing market data for offline testing via its Innovation sandbox and securities market testing through its Regulatory Sandbox. IRDAI supports insurance sector fintech innovation with a regulatory sandbox offering temporary relaxations. IFSCA, with an international outlook, fosters fintech advancements in India’s IFSC through multiple sandbox frameworks[2], including international collaborations and Indian inter-regulatory collaboration mechanisms. It explicitly enables global regulatory cooperation, allowing fintech solutions to be tested beyond India’s domestic markets.
- Compliance exemptions: While all strictly enforce certain fundamental regulations around ‘Know Your Customer’ (KYC), customer protection and data security, they differ in individual compliance flexibilities. RBI permits relaxations such as in governance and liquidity among others but offers no legal waivers. SEBI provides case-specific relaxations only in its Regulatory Sandbox, while its Innovation Sandbox grants none. IRDAI upholds key insurance laws but permits relaxations with respect to guidelines and circulars. It also envisages scope for “inter-regulatory sandbox proposals” within its ambit. IFSCA, catering to global firms, allows exemptions about operational rules but upholds strict customer protection norms.
- Applicant qualification: Despite sharing certain common applicant criteria like requiring financial stability, regulatory compliance, and innovation among others, differences exist. RBI’s sandbox is open to fintechs, banks, and LLPs with INR 10 lakh net worth and meeting the “Fit and Proper Criteria”. SEBI operates its Innovation Sandbox for non-regulated entities and Regulatory Sandbox for SEBI-registered firms, focusing on securities. IRDAI restricts access to insurers, and intermediaries within a set net worth as determined by it. IFSCA uniquely accommodates both Indian and foreign entities, requiring DPIIT registration or such other compliances for Indian entities) or FATF-compliant jurisdiction incorporation (foreign entities), allowing for cross-border financial innovation through IoRS and Fintech Bridges, making it globally oriented, unlike most other regulators.
- Product acceptance criteria: RBI accepts fintech products in thematic cohorts but excludes cryptocurrencies, and chain marketing among others. SEBI differentiates between live testing and test environments. It has an innovation sandbox and regulatory sandbox under its ambit. IRDAI focuses on insurance innovation, penetration, and efficiency, among others. IFSCA has a detailed framework, requiring offline testing before sandbox entry and live testing, applicable to both its innovation and regulatory sandboxes. While SEBI, RBI and IRDAI prioritise sector-specific advancements, IFSCA promotes broader financial services innovation, emphasising greater global applicability and post-sandbox market deployment.
- Consumer protection: All of India’s financial regulators prioritise consumer protection through risk disclosure, user consent, grievance redressal, liability insurance, and data security among others. RBI mandates fintech firms to notify test users of risks, ensure compensation, and comply with data privacy laws. SEBI grants test-users market-consumer equivalent rights, enforces grievance redressal via the SEBI Complaint Redressal System and requires published risk management plans. IRDAI focuses on data confidentiality and full applicant liability for consumer risks. IFSCA’s Regulatory Sandbox requires upfront compensation scheme disclosures and requires informed user consent to disclosed risks, while its Innovation Sandbox lacks such obligations. Unlike others, IFSCA uniquely mandates pre-defined compensation structures for participant protection.
- Sandbox lifetime: RBI allows for a nine-month duration cohort based sandbox. SEBI’s Innovation Sandbox lasts up to 24 months, while its Regulatory Sandbox runs for 12 months. IRDAI does not specify an exact timeframe but follows a limited testing approach. IFSCA’s Regulatory Sandbox has 12 months with a six-month extension option, whereas its Innovation Sandbox is silent in this matter. SEBI offers the longest timeframe for early-stage innovation, while IFSCA provides flexibility in extending testing, making it distinct from the others.
Understanding Systemic Challenges
As we can see, due to the presence of multiple regulators, India has a somewhat fragmented sandbox framework with divergent policies, concession schemes, eligibility criteria, application procedures, permitted durations and consumer protection measures. This could make it potentially difficult for nascent startups to navigate compliance requirements. Fintech innovations, especially those requiring cross-sectoral testing could face delays and increased costs due to the need to approach multiple regulators separately. Though IFSCA and IRDAI have provisions for cross-sectoral sandbox collaboration, their effectiveness remains to be conclusively demonstrated. Moreover, the absence of a national inter-regulatory cooperation mechanism prevents regulators from sharing insights and best practices, limiting the potential of regulatory sandboxes to promote knowledge-sharing around innovation. This lack of collaboration could lead to inefficiencies in evidence-based policymaking and ultimately hinder the adoption of a consistent regulatory approach to emerging technologies. As Fintech continues to blur traditional sectoral boundaries, an overarching regulatory framework could help to ensure harmonised policies, reduce compliance burdens, and create a more innovation-friendly environment.
Fintech innovations, especially those requiring cross-sectoral testing could face delays and increased costs due to the need to approach multiple regulators separately.
Proposed Measures
To mitigate these systemic issues, an overarching uniform regulatory framework could be devised which might incorporate the following features:
- Cross-Sector Fintech Oversight Committee: Establish a coordination mechanism/body consisting of all extant regulatory sandboxes i.e. the RBI, SEBI, IRDAI, and IFSC to streamline sandbox testing for cross-sectoral innovations.
- Unified sandbox entry standards: Implement minimum uniform criteria for regulatory sandboxes, including eligibility, duration, consumer protection measures and compliance exemptions while allowing sector-specific flexibility. This may reduce uncertainty and encourage greater participation from startups and investors.
- Simplified and Fast-Track Licensing: Create an authorisation mechanism for unregistered entities to test innovative products without facing complex licensing barriers.
- Cross-Border Collaboration: proactively enable partnerships between Indian regulators and global regulatory bodies to facilitate international sandbox testing along the lines of the international collaborations envisaged and built by the IFSC.
- Data Sharing and Policy Learning: Establish an information-sharing framework among regulators to derive insights from sandbox testing and guide evidence-based policy reforms.
- Progress Tracking and Accountability: Mandate the publication of whitepapers detailing the number of sandbox-tested innovations, successful market launches, and subsequent financial performance to assess long-term impact and drive further improvements.
Debajyoti Chakravarty is a Research Assistant at the Observer Research Foundation
[1] Samir Saran and Anirban Sarma, GeoTechnoGraphy: Mapping Power and Identity in the Digital Age (New Delhi: Penguin Viking, 2025).
[2] IFSCA Fintech Regulatory Sandbox (FRS), IFSCA Fintech Innovation Sandbox (FIS), Inter-operable Regulatory Sandbox (IORS) with IFSCA as Principal Regulator and overseas Regulatory Referral Mechanism /Fintech Bridges of IFSCA.
The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.
PREV
