2. AGENDA
• Overview of legal regimes governing:
• Digital payments;
• Digital and alternative lending;
• InsurTech;
• Portfolio, investment and wealth management technologies;
• Cryptocurrencies.
J. Sagar Associates - Privileged & Confidential
2
3. DIGITAL PAYMENTS
• Regulator: The Reserve Bank of India
• Governing Laws:
• Reserve Bank of India Act, 1934
• Banking Regulation Act, 1949
• Payment and Settlement Systems Act, 2007 (PSSA)
• PSSA regulates:
• Payment System Providers – NPCI, VISA, Mastercard
• Payment Participants
• Intermediaries
J. Sagar Associates - Privileged & Confidential
3
4. DIGITAL PAYMENTS
• Prepaid Payment Instruments
• RBI Master Directions on Issuance and Operation of PPIs
• Classification – Closed, Semi-Closed, Open Loop Instruments
• Prior approval of RBI for Semi-Closed and Open Instruments
• Limits on debits, credits, reloading and cash withdrawal
• Escrow account for funds
• KYC requirements for PPIs based on limits
• Proposals for interoperability
• Examples: PayTM, Mobikwik
J. Sagar Associates - Privileged & Confidential
4
5. DIGITAL PAYMENTS
• Cards
• Debit cards – issued by banks and linked to a bank account.
• Credit cards – generally issued by banks and non-banks, but can also be issued by other
approved entities
• Prepaid cards – may be issued by banks/non-banks
• RBI regulates authentication of card transactions:
• Card Present / CP transaction: carried out through physical presence of card at transaction
• Card Not Present / CNP transaction: does not require the card to be physically presented
• All CP and CNP transactions on cards to be authenticated using ‘Additional Factor of
Authentication’ (AFA)
J. Sagar Associates - Privileged & Confidential
5
6. DIGITAL PAYMENTS
• UPI
• Operated by National Payments Corporation of India
• Runs on the IMPS rails
• Fund transfers on the basis of VPA, account number, QR code, mobile number
• NPCI Procedural Guidelines and periodic circulars
• Obligations of Payment System Providers (PSPs) – banks
• Obligations of Technology Service Providers (TSPs) – app developers
• Minimum requirements for UPI App
J. Sagar Associates - Privileged & Confidential
6
7. DIGITAL PAYMENTS
• Payment Intermediaries
• Such as payment gateways – RazorPay, PayU etc.
• Currently governed by RBI Intermediary Guidelines
• Nodal Account for non-DVP
• Regular account for DVP
• Restrictions on debits and credits
• T+x settlement timelines
• RBI proposes to regulate intermediaries and mandate PSSA license
J. Sagar Associates - Privileged & Confidential
7
8. DIGITAL LENDING
• Regulator: RBI
• Laws:
• RBI Directions on Non-Banking Financial Companies (NBFCs)
• Master Directions on NBFC Peer to Peer Lending
• Master Directions on Loans and Advances – only applies to Banks
• Credit Information Companies (Regulation) Act, 2005
• NBFCs in the business of lending are classified as NBFC – Investment and Credit
Companies (NBFC-ICC)
• NBFCs must comply with prudential regulations, including:
• Capital requirements;
• Income recognition principals;
J. Sagar Associates - Privileged & Confidential
8
9. DIGITAL LENDING
• Asset classification requirements
• Liquidity and risk management framework
• Liquidity coverage ratio requirements
• Restrictions on concentration of credit and risks
• NBFCs must approach RBI for any change in name, address, directors or auditors
• NBFC must obtain approval for any change in ownership or shareholding > 25%
• NBFC must have fair practice code and must comply with KYC directions
• P2P Platform:
• must be registered with RBI
• must have board-approved policy on eligible lenders and borrowers
• can only facilitate unsecured loans
J. Sagar Associates - Privileged & Confidential
9
10. DIGITAL LENDING
• must comply with limits on lending and borrowing (apply to borrowers and
lenders across platforms)
• cannot facilitate loans that have maturity period > 36 months
• must undertake due diligence, credit assessment and risk profiling of
prospective borrower
• can share above details with lenders
• Lenders on P2P lending platforms may undertake their own underwriting process
• No clarity on syndication of P2P loans
J. Sagar Associates - Privileged & Confidential
10
11. INSURTECH
• Regulator: Insurance Regulatory and Development Authority of India (IRDAI)
• Laws:
• Insurance Regulatory and Development Authority Act 1999
• The Insurance Act, 1938
• Guidelines on Insurance E-commerce
• Guidelines on Information and Cyber Security for Insurers
• Guidelines on Insurance Repositories and electronic issuance of Insurance
policies
• These laws govern insurers and insurance intermediaries
• Insurance intermediaries includes agents, brokers, surveyors and third-party
administrators (TPAS)
J. Sagar Associates - Privileged & Confidential
11
12. INSURTECH
• Cybersecurity Regulations:
• Apply to all information created, received or stored by insurers and
intermediaries
• Insurers and intermediaries must:
• have uniform framework for data, cloud and cyber security
• have in-built governance mechanism
• Follow IRDAI framework for data protection
• E-commerce Guidelines
• Apply to all insurers and intermediaries who setup Insurance Self Network
Platforms (ISNPs) - websites and apps for selling/servicing insurance products
J. Sagar Associates - Privileged & Confidential
12
13. INSURTECH
• Applicant must obtain permission of IRDAI to setup ISNP
• ISNPs must have internal control mechanisms to ensure integrity of automatic
data processing systems
• Certified Information System Auditor (CISA) or CERT-In expert must review
ISNP annually
• ISNP must comply with Code of Conduct prescribed by IRDAI and must make
mandatory disclosures
• All products sold on ISNP will be subject to:
• IRDAI regulations on commissions
• IRDAI’s KYC guidelines
• IRDAI regulations on issuance of e-insurance policies
J. Sagar Associates - Privileged & Confidential
13
14. PORTFOLIO AND INVESTMENT
MANAGEMENT
• Regulator: Securities and Exchange Board of India (SEBI)
• Laws:
• SEBI (Portfolio Managers) Regulations, 2020
• SEBI (Investment Advisers) Regulation, 2013
• Portfolio manager
• Advises, undertakes or directs the management of a portfolio of securities or
funds of the client
• May be discretionary or non-discretionary
• Must be registered and certified by SEBI
• Principal Officer must meet minimum educational requirements
• Must meet the minimum net worth requirements prescribed by SEBI
J. Sagar Associates - Privileged & Confidential
14
15. PORTFOLIO AND INVESTMENT
MANAGEMENT
• Investment Advisers:
• Any person engaged in providing investment advice for consideration
• Investment adviser requires registration with SEBI
• Must meet the capital adequacy requirements and “fit and proper” criteria
prescribed by SEBI
• Partners and representatives must obtain certificate on financial planning or
fund/asset/portfolio management or investment advisory services
• Must act in a fiduciary capacity; maintain arm’s length distance with other
activities
• Must conduct risk profiling based on client’s circumstances
• Must make mandatory disclosures to clients
J. Sagar Associates - Privileged & Confidential
15
16. CRYPTOCURRENCIES
• Regulator: Unclear
• Laws:
• No clear regulations
• RBI circular “Prohibition on dealing in Virtual Currencies (VCs)”
• Entities regulated by RBI (Banks, NBFCs etc) prohibited from dealing in VCs
• Prohibited activities:
• maintaining accounts for VC companies
• Registering, trading, settling, clearing VC transactions
• giving loans against VCs, accepting them as collateral
• transfer / receipt of money in accounts relating to purchase/ sale of VCs
J. Sagar Associates - Privileged & Confidential
16
17. THANK YOU
J. Sagar Associates - Privileged & Confidential
17
Contact us:
• probir@jsalaw.com
• yajas.setlur@jsalaw.com
Notas do Editor
Fair Practice Code to cover:
Language and Communication of Fair Practice Code
Loan Applications and Processing
Loan Appraisal and Terms and Conditions
Change in Terms and Conditions
Grievance Redressal Mechanism and Officer
Nodal Officer
Interest Rate Policies
An NBFC-P2P shall-
act as an intermediary providing an online marketplace or platform to the participants involved in Peer to Peer lending;
not raise deposits as defined by or under Section 45I(bb) of the Act or the Companies Act, 2013;
not lend on its own;
not provide or arrange any credit enhancement or credit guarantee;
not facilitate or permit any secured lending linked to its platform; i.e. only clean loans will be permitted;
not hold, on its own balance sheet, funds received from lenders for lending, or funds received from borrowers for servicing loans; or such funds as stipulated in paragraph 9;
not cross sell any product except for loan specific insurance products;
not permit international flow of funds;
ensure adherence to legal requirements applicable to the participants as prescribed under relevant laws.
store and process all data relating to its activities and participants on hardware located within India.
Insurance broker arranges for insurance contracts. Broker can represent multiple insurers
Agent is permitted to represent only one insurance company in a sector - general, health;
Surveyor or loss assessor determines the damage or extent of loss caused
TPA is an organisation that is licensed by IRDAI to process claims and provide cashless facility
IRDAI framework for data protection includes:
To classify data as ‘critical’ and ‘non-critical’ (based on the organisation classification standards) and establish security processes to secure critical data including by maintaining an audit trail of critical data access.
To provide access to data only on a ‘need to know basis’ and periodically review such access rights.
To obtain confidentiality undertakings from users having access to data.
To obtain the approval of the information or business owner in the event sensitive data is required to be sent to outsourced services providers, third parties, etc. for business purposes.
To design controls to ensure that data is not misused by the third party by way of executing non-disclosure agreements, right protected emails, etc.
To have in place effective mechanisms for data destruction.
Mandatory Disclosures include:
a. The type of consumer for whom the product is intended;
b. Main characteristics of the product;
c. Options and coverage provided by the product, as applicable;
d. Exclusions and limitations associated with the product, if any;
e. The total premium and other charges that the consumer shall pay (including all applicable taxes) or, if an exact amount cannot be indicated, the basis for the calculation of the amount, so that the prospects can verify it;
f. The prospects right to cancel' if applicable, as well as the duration of the cancellation period and procedures;
g. Any time limit on the validity of the information provided
“discretionary portfolio manager” means a portfolio manager who under a contract relating to portfolio management, exercises or
May exercise , any degree of discretion as to the investment of funds or management of the portfolio of securities of the client, as the case may be
“investment advice” means advice relating to investing in, purchasing, selling or otherwise dealing in securities or investment products
Exceptions for registration:
(a) any person who gives general comments in good faith in regard to trends in the financial or securities market or the economic situation where such comments do not specify any particular securities or investment product;
(b) Any insurance agent or insurance broker who offers investment advice solely in insurance products and is registered with Insurance Regulatory and Development Authority for such activity;
(c) Any pension advisor who offers investment advice solely on pension products and is registered with Pension Fund Regulatory and Development Authority for such
activity;
(d) Distributor of mutual funds;
(e) Any person who exclusively advises clients outside India;