SEBI’s Framework for Innovation Sandbox - Fintech

Amidst the fast-paced growth of the fintech industry in India, financial regulators in the country have been swift to recognise each such development and keep pace with the market. One particularly interesting development is the global adoption of regulatory sandboxes.

From 2016, a range of committees constituted by different financial regulators began to advocate adoption of regulatory sandboxes, drawing from success stories in other jurisdictions.[1] But 2019 marks a significant moment, as three of India’s prominent financial regulators have rolled-out either draft or final frameworks on regulatory sandboxes for fintech.[2]

The frameworks seek to spur fintech innovation in India and have been welcomed by all stakeholders alike. The framework released by the Securities and Exchange Board of India (SEBI) adopts a particularly holistic approach towards regulation of many different aspects of a sandbox. In this post, we seek to critique the ‘Framework for Innovation Sandbox’, released by SEBI on May 20, 2019 (Sandbox Framework).

A Snapshot of the Sandbox Framework

In a nutshell, SEBI seeks to create an ‘innovation sandbox’, where any entity (other than a SEBI-regulated entity), including an individual, can test technology-oriented products, services or solutions for the securities and commodities market in India. Based on the results generated from such testing, participants may roll out their products in the live market.

At the outset, the Sandbox Framework is a comprehensive, concise framework, which provides a reasonable degree of detailing on important aspects. Commendable aspects of the Sandbox Framework are highlighted in the infographic below.

Having said that, to make the sandbox process a little more efficient and easier to operationalise, we believe SEBI may consider addressing a few nuances in more detail.

Aspects of Innovation Sandbox Framework - SEBI

Purpose and Scope of the Innovation Sandbox

Under the Sandbox Framework, fintech offerings sought to be tested in the innovation sandbox are required to show some nexus to the securities and commodities market in India. While such nexus is important to bring the innovation sandbox within the regulatory framework of SEBI, defining eligibility of offerings through the lens of “securities” or “commodities” may prove restrictive in the long run.

For instance, testing of retail investment models that seek to ‘securitise’ or ‘tokenise’ beneficial interest of consumers in such model may be permitted. By doing so, SEBI can evaluate the performance of such models in a restricted environment prior to roll-out in the live market. Permitting such products within the innovation sandbox also provides scope to see if the tradeable papers or tokens subscribed to by consumers may be deemed to have, or be given, the benefit of “securities” under the Securities Contracts (Regulation) Act, 1956.

Further, testing of fintech offerings within the innovation sandbox is to be undertaken in an “offline” manner, and in isolation from the live market. While the importance placed on investor protection is welcome, evaluating offerings as well as rolling-out such offerings on the basis of “offline” or simulated test results may be not fully accurate. To this extent, the Sandbox Framework states that virtual machines may be set up to test the offerings, with configurations similar to the live environment. However, the development of such machines may become an expensive affair for both SEBI and sandbox applicants. Additionally, reliance on artificial intelligence or machine learning to ascertain the impact of a capital market offering on consumers, may not reflect the inherent behavioural aspects of human investors when investing in capital instruments[3].

Legal Form and Mandate of an Innovation Sandbox

The Sandbox Framework provides that the innovation sandbox be set up as a separate not-for-profit entity. It may help to specify the exact legal character in the Sandbox Framework itself. For instance, once the constitution and nature of the innovation sandbox is identified: (a) the governance structure, liabilities, powers and authority for grant of concessions and leeway; (b) regulatory exemptions to applicants (although not contemplated currently, but may be considered by SEBI on a cohort-specific basis[4] in future); and (c) mode of setting of cohorts (i.e. product specific multiple cohorts or a single cohort with sub themes) could be built into the bylaws of the innovation sandbox. This will provide greater clarity to applicants contemplating participation in the innovation sandbox.

Digital Architecture

Mandating access to datasets through an Application Programming Interface (API) is reflective of SEBI’s understanding of the technology sector, with widespread use of APIs to ensure interoperability of systems already in place.

However, SEBI may consider outlining the architecture of such a model in the Sandbox Framework. Typically, APIs are the channel of communication between a querist and a dataset which pertains to the query[5]. Upon pinging the API with a query in a specified format, the API matches data which fits the query and shoots it back to the querist.

By adopting the API model, the utility that an applicant derives from the datasets provided may be limited. The amount of information an applicant can gather from a dataset may be limited to the range of commands the API is equipped to respond to. Further, it is not clear how phased access to the datasets would work within this construct. Perhaps SEBI may consider providing applicants with access to the API as well as the underlying data library in its entirety, subject of course to the confidentiality agreement coupled with the technological wherewithal to avoid data leakage.

Further, an important consideration is whether each dataset provider will create only one API or many, depending on the type of offering to be tested using such datasets. In any case, the Sandbox Framework should enable dataset providers to avail services of third parties to develop and maintain such APIs, to hasten roll-out of innovation sandboxes.

Administration and Oversight

SEBI has proposed that three bodies be created to govern the innovation sandbox. The structure is largely two-layered, with a steering committee and an operational team. The steering committee is tasked with creating operating guidelines for a sandbox. Post this, the Sandbox Framework states that the steering committee will take up the role of the governance body, where it evaluates applications received, selects applicants and handles grievance redressal in respect of a sandbox.

At first blush, the exact roles of the steering committee and the governance body is not clear. Given the difference in constitution of the steering committee (comprising of representatives from start-ups, investors and academia) and the governance body (comprising of representatives of entities providing datasets to participants, such as registrar and transfer agents and depositories), mobilisation and transitioning of the steering committee and its role into the governance body is not entirely clear. SEBI may also consider detailing the constitution of the operating team in the Sandbox Framework.

The Way Forward

The Sandbox Framework, while a fairly concise umbrella framework, is yet to transition into a detailed framework that addresses the nuances involved. We believe that if the points highlighted in this blog post are also addressed, either as a modification of the Sandbox Framework or in the operating guidelines, the innovation sandbox may be launched with minimum limitations and maximum comfort to participants.

[1] Key committees are the Housing Finance Committee constituted by RBI in 2016, the committee on financial and regulatory technologies constituted by SEBI in 2017, and committee on regulatory sandbox in insurance sector in India constituted by IRDAI in 2018.

[2] The framework released by SEBI may be found here. IRDAI’s draft framework may be accessed here, and RBI’s draft framework is here.

[3] See for example,

[4] Within an innovation sandbox launched, applicants may be split into sub-groups, either based on number or on a common theme, and each such sub-group may be monitored by a part of the operating team.

[5] An easy-to-understand overview of APIs may be found here: