Photo of Aditya Sarkar

Associate in the Financial Regulatory Practice at the Mumbai office of Cyril Amarchand Mangaldas. He can be reached at aditya.sarkar@cyrilshroff.com

FIG Paper (No. 34 – Data Law Series 5) Balancing Sectoral Regulation and DPDP Act Compliance by NBFCs & Fintechs

Background

Indian regulators in recent times have shown a keen interest in monitoring the intersection between data, information technology, and cybersecurity with regulated entities—more so in relation to Non-Banking Financial Companies (“NBFCs”) and ‘fintechs’. With the expected enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”), and the promulgation of its rules, it becomes imperative for NBFCs and fintechs to map their journey of compliance from legal and regulatory perspectives.Continue Reading FIG Paper (No. 34 – Data Law Series 5) Balancing Sectoral Regulation and DPDP Act Compliance by NBFCs & Fintechs

FIG Paper (No. 32) - Outsourcing of Financial Services: Harmonising the Law and Looking Ahead

Background

The Reserve Bank of India (“RBI”) issued the draft Master Direction – Reserve Bank of India (Managing Risks and Code of Conduct in Outsourcing of Financial Services) Directions, 2023 (“Draft MD”), on October 26, 2023. With the COVID-19 pandemic and the digitisation of financial services globally, financial institutions started becoming increasingly dependent on their service partners and agents to reduce costs and avail expertise not available internally.Continue Reading FIG Paper (No. 32 – Series 1): Outsourcing of Financial Services: Harmonising the Law and Looking Ahead

FIG Paper No. [29], Data Law Series [3]: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

Introduction:

The Digital Personal Data Protection Act, 2023 (“DPDP Act”) is India’s foray into the global regulatory movement on personal data rights. In designing the DPDP Act, there has been a strong focus on simplicity, brevity, and standardisation. We note a marked effort to align with data regulation across the world, most significantly, the European Union’s General Data Protection Regulation (GDPR”). While principally similar, the Indian regime has peculiarities for which financial services entities will have to prepare themselves. Continue Reading FIG Paper No. 30, Data Law Series 4: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

FIG Paper No. 28, Data Law Series 2:
Implications of Digital Personal Data Protection Act, 2023 on Indian Banks

Introduction

In the current landscape, Indian banks are bound by data protection obligations under the provisions and rules of the Information Technology Act, 2000, the Prevention of Money Laundering Act, 2002 and relevant directives of the Reserve Bank of India (“RBI”). As we await the enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the publishing of its rules (“DPDP Rules”), there will be a paradigm shift in the data processing protocols of banks amongst other financial entities.Continue Reading FIG Paper No. 28, Data Law Series 2: Implications of Digital Personal Data Protection Act, 2023 on Indian Banks

FIG Papers No. 6 - Series–2 RBI Payment Regulations – 2009 to 2021 - Bank ‘nodals’ to PA PG licenses Blog

Introduction:

In our previous FIG Paper, we shared key learnings from our experience in connection with the payment aggregator and payment gateway guidelines (“PA/PG Guidelines”) issued by the Reserve Bank of India (“RBI”) on March 17, 2020. Based on representations received from various industry associations and payment intermediaries, the RBI has formalised the clarifications (initially issued on September 17, 2020) relating to the PA/PG Guidelines on March 31, 2021 (“Clarifications”).
Continue Reading FIG Papers (No. 6: Series–2) RBI Payment Regulations – 2009 to 2021: Bank ‘nodals’ to PA/PG licenses!

RBI’S REVISED REGULATORY FRAMEWORK FOR NBFCS

Introduction

In the backdrop of recent stress in the financial sector, especially in the speciality finance (i.e. NBFC) space, the Reserve Bank of India (“RBI”) has sought to address potential systemic risks by issuing a discussion paper on ‘Revised Regulatory Framework for NBFCs – A Scale-Based Approach’ (“Discussion Paper”) on January 22, 2021. The apex bank, through the Discussion Paper, has introduced a scale-based approach to the regulation of non-banking financial companies. Owing to their growing significance, linkages with the banking and capital markets sectors, and complexity in operations, the Discussion Paper proposes a four-tiered regulatory structure for NBFCs, based on proportionality of the NBFCs.
Continue Reading FIG Papers (No. 2) : RBI’s Revised Regulatory Framework for NBFCs : Industry Implications