Photo of Anu Tiwari

Anu Tiwari

Partner (Head - Fintech and FSRP) at Cyril Amarchand Mangaldas. Anu represents Indian and multinational banking, broker-dealer, exchange, asset management, speciality finance, fintech and information/ emerging technology companies on transactional, enforcement and regulatory matters. His transactional practice focus is on public & private M&A, capital raising, commercial agreements and activism matters. Anu advises financial services clients on matters before the Reserve Bank of India (RBI), Securities and Exchange Board of India (SEBI), Ministry of Finance, Enforcement Directorate and appellate tribunals. He can be reached at anu.tiwari@cyrilshroff.com

 

 

FIG Paper (No 35- Payments Series 3)– The new Draft Directions for Regulations of Payment Aggregator

Introduction:

In our previous two FIG Papers of PA/PG Framework (here) and (here), we shared our key learnings in connection with operations of payment aggregator and payment gateway guidelines issued by the Reserve Bank of India (“RBI”) on March 17, 2020 (as amended from time to time) (“PA/PG Guidelines”).Continue Reading FIG Paper (No 35- Payments Series 3)– The new Draft Directions for Regulations of Payment Aggregator

New SEBI FPI Beneficial Owner Disclosure Norms

Introduction:

The Foreign Portfolio Investor (“FPI”) regime is a foreign investments’ entry route in India, whereby FPIs can invest in Indian securities, subject to compliance with India’s foreign exchange control laws and the regulatory framework issued by the Securities and Exchange Board of India (“SEBI”). As part of the Know Your Customer (“KYC”) process for FPI registration, identification and verification of Beneficial Owner(s) (“BO”) is required to be undertaken as per Rule 9 of the Prevention of Money Laundering (Maintenance of records) Rules, 2005 (“PMLR”),[1] which is a part of the Indian AML/ CFT legal framework.Continue Reading New SEBI FPI Beneficial Owner Disclosure Norms

INTRODUCTION

  • The Reserve Bank of India (“RBI”) has published the “Guidelines on Voluntary transition of Small Finance Banks to Universal Banks” dated April 26, 2024 (“SFB Guidelines 2024”), setting out the glide path for voluntary transition of Small Finance Banks (“SFBs”) to universal banks (“Universal Banks”) in terms of:
    • Guidelines for “on-tap” Licensing of Small Finance Banks in Private Sector dated December 5, 2019 (“SFB Guidelines 2019”);
    • Guidelines for “on tap” Licensing of Universal Banks in the Private Sector dated August 1, 2016 (“Universal Bank Guidelines”);
    • Reserve Bank of India (Acquisition and Holding of Shares or Voting Rights in Banking Companies) Directions, 2023 dated January 16, 2023 (“Acquisition Directions 2023”); and
    • Guidelines on Acquisition and Holding of Shares or Voting Rights in Banking Companies dated January 16, 2023 (“Acquisition Guidelines 2023”).

Continue Reading SFB to Universal Bank – New Glide Path

FIG Paper (No. 34 – Data Law Series 5) Balancing Sectoral Regulation and DPDP Act Compliance by NBFCs & Fintechs

Background

Indian regulators in recent times have shown a keen interest in monitoring the intersection between data, information technology, and cybersecurity with regulated entities—more so in relation to Non-Banking Financial Companies (“NBFCs”) and ‘fintechs’. With the expected enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”), and the promulgation of its rules, it becomes imperative for NBFCs and fintechs to map their journey of compliance from legal and regulatory perspectives.Continue Reading FIG Paper (No. 34 – Data Law Series 5) Balancing Sectoral Regulation and DPDP Act Compliance by NBFCs & Fintechs

FIG Paper (No. 33 – Series 2): Compulsory Registration of Off-shore Virtual Digital Asset Service Providers with FIU-IND?

Recently, the Financial Intelligence Unit – India (“FIU-Ind”) has issued show-cause notices to several offshore Virtual Digital Asset Service Providers (“VDASP”) for non-compliance with  provisions of the Prevention of Money Laundering Act, 2002 (“PMLA”) and for non-registration with the FIU-Ind, post amendment to PMLA on march 07, 2023, while catering to the Indian customers and operating in the Indian market.Continue Reading FIG Paper (No. 33 – Series 2): Compulsory Registration of Off-shore Virtual Digital Asset Service Providers with FIU-IND?

FIG Paper (No. 32) - Outsourcing of Financial Services: Harmonising the Law and Looking Ahead

Background

The Reserve Bank of India (“RBI”) issued the draft Master Direction – Reserve Bank of India (Managing Risks and Code of Conduct in Outsourcing of Financial Services) Directions, 2023 (“Draft MD”), on October 26, 2023. With the COVID-19 pandemic and the digitisation of financial services globally, financial institutions started becoming increasingly dependent on their service partners and agents to reduce costs and avail expertise not available internally.Continue Reading FIG Paper (No. 32 – Series 1): Outsourcing of Financial Services: Harmonising the Law and Looking Ahead

FIG Paper No. [29], Data Law Series [3]: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

Introduction:

The Digital Personal Data Protection Act, 2023 (“DPDP Act”) is India’s foray into the global regulatory movement on personal data rights. In designing the DPDP Act, there has been a strong focus on simplicity, brevity, and standardisation. We note a marked effort to align with data regulation across the world, most significantly, the European Union’s General Data Protection Regulation (GDPR”). While principally similar, the Indian regime has peculiarities for which financial services entities will have to prepare themselves. Continue Reading FIG Paper No. 30, Data Law Series 4: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

FIG Paper No 29 – Data Law Series 3: (Implications of Digital Personal Data Protection Act, 2023, on Asset Management Companies)

Background:

  • Asset Management Companies (“AMCs”) act as fiduciaries of unitholders (i.e. investors who hold units in funds managed by an AMC), due to which the Securities and Exchange Board of India (“SEBI”) has mandated various data privacy obligations for AMCs, either directly or through the Association of Mutual Funds of India (“AMFI”).
  • SEBI, in a private letter to AMCs, AMFI and registrar and transfer agents (“RTAs”) dated July 10, 2020 (“SEBI Letter”), required that digital platforms involved in distribution/ advisory and AMCs/ RTAs must respect unitholder’s data privacy. The letter included the following two mandates:
    • unitholder data should not be shared with group entities having multiple business/ products; and
    • products and services of group companies cannot be cross marketed.

Continue Reading FIG Paper No 29 – Data Law Series 3: (Implications of Digital Personal Data Protection Act, 2023, on Asset Management Companies)

FIG Paper No. 28, Data Law Series 2: Implications of Digital Personal Data Protection Act, 2023 on Indian Banks

Introduction

In the current landscape, Indian banks are bound by data protection obligations under the provisions and rules of the Information Technology Act, 2000, the Prevention of Money Laundering Act, 2002 and relevant directives of the Reserve Bank of India (“RBI”). As we await the enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the publishing of its rules (“DPDP Rules”), there will be a paradigm shift in the data processing protocols of banks amongst other financial entities.Continue Reading FIG Paper No. 28, Data Law Series 2: Implications of Digital Personal Data Protection Act, 2023 on Indian Banks