Photo of Anu Tiwari

Anu Tiwari

Partner (Head - Fintech and FSRP) at Cyril Amarchand Mangaldas. Anu represents Indian and multinational banking, broker-dealer, exchange, asset management, speciality finance, fintech and information/ emerging technology companies on transactional, enforcement and regulatory matters. His transactional practice focus is on public & private M&A, capital raising, commercial agreements and activism matters. Anu advises financial services clients on matters before the Reserve Bank of India (RBI), Securities and Exchange Board of India (SEBI), Ministry of Finance, Enforcement Directorate and appellate tribunals. He can be reached at anu.tiwari@cyrilshroff.com

 

 

FIG Paper No. [29], Data Law Series [3]: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

Introduction:

The Digital Personal Data Protection Act, 2023 (“DPDP Act”) is India’s foray into the global regulatory movement on personal data rights. In designing the DPDP Act, there has been a strong focus on simplicity, brevity, and standardisation. We note a marked effort to align with data regulation across the world, most significantly, the European Union’s General Data Protection Regulation (GDPR”). While principally similar, the Indian regime has peculiarities for which financial services entities will have to prepare themselves. 

Continue Reading FIG Paper No. 30, Data Law Series 4: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India
FIG Paper No 29 – Data Law Series 3: (Implications of Digital Personal Data Protection Act, 2023, on Asset Management Companies)

Background:

  • Asset Management Companies (“AMCs”) act as fiduciaries of unitholders (i.e. investors who hold units in funds managed by an AMC), due to which the Securities and Exchange Board of India (“SEBI”) has mandated various data privacy obligations for AMCs, either directly or through the Association of Mutual Funds of India (“AMFI”).
  • SEBI, in a private letter to AMCs, AMFI and registrar and transfer agents (“RTAs”) dated July 10, 2020 (“SEBI Letter”), required that digital platforms involved in distribution/ advisory and AMCs/ RTAs must respect unitholder’s data privacy. The letter included the following two mandates:
    • unitholder data should not be shared with group entities having multiple business/ products; and
    • products and services of group companies cannot be cross marketed.
Continue Reading FIG Paper No 29 – Data Law Series 3: (Implications of Digital Personal Data Protection Act, 2023, on Asset Management Companies)
FIG Paper No. 28, Data Law Series 2: Implications of Digital Personal Data Protection Act, 2023 on Indian Banks

Introduction

In the current landscape, Indian banks are bound by data protection obligations under the provisions and rules of the Information Technology Act, 2000, the Prevention of Money Laundering Act, 2002 and relevant directives of the Reserve Bank of India (“RBI”). As we await the enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the publishing of its rules (“DPDP Rules”), there will be a paradigm shift in the data processing protocols of banks amongst other financial entities.

Continue Reading FIG Paper No. 28, Data Law Series 2: Implications of Digital Personal Data Protection Act, 2023 on Indian Banks
FIG Paper (No. 27 – Series. 1): Implications of Digital Personal Data Protection Act, 2023, on Payment Service Providers

Introduction:

The Reserve Bank of India (“RBI”) has allowed certain non-banks to operate in the financial ecosystem for payment processing under the Payment and Settlement Systems Act, 2007 (“PSS Act”), in addition to banks. These non-banks are typically operate Cross Border Money Transfer (“MTSS”); Prepaid Payment Instruments (“PPI”); Bharat Bill Payment Operating Units (“BBPOU”); White Label ATM Operators (“WLAO”), etc.

Continue Reading FIG Paper (No. 27 – Data Law Series 1): Implications of Digital Personal Data Protection Act, 2023, on Payment Service Providers
FIG Paper - Navigating SEBI’s Definition of UPSI

Introduction:

The objective of the PIT Regulations is to prohibit insiders with access to Unpublished Price Sensitive Information (“UPSI”) from making illicit gains and to ensure timely, adequate and even disclosure of UPSI to the public. Hence, the determination of what constitutes as UPSI becomes necessary. In this regard, the Securities and Exchange Board of India (“SEBI”) has signalled a shift from a principle-based regime to a more prescriptive regime, which is likely to result in increased compliance obligations for the listed companies.

Continue Reading FIG Paper (No. 26 – Series. 3): Navigating SEBI’s Definition of UPSI
FIG Paper (No. 25 – Series 2): Shedding Light on Dark Patterns in FinTech: Impact of DPDP Act

Introduction:

The new draft guidelines titled ‘Guidelines for Prevention and Regulation of Dark Patterns, 2023’[1] (“Draft Dark Pattern Guidelines”), released by the Department of Consumer Affairs in September 2023, define dark patterns as “any practices or deceptive design patterns using UI/UX (user interface/user experience) interactions on any platform; designed to mislead or trick users to do something they originally did not intend or want to do; by subverting or impairing the consumer autonomy, decision making or choice; amounting to misleading advertisement or unfair trade practice or violation of consumer rights”.

Continue Reading FIG Paper (No. 25 – Series 2): Shedding Light on Dark Patterns in FinTech: Impact of DPDP Act
FIG Paper (No. 24 – Series 1): New Data Law – Financial Services Implications

(Indian) Digital Personal Data Protection Act, 2023 (“DPDP Act”) received Presidential assent on August 11, 2023, and is awaiting notification by the Indian Government, which is expected soon. This FIG Paper examines: (i) the existing data protection/ privacy framework for the Indian financial services space; (ii) overlays DPDP Act considerations; and (iii) preferred approach to “gap” analysis, basis global learnings.

Continue Reading FIG Paper (No. 24 – Series 1): New Data Law – Financial Services Implications

I. Background:

(i) SEBI notified the Securities and Exchange Board of India (Mutual Funds) (Amendment) Regulations, 2023 (“Amendment”), on June 27, 2023. The Amendment follows a Consultation Paper on Review of Regulatory Framework for Sponsors of a Mutual Fund, which the SEBI had released on January 13, 2023 (“Consultation Paper”).

(ii) The Amendment

Background

On June 15, 2023, Securities and Exchange Board of India [“SEBI”] had released— (i) Master Circular for Investment Advisers; and (ii) Master Circular for Research Analysts.

The Master Circulars serve as comprehensive compilations of all directions issued by SEBI pertaining to Investment Advisers [“IAs”] and Research Analysts [“RAs“]. SEBI’s Master Circulars for IAs and RAs aim to provide easy access to relevant guidelines and promote compliance among IAs and RAs.

Continue Reading FIG Paper No. 22: Decoding SEBI’s Master Circular for Investment Advisers and Research Analysts
SEBI’s MUTUAL FUND EXPENSE RATIO CONSULTATION PAPER

BACKGROUND

On May 18, 2023, the Securities and Exchange Board of India [“SEBI”] had placed a consultation paper related to the total expense ratio charged by Asset Management Companies [“AMC”] to unitholders of mutual funds. June 8, 2023 was set as the deadline for submission of public comments. The due date, however, was extended to June 8, 2023.

The proposal is aimed at curbing distributor practices such as unnecessary switching of schemes and pushing new fund offerings for higher commissions. SEBI in its consultation paper proposed to introduce performance fees for funds. It proposed two approaches, but also suggested testing the models under the Regulatory Sandbox.

Continue Reading FIG Paper (No. 21 – Series 1): SEBI’s Mutual Fund Expense Ratio Consultation Paper: Impact Analysis