Photo of Vishrut Jain

Principal Associate in the financial regulatory practice at the Mumbai office of Cyril Amarchand Mangaldas. Vishrut has represented various Indian and multinational fintech and information / emerging technology companies on transactional, enforcement and regulatory matters. He can be reached at vishrut.jain@cyrilshroff.com.

Global Capability Centers – Trends, Opportunities and Recent Learnings

Overview

With over 1,700 Global Capability Centers (“GCCs”), revenues at $64.6 billion (a 40% jump over FY23 numbers) and a 17% global share of the GCC capacity base, India is the GCC Capital of the World. The GCC market in India is projected to grow to $99-105 billion by 2030 with nearly 2,100-2,200 GCCs and a headcount of ~2.5-2.8 million.[1]Continue Reading Global Capability Centers – Trends, Opportunities and Recent Learnings

INTRODUCTION

  • The Reserve Bank of India (“RBI”) has published the “Guidelines on Voluntary transition of Small Finance Banks to Universal Banks” dated April 26, 2024 (“SFB Guidelines 2024”), setting out the glide path for voluntary transition of Small Finance Banks (“SFBs”) to universal banks (“Universal Banks”) in terms of:
    • Guidelines for “on-tap” Licensing of Small Finance Banks in Private Sector dated December 5, 2019 (“SFB Guidelines 2019”);
    • Guidelines for “on tap” Licensing of Universal Banks in the Private Sector dated August 1, 2016 (“Universal Bank Guidelines”);
    • Reserve Bank of India (Acquisition and Holding of Shares or Voting Rights in Banking Companies) Directions, 2023 dated January 16, 2023 (“Acquisition Directions 2023”); and
    • Guidelines on Acquisition and Holding of Shares or Voting Rights in Banking Companies dated January 16, 2023 (“Acquisition Guidelines 2023”).

Continue Reading SFB to Universal Bank – New Glide Path

FIG Paper (No. 34 – Data Law Series 5) Balancing Sectoral Regulation and DPDP Act Compliance by NBFCs & Fintechs

Background

Indian regulators in recent times have shown a keen interest in monitoring the intersection between data, information technology, and cybersecurity with regulated entities—more so in relation to Non-Banking Financial Companies (“NBFCs”) and ‘fintechs’. With the expected enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”), and the promulgation of its rules, it becomes imperative for NBFCs and fintechs to map their journey of compliance from legal and regulatory perspectives.Continue Reading FIG Paper (No. 34 – Data Law Series 5) Balancing Sectoral Regulation and DPDP Act Compliance by NBFCs & Fintechs

FIG Paper (No. 32) - Outsourcing of Financial Services: Harmonising the Law and Looking Ahead

Background

The Reserve Bank of India (“RBI”) issued the draft Master Direction – Reserve Bank of India (Managing Risks and Code of Conduct in Outsourcing of Financial Services) Directions, 2023 (“Draft MD”), on October 26, 2023. With the COVID-19 pandemic and the digitisation of financial services globally, financial institutions started becoming increasingly dependent on their service partners and agents to reduce costs and avail expertise not available internally.Continue Reading FIG Paper (No. 32 – Series 1): Outsourcing of Financial Services: Harmonising the Law and Looking Ahead

FIG Paper No. [29], Data Law Series [3]: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

Introduction:

The Digital Personal Data Protection Act, 2023 (“DPDP Act”) is India’s foray into the global regulatory movement on personal data rights. In designing the DPDP Act, there has been a strong focus on simplicity, brevity, and standardisation. We note a marked effort to align with data regulation across the world, most significantly, the European Union’s General Data Protection Regulation (GDPR”). While principally similar, the Indian regime has peculiarities for which financial services entities will have to prepare themselves. Continue Reading FIG Paper No. 30, Data Law Series 4: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

FIG Paper No. 28, Data Law Series 2:
Implications of Digital Personal Data Protection Act, 2023 on Indian Banks

Introduction

In the current landscape, Indian banks are bound by data protection obligations under the provisions and rules of the Information Technology Act, 2000, the Prevention of Money Laundering Act, 2002 and relevant directives of the Reserve Bank of India (“RBI”). As we await the enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the publishing of its rules (“DPDP Rules”), there will be a paradigm shift in the data processing protocols of banks amongst other financial entities.Continue Reading FIG Paper No. 28, Data Law Series 2: Implications of Digital Personal Data Protection Act, 2023 on Indian Banks

New RBI IT Outsourcing Directions Industry Implications

Background

The Reserve Bank of India (“RBI”) has issued the RBI Master Direction on Outsourcing of Information Technology Services, dated April 10, 2023 (“Directions”), that will come into effect on October 1, 2023, in line with its earlier Draft Master Direction on Outsourcing of IT Services, dated June 23, 2022 (“Draft Directions”). The RBI’s message to Regulated Entities (“RE”) via these Directions is clear – the liability of Regulated Entities (“RE”) towards their customers does not get diminished due to such outsourcing arrangements or on account of engaging Third Party Service Providers (“TPSP”), nor does it impede effective supervision by the RBI. Outsourcing activities for financial services were already regulated (“Existing Guidelines”), but not for information technology (“IT”) services. In line with the Existing Guidelines, the idea is that core functional areas of RE cannot be outsourced.Continue Reading FIG Paper (No. 20 – Series 1): New RBI IT Outsourcing Directions: Industry Implications