FIG Paper (No. 34 – Data Law Series 5) Balancing Sectoral Regulation and DPDP Act Compliance by NBFCs & Fintechs

Background

Indian regulators in recent times have shown a keen interest in monitoring the intersection between data, information technology, and cybersecurity with regulated entities—more so in relation to Non-Banking Financial Companies (“NBFCs”) and ‘fintechs’. With the expected enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”), and the promulgation of its rules, it becomes imperative for NBFCs and fintechs to map their journey of compliance from legal and regulatory perspectives.Continue Reading FIG Paper (No. 34 – Data Law Series 5) Balancing Sectoral Regulation and DPDP Act Compliance by NBFCs & Fintechs

FIG Paper (No. 32) - Outsourcing of Financial Services: Harmonising the Law and Looking Ahead

Background

The Reserve Bank of India (“RBI”) issued the draft Master Direction – Reserve Bank of India (Managing Risks and Code of Conduct in Outsourcing of Financial Services) Directions, 2023 (“Draft MD”), on October 26, 2023. With the COVID-19 pandemic and the digitisation of financial services globally, financial institutions started becoming increasingly dependent on their service partners and agents to reduce costs and avail expertise not available internally.Continue Reading FIG Paper (No. 32 – Series 1): Outsourcing of Financial Services: Harmonising the Law and Looking Ahead

FIG Paper No. [29], Data Law Series [3]: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

Introduction:

The Digital Personal Data Protection Act, 2023 (“DPDP Act”) is India’s foray into the global regulatory movement on personal data rights. In designing the DPDP Act, there has been a strong focus on simplicity, brevity, and standardisation. We note a marked effort to align with data regulation across the world, most significantly, the European Union’s General Data Protection Regulation (GDPR”). While principally similar, the Indian regime has peculiarities for which financial services entities will have to prepare themselves. Continue Reading FIG Paper No. 30, Data Law Series 4: Implications of Digital Personal Data Protection Act, 2023 for Foreign Banks in India

Indian Regulatory Perspective on Non-traditional Reinsurance Solutions

Background

The Insurance Regulatory and Development Authority of India (“IRDAI”) has notified the introduction of first phase of pilots for implementing ‘Risk Based Supervision’ (“RBS”) framework for the insurance sector in India[1], commencing from July 2023. The IRDAI has collaborated with M/s Toronto Centre[2] for the aforesaid project. According to the IRDAI press release, RBS is a shift towards adopting global best practices for supervision which focuses on proportionality, materiality and relies on holistic analysis of the activities of regulated entity from risk perspective. The IRDAI’s intention to shift to the RBS framework for the insurance sector was first divulged vide a notification in October 2018[3], which listed the following benefits for insurance supervision[4]:Continue Reading Risk Based Supervision: Pilot Basis for New Regime to Take Off?

FIG Paper No. 28, Data Law Series 2:
Implications of Digital Personal Data Protection Act, 2023 on Indian Banks

Introduction

In the current landscape, Indian banks are bound by data protection obligations under the provisions and rules of the Information Technology Act, 2000, the Prevention of Money Laundering Act, 2002 and relevant directives of the Reserve Bank of India (“RBI”). As we await the enforcement of the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the publishing of its rules (“DPDP Rules”), there will be a paradigm shift in the data processing protocols of banks amongst other financial entities.Continue Reading FIG Paper No. 28, Data Law Series 2: Implications of Digital Personal Data Protection Act, 2023 on Indian Banks

FIG Paper (No. 27 – Series. 1): Implications of Digital Personal Data Protection Act, 2023, on Payment Service Providers

Introduction:

The Reserve Bank of India (“RBI”) has allowed certain non-banks to operate in the financial ecosystem for payment processing under the Payment and Settlement Systems Act, 2007 (“PSS Act”), in addition to banks. These non-banks are typically operate Cross Border Money Transfer (“MTSS”); Prepaid Payment Instruments (“PPI”); Bharat Bill Payment Operating Units (“BBPOU”); White Label ATM Operators (“WLAO”), etc.Continue Reading FIG Paper (No. 27 – Data Law Series 1): Implications of Digital Personal Data Protection Act, 2023, on Payment Service Providers

The Department for Promotion of Industry and Internal Trade (“DPIIT”) released a new standard operating procedure for processing foreign direct investment (“FDI”) proposals on August 17, 2023 (“New SOP”)[1]. It replaced the erstwhile standard operating procedure dated November 9, 2020 (“Erstwhile SOP”)[2], which covered the manner in which FDI proposals that required government approval under the Consolidated FDI Policy 2020 (“FDI Policy”) and the Foreign Exchange Management (Non-Debt Instruments) Rules, 2019, were being processed.Continue Reading New Norms For Processing FDI Proposals

FIG Paper

BACKGROUND

While the Reserve Bank of India (“RBI”) had in its August 10, 2022 press release stated that it is examining the First Loss Default Guarantee (“FLDG”) structures, the Digital Lending Guidelines issued by the RBI on September 2, 2022 neither permitted nor expressly prohibited loss sharing arrangements such as FLDGs, but recommended that provisions of paragraph 6(c) of the Reserve Bank of India (Securitisation of Standard Assets) Directions, 2021 dated September 24, 2021 (“Securitisation MD”) be adhered to for financial products involving contractual agreements such as FLDG. Paragraph 6(c) of Securitisation MD prohibits Regulated Entities (“RE”) from undertaking or assuming exposure under “synthetic securitisation” structures. This led to industry-wide confusion regarding the permissibility of loss sharing arrangements such as FLDG.Continue Reading FIG Paper (No.18 – Series 2) RBI’s New Default Loss Guarantee Guidelines: Late but Not lost

Financial Regulation

Central banks and other financial regulatory authorities are responsible for influencing major investment decisions and resource allocation through their policies. In India, the Reserve Bank of India (RBI) has joined a growing number central banks and financial regulators, who have incorporated climate change into their financial stability mandate seeking to frame prudential regulations and/or direct credit towards sustainable projects. We have analysed the recent developments in our previous posts available here and here.Continue Reading Green Central Banks and Financial Regulators – Are they Legally Mandated?