The past year has been exceptional for FinTech companies with record numbers of transactions in all major areas, including the Americas, EMEA, and Asia-Pacific. There is a bright future ahead for FinTech, with several subsectors anticipated to continue growing and new ones to flourish.
Though the future of FinTech appears promising, it also poses significant risks. For instance, FinTech companies generally operate under fewer regulations than traditional financial institutions. Considering that fintech companies typically handle clients’ sensitive financial information, they may also be more vulnerable to hacks. The regulatory concerns if resolved will contribute to security and soundness and will therefore support the sector’s continued expansion.
The Payment and Settlement Systems Act, 2007 (PSSA) was passed by the Reserve Bank of India (RBI) and regulates payment systems and recognized procedures such as payment, settlement, and clearing. Several legal and regulatory issues come up when fintech start-ups are launched.
Establishing Business Structure
A FinTech business must decide what kind of corporate structure it requires. The three market structures for fintech companies are limited liability partnerships (LLP), one-person corporations (OPC), and private limited companies (PLC). The creation of OPCs and PLCs is governed by the Companies Act of 2013. LLPs are subject to the 2008 Limited Liability Partnerships Act.
Goods and Service Tax (GST) Registration
Companies are required by law to register for GST; failing to do so is against the law. This category includes casual taxpayers, non-resident taxpayers, e-commerce aggregators, reverse charge payment users, and others. New businesses would have to apply for a GST Number and register. A few advantages of this include the possibility to claim an input tax credit, quicker e-commerce website registration, competitive advantages, decreased compliance needs, and more.
Management & Formation of Legal Contracts
Each company requires a distinct set of legal documents. FinTech businesses must employ attorneys to prepare and customize legal documents. Various legal documents and contracts, such as privacy policies, terms, and conditions, employment agreements, non-disclosure agreements, user policies, etc., are required by the law.
Intellectual Property Rights (IPR) Protection
For FinTech firms to legally protect the services that they offer, an IP strategy is essential. Furthermore, a robust intellectual property portfolio will be more enticing to potential buyers if a founder decides to sell their business. This is possible through FinTech-related patenting and trademarking.
Information Technology (IT) Act & Rules Compliance
The Information Technology Act of 2000 and the IT Rules of 2011 are the two main laws governing how personal data is protected. As users’ personal and financial data are collected and stored by fintech platforms, concerns related to data privacy and protection have become more and more critical.
Fintech businesses must adhere to the guidelines set in the IT Act. Section 43A establishes corporate organizations’ liability to “pay damages if they fail to maintain reasonable security measures to protect their users’ sensitive personal data”. Penalties for divulging information in violation of a valid contract are provided by Section 72A. Data about people is vital to FinTech companies. To avoid legal problems, it is essential to abide by the established data security laws.
Furthermore, to improve digital security and protect sensitive client data, the RBI also inculcated various measures such as common minimum-security controls via the Master Direction on Digital Payment Security Controls and prohibiting payment aggregators and merchants from storing customer card credentials under the Tokenization Scheme.
Securities and Exchange Board of India (SEBI) Regulations
The primary regulator of rules about investments in the fintech industry is SEBI. Online trading firms are required to abide by the NSE, BSE, and MCX Trading Member Guidelines.
Furthermore, some businesses provide wealth management and financial planning guidance. It is expected that these companies will acquire their SEBI Registered Investment Advisor (RIA) certificates. The 2013 SEBI Investment Advisers Regulations were established to regulate these businesses. According to the legislation, RIAs must tell their clients about their compensation and any other pertinent product details.
The enforcement obligations of the regulations should be supervised by a compliance officer. Organizations that administer mutual funds’ assets are registered with the “Association of Mutual Funds in India” (AMFI) as distributors.
Reserve Bank of India (RBI) Regulations
In 2009, the RBI issued the Directions for Opening and Operating Accounts and Settlement of Payments for Electronic Payment Transactions Involving Intermediaries to protect clients’ interests and ensure that middlemen who receive their money properly, account for them and refund them to the retailers who sold the items.
The RBI issued the Master Direction on Issuance and Operation of Prepaid Payment Instruments in 2017 to encourage innovation and competition, ensure security and safety, and protect customers. The Master Directions provide eligibility rules for issuing pre-paid instruments to banks and non-banks.
The RBI also updated the Guidelines on Regulation of Payment Aggregators and Payment Gateways 20206 to include “recommendations relating to security and information technology systems, information security governance, data security standards, and risk assessments.”
National Payments Corporation of India (NPCI) Guidelines
The Unified Payments Interface (UPI) and the Bharat Interface for Money (BHIM) were both created by the NCPI. In its UPI Procedural Guidelines and Operating and Settlement Guidelines, the National Payments Council of India (NPCI) lays out the requirements that a fintech company must adhere to, including their responsibilities and liabilities, the transactions that such payment service providers are allowed to perform, and their duties and obligations.