Horizon Scan: Fintech Developments – An Analysis Of The Fintech Regulatory Framework In India

1. New Cloud Services Framework and Enhanced Cybersecurity Framework For the Securities Sector

The Securities and Exchange Board of India (“SEBI”), India’s securities and commodities regulator, issued an enhanced cybersecurity framework for regulated entities that include stockbrokers, asset management companies, and mutual funds. SEBI also issued a framework aimed specifically at the adoption of cloud services, which requires regulated entities to introduce security measures in connection with their cloud services. Non-regulated businesses that offer cloud solutions to these organisations will be required to restructure their security protocols to meet these new standards. 

2. New Cybersecurity Framework For The Insurance Sector

The Insurance Regulatory and Development Authority of India, India’s insurance regulator, has directed insurers and insurance intermediaries to strengthen their cybersecurity compliances by introducing a new set of guidelines for this purpose. Regulated entities are expected to comply with the new guidelines by the start of April, 2024. 

3. New Framework For Regulation Of Outsourcing Activities In the Banking Sector

The Reserve Bank of India, India’s central bank and banking regulator, has issued detailed guidelines on the outsourcing of IT services for regulated entities, such as commercial banks. Fintech companies that collaborate with regulated entities as outsourcing partners will be expected to introduce new measures within their partnerships, especially in the areas of risk management, monitoring and control over outsourced activities, cross-border outsourcing, and cybersecurity.