by Renuka Sane and Ajay Shah.
Fintech innovation in India has been hampered by financial regulation. Three examples are instructive: the Uber cashless transaction, regulation for pre-paid instruments (PPIs), and the more recent P2P regulations. In each of these situations, regulators (who have the power to write regulations) looked at an incipient industry and chose to write regulations that placed important restrictions upon innovators. The notion that fintech companies are a few new categories of `NBFCs', which has been accepted by regulators in India, contains many difficulties.
Controlled experimentation can be a valuable tool to support the objectives of public policy or a tool for rational thinking to help formulate public policy. Here are a few examples:
In this article, we think about how mechanisms for experimentation can be developed in India to support fintech innovation.
Can we transplant the drone experimentation or algorithm experimentation into the fintech context? In the drone case, there is some empty land where a misbehaving drone can do little damage. Could we this in finance?
A Technology Demonstrator Environment could be a community (e.g. a university campus) which is designated as a place where innovative firms can experiment with products and processes that are in violation of existing financial law and regulation. The founding premise would be that when a red alert sign is shown to the users at a university campus, they know that they are on their own, and after that are smart enough to fend for themselves.
While this seems to be a plausible idea, it is more complicated than meets the eye.
In this territory, firms would be able to launch products and services that violate financial law but not other laws. There are numerous requirements in the Indian Penal Code, and in local law such as the Maharashtra Money-lending (Regulation) Act and the Maharashtra Protection of Interests of Depositors (in Financial Establishments) Act, that impinge upon fintech firms. Once India has a data protection law, that would constrain firms on questions of privacy. These firms would still need to carefully navigate this legal landscape.
A mechanism would be needed to ensure that persons outside the community do not come in as customers. Participants would need to be given clear disclosure about the risks that they are accepting. Firms would need to impose no risks upon these persons other than the risks that have been willingly accepted.
This will require an institutional structure that will work with technology companies and the end-customers. It is not as simple as drone experimentation where some blank space is opened up for experimentation with unregulated drones. This institutional structure would, however, have no direct link to the regulation-making process at financial regulators, that would pave the way for rollout of products in the mainland.
Such experimentation can help firms refine products and processes. The construction of living working product samples would foster knowledge in the Indian policy community.
Many feel that the path to a more supportive regulatory environment lies through building a `Fintech Regulatory Sandbox' [example]. The RBI Household Finance Committee Report, 2017 proposed the creation of a sandbox:
How can this be done?
The concept of a regulatory sandbox - a testing ground for new business models - has caught the attention of regulators around the world. Regulators in almost 20 countries are working towards setting up such sandboxes in their jurisdictions. The English word `sandbox' is familiar to all, so it helps to make precise what we mean by a regulatory sandbox for fintech innovators.
The Fintech Regulatory Sandbox is similar to the long-established processes that are used in clinical trials and the drug approval process in the pharmaceutical industry. The kind of risks that are intended to be addressed are identified (safety in first stage, efficacy next, and so on). While the onus of clearing these hurdles lies on the innovator, regulators sit with the innovators to provide inputs into the trial design (size of trial, control set requirements, etc). These inputs serve as a baseline for decisioning. In this environment, the entrepreneur has a relatively clearer sight of what risks need to be mitigated to get to her desired outcome.
Turning to finance, according to a report by the UK Financial Conduct Authority (FCA), regulatory uncertainty is a hurdle to innovation. When investors in projects with new ideas are not able to assess risks, valuations become lower, and sometimes innovations get abandoned at an early stage. A regulatory sandbox allows the regulator to work with innovators to ensure that appropriate consumer protection safeguards are built in to their new products and services. The sandbox would enable FCA and innovators to work together to reduce some of this uncertainty.
The traditional regulation-making process works as follows:
Two kinds of impulses come into the traditional regulation-making process: the broad development of knowledge, or a specific request from an innovative firm. The Fintech Regulatory Sandbox is a formal institutional arrangement that is added, upstream of the regulation-making process:
This gives a third pathway into the regulation-making process, the regulatory sandbox. It is important to see that the sandbox sits upstream of the regulation-making process. The outcomes obtained from the sandbox are handled by the regulation-making process, and are thus dependent upon the sound functioning of the regulation-making process. In countries like the UK, the foundations of the regulation-making process have been in place for decades. Hence, when the sandbox was discussed and built in the UK, there was no discussion about the regulation-making process which was a solved problem.
Firms apply to enter the sandbox, and if selected, may be provided with tools that include (i) restricted authorisation (ii) rule waivers (iii) individual guidance (iv) no enforcement action letters to conduct the tests. When doing the tests, the UK FCA works with firms to mitigate potential harm during and after testing - this could be in the form of extra capital requirements, and reviews of the product/advice by other qualified advisors.
What kinds of projects go into a sandbox? Simple fintech ideas, like Uber's cashless payment, or basic P2P systems, obtain regulatory approval directly, through the normal regulatory process, as there is not much complexity there. Most firms approved for the sandbox by the FCA were applying new technological tools to rethink traditional products or services. These included Distributed Ledger Technology (DLT), use of online platforms, APIs and biometrics, and robo-advice for distribution of products.
Projects that entered the UK sandbox had a high chance of obtaining the desired full product launch. According to the FCA status report, about 90% of firms that completed testing in the first cohort are continuing toward a wider market launch following their test. For the majority of firms, the restricted authorisation was turned into a full authorisation following completion of their tests. This has also helped innovators raise finance.
This high probability of successful exit is important in shaping the incentives of firms. The entrepreneur is expected to put down capital to build a product and run it in the sandbox for (say) six months. After this, she expects that the evidence that has been created will be rationally utilised by a regulator, i.e. in a well structured regulation-making process, to evaluate the modifications to regulations that will be required. If such an expectation is not, in fact, present at the outset, firms have little incentive to put resources into experimentation in the sandbox.
The appeal of the sandbox lies in the belief that it allows for testing of subtle implications of new technologies on consumer protection or systemic risk issues. This requires the ability to extrapolate the results of the sandbox experiment to the larger question of risk to consumers in a full scale deployment. It also requires an openness to acknowledge that existing regulations may be unreasonably restrictive given the change in technology, and a responsiveness to changing the regulations when experiments suggest the same.
The first port of call is reforms of the regulation-making process. No matter how well the sandbox works, its results go into the regulation-making process. At present, financial regulators in India, when presented with questions about how regulations should be written, tend to come up with a conservative answer: one that involves creating entry barriers, hampering innovation, micro managing operations, or banning processes or entities from operation, often without an explanation. Regulators rarely do a cost-benefit analysis, or engage in a serious public comments process. There are poor checks and balances surrounding the regulation-making process. This yields low quality regulations. These deficiencies would hamper the extent to which the sandbox would yield useful outcomes.
Hence, process reform in regulation-making at financial regulators in India is required. The regulation-making process needs to be put on a sound institutional foundation with clear identification of areas of regulatory concern, cost-benefit analysis, request for comments from the public, responses to ideas from the public, all under the oversight of the board. This would address a large number of elementary fintech problems, such as the Uber cashless payment, a large number of P2P startups, etc.
After this, we can build the Fintech Regulatory Sandbox. This requires an institutional arrangement with the following elements:
The fintech revolution offers important gains for India. At present, fintech innovation faces regulatory constraints. There is value in obtaining an environment where more experiments take place, which permit firms to innovate and that bring knowledge into the policy process. This can be done using a lightweight Technology Demonstrator Environment, reforms of the regulation-making process and then the establishment of a Fintech Regulatory Sandbox.
Renuka Sane and Ajay Shah are researchers at the National Institute of Public Finance and Policy. We thank Smriti Parsheera, Suyash Rai, Susan Thomas, Ashish Aggarwal, Anjali Sharma, Bhargavi Zaveri, Vimal Balasubramaniam, Sharad Sharma, Lalitesh Katragadda, and Alok Mittal for useful discussions.
The problem
Fintech innovation in India has been hampered by financial regulation. Three examples are instructive: the Uber cashless transaction, regulation for pre-paid instruments (PPIs), and the more recent P2P regulations. In each of these situations, regulators (who have the power to write regulations) looked at an incipient industry and chose to write regulations that placed important restrictions upon innovators. The notion that fintech companies are a few new categories of `NBFCs', which has been accepted by regulators in India, contains many difficulties.
Experimentation in public policy
Controlled experimentation can be a valuable tool to support the objectives of public policy or a tool for rational thinking to help formulate public policy. Here are a few examples:
- In many countries, there are geographical regions that are demarcated for drone experimentation. Anyone (even a foreigner) is allowed to go into certain regions in the US, and fly an unregulated drone. These are empty lands where the damage that a drone can do is near zero. There is no connection with the government, or the public policy process, in the activities that take place in this sandbox. All that is done is to give a place for people to fly drones that are otherwise prohibited. This fosters experimentation and (ultimately) the knowledge that will shape regulations in the future.
- Exchanges have a framework where algorithms can be put into fake market settings, in order to help developers test new algorithmic trading software. As with the drones example, there is no connection at all with the rule-making functions of the regulator or the exchange. All that is done is to provide a safe space where software can be tested, and mistakes made, without repercussions either for the experimenter or the overall market. Exchanges in India have been pioneers in this regard on a global scale, and it was a successful innovation.
- There is a sense in which China has used SEZs as a sandbox, to experiment with new concepts in policy. The influence of this sandbox is, however, only intellectual. The policy community sees what worked and what did not work. There is no systematic channel through which policy innovations migrate from the sandbox to the mainland, other than intellectual influence.
- Financial regulators worldwide have been doing experiments with policy initiatives that are put into motion in small pilots. As an example, the US SEC has begun an experiment on tick size for small stocks. The policy initiative is being rolled out for a few firms, and then evidence will be obtained on the impact of the policy change. This is much better than rolling out a policy change for the entire country.
In this article, we think about how mechanisms for experimentation can be developed in India to support fintech innovation.
A Technology Demonstrator Environment
Can we transplant the drone experimentation or algorithm experimentation into the fintech context? In the drone case, there is some empty land where a misbehaving drone can do little damage. Could we this in finance?
A Technology Demonstrator Environment could be a community (e.g. a university campus) which is designated as a place where innovative firms can experiment with products and processes that are in violation of existing financial law and regulation. The founding premise would be that when a red alert sign is shown to the users at a university campus, they know that they are on their own, and after that are smart enough to fend for themselves.
While this seems to be a plausible idea, it is more complicated than meets the eye.
In this territory, firms would be able to launch products and services that violate financial law but not other laws. There are numerous requirements in the Indian Penal Code, and in local law such as the Maharashtra Money-lending (Regulation) Act and the Maharashtra Protection of Interests of Depositors (in Financial Establishments) Act, that impinge upon fintech firms. Once India has a data protection law, that would constrain firms on questions of privacy. These firms would still need to carefully navigate this legal landscape.
A mechanism would be needed to ensure that persons outside the community do not come in as customers. Participants would need to be given clear disclosure about the risks that they are accepting. Firms would need to impose no risks upon these persons other than the risks that have been willingly accepted.
This will require an institutional structure that will work with technology companies and the end-customers. It is not as simple as drone experimentation where some blank space is opened up for experimentation with unregulated drones. This institutional structure would, however, have no direct link to the regulation-making process at financial regulators, that would pave the way for rollout of products in the mainland.
Such experimentation can help firms refine products and processes. The construction of living working product samples would foster knowledge in the Indian policy community.
The proposed Fintech Regulatory Sandbox
Many feel that the path to a more supportive regulatory environment lies through building a `Fintech Regulatory Sandbox' [example]. The RBI Household Finance Committee Report, 2017 proposed the creation of a sandbox:
Such an institution can provide a structured avenue for regulators to engage with the financial supply side, develop innovation enabling regulations, and holds promise to facilitate the delivery of relevant, customised, and low-cost financial products to Indian households.
How can this be done?
The concept of the Fintech Regulatory Sandbox
The concept of a regulatory sandbox - a testing ground for new business models - has caught the attention of regulators around the world. Regulators in almost 20 countries are working towards setting up such sandboxes in their jurisdictions. The English word `sandbox' is familiar to all, so it helps to make precise what we mean by a regulatory sandbox for fintech innovators.
The Fintech Regulatory Sandbox is similar to the long-established processes that are used in clinical trials and the drug approval process in the pharmaceutical industry. The kind of risks that are intended to be addressed are identified (safety in first stage, efficacy next, and so on). While the onus of clearing these hurdles lies on the innovator, regulators sit with the innovators to provide inputs into the trial design (size of trial, control set requirements, etc). These inputs serve as a baseline for decisioning. In this environment, the entrepreneur has a relatively clearer sight of what risks need to be mitigated to get to her desired outcome.
Turning to finance, according to a report by the UK Financial Conduct Authority (FCA), regulatory uncertainty is a hurdle to innovation. When investors in projects with new ideas are not able to assess risks, valuations become lower, and sometimes innovations get abandoned at an early stage. A regulatory sandbox allows the regulator to work with innovators to ensure that appropriate consumer protection safeguards are built in to their new products and services. The sandbox would enable FCA and innovators to work together to reduce some of this uncertainty.
The traditional regulation-making process works as follows:
Two kinds of impulses come into the traditional regulation-making process: the broad development of knowledge, or a specific request from an innovative firm. The Fintech Regulatory Sandbox is a formal institutional arrangement that is added, upstream of the regulation-making process:
This gives a third pathway into the regulation-making process, the regulatory sandbox. It is important to see that the sandbox sits upstream of the regulation-making process. The outcomes obtained from the sandbox are handled by the regulation-making process, and are thus dependent upon the sound functioning of the regulation-making process. In countries like the UK, the foundations of the regulation-making process have been in place for decades. Hence, when the sandbox was discussed and built in the UK, there was no discussion about the regulation-making process which was a solved problem.
Firms apply to enter the sandbox, and if selected, may be provided with tools that include (i) restricted authorisation (ii) rule waivers (iii) individual guidance (iv) no enforcement action letters to conduct the tests. When doing the tests, the UK FCA works with firms to mitigate potential harm during and after testing - this could be in the form of extra capital requirements, and reviews of the product/advice by other qualified advisors.
What kinds of projects go into a sandbox? Simple fintech ideas, like Uber's cashless payment, or basic P2P systems, obtain regulatory approval directly, through the normal regulatory process, as there is not much complexity there. Most firms approved for the sandbox by the FCA were applying new technological tools to rethink traditional products or services. These included Distributed Ledger Technology (DLT), use of online platforms, APIs and biometrics, and robo-advice for distribution of products.
Projects that entered the UK sandbox had a high chance of obtaining the desired full product launch. According to the FCA status report, about 90% of firms that completed testing in the first cohort are continuing toward a wider market launch following their test. For the majority of firms, the restricted authorisation was turned into a full authorisation following completion of their tests. This has also helped innovators raise finance.
This high probability of successful exit is important in shaping the incentives of firms. The entrepreneur is expected to put down capital to build a product and run it in the sandbox for (say) six months. After this, she expects that the evidence that has been created will be rationally utilised by a regulator, i.e. in a well structured regulation-making process, to evaluate the modifications to regulations that will be required. If such an expectation is not, in fact, present at the outset, firms have little incentive to put resources into experimentation in the sandbox.
The appeal of the sandbox lies in the belief that it allows for testing of subtle implications of new technologies on consumer protection or systemic risk issues. This requires the ability to extrapolate the results of the sandbox experiment to the larger question of risk to consumers in a full scale deployment. It also requires an openness to acknowledge that existing regulations may be unreasonably restrictive given the change in technology, and a responsiveness to changing the regulations when experiments suggest the same.
Envisioning the Fintech Regulatory Sandbox in India
The first port of call is reforms of the regulation-making process. No matter how well the sandbox works, its results go into the regulation-making process. At present, financial regulators in India, when presented with questions about how regulations should be written, tend to come up with a conservative answer: one that involves creating entry barriers, hampering innovation, micro managing operations, or banning processes or entities from operation, often without an explanation. Regulators rarely do a cost-benefit analysis, or engage in a serious public comments process. There are poor checks and balances surrounding the regulation-making process. This yields low quality regulations. These deficiencies would hamper the extent to which the sandbox would yield useful outcomes.
Hence, process reform in regulation-making at financial regulators in India is required. The regulation-making process needs to be put on a sound institutional foundation with clear identification of areas of regulatory concern, cost-benefit analysis, request for comments from the public, responses to ideas from the public, all under the oversight of the board. This would address a large number of elementary fintech problems, such as the Uber cashless payment, a large number of P2P startups, etc.
After this, we can build the Fintech Regulatory Sandbox. This requires an institutional arrangement with the following elements:
- Screening applications.
- Articulating the regulatory concerns associated with a given project.
- Designing the minimal guard rails that are required for a test rollout.
- Designing a fair set of tests that will answer the concerns. Ideally determining, up front, the thresholds in the test data that will guarantee approval.
- Rolling out the innovation in a controlled way (e.g. capped at 50,000 users), and auditing the captured data.
- Extrapolating from the sandbox to real world deployment.
- Producing sound documentation packets associated with each experiment.
- Doing all this in a way that conforms with the rule of law.
- Feeding the result of each sandbox experiment into the regulation-making process.
Conclusion
The fintech revolution offers important gains for India. At present, fintech innovation faces regulatory constraints. There is value in obtaining an environment where more experiments take place, which permit firms to innovate and that bring knowledge into the policy process. This can be done using a lightweight Technology Demonstrator Environment, reforms of the regulation-making process and then the establishment of a Fintech Regulatory Sandbox.
Renuka Sane and Ajay Shah are researchers at the National Institute of Public Finance and Policy. We thank Smriti Parsheera, Suyash Rai, Susan Thomas, Ashish Aggarwal, Anjali Sharma, Bhargavi Zaveri, Vimal Balasubramaniam, Sharad Sharma, Lalitesh Katragadda, and Alok Mittal for useful discussions.
Aadhaar is the biggest experiment that needed a regulatory sandbox. In its absence in its quest for scale, it ended up as a "shoot first ask questions later" monster. The "sandbox" concept needs to move beyond fintech and be made applicable to all sorts of interventions aimed at ordinary Indians that go by the name of "innovations" e.g. BT cotton, clinical trials & all those ICTD interventions, that the West routinely claims are changing India. India should move away from a mindset where consent, transparency, autonomy & agency for ordinary folk do not matter.
ReplyDeleteIn our work on regulatory sandboxes and financial inclusion (http://www.cgap.org/publications/regulatory-sandboxes-and-financial-inclusion) we argue that regulatory sandbox is only one among other tools available to regulators seeking suitable responses to innovation. As the blog argues, for regulatory sandboxes to be efficient, a conducive framework needs to be in place (including risk-based, principles-based and activity-based regulation, consultative rule-making, level playing field). There also needs to be an ecosystem for innovation (including incubators, accelerators, active academia, PE/VC). These are the components that will help to deal with innovation in a more appropriate and timely manner - allowing good innovations to thrive and addressing bad innovations. But regulatory sandbox should not become a single point of entry for every potential innovation.
ReplyDelete