What is FinTech?
FinTech is the combination of the terms ‘Technology’ and ‘Finance’. FinTech pertains to facilitation of Traditional Financial Services through advanced Technology methods. There is no single definition of the term ‘Fin Tech’. However, The Financial Stability Board (FSB) under the aegis of Bureau of Indian Standards defines FinTech as “Technology-enabled innovation in financial services that could result in new business models, applications, processes or products with an associated material effect on the provision of the financial services”. FinTech has now become essential to various sectors like Education, Retail, Insurance, Agriculture, Investment etc. Also, new technologies of Cryptocurrency and Bitcoin have made the Financial Technology Industry more important in the Economic Ecosystem. Some of the services offered by modern day Fintech Industry are:
- Retail Payments
- Money Transfer Services
- Digital Onboarding and KYC
- Financial Advisory Services
- Wealth Management Services
- Smart Contracts
- Financial Inclusion Products
- Cyber Security
- Digital Identification services
- Crowdfunding Platforms
- Financial Regulation
- Quantum computing
- Automation/Robotics
- Virtual Banking
- Digital currencies and tokens
Regulatory Bodies on FinTech in India
The regulation of the FinTech Industry in India is largely disjoined due to the varied nature of goods and services provided by the Industry. Some of the examples of Regulatory Bodies in India are:
- Reserve Bank of India (RBI)
- Insurance Regulatory and Development Authority of India (IRDAI)
- Securities Exchange Board of India (SEBI)
- Ministry of Electronics and Information Technology (MeiTY)
- Competition Commission of India (CCI)
- Financial Intelligence Unit (FIU)
- Insolvency and Bankruptcy Board of India (IBBI)
For Example: The FinTech Business related to Insuretechs, risk-free underwriting, on-the-spot purchasing related to various Insurance products are regulated by the Insurance Regulatory and Development Authority of India (IRDAI).
Legislations on FinTech in India
The legislations on FinTech in India encompass various laws that directly or indirectly impact the FinTech industry. The Insurance Act 1938 regulates the insurance sector in India and may impact FinTech companies offering insurance-related services. The Banking Regulation Act 1949 governs the functioning and regulation of banks in India, including those involved in FinTech activities. The Foreign Exchange Management Act (FEMA) 1999 controls foreign exchange transactions, which are relevant to FinTech companies engaged in cross-border activities. The Information Technology Act 2000 addresses legal issues related to electronic transactions and digital signatures, impacting the operations of FinTech companies. The Prevention of Money Laundering Act 2002 aims to prevent money laundering and terrorist financing, which affects FinTech firms handling financial transactions. The Competition Act 2002 ensures fair competition in the market and may have implications for FinTech companies. The Government Securities Act 2006 regulates government securities, which are relevant to FinTech firms dealing with securities. The Payment and Settlement Systems Act 2007 governs payment systems and includes provisions relevant to FinTech payment service providers. The Companies Act 2013 covers the incorporation, functioning, and governance of companies, including those operating in the FinTech sector. The Consumer Protection Act 2019 safeguards consumer rights, providing protection to users of FinTech services. It’s important to note that this list is not exhaustive, and there may be other legislations that impact the FinTech industry in India.
FinTech Tribunals in India
India has got various Tribunals as mentioned below to adjudicate on various matters related to FinTech and also to interpret various acts, rules and regulations on the subject.
- National Company Law Tribunal (NCLT)
- National Company Law Appellate Tribunal (NCLAT)
- Securities Appellate Tribunal (SAT)
Enforcement and Investigating Agencies
Various Enforcement and Investigating Agencies are established under various acts to fight against various economic and FinTech crimes in India. Some of the premier Agencies are listed below:
- Central Bureau of Investigation (CBI)
- The Directorate of Enforcement (ED)
- Central Board of Direct Taxes (CBDT)
- Central Board of Indirect Taxes and Customs
What are FinTech Crimes?
FinTech Crimes are criminal activities that are carried out by Individuals or organizations to provide economic benefits through illegal methods. Although the FinTech industry always aims to disrupt current practices and do it fast, disruption can also create new opportunities for Fraud. The Regulators have noticed financial crimes related to the following:
- Crimes related to Money Laundering
- Tax Evasion
- Online Fraud
- Terrorist Financing
- Cyber crime
- Insider Trading
- Embezzlement
- Market abuse
- Information security
- Bribery and Corruption
Example of FinTech Crimes
For example, abusive activities have recently been identified as part of the video identification process and fraudsters were able to manipulate online job applications via the eBay platform so that the victims found themselves unknowingly in the middle of a bank account opening process. Thus, the applicants helped the fraudsters stay unrecognized and to misuse a newly opened bank account for money laundering activities.
Legal Redressal System under various Acts
It is to be noted that there exists no single window Legal redressal system to address FinTech Crimes in India. The nature and scope of Legal Redressal depends upon the Act/Regulation to it. The Financial sector is required to follow both generic norms related to the Information Technology Act 2000 as well as sesector-specificcts Every Legislation made on the subject does contain various provisions regarding Redressal of complaints and damages against FinTech crimes. Some of the examples of provisions contained to form such a Legal Redressal System against FinTech crimes are explained below:
Information Technology Act 2000
Section 43A of the IT Act penalises body corporates who collect, process or store ‘sensitive personal data’, for being ‘negligent in implementation and maintaining reasonable security practices and procedures and thereby causing wrongful loss or wrongful gain to any person. The compensation payable under this section can be extended to five crore rupees.
- The Section 72A establishes penalties for leaking info in breach of a valid contract.
The Prevention of Money Laundering Act 2002
The Act requires banking firms, financial institutions, and intermediaries to confirm the identification of clients, preserve records, and provide information to the Financial Intelligence Unit – India in a defined format (FIU-IND).
Credit Information Companies Regulation Act 2005
The Act attempts to regulate the activities of credit information companies and those notified as specified users of credit information.
The Foreign Exchange Management Act (FEMA) 1999
The Foreign Exchange Management Act of 1999 (“FEMA”) and the rules and regulations issued thereunder control transactions involving foreign currency.
Are the current Legal Redressal systems Adequate?
The Diversified nature of FinTech Transactions spreading over various industries and sometimes multi-industrial transactions make it difficult for the regulatory bodies to address and provide redressal systems to the rapidly growing FinTech crimes. Though there exists many Redressal mechanisms spread across various Acts, Regulations, and Rules it is felt that the current Redressal Systems are not adequate to curtail the rapidly growing FinTech crimes.
Recommendations
In order to enhance FinTech security, several recommendations have been proposed. One of the key areas of focus is the reformation of the Know Your Customer (KYC) process, taking into account the recent Supreme Court judgment on Aadhaar. This would ensure a more robust and secure customer identification process.
Another suggestion is the establishment of dedicated innovation teams within Public Sector Financial Services Companies. These teams would be responsible for fostering innovation and implementing secure FinTech solutions.
The use of Public Sector Blockchain for trade finance is also recommended, as it offers enhanced security and transparency in financial transactions. This technology can revolutionize the trade finance industry by reducing fraud and improving efficiency.
Re-engineering legal processes to adapt to the digital world is crucial for ensuring the security of FinTech transactions. This involves updating laws and regulations to address emerging challenges and protect the interests of users.
Promoting competitive neutrality in regulation is another recommendation. This means ensuring a level playing field for both traditional financial institutions and FinTech companies, preventing any undue advantage or disadvantage.
Regulation Technology (RegTech) is a key aspect of enhancing FinTech security. It involves leveraging technology to streamline regulatory compliance processes and improve oversight.
Greater coordination between various departments, regulatory bodies, and FinTech companies is vital. Collaboration and information-sharing can help identify and address security risks more effectively.
The sharing of valuable information on FinTech crimes among companies and regulatory bodies is also crucial. This can enable a proactive approach to combating financial crimes and enhancing security measures.
Implementing a Single Window System to address grievances related to FinTech crimes is recommended. This centralized system would provide a convenient and efficient platform for users to report and resolve any security-related issues.
To address data protection concerns in the financial sector, the formation of a Taskforce on data protection is suggested. This taskforce would focus on developing robust data protection frameworks and regulations.
Lastly, establishing Centers of Excellence in FinTech can foster research, innovation, and collaboration in the field. These centers would serve as hubs for knowledge-sharing and skill development, further strengthening FinTech security. By implementing these recommendations, the security of FinTech systems and transactions can be significantly enhanced, providing a safe and trustworthy environment for users and stakeholders.
Authored by Venkatesh ANS, Legal Intern, LawDiktat
Edited by Sahid, Team Member, LawDiktat