FinTech Self-Regulation – Role | Requirements | Benefits of SROs

A Self-Regulatory Organization (SRO) is a non-governmental entity that regulates its industry by setting standards, monitoring compliance, and enforcing rules among its members. Key functions include:

– Standard Setting: Establishing industry guidelines and ethical conduct rules.
– Compliance Monitoring: Auditing member activities to ensure adherence to standards.
– Enforcement: Imposing penalties for rule violations.
– Dispute Resolution: Mediating conflicts between members or with customers.
– Industry Development: Offering training and resources to members.
– Representation: Advocating for the industry's interests with regulators and the public.

In FinTech, an SRO ensures responsible innovation, data privacy, cybersecurity, and consumer protection while fostering industry growth.

Table of Contents

1. Introduction – The Promise and Responsibility of FinTech
2. The Need for Self-Regulation in FinTech
3. What is a FinTech SRO?
4. Guiding Characteristics for an Effective SRO-FT in FinTech Innovation
5. Key Requirements for Establishing a Credible SRO-FT
6. Membership Guidelines for a Robust SRO-FT in FinTech
7. Fit and Proper Criteria for SRO-FT Board and Key Managerial Personnel
8. Guidelines for Recognition as an SRO-FT
9. Conditions for Issuance of “Letter of Recognition”
10. Functions and Responsibilities of SRO-FT in Ensuring Members’ Compliance and Dispute Resolution
11. Commitment to Upholding and Maintaining Governance Standards

1. Introduction – The Promise and Responsibility of FinTech

Imagine a world where financial services are as fast and accessible as sending a text message. This is the promise of FinTech—technology-driven financial services transforming how we manage money. FinTech companies are making financial services more efficient, affordable, and user-friendly, from instant loans to digital wallets. But with great innovation comes great responsibility. As FinTech reshapes the financial landscape, there is a growing need for a balanced approach to regulation, ensuring innovation and security. Self-regulation, for instance, can empower FinTech companies to set their standards, monitor compliance, and ensure ethical conduct, all without waiting for external regulations.

2. The Need for Self-Regulation in FinTech

FinTech companies bring numerous benefits, such as improved access to financial services and lower costs. However, they also introduce new risks, including privacy concerns and cybersecurity threats. Traditional regulatory frameworks struggle to keep pace with FinTech’s rapid evolution. This is where self-regulation comes into play. By establishing a Self-Regulating Organization (SRO) for the FinTech sector, industry players can proactively set standards, monitor compliance, and ensure ethical conduct without waiting for external regulations.

Self-regulation necessitates a well-defined structure based on consensus and cooperation among entities. On January 15, 2024, the Reserve Bank of India (RBI) issued a draft framework for recognising Self-Regulating Organizations (SROs) to promote self-regulation in the FinTech sector, seeking stakeholder comments and feedback. After reviewing the input received, on May 30, 2024, the RBI notified the finalised framework as a Self-Regulatory Organisation (SRO) for the FinTech Sector. The framework contains the characteristics of an SRO for the FinTech sector (SRO-FT). It includes, among other things, broad functions, governance standards, eligibility criteria, and expectations for the grant of recognition as an SRO-FT.

3. What is a FinTech SRO?

The FinTech Self-Regulatory Organization (SRO-FT) is a self-regulatory body specifically designed for the FinTech sector. Its primary purpose is establishing industry standards and guidelines, providing a framework for ethical conduct and responsible innovation. While formal recognition by regulators is optional, it is highly desirable as it lends legitimacy to the SRO-FT and its efforts in self-regulation.

4. Guiding Characteristics for an Effective SRO-FT in FinTech Innovation

The key principles for establishing an effective and credible Self-Regulatory Organization for FinTech (SRO-FT) are as follows:

4.1 True Representation of the FinTech Sector

The SRO-FT should derive its strength from a diverse membership representing the FinTech sector, excluding banks but including FinTechs regulated by RBI. The SRO-FT can establish legitimacy to frame, monitor, and enforce standards and codes of conduct by encompassing a broad spectrum of industry players through comprehensive membership agreements. This inclusive structure leverages members’ collective expertise, ensuring the development of practical, adaptive, and widely accepted standards within the FinTech community.

4.2 Development-oriented

The SRO-FT should be development-oriented, actively contributing to industry growth by prescribing minimum eligibility criteria, offering specialised knowledge and training, and bridging skill gaps. It should support early-stage entities, guide financial technology and regulations, and facilitate the creation of forward-looking policies.

4.3 Independence from Influence

To maintain credibility, the SRO-FT should operate independently, free from the influence of any single member or group of members. This would ensure refined decision-making and prevent the organisation from being swayed by the interests of a dominant few. The SRO-FT should maintain impartiality, avoid conflicts of interest, and ensure unbiased oversight over its members.

4.4 Legitimate Arbiter of Disputes

Members should view the SRO-FT as a legitimate arbiter of disputes, requiring a transparent and fair resolution mechanism. The SRO-FT can foster a stable and harmonious FinTech environment by efficiently handling conflicts.

4.5 Encouraging Members to Subscribe to Regulatory Expectations

The SRO-FT should motivate members to align with regulatory priorities by facilitating communication with RBI, advocating necessary changes, and promoting compliance. It should set codes and standards that complement regulatory frameworks, with powers to investigate and discipline non-compliant members.

4.6 Repository of Information

The SRO-FT should serve as an information hub for collecting, analysing, and sharing data on member activities. This repository will support industry research, trend analysis, and policymaking.

5. Key Requirements for Establishing a Credible SRO-FT

The key requirements for establishing a credible SRO-FT are as follows:

5.1 Not-for-Profit Company Structure

The SRO-FT must be a not-for-profit company registered under section 8 of the Companies Act, 2013, with diversified shareholding ensuring no entity holds 10% or more of its paid-up share capital, individually or acting in concert.

5.2 Explicit Objective in Memorandum of Association

To ensure transparency and clarity regarding the organisation’s purpose and activities, the Memorandum of Association (MoA) must explicitly state the operation as an SRO-FT as its primary objective.

5.3 Minimum Net-Worth Requirement

The applicant must attain a minimum net worth of Rs. 2 crore within one year of RBI recognition as an SRO-FT or before commencing operations, whichever is earlier.

5.4 Establishment of Robust Infrastructure and IT Capabilities

The SRO-FT must demonstrate the capacity to establish effective and consistent infrastructure, including robust IT capabilities and timely deployment of technological solutions.

5.5 Systems for Managing User Harm, Unfair Practices, Misconduct

The SRO-FT must put in place systems for managing ‘user harm’ instances that come to its notice or are referred to by the RBI or any other stakeholder. The instances of user harm may include fraud, mis-selling, unfair practices, unauthorised transactions, or any other form of misconduct that harms consumers of financial services.

5.6 Prior Approval for Overseas Operations

The SRO-FT must not set up entities/offices overseas without the prior approval of the RBI.

6. Membership Guidelines for a Robust SRO-FT in FinTech

The membership guidelines for a robust SRO-FT in FinTech are as follows:

6.1 Representation of FinTech Sector in SRO-FT

The applicant SRO-FT must adequately represent the FinTech sector. This includes membership across entities of all sizes, stages, and activities within the FinTech ecosystem.

6.2 Roadmap for Achieving Comprehensive Membership

If representation is found inadequate at the time of application, a roadmap should be included to achieve this within a reasonable timeline. Failure to demonstrate or attain such comprehensive membership would result in refusing or revoking the SRO-FT’s recognition.

6.3 Voluntary Membership of FinTech Entities

Membership of the SRO-FT must be comprised of FinTech members, and membership should be voluntary.

6.4 Domicile/Registration Requirement for SRO-FT

The SRO-FT must be an entity domiciled/registered in India, ensuring that it operates under the jurisdiction and regulatory framework of the country.

6.5 Inclusion of International FinTech Members

While the SRO-FT must be domiciled in India, it can include FinTechs outside India as members, promoting a more global perspective and integration with the FinTech sector.

6.6 Non-discriminatory Membership Fee Structure

The SRO-FT must develop a membership fee structure that is reasonable and non-discriminatory. Although membership fees may vary or be differentiated based on factors such as size, intent, capability, etc., it must be ensured that the membership character remains non-discriminatory.

7. Fit and Proper Criteria for SRO-FT Board and Key Managerial Personnel

The Board of Directors (BoD) and Key Managerial Personnel (KMP) of Self-Regulatory Organizations for Financial Technologies (SRO-FT) must demonstrate professional competence, fairness, and integrity. Any legal proceedings against the SRO-FT, BoD, or KMP must be disclosed during the application process, ensuring that such proceedings do not hinder the organisation’s functioning or reputation. Further, convictions for offences, including moral turpitude or economic crimes, disqualify applicants, BoD members, or KMP. The RBI’s assessment of the fit and proper status of the SRO-FT, BoD, and KMP is final. Also, RBI may impose other conditions to safeguard public interest during SRO-FT recognition.

8. Guidelines for Recognition as an SRO-FT

The following outlines the eligibility, membership criteria, application requirements, and review process for organisations seeking recognition as an SRO-FT:

8.1 Representative Character for SRO-FT Recognition

Any representative organisation for FinTechs seeking recognition as a Self-Regulatory Organization for Financial Technologies (SRO-FT) must demonstrate its representative character through actual membership during the application process. Additionally, the applicant may indicate intended membership by listing FinTechs expressing future membership intentions.

8.2 Membership Criteria and Determination of Recognised SRO-FTs

Membership within the SRO-FT should primarily comprise FinTechs currently unregulated by any financial sector regulator. However, membership may also extend to Regulated Entities, excluding banks. The number of SRO-FTs to be recognised will be determined based on the quantity and nature of applications received.

8.3 Required Documentation and Information for SRO-FT Recognition Application

An application for recognition as an SRO-FT should include essential documents such as the Memorandum of Association (MoA) and Articles of Association, as well as details of the proposed SRO-FT’s board composition, management roles, and operational procedures. If necessary, a roadmap and timeline for achieving comprehensive membership should also be provided.

8.4 Justification and Detailed Exposition for SRO-FT Application

The application must justify its acquisition or acquisition of the characteristics outlined for an SRO-FT. Moreover, a detailed exposition of how the organisation undertakes or plans to undertake functions is required.

8.5 Submission and Review Process for SRO-FT Applications

Applications must be submitted under the board’s authorisation, and the Reserve Bank of India (RBI) may request further information or clarification deemed necessary for review. Further, incomplete or ineligible applications will be returned or rejected; applicants can be heard before such decisions are made.

9. Conditions for Issuance of “Letter of Recognition”

Upon deeming an applicant suitable, the Reserve Bank will issue a “Letter of Recognition” to the SRO-FT, valid under the following conditions: all provided information must be true and not misleading; continuous adherence to the framework requirements, including membership; compliance with the terms of recognition; and adherence to relevant Acts, regulations, and RBI guidelines. The RBI may revoke recognition if the SRO-FT’s functioning harms the public interest or stakeholders or deviates from its objectives after allowing it to be heard.

10. Functions and Responsibilities of SRO-FT in Ensuring Members’ Compliance and Dispute Resolution

The SRO-FT must guide the conduct of its members, ensuring that they adhere to industry standards, comply with relevant laws, and maintain high ethical standards. This involves establishing and enforcing guidelines for consumer protection, data security, data privacy, etc. The SRO-FT must address any grievance, conflict of interest, or dispute that may arise among its members and foster a fair, equitable, and competitive environment.

10.1 Functions Undertaken by SRO-FT

10.1.1 Standard Setting

The SRO-FT must have objective, well-defined, and consultative processes to make and establish rules and standards. The standard-setting function involves the following:

10.1.2 Oversight and Enforcement

The FinTechs must be encouraged to report their various activities to the SRO-FT. The SRO-FT should have a structured framework to guide its oversight and enforcement functions. The Oversight and Enforcement functions involve the following:

10.1.3 Developmental Support

The SRO-FT must actively promote understanding of statutory and regulatory requirements and promote a culture of compliance. It must facilitate the exchange of expertise and experience, as well as organise training programs for the benefit of its members. The Developmental support functions involve the following:

10.1.4 Grievance Redressal and Dispute Resolution

The SRO-FT must establish a grievance redressal and a dispute resolution framework for its members. The framework must be efficient, fair, and transparent. The Grievance Redressal and Dispute Resolution functions involve the following:

10.2 Responsibilities towards the Reserve Bank

The SRO-FT is expected to play a pivotal role in ensuring compliance with statutory and regulatory frameworks, adhering to industry standards and best practices, and facilitating transparent communication channels with the RBI. Its responsibilities towards the RBI must broadly include sharing sector-specific insights, addressing regulatory concerns, and collaboratively working towards the overall development of the FinTech sector. The SRO-FT must serve as a valuable bridge, foster cooperation, and provide policies commensurate with the dynamic nature of the FinTech sector. The responsibilities of SRO-FT towards the Reserve Bank include the following:

10.2.1 Acting as a Collective Voice

The SRO-FT must act as the collective voice of its members in engagements with the Reserve Bank. In such engagements, it would be expected that the SRO-FT functions beyond the self-interest of specific members and addresses larger concerns of the FinTech sector. Further, while acting as the industry association, the SRO-FT must ensure equitable and transparent treatment for all its members.

10.2.2 Obligations to Update and Notify RBI

The SRO-FT would be obligated to regularly update the RBI on the developments in the sector and notify the RBI of any major violations by its members regarding statutory or regulatory requirements or systemic issues to enable the RBI to initiate timely action.

10.2.3 Collecting and Sharing Sectoral Information

The SRO-FT must collect relevant and up-to-date sectoral information and share it with the RBI to aid policymaking. For this purpose, the SRO-FT must develop a scalable technology solution. This system must enable the RBI to understand the details of specific products, services, and the scale of FinTech entities’ activities.

10.2.4 Consulting RBI on Taxonomy Development

The SRO-FT must consult the Reserve Bank in developing and updating the taxonomy for FinTechs.

10.2.5 Carrying Out Assigned Tasks

The SRO-FT must carry out any assigned tasks from the RBI, review referred proposals or suggestions, and supply requested data/information as directed by the RBI.

10.2.6 Submitting Annual Reports

The SRO-FT is required to submit its Annual Report and/or other information to the RBI. Additionally, the SRO-FT must submit periodic returns as prescribed by the RBI.

10.2.7 Facilitating Inspections/Audits

The SRO-FT would be obligated to provide the required information to the inspection team for an inspection/audit. The SRO-FT would bear the expenses of such inspection.

10.2.8 Collecting Market Intelligence Inputs

The SRO-FT must facilitate the collection of market intelligence inputs and provide them to the RBI appropriately at periodic and/or urgent intervals, as necessary.

11. Commitment to Upholding and Maintaining Governance Standards

Maintaining high governance standards is crucial for the effectiveness of the SRO-FT. The SRO-FT must uphold transparency, accountability, integrity, fairness, responsiveness, and compliance with all relevant laws and regulations. Additionally, it is required to implement robust conflict of interest management, ensure the professional competence of its leadership, and promptly address grievances. The SRO-FT must instil trust and confidence within the FinTech ecosystem it oversees. The SRO-FT must comply with the following guidelines to uphold the principles of good governance:

11.1 Professional Management and Governance Guidelines

The SRO-FT must be professionally managed, and its Articles of Association (AoA) must contain appropriate provisions to ensure this. The AoA must explicitly outline the functioning of the Board/governing body/management and comprehensively address conflicts of interest.

11.2 Membership Criteria in AoA

The AoA must lay down the criteria for admission, expulsion, suspension, re-admission, etc., of its members.

11.3 Upholding Governance Standards

The SRO-FT must adopt the highest standards in governance and maintain the essence of impartiality in decision-making.

11.4 Monitoring the ‘Fit and Proper’ Status of Directors

The Board must put in place a framework for the ongoing monitoring of its directors ‘fit and proper’ status. Further, any change in the directorship or adverse change in its fit and proper status must be immediately reported to the RBI.

11.5 Composition Requirements for Board Members

At least one-third of the members of the Board, including the chairperson, must be independent and without any active association with a FinTech entity. Further, most non-independent directors are to be representative of FinTechs that are currently not directly regulated.

11.6 Ensuring Sufficient Human Resources and Technical Capacity

The Board must ensure that the SRO-FT has adequately skilled human resources and robust technical capability to monitor the sector.