RBI shares framework for SROs in the FinTech Sector

Following the release of the  draft framework for recognising self-regulatory organisations (SROs) in the FinTech sector in January, the RBI has shared the official framework after receiving inputs from various stakeholders. The framework defines the various characteristics, eligibility criteria, functions and responsibilities, etc. of an SRO.

In a press release, the RBI elaborated on the benefits of self-regulation of the FinTech industry stating:

“By pivoting towards a culture of self-governance, FinTechs could proactively set and adhere to industry standards and best practices. This approach could empower the sector to demonstrate its commitment to responsible conduct and innovation even in the absence of formal regulation. Through collaboration, the sector could collectively identify and address challenges, foster an environment where innovation flourishes, and guide shared commitment to ethical business practices”

The RBI called for SROs that can function “objectively, with credibility and responsibility under the oversight of Reserve Bank of India.”

What are the characteristics of an SRO?

An SRO is required to guide the conduct of its members, ensure that they adhere to industry standards, comply with relevant laws and regulations, and maintain high ethical standards.This involves establishing and enforcing guidelines for consumer protection, data security, data privacy, etc. Thus, an SRO must also have have adequate powers to investigate and take disciplinary action against its members for non-adherence

Further, an SRO facilitates communication between industry players and RBI, advocating for necessary changes, and promoting a culture of compliance. It can comprise of multiple FinTech entities, with vastly different functions. “For example, some entities might aggregate both loan and insurance products, while RegTech providers develop solutions for a range of financial institutions including lending and insurance”, the RBI explained. Thus, an SRO must set guidelines and adopt a framework that is conducive to broad spectrum of industry players.

An SRO should also encourage innovation equitably. It must bridge the skill gap and keeping smaller FinTech entities abreast with the dynamic nature of financial technology. This involves prescribing minimum eligibility criteria for its members, providing specialised knowledge and expertise, offering guidance, and contributing to capacity-building through training programs. It must also maintain a repository of information that can serve as a valuable resource for industry research, trend analysis, and policy making

What are the functions of an SRO?

An SRO is required to partake in the following actions as mandated by the RBI

1.Standard-setting

• Set a code of conduct for responsible advertisements and market standards
• Develop appropriate baseline governance standards for the FinTech sector
• Specify to its members all the consequences for violation of rules and and ensure its enforcement
• Collect and store data as necessary, in compliance various statutory legislations.

2.Oversight and Enforcement

• Create a structured framework and baseline surveillance standards, to guide oversight and enforcement functions
• Deploy suitable surveillance mechanisms for effective monitoring of compliance in the FinTech sector
• Ensure stringent confidentiality of surveillance data and restrict data collection to essential and specific information only
• Implement data collection procedures from member FinTechs that safeguard proprietary information
• Establish clear standards of conduct
• Specify consequences for violations, such as counselling, cautioning, reprimanding and expelling members, monetary penalty. The monetary penalty should be reasonable and not prohibitive.
• Bar / remove any of the FinTech entities for a limited period of time or for eternity if required

3.Development

• Promote understanding of statutory and regulatory requirements and promote a culture of compliance
• Facilitate the exchange of expertise and experience and organize training programs for members
• Disseminate sector-specific information through various channels such as periodicals, bulletins, pamphlets, magazines, etc., to raise awareness about the developments, trends, and best practices in the FinTech sector
• Encourage a culture of research, development and responsible innovation by facilitating  studies, surveys, research papers, think tank discussions, etc
• Extend guidance and support, particularly to smaller entities within the sector, agnostic of membership

4. Grievance Redressal and Dispute Resolution

• Establish an efficient, fair, and transparent  grievance redressal and dispute resolution framework
• Work towards customer education focused on products and services offered by the industry
• Conduct periodic assessment of customer service standards and review of grievance redressal framework

 What are the criteria for membership in an SRO?

The members of an SRO must primarily be FinTech companies that are currently not regulated by any financial sector regulator and are domiciled / registered in India. However, membership may also be open to Regulated Entities (other than banks).The membership is voluntary and while membership fees may vary or be differentiated, based on size, intent, capability, etc. the RBI states that membership fee structure as set by the SRO must be reasonable, and non-discriminatory. The RBI also stated, that the number of SROs to be recognised would be considered based on the number and nature of applications received.

What are the requirements for registering as an SRO?

• Be set up as a not-for-profit company registered under Section 8 of the Companies Act, 2013
• Diversify shareholding sufficiently and ensure that no entity should hold 10% or more of its paid-up share capital, either singly or acting in concert
• Have a minimum net worth of Rupees two crore within a period of one year after recognition as an SRO-FT by RBI, or before commencement of operations as an SRO-FT, whichever is earlier.
• Have the capability of establishing the necessary infrastructure to fulfil its responsibilities effectively, and consistently.
• Have a robust IT infrastructure and the ability to deploy technological solutions within a reasonable timeframe
• Have systems for managing ‘user harm’ which includes instances like fraud, mis-selling, unfair practices, unauthorised transactions, or any other form of misconduct that harms consumers of financial services
• Not set up entities/offices overseas without the prior approval of the RBI.
• Explicitly state the operation as an SRO-FT as its primary objective in the Memorandum of Association (MoA)

What is the application process for registering as an SRO?

The application to register as an SRO must be submitted under the authorisation of the SRO’s Board. It must contain:

1. A copy of the Memorandum of Association MoA, Articles of Association, etc., of the proposed SRO-FT;
2. Details of the constitution of its Board, roles/responsibilities of its management, and the manner in which its operations would be undertaken; and
3. Roadmap and timeline to achieve comprehensive membership, if necessary.
4. Any legal proceeding against the SRO

An SRO must not be involved in any offence. The RBI has the right to reject the application or revoke the recognition of an SRO if it deems its functioning detrimental to the public interest or if a stakeholder and/or the SRO is found to be conducting activities that are not in conformity with the objectives of the SRO. RBI would provide rejected applicant with an opportunity of being heard.

What are the Criteria for Board of Directors and Key Managerial Personnel?

All members of the Board of Directors(BoD) and Key Managerial Personnel (KMP) must have professional competence and a reputation for fairness and integrity. Any legal proceedings against a BoD or KMP should be declared as part of the application and demonstrated that such proceedings do not impede the functioning of the SRO or harm its reputation. Further, any members of the BoD or any KMP should not have been convicted of any offence including “moral turpitude/economic offence in the past.” The RBI has the final say on whether any BoD or KMP are fit for the role.

Responsibilities towards the Reserve Bank of India

The SRO functions as an industry association for Fintech companies, and as an association, it must facilitate communication between the industry and the RBI. The responsibilities of an SRO are to:

• Ensure compliance with statutory and regulatory frameworks, adherence to industry standards and best practices, and transparent communication with RBI. 
• Act as the collective voice of FinTech entities in engagements with the Reserve Bank.
• Addresses the larger concerns of the FinTech sector and functions beyond the self-interest of specific members
• Ensure equitable and transparent treatment for all its members.
• Regularly update the Reserve Bank on the developments in the FinTech sector 
• Notify the Reserve Bank of any major violations by members or systemic issues.
• Develop a scalable technology solution to collect relevant and timely sectoral information
• Share the collected data with the Reserve Bank to aid in policymaking. 
• Create a system that enables the Reserve Bank to understand the details about specific products, services, and scale of activities of FinTech entities
• Co-ordinate the introduction of new products within the regulatory framework set by the Reserve Bank, where required
• Consult the Reserve Bank while developing and updating the taxonomy for FinTechs
• Carry out any assigned tasks from the RBI such as reviewing referred proposals or suggestions, and supplying requested data/information
• Submit an Annual Report, periodic returns and/or other information as prescribed by the RBI
• Adopt a holistic perspective on the FinTech sector when providing views, inputs, or suggestions during  periodic interactions with the RBI
• Cooperate with the RBI if it is compelled to inspect the books of the SRO or arrange to have the books audited by an audit firm
• Guide/facilitate RBI on the extent, scope, and manner of regulation of entities in the FinTech sector.
• Collect required market intelligence inputs for RBI at periodic intervals or as requested by the RBI

What are the governance measures an SROs must adopt?

An SRO must implement robust conflict of interest management, ensure professional competence of its leadership and promptly address grievances. 

It should also be professionally managed, with its Articles of Association (AoA) that:

• explicitly outline the functioning of the Board/governing body/management while addressing conflicts of interest comprehensively.
• lay down the criteria for admission, expulsion, suspension, re-admission, etc.
• Create provisions to preserve functional autonomy and impartiality in decision-making to pre-empt any undue influence

How must the Board function?

The SRO must have a framework for monitoring the ‘fit and proper’ status of its directors and must immediately report any change in the directorship or issues in compliance with the RBI.

At least one-third of members of the Board, including the chairperson, should be independent, and without any active association with a FinTech entity. Further, the majority of non-independent directors must be representative of FinTechs that are currently not directly regulated.

The Board must frame a policy on the rotation of directors for important positions on the Board. Further, the Board must ensure that an SRO has adequately skilled human resources, and robust technical capability to monitor the sector.

RBI has stated that it can remove or nominate any member of the board and/or management of the SRO if necessary. In case of removal, adequate opportunity shall be provided, before any such adverse action is initiated.

Also Read: