Close this search box.

The FinTech industry – where access to money with technology as an enabler is made possible.

It is a whopping $31B market size, currently. A recent report declares India as the third-largest FinTech ecosystem globally. Rapid introduction and acceptance of digitization, increased access to technology, and the promise of better cyber security and privacy laws – India, is not doing a bad job of staying in the league.  

FinTech Organisations aim to improvise on traditional banks using technology. RBI recognised this segment in 2007 under the Payment and Settlement Systems Act, 2007.

FinTech offer–

  1. Payment Services – wallets and mobile payments;  
  2. Peer-to-Peer Lending Services;
  3. Retail Banking Services, B2C, C2B; and
  4. Consultation for savings and managing finances.

In the Startup ecosystem of India – PayTm, CoinDCX, CRED, BharatPe, Slice, and Uni have pioneered the space; GoI matched up with the National Payment Corporation of India (“NPCI”) and launched the RuPay card.

This growth requires a robust legal and compliance framework which is crucial to counter illegal activities like money laundering, bribery, corruption, and data theft and augment the wheel.

Legal compliances involve selecting the correct type of business structure to obtain business operation licenses, and some aspects of venturing the fintech are –


Entrepreneurs can rely on GoI’s ease of doing business mandate, where several small businesses benefit from reduced compliances, decriminalising offences, promoting a simple workflow for incorporating a new entity, assisting with obtaining licenses and protection of Intellectual Property (“IP”). 

The current legal framework allows the following business structures –


FinTech Organisations are prone to cyber threats, thus requiring investment in securing this front through valid security certificate for the domain, trust creation and preventing cyber-squatting.

Acting as an intermediary, FinTech Organisations are also required to comply with the Intermediaries Rules and IT Act, 2000.


As a new business, IP protection is a determining factor for creating goodwill or conduct of business ownership. You do not want to risk your craft with a plausible breach of IP. As a support initiative for the Startups, GoI has implemented the review of Patent applications on a fast-track basis with a reduction of 80% filing fee when filing for patents.


With growing concerns about data breaches, strict compliance with data protection laws is vital. Having a business presence globally and the requirement of data management, the FinTech Organisations are obligated to follow the data protection laws of the specific jurisdictions. While GoI was proposing the PDP Bill, in the recent Parliamentary session, the same has been withdrawn to redraft and prepare a comprehensive digital privacy law.

The IT Act, 2000, and  IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 also provide a data protection mandate.


In a Master Direction and set of guidelines, RBI has laid down requirements for compliance with KYC requirements. These guidelines are based on building trust and transparency in the system to combat money laundering threats and financial system abuse.


As a FinTech Organisation, one peril is the potential harm of money laundering activities per the Prevention of Money Laundering Act, 2002. Continuous transaction monitoring, screening of business partners, robust KYCing, and reporting form part of the compliance requirements.   

7. Licensing with RBI & IRDAI

In 2020, RBI issued guidelines for Payment Aggregators and Payment Gateways, pursuant to which the Payment Aggregators are now required to obtain a license from RBI.

For insurance-based solutions, an IRDAI license is required.


As service providers, FinTech Organisations are required to obtain GST registration. And further, if the entity falls under Small or Medium enterprise, having an MSME registration is beneficial. To support Startups, GoI has introduced certain tax exemptions. Read a detailed note on the exemptions available here.
While we have listed significant compliance requirements hereinabove, RBI’s keen eye for corporate governance has kept the industry dynamic. Read our next post to learn how FinTech Organisations can raise funds and uncover what went wrong with SLICE.

This is only for informational purposes. Nothing contained herein is, purports to be, or is intended as legal advice and you should seek legal advice before you act on any information or view expressed herein. Endeavoured to accurately reflect the subject matter of this alert, without any representation or warranty, express or implied, in any manner whatsoever in connection with the contents of this. This isn’t an attempt to solicit business in any manner.



Leave a Reply

Your email address will not be published. Required fields are marked *

Acknowledgements & Disclaimers

  • This website with its’ contents, are not advertisement, personal communication, solicitation, invitation, or inducement to legal advice or legal advice from Tag & Bench Associates (the “Firm”) or its founder or other members of the Firm;
  • It does not create an attorney-client relationship;
  • The Firm owns intellectual property rights in the website and its’ contents made available for information, only and Firm does not assume any responsibility for the accuracy and completeness of the same. The Firm has full right to proceed against infringers;
  • User will be governed under applicable laws or regulations of India;
  • The Firm does not collect any personal data other than cookies captured when you visit the website;
  • The Firm cannot undertake any legal representation through this website. Users are discouraged from sending any confidential information.