Innovation Sandbox by SEBI for FinTech firms and entities not regulated by for access to securities market related data
Securities and Exchange Board of India
CIRCULAR
SEBI/MRD/CSC/CIR/P/2019/64
May 20, 2019
To,
All Stock Exchanges, Depositories and Qualified Registrar and Share Transfer Agents
Dear Sir/Madam,
Subject: Framework for Innovation Sandbox
1. Capital market in India have been early adopters of technology. SEBI believes that encouraging adoption and usage of financial technology (‘FinTech’) would have a profound impact on the development of securities market. FinTech can act as a catalyst to further develop and maintain an efficient, fair and transparent securities market ecosystem.
2. To create an ecosystem which promotes innovation in the securities market, SEBI feels that FinTech firms should have access to market related data, particularly, trading and holding data, which is otherwise not readily available to them, to enable them to test their innovations effectively before the introduction of such innovations in a live environment.
3. With a view to operationalizing the abovementioned endeavor, SEBI is proposing an “Innovation Sandbox”, which would be a testing environment where FinTech firms and entities not regulated by SEBI including individuals (hereinafterwards referred to as participants/applicants) may use the environment for offline testing of their proposed solutions in isolation from the live market, subject to fulfillment of the eligibility criteria, based on market related data made available by Stock Exchanges, Depositories and Qualified Registrar and Share Transfer Agents (QRTAs).
Features and Structure of Innovation Sandbox
4. The components and structure of the Innovation Sandbox can be broadly classified into design, legal and administrative categories. The method of implementation has been elaborated under the head “Implementation” in para 6-13.
I. Design Components
A. Data Sets
a) One of the most important components of an Innovation Sandbox is access to securities market related data, which will enable participants to test and improve their FinTech solutions.
b) The datasets that will be made available to participants shall be clearly defined and known to market participants. Indicative datasets which may become part of the Innovation Sandbox are as follows:
I. Depositories data: Holding data, KYC data
II. Stock exchange data: Transactions data like order log, trade log
III. RTA data: Mutual fund transactions data
c) The datasets shall be historical and anonymized data and shall also contain data related to episodic market events. Live data shall not be made available to participants.
d) Access to datasets shall be provided in a phased manner starting with limited amount of data and based on validations, more exhaustive data would be provided to participants.
e) The use of datasets shall be governed by comprehensive confidentiality agreement which shall include an ‘End User Agreement’ clearly specifying that the datasets made available shall not be sold or sublet or shared in any manner with any other entities.
B. Infrastructure
a) The datasets to be used for testing solutions in the Innovation Sandbox shall be shared through application program interface (APIs), which will be widely published and available to all eligible participants.
b) Virtual machines may be made available with configurations similar to the live environment for testing an innovative product, service or solution on the datasets.
II. Legal components
a) Flexibility
The Innovation Sandbox shall be flexible to adapt and incorporate the changes, once the Innovation Sandbox evolves and matures.
b) Not-for-profit
The Innovation Sandbox can be set up as a separate not-for-profit entity which enhances the impartiality of the Innovation Sandbox.
c) Compliance
The Innovation Sandbox should ensure that all applicants can perform their testing without breaking any regulatory barriers, including compliance with investor protection, Know Your Client norms, data integrity or any other Indian laws.
d) Legally robust
The Innovation Sandbox should clearly define the rights and obligations of the stakeholders. Applicants are required to agree to contractually binding terms of participation.
e) Intellectual Property Rights (IPR) protection
The Innovation Sandbox should have the relevant provisions to protect the applicants’ IPR. Also, it should define how the IPR which results from the collaboration can be used once the testing phase has ended.
f) Prevention of Data misuse
The Innovation Sandbox should have provision to restrict misuse of data from the stated purposes.
g) Restriction from Fraudulent purposes
The Innovation Sandbox should have provision for restricting development of any product! solution for fraudulent! manipulative purposes.
h) Secured
The Innovation Sandbox should be secured from cyber threats or unauthorized access.
III. Administrative Components
a) Application Assessment
Applications received for participating in the Innovation Sandbox will be assessed and going forward, rule based self-assessment process shall be formalized, in order to allow the applicants’ automatic entry into the Innovation Sandbox.
b) Governance body
A governance body shall be formed comprising of representatives from the Stock Exchanges, Depositories and Qualified Registrar and Share Transfer Agents. This body shall supervise the operations of the Innovation Sandbox in the interests of its contributors, users and securities market in general. The governance body shall be responsible for ensuring that the sandbox fulfils its stated objectives. The governance of the Innovation Sandbox should be neutral and should not favor any particular participant or category of participants.
c) Operational team
An operational team shall be constituted to carry out the day-to-day activities of the Innovation Sandbox including processing applications, communicating with applicants, assisting the governance body, maintaining the infrastructure of the Innovation Sandbox, supervising the testing in Innovation Sandbox etc.
d) Rules of participation
Rules shall be framed to regulate the rights and responsibilities of the participant with respect to an Innovation Sandbox and to other participants. These rules could be same for each applicant type and may include the entry and exit criteria, operating guidelines, reporting requirements etc.
e) Grievance redressal process
A grievance redressal mechanism shall be formulated to deal with the grievances of any applicant in the Innovation Sandbox. This mechanism shall clearly define the point of contact for grievance redressal along with the escalation matrix.
IV. Interface for Innovation Sandbox
The entire sandbox participation lifecycle (applying, tracking, on-boarding, monitoring, reporting, etc.) shall be completely digital to ensure transparency and efficiency.
Eligibility Criteria
5. The eligibility criteria for inclusion into the Innovation Sandbox are as follows:
a) Applicability
Conceptually, the Innovation Sandbox framework is applicable to any entity, who intends to innovate on the products, services, and/or solutions for the securities and commodities market in India.
b) Genuine need to test
The applicant should have a genuine need for testing the solution using resources available in the Innovation Sandbox. The applicant should be able to postulate that the solution cannot be developed properly without testing in the Innovation Sandbox.
c) Testing readiness of the solution
The applicant should have the necessary resources to support testing in the sandbox. The applicant must show testing plans with clear objectives, parameters and success criteria.
d) Post-testing strategy
The applicant should be able to postulate their post-testing plan.
e) Direct benefits to consumers
The solution should offer identifiable benefits (direct or indirect) to consumers and to the capital market and the Indian economy at large.
f) Secure
The solution shall be validated for cyber security parameters. The applicant is required to submit a cyber-security compliance certificate as per SEBI’s Cyber Security guidelines.
Implementation
6. A Steering Committee comprising of representatives from the Market Infrastructure Institutions (MIIs) and QRTAs shall develop the operating guidelines as mentioned at Para 4 III (c) towards the components and structure of the Innovation Sandbox as articulated in the Features, Structure and Eligibility criteria of Innovation Sandbox in Para 4 and 5. The Steering Committee shall also include members drawn from the areas of FinTech start-ups, academia and angel investors or any other area as may be prescribed by SEBI. At the initial stage, SEBI representative shall be a permanent invitee to this Committee.
7. Post issuance of operating guidelines, the Steering Committee shall carry out all the functions as envisaged in the Administrative Components at Para 4 viz. receive, evaluate and process the applications received for participating in the Innovation Sandbox, approve / reject applications so received, grievance redressal etc. The Steering Committee shall also be responsible for registering/onboarding the applicant post approval of the application and monitor the participant throughout the lifecycle of the
8. Each of the MIIs and QRTAs shall build their own interface and APIs. Any approved sandbox applicant can then get access to the APIs of the respective MIIs and QRTAs where the applicant would test its solution.
9. The Sandbox applicant may give a presentation to the Steering Committee upon completion of the testing and exit from the Innovation Sandbox.
10. The Steering Committee overseeing the testing of the applicant’s solution within the sandbox shall maintain an Objective and Key Result Areas (OKRA) document for effective oversight on the entire process.
11. The entire sandbox participation lifecycle (applying, tracking, on-boarding, monitoring, reporting, etc.) should move towards a complete digital environment within a time-bound manner, not exceeding 24 months, towards ensuring transparency and efficiency.
12. The Steering Committee, to begin with, shall evolve decisions based on consensus and have a Chairperson from among the group on a rotation basis.
13. Based on the functioning of the Steering Committee, SEBI would prescribe other norms for governance, as and when required.
14. The steering committee shall be constituted within 15 days of the circular. The steering committee shall provide the operating guidelines within 2 months of the circular.
Outcome of Innovation Sandbox
15. SEBI envisages the Innovation Sandbox to have the following benefits:
i) Product showcase
A platform for showcasing the working prototype of the solution which may help FinTech firms secure more funding.
ii) Product regulation
Assessing compliance and readiness with SEBI’s regulations.
iii) Industry interoperability
Providing an environment where developers could explore industry challenges and use cases for innovative technologies linked to interoperability of new solutions across the industry.
This circular is being issued in exercise of powers conferred under Section 11 (1) of the Securities and Exchange Board of India Act, 1992 and Section 19 of the Depositories Act, 1996 to protect the interests of investors in securities and to promote the development of, and to regulate the securities market.
Yours faithfully,
Bithin Mahanta
Deputy General Manager
Phone: +91-022-26449634
email: bithinm@sebi.gov.in
