As the financial sector met new-age technology and ‘Fintech’ was born, both businesses and the public embraced the revolution as the convenience, inclusivity and affordability it offered surpassed the offerings made by traditional financial players.
The role fintechs play in the growth of MSMEs and other financially underserved segments of the economy cannot be ignored. Compared to traditional players, fintechs are more liberal in their screening process of customer-base, as well as more flexible in the products/services they offer, making it possible to serve wider segments at where they are rather than where they need to be to get financially included.
The Reserve Bank of India (RBI) has time and again demonstrated its intention to promote innovations in the financial sector. As noted by RBI Deputy Governor T Rabi Sankar, in a keynote address at an event on July 11, the RBI has taken steps to foster innovation for the past few years with a slew of measures; these include the guidelines for account aggregators in 2016, peer-to-peer lending in 2017, the regulatory sandbox framework in 2019, the establishment of an innovation hub in Bengaluru in 2021, and currently with the Central Bank Digital Currency (CBDC) pilot. Shankar also said that while fintech may seem new, the underlying financial products remain the same, and held a view that while banking licence may not be required for these entities, they still need to be regulated.
The risks a fintech company face are inherent to their very business model, meaning the advantages that they offer could have negative outcomes if not addressed adequately in time. For instance, fintechs beat competition by reducing the processing time for loans and other services, but a total dependency on artificial intelligence (AI) and machine learning (ML) to ensure KYC and other documentation could be highly risky on account of the increased possibility of identity threats and document forgery powered by AI tools. Similarly, its sole dependence on digital technology makes it more vulnerable to cyber security threats and data theft, which would result in significant financial and personal risks for its customers.
Considering that even tech-savvy people find it difficult to understand how AI works, the extent of trust reposed by the public in fintech — as compared to banks and NBFCs — would be highly volatile, and the customer-base could disproportionately react to even the slightest possibility of a risk.
Even as the RBI shows its keenness to nurture fintech innovation, it is necessary to come up with a strong regulatory framework covering both financial aspects as well as a baseline cybersecurity framework for all fintech players in the interest of the public that is increasingly consuming fintech products. The RBI had come up with a cybersecurity framework in 2016 for scheduled commercial banks and has issued draft master directions on cyber resilience and security controls for non-bank payment system operators in June 2023. However, the RBI may have a lot more to do here.
An important factor to consider is that fintechs are not solely the responsibility of the RBI — they will need legislation that are capable of withstanding any further AI and ML overdrive in any part of the world. This holds true for every sector that meets technology. Rather than leaving the courts with an ever-increasing load of cases where expert views might be required, we urgently need to amend legislation to effectively cover technological advancements.
Are the current legislative, regulatory, and judicial systems equipped to handle the new challenges that the customers face as a result of using services they cannot comprehend? While we do look forward to proposed legislative reforms in the form of the Digital India Bill, and the Digital Competition Bill, the question remains if India is a bit late to the party.
Here is where a multi-disciplinary approach with the participation of the RBI, the government, the professional bodies, and the industry associations will help. While the Ministry of Electronics and Information Technology is said to be working with the RBI to clamp down on fake apps, a comprehensive legislative and regulatory framework exclusively for fintech may be the need of the hour—this will address governance issues as well as risk management from both the cybersecurity and financial perspective.
(Puzhankara Sivakumar is a Kochi-based practising company secretary, Ranjith Krishnan is a Thane-based sustainability consultant, and Anju Panicker is a Chennai-based practising company secretary. Views expressed are personal.)
Disclaimer: The views expressed above are the author's own. They do not necessarily reflect the views of DH.