Fintech & Payments

The licensing requirement depends on your product. Payment aggregators need RBI authorisation under the Payment and Settlement Systems Act. Digital lending platforms must comply with the RBI’s Digital Lending Guidelines. NBFCs require RBI registration. Insurance technology products may need IRDAI approvals. Account aggregators operate under the RBI’s Account Aggregator framework. Companies dealing in virtual digital assets must register with the FIU-IND. Peer-to-peer lending requires NBFC-P2P registration. Prepaid payment instruments require RBI approval. The specific licence depends on the precise activity your product performs, and getting this classification right at the outset avoids regulatory risk later.

A payments company must comply with the Payment and Settlement Systems Act (RBI authorisation), RBI’s data localisation directive (payment system data must be stored in India), PCI DSS for card data handling, the DPDP Act for personal data, CERT-In’s six-hour incident reporting requirement for cybersecurity incidents, AML/KYC obligations under the PMLA, the Consumer Protection Act for consumer-facing services, GST compliance, and IT Act obligations including intermediary guidelines if the product involves user-generated content or third-party transactions. We help payments companies map their product to the full regulatory stack and build compliance from the outset.

BNPL products exist in a regulatory grey area that is increasingly subject to RBI scrutiny. If the BNPL product extends credit, it likely requires an NBFC licence or a partnership with a licensed NBFC or bank operating within the digital lending guidelines. The RBI’s Digital Lending Guidelines require that all loan disbursements and repayments flow through the borrower’s bank account, that all fees and charges are disclosed upfront, and that the borrower is given a cooling-off period. First-party BNPL (where the merchant itself offers deferred payment) may have different regulatory treatment than third-party BNPL (where a separate entity provides the credit). We advise on structuring BNPL products to comply with the evolving regulatory framework.