Legal Requirements and Compliances needed for Fintech Startup in India

The future of the Fintech industry in India is increasingly shining and growing due to the growth of start-ups in the Fintech industry, the penetration of mobile users, the continuous construction of digital networks and the streamlining of financial processes in many industries.

Fri Jul 01 2022 | Business Law | Comments (0)


'FinTech' organizations are financial institutions which, through the digital media, provide financial assistance, planning and management services to other companies and individuals. A fintech company varies from a bank and also requires in-depth preparation and guidance to start a finance start-up or FinTech in India.

There are 4 types of online finance companies providing services:

Legal requirements and formalities for a start-up that wants to set up FinTech business in India:

  1. One Individual Corporation:An OPC is a blend of sole proprietorship and business, where the company has only one owner but operates as a business.
  2. Limited Liability Partnership:An LLP is a mixture of a partnership and a company, where the limited liability of all the partners is limited to their respective shares only.
  3. Private Limited Company: In a PLC, as it has its own rights and liabilities independent from the owners, the directors and shareholders of the company have no personal obligation to the creditors of the company. This is the right framework for India's financial technology market.
  1. Co-Founders Agreement
  2. Intellectual Property Licensing Agreement
  3. Privacy Policy
  4. Website User Policy
  5. Terms of use for mobile app users
  6. Vendor Agreement
  7. Product Development Agreement
  8. Employment Agreements
  9. Get Intellectual Property: Trademark,  Patent and Copyright  comprise of Intellectual Property. To preserve its brand name, slogan, website, mobile app, etc., an online finance company needs to register these rights. This will provide them with exclusive right to use. Licensing:  Intellectual Property can be licensed via a licensing agreement that sets out the terms and conditions for use and payment. For Payment service: A 'Differentiated banking license' scheme for granting 'on-tap' licenses to companies wishing to start financial or banking services has been introduced by the Reserve Bank of India. They should apply to register with the RBI for this.
  10. For P2P:They can only behave as intermediaries.
  11. For retail service providers: fintech retail licensing to offer lending and depositing services to micro, small and medium-sized and unorganized industries.
  12. For Financial Management/Investment: There are no regulations for finance management companies, but this FinTech will be registered as NBFCs- Non-Banking Finance Companies proposed by the RBI.

Compliances Required

The main fintech companies began as start-ups, while others have only expanded their online services. Fintech companies have been listed in a number of respects. Payments and remittances, lending networks, personal finance, blockchain and cryptocurrencies, company applications and investment platforms are several of these. To classify a start-up into any of the categories has become a tedious assignment. Most of them have begun to provide different services that confuse the nature of classification. Regulations and investments vary according to the market segment.

Personal Finance and Investment Platforms:

Impact of Aadhar Judgment on Fintech

Section 57 of the Aadhaar Act was struck down by the Supreme Court in 2018. Section 57 allowed the 12 digit Aadhaar number to be used by any state, company, or person to determine an individual's identity. This judgment prohibited private entities from accessing individuals' Aadhaar data. The decision had a major effect on the e-KYC Fintech industry, which relied on Aadhaar. For payments and lending platforms in particular, it was a huge blow. This suggests that the fintech firms are going to have to go back to the old KYC based on paper. However, its 'Master Direction on KYC Standards' was later amended by the Reserve Bank of India. The direction was a consequence of the decree passed by the Government by amendment of the 2005 Rules on Money Laundering Prevention (Maintenance of Records) and certain provisions of the 2016 Aadhaar Act.

The ordinance, with the consent of the consumer, permitted the voluntary use of Aadhaar in physical (QR code) or electronic form for offline verification and eKYC. Only banks were, however, permitted to use Aadhaar-based eKYC. Fintech companies also had to go with Aadhar's offline verification based on QR codes or XML files. Users can download XML files from the UIDAI website. They contain required information that can be shared offline without disclosing the Aadhaar number for KYC purposes. The ease and efficiency offered by the older eKYC methods could never replace this device. Due to the sophisticated KYC requirements, Fintech companies, especially from the payments sector, lost a lot of customers. The Steering Committee on Fintech recently submitted its report to the Ministry of Finance on the easing of KYC standards through methods such as video-based KYC and Digi locker facilities. Digi locker is an online forum for document/certificate issuance and verification. A cloud storage space associated with the Aadhaar number is received by users who sign up on the website. Positive changes in the KYC regulations will help to raise new highs for the industry.

Compliance with the Information Technology Act 2000

Fintech companies are sites that operate on the internet. They are also mandated to obey the directions set out in the IT Act. Section 43A defines the responsibility of corporate organizations to pay damages in the event of negligence in maintaining fair security measures for the protection of their users' confidential personal data. In violation of a lawful contract, Section 72A prescribes penalties for disclosure of details. Fintech companies rely on individuals' personal data a lot. To prevent legal problems, it is important to follow the specified data security requirements.

2011 rules on Information Technology (Reasonable standards and procedures for protection and confidential personal data or information) explains personal information as any information that directly or indirectly relates to a natural individual, information that is able to distinguish a person when combined with other information. Details or information such as passwords, biometric data, financial data, sexual orientation, etc. are sensitive personal data. The rules govern how the storage, use, processing and transfer of personal data are carried out. It also allows organizations to create a privacy policy and make it available in a transparent and open manner to information providers. Corporate bodies must obtain permission from the provider of information prior to the disclosure of any confidential personal data. In addition, corporate organizations must maintain security control structures and information security procedures. Certifications such as IS, ISO and IEC 27001 are included.


The use of new technology to provide financial services has contributed significantly to financial inclusion. However, unclear legislation, consumer mistrust and the lack of a broad customer base are complications for this sector, especially when compared to traditional financial institutions. Traditional financial institutions have client trust.

In addition to current legislation, potential laws such as the "Personal Data Protection Bill" will have a direct effect on the fintech industry powered by data. For FinTech start-ups, data is a lifeline. For the launch of new products and services, modern technologies need data. The inconsistency in current legislation has led to numerous operational difficulties for fintech companies. Fintech companies that offer various services are also subject to various regulations from various regulators. The industry hopes that, along with other financial institutions, the government's supportive policy would guarantee them a level playing field. "Industry 4.0" and wide-scale financial inclusion will lead to the growth of fintech companies.

Copyright 2023 – Helpline Law - HLL001


You could get in touch with our team to find a suitable lawyer for assistance.
Helplinelaw has been referring lawyers that fit your needs in terms of seniority and experience since 2001

Other Latest Articles