IFSC Payment Regulatory Board: Impact on Banks, NBFCs & Fintechs

IFSC’s Payment Regulatory Board What It Means for Banks, NBFCs, and Fintechs

IFSC Payment Regulatory Board: Impact on Banks, NBFCs & Fintechs

 

Legal Foundation of the International Financial Services Centres Authority’s Governance

The establishment of the International Financial Services Centres Authority (Payments Regulatory Board) Regulations, 2025, represents a significant and decisive step in consolidating the governance of payment systems within India’s International Financial Services Centre (IFSC). This framework is not an isolated set of rules but is firmly rooted in a clear and robust legislative mandate.

The regulations were formally brought into effect on September 16, 2025, exercising powers conferred by specific sections of two foundational acts of the Parliament of India. The primary authority is derived from sub-section (1) of Section 28, read in conjunction with sub-section (1) of Section 12 and sub-section (1) of Section 13 of the International Financial Services Centres Authority Act, 2019. This legislative basis grants the IFSCA the overarching power to establish regulations for financial products, services, and institutions operating within the IFSC.

In a complementary role, the new regulations also draw power from sub-section (1) and (2) of Section 38, read with sub-section (4) of Section 3 and Section 34B of the Payment and Settlement Systems Act, 2007 (51 of 2007). The promulgation of these new regulations on September 12, 2025, officially repealed the earlier International Financial Services Centres Authority (Board for Regulation and Supervision of Payment and Settlement Systems) Regulations, 2024, signaling a fresh and refined approach to payment oversight within the IFSC.

The Payments Regulatory Board (PRB) itself is constituted under sub-section (2) of Section 3 of the Payment and Settlement Systems Act, 2007. Its composition is strategically designed to ensure competence and integrity in its function. Nominated members are selected by the Central Government from a pool of individuals with demonstrated ability, integrity, and standing, possessing deep knowledge and professional expertise in critical domains such as payment systems, information technology (including cybersecurity), and law.

The tenure for these nominated members is clearly defined as a period of four years. A notable provision states that these individuals are not eligible for re-nomination, a rule that aims to promote a regular renewal of perspectives on the board. A specific exception is made for a member who is a public servant, as defined in clause 28 of section 2 of the Bharatiya Nyaya Sanhita, 2023, who may be eligible for a second term.

The Legal Framework for Payment Service Providers in IFSC

The IFSCA’s approach to regulating payment services is predicated on a clear classification of entities and a tiered system of oversight. At the core of this framework is the “Payment Service Provider,” or PSP, which is legally defined as a company that has been granted a certificate of authorisation by the IFSCA to provide one or more of the payment services listed in Part A of Schedule I of the International Financial Services Centres Authority (Payment Services) Regulations, 2024.

The regulations specify a mandatory legal form for all applicants, stipulating that a person must be incorporated as a company and maintain its registered office within the IFSC. This foundational requirement ensures that all entities providing regulated payment services are subject to the same corporate governance and legal jurisdiction from their inception.

The framework encompasses a range of activities including account issuance, e-money issuance, cross-border money transfers, and merchant acquisition services. A significant amendment to the regulations on April 2, 2024, refined the definition of an “escrow service,” specifying that it involves a PSP holding money in an escrow account with an IFSC Banking Unit or an IFSC Banking Company on behalf of one or more parties involved in a transaction.

A central tenet of the regulatory architecture is the legal distinction between a “Regular Payment Service Provider” and a “Significant Payment Service Provider.” The latter is an entity that, while operating as a PSP, has been formally designated as “significant” by the Authority due to its scale of operations and the potential for wider systemic impact. This designation is triggered when a PSP meets specific quantitative thresholds defined in Part C of Schedule I of the regulations.

For payment services other than e-money account issuance, a PSP becomes significant if the monthly average value of its total payment transactions over a calendar year exceeds USD 2 million for a single service or USD 4 million for two or more services.1 For entities providing e-money issuance or e-money account issuance services, the threshold for designation is the point at which the average daily value of the stored or issued e-money surpasses USD 3 million over a calendar year.

This tiered regulatory model signifies a sophisticated, risk-based supervisory philosophy. It allows the IFSCA to apply lighter-touch governance to nascent or smaller entities, thereby fostering innovation and minimizing regulatory burdens on new entrants.

Simultaneously, it ensures that entities with a substantial market footprint, whose operations are critical to the broader financial ecosystem, are held to a higher standard of financial and operational resilience. This approach balances the need to cultivate a dynamic financial hub with the paramount objective of maintaining stability and market integrity.

Authorization and Compliance Mandates for Fintech Entities

The regulatory framework imposes a series of stringent, interconnected requirements that all fintech companies must satisfy to operate as Payment Service Providers in the IFSC. The first of these is the legal form of the entity itself, which must be a company incorporated with a registered office in the IFSC. This is a non-negotiable prerequisite for applying for authorization.

In addition to this formal structure, the regulations mandate compliance with a specific minimum net worth requirement, which is reviewed on an ongoing basis. A Regular Payment Service Provider must maintain a minimum net worth of USD 100,000 upon commencing operations and is required to grow this to USD 200,000 by the conclusion of its third financial year.

For entities that are designated as Significant Payment Service Providers, the requirements are more rigorous. Such a company must attain a minimum net worth of USD 250,000 within ninety days of its designation and further increase this to USD 500,000 by the end of its third financial year as a significant entity.

These escalating financial requirements are designed to ensure the perpetual financial soundness and stability of the regulated entities, and the Authority can require a PSP to undergo stress tests to assess its ability to withstand adverse economic scenarios.

Beyond financial capacity, the regulations enforce a demanding “fit and proper” standard for the key individuals steering the company, including its directors, Key Managerial Personnel, and all persons exercising control. This requirement is a critical component of the Authority’s pre-emptive risk mitigation strategy.

The evaluation of these “Relevant Persons” is undertaken not only by the applicant but also by the Authority itself, and in the event of any difference in findings, the Authority’s determination is considered final. A person is deemed “fit and proper” based on a record of fairness, integrity, honesty, and a good reputation.

The regulations also lay out a comprehensive list of disqualifications that would preclude an individual from being considered fit and proper, including conviction for an offense punishable with imprisonment for a term of one hundred and eighty days or more, being an undischarged insolvent, or having been debarred from accessing financial services by a regulatory authority.

This detailed vetting process for both the entity and its leadership signifies that the IFSCA is focused on cultivating a secure and trustworthy ecosystem from the very beginning. The high standards of probity and financial stability are fundamental to attracting and retaining international confidence in the IFSC as a premier financial hub.

The Distinct Role of Banking and Other Financial Institutions

The IFSCA’s regulatory architecture for payment services establishes a clear and deliberate division of roles between Payment Service Providers and traditional banking institutions. The IFSCA (Payment Services) Regulations, 2024, explicitly recognize that certain entities are exempt from the requirement of obtaining authorization under this framework. As specified in Schedule IV of the regulations, this exemption applies to an IFSC Banking Company (IBC) or an IFSC Banking Unit (IBU) that is licensed or permitted to operate under the Banking Regulation Act, 1949.

This provision prevents regulatory overlap and acknowledges that these entities are already governed by a separate, equally rigorous regulatory and licensing regime. While exempt from the payment services authorization, these banking entities are not peripheral to the system; they are integral to its operational integrity.

The regulations mandate that a PSP must identify an IBU or IBC to act as its “Nodal Bank,” which is responsible for holding security deposits and, crucially, for maintaining escrow accounts to safeguard user funds. This legally established interdependence solidifies the cooperative relationship between fintech innovation and traditional banking stability within the IFSC ecosystem.

A notable aspect of the provided regulatory documents is their silence on the regulation of Non-Banking Financial Companies (NBFCs) within the payment services framework. The term “NBFC” is not defined or mentioned in the IFSCA (Payment Services) Regulations, 2024.

This is a key point of clarification for entities operating in the Indian context, where the legal definition of an NBFC is crucial. This legislative clarity is not a void but a function of the IFSCA’s modular regulatory design. The provided documents indicate that entities analogous to domestic NBFCs are governed under a separate and distinct framework, specifically the IFSCA (Finance Company) Regulations, 2021. Within this framework, they are referred to as “Finance Companies” or “Finance Units”.

This approach allows the Authority to create purpose-built regulatory streams, one for payment systems and another for finance and credit activities, without the complexity of a single entity having to comply with a fragmented set of rules. This separation provides a high degree of regulatory certainty and predictability for market participants, which is essential for an international financial center.

The absence of NBFC-specific provisions within the payment regulations underscores the IFSCA’s intent to create a clean, purpose-driven legal environment that is distinct from the often-overlapping regulatory structures of the domestic Indian market.

Operational Duties and Safeguarding Mechanisms for Payment Services

The integrity of the payment ecosystem in the IFSC is maintained through a set of stringent operational and conduct-of-business duties imposed upon Payment Service Providers. The most fundamental of these is the legal duty to protect “applicable funds,” which are defined as funds received from or for the benefit of a payment service user for the purpose of executing a payment transaction.

The regulations mandate that a PSP must safeguard these funds no later than the next business day after their receipt. This is a rigorous requirement designed to minimize the time funds are exposed to operational or institutional risk. The regulations provide several legal methods for this safeguarding, including obtaining a guarantee from a safeguarding institution or, most commonly, depositing the money in a dedicated trust or escrow account maintained with an IFSC Banking Unit.

The funds held in these escrow accounts must at all times be completely segregated from any other funds held by the PSP, which provides a critical layer of protection for the customer in the event of institutional failure.

For entities that provide e-money issuance services, the operational requirements are further specified in detail. The regulations dictate that the balance in a PSP’s escrow account must never fall below the total value of outstanding e-money issued and any payments due to payment service users at the end of each day.

This is a continuous legal obligation that ensures the PSP maintains a one-to-one reserve for all issued e-money. The regulations also contain specific prohibitions to prevent abuse of the e-money system. A PSP is forbidden from issuing e-money at a premium or discount, from using collected funds to extend loans or financing, from paying interest or other returns on e-money balances, or from allowing e-money to be withdrawn as cash. These prohibitions are fundamental to ensuring that e-money operates as a pure payment instrument and not as a deposit-taking or credit-granting vehicle.

In addition to these safeguarding mechanisms, the framework places significant emphasis on consumer protection and operational transparency. PSPs are legally required to provide a mandatory disclosure statement to their customers, which must be published at least once in all publicly available material. The statement, in effect, warns that while the PSP is authorized by the IFSCA, a customer may not be able to recover all their funds if the business fails.

This measure ensures that customers are fully aware of the legal limitations on fund recovery. Furthermore, PSPs must establish a robust grievance redressal mechanism with sufficient staff to address queries and complaints within thirty days. Unresolved disputes must be referred to online conciliation and/or arbitration, which establishes a clear, efficient, and binding process for conflict resolution. These provisions collectively work to create a highly secure, transparent, and user-centric environment that is conducive to both innovation and sustained market confidence.

Conclusion

The IFSCA has meticulously crafted a unified, purpose-built regulatory framework for payment systems that is poised to establish the IFSC as a leading global hub for fintech and financial innovation. The foundation is legally robust, drawing authority from both the International Financial Services Centres Authority Act, 2019, and the Payment and Settlement Systems Act, 2007.

The creation of a dedicated Payments Regulatory Board signifies a consolidated and authoritative approach to governance that streamlines oversight. A key element of this framework is its tiered regulatory system, which distinguishes between regular and significant payment service providers based on clear, quantifiable financial thresholds. This risk-based approach enables the Authority to promote the growth of smaller fintechs while simultaneously imposing higher standards of resilience and governance on larger, systemically important entities.

For fintech companies, the regulations establish clear rules of engagement, including mandatory legal forms, specific net worth requirements, and a demanding “fit and proper” vetting process for key personnel. This rigorous entry and operational criteria are designed to filter out unviable or high-risk ventures, thereby protecting the integrity of the ecosystem.

The legal framework also defines a distinct and cooperative relationship with traditional banking institutions. IFSC Banking Units and IFSC Banking Companies are exempt from the payment services authorization, but they are essential partners, serving as nodal banks and safeguarding institutions. This cooperative model provides clarity on roles and avoids regulatory fragmentation. Perhaps the most significant aspect of this framework is the uncompromising focus on consumer protection through detailed safeguarding mechanisms, mandatory fund segregation in escrow accounts, and an efficient dispute resolution system.

These measures demonstrate that the IFSCA is prioritizing transparency, security, and accountability as fundamental pillars of its regulatory philosophy. The legal framework established by the IFSCA signifies a proactive and forward-looking strategy to foster a predictable and trustworthy environment for international financial services, which is paramount for the long-term success of the IFSC ecosystem.

Understand how the RBI’s revised guidelines could affect compliance and operations for digital lending platforms.

agrud partners mumbai logo
Disclaimer

The Bar Council of India Rules expressly prohibit law firms from soliciting work and advertising directly or indirectly. The contents of this website are intended solely for general information and knowledge of the user and are not an offer of legal services or advertising, and neither does accessing the website create an advocate-client relationship. We do not provide legal advice through this website. Publications and thought leadership content published on the website are for informative purposes only. Hyperlinks to third-party websites are only for reference and do not imply endorsement by Agrud Partners. Agrud Partners and its partners/authors assume no liability for the accuracy or reliability of information on third-party websites or for any loss due to reliance on such information. The contents of this website and linked publications are protected under intellectual property laws. Restricted access areas on this website may be subject to additional usage terms.

This website uses cookies to enhance user experience and for website improvement. By using this website, you consent to our use of cookies.

For inquiries regarding our website’s compliance, please contact mumbai@agrudpartners.com

Agree