Why we need digital banks and how should they be regulated: NITI Aayog

“Having prepared the bedrock of financial innovation and inclusion [with UPI, account aggregator framework, etc], it is time to look towards the next steps in the direction of digitalisation in the banking, financial services, and insurance sector—with the advent of a full-stack digital bank—entities that will issue deposits, make loans and offer the full suite of services under the existing regulatory regime,” Suman Bery, Vice Chairman of NITI Aayog, remarked while releasing a report titled “Digital Banks: A Proposal for Licensing & Regulatory Regime for India“.

Why does this matter? The think-tank’s report discusses why India needs digital banks, the pitfalls of the current alternative to digital banks (neo-banks), and the roadmap for a digital bank licensing and regulatory framework in India. Given the influence that NITI Aayog has in shaping regulations in the country, the report might offer a glimpse into the future of banking in India.

What Are Digital Banks?

Several terms like “challenger banks”, “neo-banks”, and even “digital banks” are used interchangeably in fintech discourse without regard to whether they actually function as “banks” under the applicable law, the report contends.

Digital banks, as far as this report is concerned, are banks as defined in the Banking Regulation Act, 1949 (BR Act). “In other words, these entities will issue deposits, make loans and offer the full suite of services that the BR Act empowers them to. As the name suggests, however, DBs will principally rely on the internet and other proximate channels to offer their services and not physical branches,” the report states. Key characteristics of digital banks include:

• They rely primarily on digital channels that have organically high-efficiency metrics relative to incumbent commercial banks.
• They offer niche products targeted to demographics that are under-catered to by mainstreet banks (for example: small businesses, migrants, paycheck-to-paycheck retail consumers, gig economy workers, and millennials).
• They offer customers speed (and its corollary, the absence of friction), superior user experience relative to traditional banks, and low cost and transparent cost structures.

Digital banks are also different from Digital Banking Units (DBUs) proposed by the Finance Minister in the budget address for FY-23. DBUs are digital units of commercial banks, not full-fledged banks themselves, the report explains.

Why Do We Need Digital Banks?

India has 63.88 million unincorporated Micro Medium and Small Enterprises (MSME) and a substantial fraction of these enterprises remain outside the ambit of formal finance, according to the report. The sector relies on “informal money markets like money lenders (quick disbursal without documentation) or chit funds (delayed disbursal but lower interest rates than money lenders) to finance itself, even at the cost of staying uncompetitive owing to the usurious interest burden,” the report explains.

The International Finance Corporation (IFC) estimates the total addressable credit gap in the MSME segment to be ₹ 25.8 trillion, growing at a compound annual growth rate (CAGR) of 37%, the report states. “Traditional brick and mortar banks, even with the most optimum priority sector guidelines, face business constraints in evaluating credit risks of small ticket sizes (roughly ₹ 0.1- 1 million) that the micro and small sector enterprises may require,” the report adds.

“An exhaustive review of reasons underlying the financing gap for the MSME sector is beyond the scope of this Report. Nonetheless, the current credit gap and the business and policy constraints this section highlighted, reveal there is a need for licensed entities that leverage technology to moderate the costs of acquisition and cost-to-serve and also have the benefit of low-cost deposits to sustainably supply credit to the MSME sector,” the report states.

Additionally, there are new forms of digital micro and small businesses emerging that have novel business use-cases that they expect their bank to offer them. “A typical example in this regard is a gourmet cafe/bakery in an urban centre that relies on subscription-based SaaS vendors for its office operations. It needs a credit line tailored to its billing and payment cycle to manage its working capital cycle better. Traditional banks (including small finance banks that essentially operate to issue loans to traditional micro and small enterprises) may not be able to customize credit codes on their CBS on the fly for this client,” the report explains.

What Regulatory Framework Should India Follow for Digital Banks?

Based on how regulators globally are dealing with digital banks (more on this in the next section), NITI Aayog has come out with the following template for regulation in India.

Sequence of events

1. Introduce new licenses: Introduce a restricted Digital Business bank licence and a restricted Digital Consumer Bank license based on the factors outlined below.
2. Sandbox testing: The applicant acquiring these restricted licenses then enlists in the regulatory sandbox and commences operations in the sandbox. A regulatory sandbox refers to the live testing of new products or services in a controlled environment for which regulators may permit certain regulatory relaxations for the limited purpose of the testing.
3. The licensee becomes a full-scale digital bank: Contingent on the satisfactory performance of the licensee in the sandbox, the restrictions can be relaxed when the Licensee graduates from the sandbox and becomes a full-scale digital bank.

“The duration of this progression, i.e. the duration for which the Licensee will operate in a regulatory sandbox will vary from case to case. So, the regulation could leave for the RBI to make that determination,” the report states.

Key features of the digital bank licenses

• Minimum paid-up capital: The report recommends that Digital Business banks be required to bring in ₹20 crore of minimum paid-up capital in the sandbox phase and ₹200 crore (equivalent to that required of the Small Finance bank) upon progression to a full-scale Digital Business bank. Digital Consumer banks can follow a similar process but the value may be decided proportionate to the projected book size and risk profile of borrowers in the business plan because there is no incumbent proxy to derive an approximation from.
• Track record: Given the “digital-native” nature of operations, the licenses may require the applicant entity to have an established track record in adjacent industries such as e-commerce, payments, and technology (e.g., cloud computing). As with other licenses (e.g., Payment banks, NUEs), applicants may have the option to apply as a consortium. Existing neo-banks seeking to upgrade to a digital banks are also potentially eligible candidates for application, the report states.
• Equal access to the infrastructure enablers: Digital banks should have access to all the key infrastructure enablers in the Indian financial ecosystem that traditional banks have. This includes access to Aadhaar eKYC, UPI, NEFT/RTGS, ATM schemes, Deposit Insurance & Credit Guarantee Corporation, and account aggregator ecosystems.
• Phased relaxation of business restrictions: Digital banks in other jurisdictions started with business restrictions and proportionately reduced minimum paid-up capital thresholds. India can mirror that approach. These business restrictions can be in terms of asset and deposit size (in value terms) or the number of customers serviced, the report recommends.
• Prudential and liquidity risk regulation: Being full-fledged banks, Digital Business banks will be required to be fully compliant with the relevant thresholds applicable to them specifically, or to commercial banks generally, when it comes to aspects like capital adequacy, risk weights, and liquidity coverage ratio. In the sandbox phase, RBI may prescribe standards proportional to the asset and deposit caps that digital banks are subjected to, the report recommends.
• Technological risk regulation: Technology risks assume greater importance for digital banks relative to traditional banks because they leverage their APIs to have relationships with numerous counter-parties that risks can originate from. The licence should require conditions for ex-ante technological preparedness and ex-post business continuity planning, the report prescribes. Ex-ante technological preparedness will entail aspects like zero-trust architecture, industry-grade certifications like PCI-DSS, board-level policies, and expertise in assessing evolving cybersecurity risks.
• Business continuity planning: Since the global financial crisis, regulators including the Federal Reserve have required banks to submit business continuity plans (BCPs), also known as “Living Wills”, in order to provide an exit strategy for depositors and other creditors to the bank in the event of bank failure or winding down of business for other reasons. On the same lines, digital banks should be required to submit BCPs, the report recommends.
• Technological neutrality: Consistent with the best practices around the world, the digital bank licence should be technologically agnostic. It should neither express a preference for nor bar a bank from using or not using any technology.
• Products in the restricted phase for digital banks: “Experience with Payments banks suggests that it may be prudent to not be too rigid in defining these limits lest it create disincentives for micro and small businesses to utilize these accounts for their business transactions. Illustratively, consider a limit of ₹ 100,000/- for end-of-day balances in current accounts offered by these banks. Such limits can restrict micro and small businesses from utilizing these accounts during seasonal cash flow surges (eg, Diwali) or use these accounts as designated accounts for loan disbursals,” the report explains. A digital bank may potentially offer the following banking services in the restricted phase.
  • Loans;
  • Credit cards;
  • Current account services, business banking services;
  • Other innovative credit products to retail consumers (“This expression is worded broadly deliberately. It is expected that licensees will create innovative products for retail consumers responding to felt needs of the marketplace,” the report states); and
  • Time deposits from retail consumers, MSME businesses, and other corporate and unincorporated entities.
• Value-added services: “Digital Business banks are uniquely placed to benefit from a unified offering of both banking and value-added commercial services, as neo-banks are already offering many of these services in India. APIs enable them to integrate services like payroll, accounts receivables, accounts payables management, tax compliance, and other SaaS-based services in the business flow of their customers directly,” the report states. “We recommend that the digital business banks have permission to engage in non-financial business complementary to their core financial business,” the report adds.

Priority Sector Lending norms for digital banks

Currently, traditional banks have to adhere to Priority Sector Lending (PSL) norms set forth by the RBI. According to these norms, banks have to lend a certain quota to sectors of the economy which may not otherwise receive timely and adequate credit. “As with differentiated minimum capital requirements earlier, application of PSL obligations to innovative bank licensing regimes warrant nuance rather than a ‘checklist’ approach of extending PSL obligations mechanically,” the report states, while recommending the following:

• Digital business banks: MSMEs are one of the eligible categories for PSL obligations. Since digital business banks are proposed to be established to help MSMEs by their very purpose, the report recommends that RBI may keep other PSL obligations for digital business banks narrow. The report also recommends that the PSL obligations can be determined on a case-by-case basis.
• Digital consumer banks: Under current norms, loans to the following categories are considered as part of PSL: loans to SC/ST communities, women, individuals uprising vocational courses, and persons with disabilities. “These categories, being in the nature of retail consumers are a natural target group for Digital Consumer banks. In other words, Digital Consumer banks would have the specialized capacity to under-write borrowers in these aforementioned categories. So, it is recommended that upon being fully operational, Digital Consumer banks may be considered to have complied with their PSL obligations if a defined % of their asset book comprises of credit to these categories of borrowers,” the report recommends.

How Are Other Countries Regulating Digital Banks?

Singapore, Hong Kong, and Malaysia have issued special regulatory regimes for digital banks. In the United Kingdom, regulators have recognised digital banks by issuing banking licenses within existing regulations without creating specialist regimes.

To understand the regulations in other countries, NITI Aayog created a 4-factor index called the Digital Bank Global Regulatory Index. The main purpose of the index is to give a frame of reference for what “default settings” India’s digital bank regulatory framework should adopt.

“We first describe the four factors comprising the index and the scoring methodology adopted. In the next step, we score each of the benchmark jurisdictions against the Index with a view to draw lessons for the proposed Indian DB legal framework,” the report explains. The benchmark jurisdictions chosen for this are Singapore, the UK, Hong Kong, Malaysia, Australia, and South Korea. The 4-factors comprising the Index are as follows:

1. Entry barriers: This factor will score a regime contingent on whether the entry barriers for fintech and adjacent entities in securing the digital bank licenses are high or low. For example, if a jurisdiction prescribes a one-size-fits-all minimum capital requirement as eligibility without regard to their differentiated business models, it will be scored negatively against this factor, the report explains.
2. Competition: This factor scores a regime in terms of how pro-competitive it is. For example, regimes that do not privilege incumbents relative to digital banks operationally will be scored positively against this factor.
3. Business restrictions: This factor scores a regime in terms of the degree of autonomy it confers on a digital bank in its day-to-day operations.
4. Technological neutrality: Since underlying technologies that regulated entities use are in a state of dynamic flux, if a regulatory regime leans in favour of one technology over another, it can have a chilling effect on innovation, the report explains. So, regulatory regimes that mandate or otherwise privilege specific technologies are scored negatively against this factor.

What Are the Challenges With the Existing Partnership-based Neo-bank Model?

There are three classes of entities that are emerging to challenge traditional banks:

1. Neo-banks: Neo-banks partner with incumbent licensed banks to offer “over-the-top” services to the consumers by relying on the balance sheet of a traditional bank to lend and issue deposits from. Examples: Open Technologies, RazorPayX, and Dave.
2. Full-Stack (licensed) digital banks: These entities are fully functional banks, regulated by the banking regulator and issue deposits and make loans on their own balance sheet. Examples: Starling, Webank, Kakao, Monzo, and N26 (all outside India).
3. Autonomous digital units of traditional banks: These entities are essentially neo-banking operations of traditional banks that function autonomously and compete with stand-alone neo-banks. Examples: Marcus (Goldman Sachs), 811 (Kotak Mahindra Bank), and Yono (State Bank of India).

In India, the neo-bank business model has prevailed as a function of a regulatory vacuum. “In the absence of a licensing regime for ‘full-stack’ digital banks, fintechs [sic] offering the neo-bank proposition in India have improvised and adopted the ‘front-end neo-banks’ model,” the report explains.

But the neo-banks model presents several challenges including:

1. Limited revenue potential: These entities earn fee-based revenue wherever they act as channel partners (account opening and onboarding, investment opportunities, credit), and potentially earn a fraction of interchange on payments processed through cards. But other than these two buckets, they lack any other revenue sources, the report states.
2. Potential obsolescence of the partner bank’s core banking system: Neo-banks are constrained by the products their partner bank can offer within its business and technological infrastructure. “Without the ability to leverage their balance sheet and their own technological stack to create ‘ground-up’ credit products and user experiences, their potential will never be fully unlocked,” the report states.
3. High cost of capital: Without a licensing framework, neo-banks cannot issue low-cost deposits and are constrained to rely on expensive equity capital to fund innovation and operations, the report points out.
4. No entry barrier: “In absence of a licensing framework, entry barriers for fintechs to enter neo-banking space are low. This creates two negative externalities for the ecosystem. First, as with any ecosystem with low barriers to entry, this context offers opportunities for actors that are not fit and proper to enter the market creating a consumer protection risk, especially on the retail side. Secondly, it creates herd mentality in terms of simply replicating business models and products already witnessed by the markets, rather than genuine innovation,” the report explains. The report states that creating a digital bank licenses raises the barrier to entry and mitigates the risk to innovation flagged above.

Also Read