What is the Regulatory Sandbox?
A regulatory sandbox is a controlled, supervised testing environment. It allows eligible companies to test new financial products, services, or solutions within specific parameters before launching them commercially.
- Eligible Participants: NRB-licensed banks, financial institutions, payment system operators, payment service providers, and remittance companies.
- FinTech Startups: Unlicensed technology companies can participate but are mandatorily required to partner with a licensed domestic financial institution.
Scope of Technology & Strict Prohibitions
The sandbox welcomes a wide array of cutting-edge technologies aimed at expanding financial access. However, it maintains a strict boundary against legally prohibited activities.
|
Permitted for Testing
|
Strictly Prohibited
|
|
* Application Programming Interfaces (APIs)
* Mobile Money & Retail Payments
* Digital Loans
* Digital Customer Recognition (e-KYC)
* Smart Contracts
|
* Cryptocurrencies & Virtual Assets
* Central Bank Digital Currencies (CBDCs)
* Online Gambling & Betting
|
Regulatory Relaxations & Incentives
To encourage active participation, the NRB will offer temporary waivers and relaxations on certain stringent regulations during the trial phase. These include:
- Partial or full waivers on minimum paid-up capital and permission fees.
- Flexibility regarding cash reserve requirements (CRR), minimum liquid assets, and managerial experience.
- Access to low-cost banking infrastructure, simplified reporting systems, and relaxed marketing rules.
Timeline, Compliance, and Consumer Protection
The NRB has outlined a structured timeline alongside strict consumer data safeguards:
- Timeline: The application selection process will take up to 120 working days. The initial testing period is capped at 6 months, with a potential 6-month extension if requested at least 30 days prior to expiry.
- Consumer Consent & Safety: Trials require explicit, prior customer consent, and users must be fully briefed on potential risks. Participating organizations must possess the resources to compensate consumers for any financial losses.
- Legal Compliance: Strict adherence to customer confidentiality and Anti-Money Laundering (AML) laws is mandatory.
Warning on Compliance: The NRB retains the authority to instantly revoke testing permissions if a participant compromises data security, submits false information, violates sandbox terms, or causes significant harm to consumers.
Governance and Oversight
To ensure smooth operations and strict adherence to the framework, the sandbox will be governed by a multi-layered oversight structure:
- Sandbox Governing Committee: An inter-departmental committee responsible for high-level strategy and overall regulation.
- Payment Systems Department: A dedicated committee within this department will handle day-to-day operations.
- Internal Audit Department: This NRB division will conduct annual evaluations and submit comprehensive performance reports.
