Launch Q3 2026
BearGuard®
BearGuard®
Governance & AI Guardrails
DE EN
Countries & Authorities

India — Financial Jurisdiction and Regulatory Framework

India as an emerging major financial jurisdiction. Overview of regulatory structure, supervisory authorities (RBI, SEBI, IRDAI, PFRDA, FIU-IND), and key frameworks including data protection (DPDP Act 2023).

LinkedIn X WhatsApp

Summary

India is the fifth-largest economy in the world and possesses a rapidly growing financial sector serving over 1.5 billion people. The Indian financial market is governed by a multi-layered supervisory structure, with the Reserve Bank of India (RBI) serving as the central bank and supreme regulatory authority for banking.

  • Anti-money laundering: FIU-IND as the Financial Intelligence Unit under the Prevention of Money Laundering Act (PMLA 2002, Act No. 15 of 2003, in force since 1 July 2005)
  • Tax law: Central Board of Direct Taxes (CBDT) and Central Board of Indirect Taxes and Customs (CBIC)
  • Banking supervision: RBI supervises commercial banks, NBFCs, and payment systems
  • Capital markets: SEBI regulates securities markets, mutual funds, and stock exchanges
  • Insurance supervision: Insurance Regulatory and Development Authority of India (IRDAI) under the IRDA Act 1999
  • Pension supervision: Pension Fund Regulatory and Development Authority (PFRDA)
  • Data protection: Digital Personal Data Protection Act (DPDP Act) 2023, passed on 11 August 2023; DPDP Rules 2025 notified on 13 November 2025
  • FATF membership: Full member of the FATF since 2010

History

Indian financial regulation dates back to the colonial era. The Reserve Bank of India was established in 1935 under British rule and nationalized in 1949. In the decades following independence (1947), the financial sector was heavily state-controlled — the bank nationalizations of 1969 and 1980 brought over 80% of banking assets under government control.

The turning point came with the liberalization reforms of 1991 under Finance Minister Manmohan Singh. The establishment of SEBI (1992) as an independent capital markets regulator and the gradual opening of the financial market to private and foreign players fundamentally transformed the sector. The Prevention of Money Laundering Act (PMLA) 2002 received presidential assent on 17 January 2003 (Act No. 15 of 2003) and came into force together with its Rules on 1 July 2005; the establishment of FIU-IND (2004) complemented the AML regime. India's digital revolution — particularly the Unified Payments Interface (UPI) from 2016 onward — has dramatically modernized the financial system. With the Digital Personal Data Protection Act (DPDP Act) 2023 — passed on 11 August 2023, with its DPDP Rules notified on 13 November 2025 — India enacted its first comprehensive data-protection statute. The implementation of CRS and the signing of the FATCA agreement integrated India into the international tax information exchange network.

Scope

The Indian regulatory framework covers one of the most diversified financial sectors in the world:

  • Scheduled commercial banks (public and private) and regional rural banks (RBI)
  • Non-Banking Financial Companies (NBFCs) and housing finance companies (RBI/NHB)
  • Stock exchanges (BSE, NSE), brokers, and mutual funds (SEBI)
  • Insurance companies (IRDAI)
  • Pension funds (PFRDA)
  • Payment systems and FinTech companies (RBI)
  • All reporting entities under PMLA (FIU-IND)

Key Requirements

  • RBI licensing for banks, NBFCs, and payment service providers
  • SEBI registration for market participants, mutual funds, and portfolio managers
  • Compliance with PMLA including KYC norms (Aadhaar/PAN-based)
  • Filing of suspicious transaction reports (STR) and cash transaction reports (CTR) with FIU-IND
  • Compliance with the Digital Personal Data Protection Act (DPDP Act) 2023 and the DPDP Rules 2025 (consent, data-fiduciary obligations, protection of personal data)
  • Implementation of CRS for automatic exchange of information
  • Compliance with FATCA agreement (IGA Model 1) with the United States
  • RBI regulations on the Liberalised Remittance Scheme (LRS) for capital flows

Related Frameworks

FATFAIA/CRS

Corrections & Errata

2026-QA-284 Update 29 May 2026
Digital Personal Data Protection Act 2023 (DPDP Act) entirely missing

The profile does not mention the DPDP Act 2023, India's first comprehensive data-protection statute (passed 11 Aug 2023; implementing rules notified 13 Nov 2025).

Full details on the errata page →
2026-QA-221 Clarification 20 March 2026
Orphan framework connected: India → fatf, aia

India had no connections. Connected as FATF member and AIA participant.

Full details on the errata page →
2026-QA-174 Correction 18 March 2026
PMLA date corrected (2002→2003)

key_dates: 2002-01-17 corrected to 2003-01-17

Full details on the errata page →

Content last reviewed: 29 May 2026. Found an error or need an update? [email protected]