infosec for indian fintech companies

Why is compliance more than just a tick box for Indian Fintech companies?

Scrut in association with Dataquest organized a conference that brought together some of the best cybersecurity experts in the country. The conference presented a panel discussion titled ‘Simplifying Compliance for the Indian Fintech Ecosystem’ wherein the experts talked at length about the various compliance and cybersecurity challenges faced by fintech organizations in the country.

They discussed the exponential growth of the Indian fintech sector and how it has led to the barrage of regulations being imposed on finance companies in the country. 

The discussion also took a shift towards the increasing need for a unified approach that simplifies the process of compliance without hindering the productivity and efficiency of financial organizations.

In this article, we will discuss some key observations and ideas explored at the panel discussion.

Simplifying compliance is the need of the hour for fintech companies

Aayush Ghosh Choudhury, CEO and Co-founder of Scrut, began the panel discussion by sharing that 30% of Scrut’s customers were from fintech and financial service industries. On speaking with his customers, he learned that the reason fintech companies were looking for a GRC platform was the imposition of very stringent regulations in comparison to other peer industries. 

He went on to discuss how the Indian financial services ecosystem has witnessed a trajectory that has been seen by very few industries across the globe. He highlighted that it is not just fintech companies that have dedicated digitization teams but also traditional banks and financial services. “The government is also doing its best to enable digitization infrastructure to become democratized,” he added.

Aayush noted that fintech companies not only have to comply with the usual standards such as ISO 27001, but they also have to comply with more vertical-specific ones such as PCI DSS and SAR audits by RBI. This piling up of regulations by authorities results in an information asymmetry, which, Ayush stated, could be tackled by the coming together of experts in the community to arrive at a solution.

The need to stay current

Manoj Agarwal, Legal and Compliance Head at Upstox, shared data from a Deloitte Report, which stated that India’s fintech adoption rate is 87%, while the global average rate is 64%. 

He then went on to mention that India’s digital transactions have increased considerably since 2017 and while digital fintech companies help in the deduction of costs and enable seamless transactions, they also bring with them cybersecurity risks.

He opined that Indian financial organizations could reduce these risks by staying informed about the best practices used globally in order to stay compliant and secure while forging ahead with business advancements. 

Manoj also added that good collaboration with regulators is necessary to ensure smooth compliance. Staying on top of compliance trends is crucial for fintech companies in the country to survive.

Innovating ways to make audits less tedious

Frequent audits are a headache for any company to carry out. Since fintech organizations face more audits than other industries, there is a pressing need to expedite the constant slew of audits. Deepak Kalambakar, VP of Infosec and Infrastructure at Safex Pay, also pointed out the need for fintech companies to carry out regular internal audits to solve compliance requirements.

Kush Kaushik, Co-founder of Scrut, agreed with him and added that there is a need to innovate the auditing process to ensure that the compliance team is equipped with the right tools to face audits with less effort. “Innovation is very much required in this field so we can save time,” he stated.

Shanker Ramrakhiani, CISO at IIFL, said that the gamut of compliance has changed a lot and technology is the only way forward.

Technology to break the monotony

When asked to comment on the expected shifts in trends in security compliance practices, Melwyn Rebeiro, Head of IT Security, AEON Credit Service, said, “It’s high time we adopt an approach, a framework, a technology that complements SecOps.”

Shankar Ramrakhiani, CISO from IIFL, added that since technology is growing at a rapid rate, security has to keep up with the constant change. He said a strong collaboration is required between both.

Deepak Kothari, Co-founder of Ftcash, pointed out that compliance today works to eliminate risks, and as a bank broker, it is a fiduciary duty to secure data. He feels technology can help ease the process of compliance.

Apurva Malviya put a positive spin on things by saying that the RBI is actually making things better for fintech companies. 

The solution proposed for compliance challenges in fintech

Throughout the panel discussion, the experts strongly advocated for the use of technology as a means to reduce compliance and security challenges. It was agreed that a unified approach that solves compliance issues in one window is the need of the hour. 

To ensure that compliance does not come in the way of business advancement, there is a strong need for an automated tool that streamlines the process. 

An automated compliance tool such as Scrut helps fintech companies stay on top of compliance issues and focus on business goals. Not only does it streamline the compliance process, but it also identifies potential risks and stops them in their tracks. If you are interested in learning more about Scrut, book a demo today by clicking here.

Stay up to date

Get the latest content and updates in information security and compliance delivered to straight to your inbox.

Book Your Free Consultation Call

Stay up to date

Get the latest content and updates in information security and compliance delivered to straight to your inbox.

Book Your Free Consultation Call

Related Posts

We are entering the Spring of 2024 with fresh new capital – […]

Wiz is a cloud security posture management (CSPM) tool that connects to […]

A compliance automation software will not only help you find security issues but will also help you with auto-remediation.

CMMC ensures that DoD contractors adequately safeguard sensitive information against frequent and […]

Scrut in association with Dataquest organized a conference that brought together some[...]

Scrut in association with Dataquest organized a conference that brought together some[...]

Scrut in association with Dataquest organized a conference that brought together some[...]

See Scrut in action!