The framework, which came into effect immediately, aims to encourage innovation in India’s pension sector while safeguarding subscriber interests and maintaining regulatory oversight.
Under the framework, PFRDA-registered intermediaries, as well as eligible non-registered entities including fintech firms, can apply to test new solutions with a limited set of users for a specified period. The regulator said the sandbox will provide a live testing environment for innovations ranging from new pension products and services to alternative delivery mechanisms.
Non-registered entities applying independently must have a minimum audited net worth of ₹10 lakh and can participate only if their innovations do not handle subscriber contributions, funds, or sensitive personal and transactional data.
PFRDA said applicants must demonstrate that their proposed solution is genuinely innovative, offers measurable benefits to subscribers or the pension ecosystem, and requires live testing in a controlled environment. Participants will also need to put in place risk-management systems, cybersecurity safeguards and clear exit strategies.
Testing under the sandbox will generally be limited to a maximum period of nine months, although extensions may be granted in certain cases. Applicants will be required to submit monthly progress reports, while any cybersecurity breach, fraud or financial loss must be reported to the regulator within 24 hours.
The framework mandates voluntary participation by subscribers based on informed consent. Users must be informed about the nature of the testing, associated risks and limitations before joining. Subscribers will also have the right to withdraw from testing at any stage without adverse consequences.
PFRDA may grant limited and temporary relaxations from certain regulatory requirements to facilitate testing. However, the regulator clarified that no exemptions will be allowed from provisions related to Know Your Customer (KYC), anti-money laundering norms, data protection, fraud prevention or other applicable laws.
The regulator said participation in the sandbox should not be viewed as an approval or endorsement of the tested solution. Any wider deployment after the testing phase will require compliance with the applicable regulatory framework and necessary approvals.
