Regulatory sandboxes are one of those ideas that sound brilliant in theory. Give innovative companies a controlled space to test new products, collect data on what works, then craft evidence-based regulation. Singapore’s MAS sandbox has graduated dozens of products into mainstream use. The UK’s FCA sandbox has processed over 800 applications since 2016. The concept has genuine merit.

SEBI launched its Innovation Sandbox in 2020, specifically targeting fintech companies looking to test products in Indian capital markets. Three years and multiple cohorts later, the question isn’t whether the sandbox exists — it’s whether it’s producing meaningful outcomes.

The answer, frankly, is disappointing.

What the Sandbox Was Supposed to Do

SEBI’s sandbox was designed to allow fintech firms to live-test products involving securities markets — algorithmic advisory services, fractional ownership platforms, alternative data-based research tools, blockchain settlement systems — under temporary relaxation of specific regulatory requirements. The idea was to give innovators a path to market without requiring them to first obtain full licensing that might cost crores and take years.

Entities accepted into the sandbox get 12 months (extendable by 6 months) to test their product with a limited number of users, under SEBI monitoring. At the end of the testing period, SEBI evaluates the results and decides whether to grant appropriate registration or require modifications.

On paper, this is exactly what India’s capital markets fintech ecosystem needed.

The Numbers Tell a Story

Since launch, SEBI has received approximately 180 applications across multiple cohorts. Of these, roughly 40 have been accepted into the sandbox. And the number that have graduated from sandbox testing into full regulatory approval?

Fewer than 10.

That’s a graduation rate that should concern anyone interested in India’s fintech development. Compare it with the FCA sandbox in the UK, which has graduated roughly 80% of firms that complete testing, or MAS in Singapore with a similar rate.

The low graduation rate isn’t because Indian fintechs are building bad products. Several firms that went through SEBI’s sandbox and didn’t receive approval have subsequently launched similar products in other markets — Singapore, Dubai, the UK — with regulatory approval. The product quality isn’t the bottleneck. The process is.

Where the Process Breaks Down

Application review timelines are unpredictable. SEBI doesn’t publish target review timelines for sandbox applications. Applicants report waiting 4-8 months for initial decisions, during which they can’t test their product, can’t serve customers, and are burning through runway. For early-stage startups, this uncertainty is often fatal.

The testing parameters are too restrictive. SEBI limits sandbox participants to 1,000 users or ₹25 lakh in transaction value (whichever is reached first). For a platform testing, say, a fractional real estate investment product with minimum investments of ₹10,000, you can onboard 250 users before hitting the cap. That’s barely enough data to validate anything statistically meaningful, let alone demonstrate product-market fit to investors.

Post-testing evaluation criteria are opaque. Companies complete their sandbox period, submit reports, and then wait. The criteria SEBI uses to evaluate success or failure aren’t publicly documented in detail. This means companies can’t optimise their testing approach, and the lack of transparency breeds frustration.

Integration with other regulators is minimal. Many fintech products touch multiple regulatory domains — SEBI for securities aspects, RBI for payment aspects, IRDAI for insurance aspects. SEBI’s sandbox doesn’t coordinate with these other regulators, so a product that successfully completes SEBI’s sandbox may still face a separate, equally lengthy process with RBI.

What Other Markets Do Differently

The Monetary Authority of Singapore runs a sandbox that explicitly coordinates across regulatory boundaries. If a product involves both payments and securities, MAS handles it as a single application rather than requiring the company to navigate multiple sandboxes.

The UK’s FCA provides dedicated “sandbox mentors” — regulatory experts assigned to each participating firm who provide ongoing guidance throughout the testing period. This dramatically reduces the guesswork about what the regulator expects.

Australia’s ASIC has a licensing exemption that allows fintech firms to test products with up to 100 retail clients for 24 months without obtaining a full Australian Financial Services Licence. The limits are low, but the clarity is high — the rules are published, the timelines are predictable, and the criteria for graduation are documented.

SEBI could adopt elements from any of these models without reinventing the wheel.

The Innovation Cost

The practical consequence of a dysfunctional sandbox is that Indian fintech innovation in capital markets is happening elsewhere. Firms working on AI-driven investment advisory tools, tokenised securities platforms, and alternative data analytics are choosing to domicile in Singapore or Dubai and serve Indian investors through cross-border structures — or they’re pivoting away from capital markets entirely.

This isn’t hypothetical. I’ve spoken with founders of at least four companies that applied to SEBI’s sandbox, experienced delays or rejections, and relocated their primary operations to GIFT City or Singapore. India is exporting fintech talent and innovation because the domestic regulatory pathway is too uncertain.

What Needs to Change

SEBI has demonstrated willingness to modernise in other areas — the T+1 settlement transition, the introduction of the Application Supported by Blocked Amount (ASBA) process, and recent reforms to mutual fund expense ratios show that the regulator can move decisively when it chooses to.

The sandbox needs three specific fixes:

Published timelines with accountability. Maximum 60 days for application review, with reasons for rejection documented and shared with applicants. If SEBI needs more time, that’s fine — but communicate it.

Higher testing limits. Increase user caps to 10,000 and transaction limits to ₹5 crore. This gives companies enough data to demonstrate viability without creating systemic risk.

Inter-regulatory coordination. Establish a joint sandbox mechanism with RBI and IRDAI for products that span multiple domains. The IFSCA at GIFT City already does something like this — there’s no reason it can’t work at the national level.

India has the developer talent, the capital, and the market demand to lead globally in capital markets fintech. But regulatory infrastructure needs to match market ambition. Right now, it doesn’t.