Commentary · Technology policy
The stack and the state
India's digital public infrastructure has outgrown its founding story; the state that built the rails must now regulate them, and someone independent must audit the stack.

In June, the deadline slipped again. The umbrella body that runs the country's retail payments rail was to cap any single app at roughly a third of transaction volume; the cap has now been deferred so many times that the market has stopped pricing it in. A one-page circular, barely noticed outside the payments trade, carries a larger question than its drafting suggests: when the state builds infrastructure that private firms come to dominate, who decides the rules of the road — and who checks that they are followed?
Digital public infrastructure was sold on a clean story. The state would build minimal, open rails — an identity layer, a payments layer, a consent layer — and stand back. Private firms would compete on top, innovation would flourish at the edges, and the citizen would gain from both. For a decade the story held. Payments that once took days now clear in seconds; welfare transfers reach beneficiaries without a chain of intermediaries taking a cut; a bank account and a verified identity are close to universal. As founding stories go, this one had the rare virtue of being largely true.
But success changes the nature of the thing. The rails no longer host an experiment; they carry, on any rough estimate, the bulk of the country's retail payments and the delivery of most major welfare programmes. When a settlement system falters for an afternoon, shopkeepers in small towns cannot sell vegetables. When the identity layer misfires, a widow's pension does not arrive. Infrastructure at this scale is not a start-up to be nurtured. It is a utility, and utilities are governed by a different grammar: reliability over novelty, accountability over speed, and rules that bind the operator as firmly as the user.
The referee who built the pitch
The awkwardness is that the state occupies every seat at the table. Through its ministries it commissions the stack; through quasi-public bodies it operates the rails; through its diplomacy it markets the model abroad; and through its regulators it is meant to police the whole arrangement. These roles pull against one another. A government proud of transaction volumes will hesitate before enforcing a market-share cap that could dent them. A promoter's instinct — protect the flagship — sits badly with a regulator's duty, which is to assume the flagship can fail and to plan for the day it does.
Consider the operators themselves. The bodies that run the payments rail and the identity system occupy a constitutional grey zone: not departments, not regulators, not quite companies in the ordinary sense. Their board minutes are not public. Their incident reports are voluntary. Their fees and access rules are settled in rooms where the firms they govern are often present and the citizen never is. None of this implies bad faith. It implies missing architecture. Institutions that route a large share of national economic life should not depend on the good behaviour of whoever happens to staff them.
Infrastructure built by the state for everyone must now answer to someone other than its builder.
Concentration on top of the rails compounds the problem. A couple of large apps carry the overwhelming share of retail payment volume, and both answer to foreign parents. The deferred cap was meant to address exactly this, and its repeated postponement is instructive: the system's guardians blinked whenever enforcement threatened convenience. Open rails were supposed to prevent gatekeepers. Instead they have produced new ones, a layer up — firms that own the customer relationship, the interface and the data exhaust, while the public rail underneath absorbs the operational risk and earns none of the margin.
Which brings the argument to its sharpest point: who audits the stack? Not in the loose sense of an annual financial statement, but in the engineering sense. Who verifies that the settlement code does what the operator says it does? Who measures downtime independently, rather than accepting the operator's own dashboard? Who traces where consent artefacts actually travel once a citizen taps agree? Today the honest answer is: largely the operators themselves, with regulators reviewing what they are shown. Self-reporting is how every mature sector — banking, aviation, pharmaceuticals — governed itself right up until its first large disaster.
An audit office for code
Three repairs follow. First, put the operators on a statutory footing. Parliament should define what the rail bodies are, what duties they owe, whom they answer to and what happens when they fail. A short, sharp law would do more for the stack's credibility than another year of record volumes. Second, separate the roles. The ministry that promotes the model abroad should not be the ministry that adjudicates disputes on it at home; the body that operates a rail should not write the access rules for its own competitors, actual or potential.
Third — and this is the heart of it — create an independent technical audit function. The country already trusts a constitutional auditor to examine every rupee the government spends; the same logic extends to every packet the government's rails carry. A dedicated digital audit office, reporting to Parliament rather than to a ministry, should have standing authority to inspect code, test failover, verify uptime claims and publish its findings. Its reports would be dull most years. Dullness, in infrastructure, is the entire point.
There is a foreign-policy dividend in getting this right. Perhaps a dozen countries are adapting pieces of the stack, and the pitch to them rests on trust: rails built by a democracy, governed by law, open to inspection. That pitch is only as strong as the governance at home. A partner weighing this model against offerings from less accountable states will ask a simple question — who watches this thing? At present the answer takes a paragraph of qualifications. It should take one sentence.
The next session of Parliament is the natural venue. A digital infrastructure bill — statutory operators, separated roles, an audit office with teeth — is not a technical measure to be left to committees of practitioners. It is a constitutional question about how public power is exercised through code, and it deserves a full debate on the floor. The stack was the easy part; the state built it in a decade. Building the institutions that can say no to the stack's own builders is the harder task, and the deadline for that one should not be allowed to slip.
- DPI
- Digital payments
- Regulation