0
Back To Parent Website

WHY RBI PUT CURBS ON FOREIGN CARD PAYMENT COMPANIES

WHY RBI PUT CURBS ON FOREIGN CARD PAYMENT COMPANIES

WHY IN NEWS?

  • The Reserve Bank of India (RBI) recently barred Mastercard from enlisting new domestic customers in 2021.
  • Here is why curbs have been imposed on such foreign-owned card payment network companies like American Express and Diners Club

IN DEPTH:

  • Foreign-owned card payment network companies such as Mastercard, American Express and Diners Club have been barred by India’s banking regulator from enlisting new domestic customers in 2021 due to non-compliance with data localisation storage norms.
  • In the most recent instance, the Reserve Bank of India (RBI) on July 14 imposed curbs on Mastercard Asia Pacific Pte. Ltd. (Mastercard) from onboarding new domestic customers (debit, credit or prepaid) onto its card network from July 22, 2021.
  • Earlier in April, the RBI had imposed similar curbs on American Express Banking Corp (Amex) and Diners Club International Ltd. from May 1, due to non-compliance on the storage of data.

NORMS

  • The RBI’s circular dated April 6, 2018, on storage of payment system data had asked all system providers (operating a card network in India under the Payment and Settlement Systems Act, 2007) to store all end-to-end transaction data related to their Indian operations in a system located in the country.

DATA

  • According to RBI data, there were 96.47 crore cards in India, including 90.23 crore debit cards and 6.239 crore credit cards as of May 2021.
  • The total number of transactions (both ATM and POS) in May 2021 were 81,48,98,429 valued at Rs 3.01 lakh crore, inclusive of 67,96,65,260 debit card transactions valued at Rs 2.46 lakh crore and 13,52,33,169 credit card transactions valued at Rs 55,033.03 crore.
  • The RBI even vetoed the Finance Ministry’s suggestion to relax norms.

OBJECTIVE

  • The central bank wanted a single common data source to enforce the law and empower authorities to access an efficient and effective data storage system in the wake of growing digital transactions and frauds.

COMPLIANCE

  • All such card companies had to file a compliance report and an audit compliance report (as per system approved by the board) by the CERT-In empanelled auditor within a specified time-period.

NON-COMPLIANCE

  • Mastercard, American Express and Diners Club were among the globally operating card companies that made excuses such as higher operating costs, enhanced security risks, and similar compliance demands from other countries.
  • The international companies said that they have centralised systems globally and added that they will have to spend a lot of money to create new systems for localised storage of data.
  • RBI claims to have given Mastercard and others almost three years to comply with India’s regulatory guidelines with respect to storage of data.
  • Mastercard (and Visa) are the world’s most popular payment gateways or card associations, which partner with credit, debit and prepaid card options, but do not issue any cards. There is no clarity on Visa’s status as of now.
  • Recently, the Reserve Bank of India (RBI) has barred three foreign card payment network firms – Mastercard, American Express and Diners Club — from taking new customers on board over the issue of storing data in India.
  • As many as five private sector banks, including Axis Bank, Yes Bank, and IndusInd Bank, are to be impacted by the RBI’s decision.
  • The Personal Data Protection Bill also has provisions pertaining to ‘data localisation’.

REASON OF NON- COMPLIANCE GIVEN BY PAYMENT FIRMS:

HIGH COST:

  • Payment firms like Visa and Mastercard, which currently store and process Indian transactions outside the country, have said their systems are centralised and expressed the fear that transferring the data storage to India will cost them millions of dollars.

LOCALIZATION DEMANDS FROM OTHER COUNTRIES:

  • Once it happens in India, there could be similar demands from other countries, upsetting their plans.

REGULATION OF PAYMENT FIRMS:

  • Firms such as Mastercard, Visa and National Payment Corporation of India (NPCI) are Payment System Operators authorised to operate a card network in India under the Payment and Settlement Systems (PSS) Act, 2007.
  • Under the Act, the RBI is the authority for the regulation and supervision of payment systems in India. The RBI’s payment system enables payments to be effected between a payer and a beneficiary and involves the process of clearing, payment or settlement, or all of them.
  • It includes both, paper-based such as cheque, demand draft and digital such as National Electronic Fund Transfer (NEFT), BHIM app, settlement systems.
  • The RBI has decided to allow non-bank entities — Prepaid Payment Instrument (PPI) issuers, card networks, White Label ATM operators, Trade Receivables Discounting System (TReDS) platforms – to become members of the centralised payment system and effect fund transfer through Real Time Gross Settlement (RTGS) and NEFT.

WAY FORWARD

  • It is necessary for all entities to comply with the RBI’s localisation mandate. At the same time, however, it’s true that hard localisation may impact India’s payments ecosystem.
  • To have a more effective mechanism for law enforcement, India needs to move beyond MLAT (Mutual Legal Assistance Treaty), which is slow and ineffective, to a system based on bilateral treaties on data transfers with the European Union, UK and the US.
  • The idea must be to ensure that Indian law enforcement requirements of access to data are met in a timely manner while at the same time allowing data flows to foster innovation and trade in the tech ecosystem.

Current affairs

Contact Us

    Enquire Now