Explained: Curbs on foreign card firms

Over the problem of storing data in India, the Reserve Bank of India has blocked three foreign card payment network providers — Mastercard, American Express, and Diners Club — from taking on new customers. What this entails for Indian clients and the payment mechanism is as follows:

The RBI banned Mastercard Asia Pacific Pte Ltd from onboarding new domestic clients (debit, credit, or prepaid) in India starting July 22 due to non-compliance with Indian data storage requirements. The RBI stated that it had given Mastercard over three years to comply with regulatory directives, but that company had been unable to complete the procedure.

The RBI banned American Express Banking Corp and Diners Club International Ltd from enrolling new domestic users on their card networks from May 1, 2021, citing non-compliance with data storage regulations. Customers who have a credit card or a debit card with the payment networks Mastercard, American Express, or Diners Club can keep using them. Banks and non-banking financing organisations who wanted to use these payment networks to enrol new consumers won’t be allowed to do so until the RBI lifts the restriction.

“As a result, only Visa Inc. and NPCI’s RuPay are currently unrestricted payment providers. We don’t know if Visa has met all of the data localization standards outlined in the RBI’s Storage of Payment System Data circular. We don’t expect any major impact on card issuers (particularly credit card issuers) in the near term, but a medium-term impact is possible.

Yes Bank, RBL Bank, and Bajaj Finserv are the most likely to be affected because their entire card programmes are linked to Mastercard, according to Nomura. Mastercard, Diners, and AmEx account for over 60% of HDFC Bank’s card schemes. Mastercard is linked to 35-36 percent of ICICI Bank and Axis Bank accounts. Kotak Mahindra Bank’s card portfolio is partnered with Visa.All system providers were directed to ensure that the entire data (full end-to-end transaction details, information collected, carried, or processed as part of the message or payment instruction) relating to payment systems operated by them is stored in a system only in India by the RBI circular on Storage of Payment System Data dated April 6, 2018.They were also expected to notify the RBI of their compliance and submit a board-approved system audit report done by a CERT-In empanelled auditor within the prescribed time frames. However, multinational credit and card companies have resisted the move, citing costs, security concerns, a lack of transparency, a tight schedule, and the prospect of data localization demands from other nations as reasons.

The RBI’s move to prohibit entities from onboarding new clients, according to Kazim Rizvi, Founding Director of think-tank The Dialogue, is a critical step in ensuring that all payment system providers keep or localise their end-to-end transaction data only in India. “Such a move is motivated by the desire to carry out effective law enforcement obligations such as data access. The Reserve Bank of India has mandated that data be stored only in India, with no copies — or mirroring — held in other nations. Payment companies such as Visa and Mastercard, who now store and process Indian transactions outside of India, have stated that their systems are centralised and that moving the data storage to India would cost them millions of dollars. What has irritated foreign players is that domestic payment companies, especially e-commerce enterprises, are exerting pressure on the government to store data within India. While the Finance Ministry suggested loosening the rules for exchanging data, the RBI has refused to budge, claiming that the payment systems need to be monitored more closely in light of the growing use of bitcoin.

“In order to have a more efficient law enforcement apparatus, we need to move away from the MLAT (Mutual Legal Assistance Treaty), which is slow and ineffective, and toward a system based on bilateral data transfer accords with the EU, UK, and US. The goal here must be to ensure that Indian law enforcement needs for data access are satisfied in a timely way while also allowing data to flow freely.

Latest articles

Debt Recovery Ecosystem in India, Impact of Phygital Debt Collection, and the Way Forward: Mobicule Technologies’ Siddharth Agarwal

In the past few years, India has observed a massive transformation across industries owing to digitisation, new communication channels, and stringent regulatory...

HMD Global Launches Nokia C32: Fashionable Design, Powerful Imaging, and Android 13!

HMD Global, the leading manufacturer of Nokia phones, has announced the launch of the Nokia C32, the latest addition to the popular...

Indian govt likely to reopen semiconductor application worth $10 billion to attract global chip companies

A day after India's IT Minister Ashwini Vaishnaw interacted with the leadership team of  Semiconductor Equipment and Materials International (SEMI), which is the...

Gautam Adani Climbs to Top 20 on Billionaires List with a Net Worth of $64.2 Billion

Indian business tycoon Gautam Adani, chairman of the Adani Group, has achieved a significant milestone by reentering the top 20 on the...

Related articles

Leave a reply

Please enter your comment!
Please enter your name here