The Reserve Bank of India (RBI) on June 16 lifted the restrictions imposed on Mastercard citing improvement in compliance.
Here’s an explainer to understand the whole episode.
Why did the RBI lift the restrictions on Mastercard?
The RBI lifted the restrictions in view of the satisfactory compliance demonstrated by Mastercard on storage of payment system data.
What was the nature of the restriction imposed?
The restriction was to on-board new domestic customers. The RBI said Mastercard Asia/Pacific Pte Ltd. (Mastercard) cannot on-board new domestic customers onto its card network from July 22, 2021. The restriction applied to debit, credit or prepaid customers. Mastercard must advise all card-issuing banks and non-banks to conform to these directions.
- But, when exactly was the restriction imposed?
The restriction was imposed on July 14, 2021.
- What was the rule violation cited by the RBI?
The RBI said Mastercard was non-compliant with directions on Storage of Payment System Data.
5. What exactly was RBI’s concern?
On April 6, 2018, the RBI said it had observed that not all system providers stored payments data in India. There had been considerable growth in the payment ecosystem in the country, it said. Such systems were also highly technology dependent, which necessitated the adoption of best-in-class safety and security measures on a continuous basis, the RBI had said.
- What did RBI direct card companies to do?
The central bank said system providers must ensure that all data related to payment systems operated by them are stored in a system only in India.
This data should include complete end-to-end transaction details and information collected, carried and processed as part of the message and payment instructions. The RBI added that for the foreign leg of transactions, if any, the data can also be stored in the foreign country, if required.
- What was the initial deadline?
The RBI asked the system providers report compliance by October 15, 2018. For this, the RBI said the system providers must submit a System Audit Report on completion of the requirement.
“The audit should be conducted by CERT-In empanelled auditors,” the RBI said.
The System Audit Report, duly approved by the board of the system providers, should be submitted to the RBI not later than December 31, 2018, the banking regulator had said.
- Did the July, 2021 order impact existing customers of Mastercard?
No. This order will not affect existing customers of Mastercard.
- What was Mastercard’s response after ban?
Mastercard said since the RBI directive requiring on-soil storage of domestic payment transaction data was issued in 2018, it has provided consistent updates and reports regarding its activities and compliance with the required stipulations.
“While we are disappointed with the stance taken by the RBI in their communication dated July 14, we will continue to work with them to provide any additional details required to resolve their concerns. Building on our considerable and continued investments in India, we remain committed to working with our customers and partners in advancing on the government’s Digital India vision,” Mastercard said.
- Was this the first time that RBI has taken supervisory action against card companies?
No. In April last year too, the RBI asked American Express Banking Corp. and Diners Club International Ltd. not to onboard new domestic customers onto their card networks from May 1, 2021, citing non-compliance with the directions on Storage of Payment System Data.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
