you are here: HomeNewsBusiness
Last Updated : Oct 13, 2018 04:38 PM IST | Source:

Explained: RBI vs payments companies on data localisation

While payments companies such as Paytm and PhonePe had supported the central bank's move, many requested relaxations and others said they were not in favour of the move

Moneycontrol News @moneycontrolcom

With the October 15 deadline just a few days away, speculation about a tussle between the Reserve Bank of India (RBI) and payments companies over data localisation has gained traction.

While several payments companies have been lobbying to dilute the RBI's directive to store all payments data in India only, media reports suggest the central bank is unlikely to compromise and will implement its directive in full.

"All system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in India. This data should include the full end-to-end transaction details/information collected/carried/processed as part of the message/payment instruction," RBI said in a notification in April.

Read — Opinion| Why data localisation regulations are hastily thought out

The central bank had given payments operators, including Visa, MasterCard, Google and Paytm, six months to comply with the directive. The RBI had also asked payment services companies to provide an update every fortnight on action taken by them to store transaction data in the country.

While operators such as Paytm and PhonePe had supported the central bank's move, many requested relaxations and others said they were not in favour of the move.

Read — EXCLUSIVE | RBI wants IT ministry to make Google Pay store Indian data on local servers

Payments Council of India (PCI), in a statement, had said that it had received a divided response on the notification from its members. "The responses received from members can be grouped into 3 classes being -- fully in favour, partially in favour with certain relaxations and not in favour," PCI said.

According to PCI, some of its members think that storage of data only in India will not be in the best interests of the payment ecosystem. They claim that this would give way to a lot of issues as payment systems nowadays are fully connected globally to achieve greater operational efficiency and safeguard transactions against frauds, systemic risks or a single point of failure.

Read — Opinion | Who will blink first in the data localisation debate?

Industry leader Paytm, however, stated that when data is processed and stored in multiple geographies, there is a lack of clarity as to which country's data laws will be applicable to it. It added that India has enough technology and manpower resources to support this migration.

Similarly, Flipkart-owned payments company PhonePe said that processing any data outside the country leaves behind an imprint of the same on the servers through which it is processed.

In September, global data and payments companies had sought an extension of the deadline from RBI, but there has been no positive response so far. Companies have also been awaiting a clarification from the central bank on whether they can continue storing information outside of India beyond October 15 if the process isn't complete.

Read — Opinion | Data localisation offers Indian firms a chance to evolve their mindset

The RBI's move comes at a time when digital transactions are gaining pace in India. Transactions through the Unified Payments Interface (UPI) in February alone stood at 171.2 million, accounting for Rs 19,126 crore in value of transactions. Of these, Paytm accounted for 40 percent of the transactions while the rest were done on apps such as PhonePe (16 percent) and BHIM (5.8 percent).

In January 2018, Rs 2.96 lakh crore were transacted through debit cards and Rs 41,778 crore was transacted through credit cards, RBI data showed. The data also revealed that the number of debit cards in the country stood at to 846.7 million, while a total of 36.24 million credit cards were in operation.

Read — Data storage breach by other firms can affect the entire payment ecosystem: Paytm's Kiran Vasireddy

The growing number of digital channels for finance are posing a challenge to countries in detecting money laundering and tax evasion. The recent scandal at Denmark's Danske Bank is a case in point. Nearly $230 billion flowed through the bank's tiny branch in Estonia, leaving the country's banking regulator in the dark for the better part of a decade.

In the draft bill on data protection, framed by a working committee headed by former Supreme Court Judge BN Srikrishna, the committee proposed that one copy of all personal data be stored on servers located in India.

Recently, representatives of global companies reportedly met Finance Minister Arun Jaitley for last-minute parleys. However, Economic Affairs Secretary Subhash Chandra Garg on October 12, in an interview to CNBC TV18, said that the ministry has left the issue of data localisation to the RBI.

While the ball is in the RBI's court, it is yet to be seen if the central bank holds firm on its directive and if payments companies conform to the data storage guidelines.
First Published on Oct 12, 2018 10:28 pm
Follow us on
Available On
PCI DSS Compliant