The Reserve Bank of India (RBI) on August 24 lifted the business restrictions imposed on American Express Banking Corp, citing satisfactory compliance demonstrated by the entity to RBI rules.
The firm has complied with the RBI circular dated April 6, 2018 on Storage of Payment System Data, and the restrictions that were imposed based on order dated April 23, 2021, on onboarding of new domestic customers have been lifted with immediate effect, the RBI said.
RBI had, by the abovementioned order, imposed restrictions on American Express from on-boarding new domestic customers onto its card network from May 01, 2021 for non-compliance with the RBI circular on Storage of Payment System Data.
American Express Banking Corp. is a Payment System Operators authorised to operate Card Networks in the country under the Payment and Settlement Systems Act, 2007 (PSS Act).
In terms of RBI circular on Storage of Payment System Data, all payment system providers were directed to ensure that within a period of six months the entire data (full end-to-end transaction details / information collected / carried / processed as part of the message / payment instruction) relating to payment systems operated by them is stored in a system only in India.
They were also required to report compliance to RBI and submit a Board-approved System Audit Report (SAR) conducted by a CERT-In empanelled auditor within the timelines specified therein, the RBI said.
The RBI action on American Express Banking Corp. had followed the failure of the company to comply with the central bank’s instructions.
In a similar action, on June 16 this year, the RBI had lifted the restrictions imposed on Mastercard citing improvement compliance. In this case too, the regulator had imposed restrictions on Mastercard Asia/Pacific Pte. Ltd. from on-boarding new domestic customers (debit, credit or prepaid) onto its card network from July 22, 2021 for non-compliance with the RBI's 2018 circular on Storage of Payment System Data.
On April 6, 2018, the RBI said it had observed that not all system providers stored payments data in India. There had been considerable growth in the payment ecosystem in the country, it said. Such systems were also highly technology dependent, which necessitated the adoption of best-in-class safety and security measures on a continuous basis, the RBI had said.
The central bank said system providers must ensure that all data related to payment systems operated by them are stored in a system only in India.
This data should include complete end-to-end transaction details and information collected, carried and processed as part of the message and payment instructions. The RBI added that for the foreign leg of transactions, if any, the data can also be stored in the foreign country, if required.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
