wordpress blog stats
Connect with us

Hi, what are you looking for?

RBI dangles wallet interoperability but prescribes tougher norms for companies

Wallets may be allowed access to interoperable payment systems provided that players will comply with the enhanced eligibility criteria and instructions on safety, security, risk mitigation, the Reserve Bank of India (RBI) said in a draft circular.

Interoperability between payment systems is one the Unified Payments Interface (UPI)’s hallmark and wallets companies are not allowed on UPI currently. This has been a sore point for many players in the ecosystem. The Economic Times recently reported that wallets will now be allowed on the UPI after the RBI finalizes revised guidelines on wallets and would decide on the interchange fees between the wallets.

However,  the RBI has not elaborated on specific directions for interoperability.

“Entities meeting the revised eligibility criteria and adhering to other instructions on safety, security, risk mitigation etc. contained in these Directions shall be allowed to participate in other interoperable payment systems, as and when specific directions are issued in this regard,” the RBI added.

Some of the new guidelines wallets will now have to adhere to: 

1. Net worth requirements: Wallet companies will have to have a minimum net worth of Rs 25 crore and will have to maintain the same at all times. The net worth will consist of:
-Paid up equity capital
-Preference shares which are compulsorily convertible into equity capital
-Free reserves
-Balance in share premium account
– Capital reserves which will include surplus arising out of sale proceeds of assets. This will not include reserves created by revaluation of assets which are adjusted for accumulated loss balance, book value of intangible assets and deferred revenue.

Advertisement. Scroll to continue reading.

Earlier regulatory norms for wallets included a minimum paid-up capital needed of Rs 5 crore and a minimum net worth of Rs 1 crore. Existing wallet issuers will have to comply with the enhanced capital requirements by September 30, 2020, for the financial position as on March 31, 2020, failing which they shall not be permitted to carry on this business beyond December 31, 2020.

2. KYC norms:  The RBI added that companies will have to convert existing wallets without complete KYC to full KYC compliant wallets within a period of 60 days from the date of issue. Failure to do so, no further credit will be allowed into these wallets. However, customers will be allowed to use the balance in other stores.

Wallets without full KYC have a monthly limit of R 20,000 which can be loaded into the prepaid payment instrument (PPI) while fully compliant wallets have a monthly limit of Rs 1 lakh.

The minimum details for KYC shall include OTP verified mobile number and self-declaration of name, address, gender, date of birth and unique identification number of any of the ‘officially valid document’.

3. Security and authentication requirements: Wallets will need to submit a yearly systems audit report carried out by a team of chartered accountants. This system audit should cover technology, hardware and compliance systems of systems.

The RBI has also prescribed many of the measures the ministry of electronics and information technology (MeitY) said in its consultation paper for developing a framework for security of digital wallets. These include mechanisms such as customer induced transaction caps on their wallets, restriction of multiple invalid attempts to sign-in, and a cooling period for funds transfer after opening a wallet to prevent fraudulent use of the account.

Advertisement. Scroll to continue reading.

– Interestingly, Wallet issuers will have to ensure that a separate login is provided for the the PPI account and ensure that access to PPI is not made part of access to other services offered by the issuer or its associate/parent/group company etc. Note that Vodafone has been violating this proposed norm by forcing customers to create an mPesa wallet to access the My Vodafone app. Technically, Vodafone should be separating the login to mPesa from the the My Vodafone app.

– For mobile wallets, the RBI has further regulations on security. Some of the curios ones are:
a)  The mobile app should not be allowed to be installed on rooted devices i.e. system level access should not be allowed.
b) Wallet companies have to perform source code audits by professionally competent personnel or service providers. Else they will have to have assurance from application providers and OEMs that the application is free from embedded malicious code.
c) Issuers should subscribe to anti-phishing and anti-rouge app services from external service providers for identifying and taking down phishing websites and apps.

4. The Validity of wallets and time period:  All wallets shall have a minimum validity period of one year from the date of activation or issuance to the customer. Issuers will have to caution customers at regular intervals 45 days prior to expiry of validity period. The caution advice shall be sent by SMS/e-mail/post. Even after the expiry of validity period, grace period of at least 60 days shall be given to the customer.

But more importantly, the wallets with zero balance for a consecutive period of one year shall be closed automatically by the issuers, and a notice sent to the customers. This will have a significant impact on the number of wallets companies claim that they have on their platform. Many wallets lie dormant as people download the application once and don’t use them. At the time wallet companies create a PPI but many users would uninstall the application later.

5. Merchant guidelines: Wallet issuers will have to submit the list of merchants acquired by it to the escrow bank and update the same from time to time. The RBI noted the growing acceptance of wallets in e-commerce payments, including in digital marketplaces. In such scenarios, the payment mechanism is facilitated by payment aggregators or payment gateways. The emerging practice observed is that a wallet company has the necessary agreements with the digital marketplace and the payment aggregator rather than the individual merchants who are accepting the wallets as a form of payment.

Wallets will have to obtain an undertaking along with the list of the merchants from the digital marketplace and payment aggregator. This undertaking and list shall be submitted to the escrow bank.

Advertisement. Scroll to continue reading.

6. Transfer to bank accounts: The RBI tightened norms on transferring money from wallets to bank accounts. Fund transfers from such wallets to bank accounts and also shall not exceed Rs 10,000 per month.

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Due to the scale of regulatory and technical challenges, transparency reporting under the IT Rules has gotten off to a rocky start.


Here are possible reasons why Indians are not generating significant IAP revenues despite our download share crossing 30%.


This article addresses the legal and practical ambiguities in understanding the complex crypto ecosystem in India.


It is widely argued that the PDP Bill report seeks to discard the intermediary status of social media platforms but that may not be...


Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ