The Reserve Bank of India (RBI) has asked payment companies to send it fortnightly updates on the progress made on storage of payment system data in India, said T.R. Ramachandran, group country manager for India and South Asia, Visa.
The Central bank mandated in April that all payments system operators working in India to ensure that data related to payment systems operated by them is stored in the country. The move would have come into effect from October 15 this year. According to Ramachandran, the central bank’s April circular had directed all concerned entities to update it every 15 days, but we could not find any reference to the fortnightly updates in the central bank’s notice.
However, an executive of an international financial institution operating in India has told MediaNama that the central bank did ask for periodical updates. “I’m not absolutely certain if this was made public but, RBI had asked us to give regular updates soon after the policy (in April),” the official said on the condition of anonymity.
More importantly, the official said that it is ‘next to impossible’ for most payment companies to transfer all user related data to the country by October. “I don’t know if some smaller companies will pull it off but, for major institutions, its impossible to do this in six months. We are no where close to completing the process,” he said. When asked if Visa will adhere to RBI’s deadline, Ramachandran said, “Who knows? These are very, very complex projects. Different companies are in different stages (of implementation). I can’t comment on specifically where we are.” We also reported last month that most International payment companies operating in the country remain unsure if they will be able to adhere to the central bank’s deadline.
Foreign companies concerned over regulatory norms
Implementing data localisation would come as a strong blow for foreign companies operating in the country because, to set up data centres in India from scratch would not only take a lot of time and cost, but regulations in their home countries may not permit them to do so. They also fear that the central bank’s move could also set a precedent for other countries to implement similar rules at a time when there is heightened scrutiny of how companies over the world handle their customers’ data. Industry representatives cited that storing the data only in India would also be a security risk, as in the event of a natural disaster, no one would have access to it if it was all stored in one place.
Consequently, many of these companies have made multiple representations to the central government, as well as to the RBI. The lobbying appeared to have paid off, as the country’s finance ministry reportedly stepped in to offer a solution. Report said that the ministry, in a meeting held in June with RBI officials and executives from payment firms, said that a possible solution could be that companies would be allowed to store data offshore, as long as a copy was kept in India. However, the central bank appears to have been unaffected by this, as it did not, either reply to payments companies or to the finance ministry’s alleged request.
“There were a lot of presentations made by different companies (to explain their difficulties to set up and store data in India). The RBI recognizes it but the simple fact is, enough time was given to them. There is no question about that. As a regulator, the RBI has made a decision and it will be implemented. But if a majority of these companies are unable to comply, it may take another look and ease the norms or extend deadlines, its definitely possible. Either way, the RBI will soon make an announcement ,” a senior banker told MediaNama.