A Right to Information (RTI) query has revealed that the Reserve Bank of India (RBI) has not issued any updates to the eKYC norms for its regulated entities. This is 56 days after the Supreme Court struck down provisions of the Aadhaar Act, therefore disallowing private entities from using Aadhaar eKYC. The RTI was filed by Srikanth L. (The RTI responses embedded at the end of the story.)
Last year, the prevention of money laundering rules were amended to make the Aadhaar KYC mandatory. However in the RTI, the RBI said that on July 12, 2018, the RBI amended its master directions on KYC to change in accordance with the Supreme Court’s judgement. The RBI regulates banks, wallets, payment system operators in the country.
Meanwhile, the RBI has not clarified on the status of Aadhaar eSign nor has it indicated if micro ATMs will be allowed to use the Aadhaar Payments Bridge (APB) or Aadhaar Enabled Payments Systems (AePS).
The reply to the RTI query simply said: “RBI has granted approval to NPCI to operate Aadhaar Enabled Payments System and Aadhaar Payments Bridge System under the provision of the Payment and Settlement Systems Act, 2007.”
eSign is an online electronic signature service which can be integrated with service delivery applications via an API to facilitate an eSign user to digitally sign a document. The electronic signature is facilitated using the authentication of the eSign user through e-KYC service.
Read: Adobe integrates Aadhaar KYC for pushing e-signatures; where it cannot be used
What does the response from the RBI mean?
What does the RBI mean when it says that it has revised the master direction (before the judgement) and is subject to the judgment by constitutional bench?
Srikanth, a part of CashlessConsumer – a consumer collective working on digital payments to increase awareness, says, “the answer from RBI reads as if the current KYC master directions (issued before SC judgement) is compliant with the order of Supreme Court, when it is clearly not. It is not only the common man who is still coerced for Aadhaar, even banks are not clear on legality of offering eKYC based solution.”
Meanwhile, the State Bank of India’s ‘YONO’ which lets users access all banking services digitally remains suspended following the Supreme Court’s order on Aadhaar due to lack of clarity from the RBI for an alternative solution.
What does the SC judgement say about the use of Aadhaar by banks?
“The Supreme Court judgment is clear,” says Prasanna S, a Delhi based advocate. “It (the judgement) no longer allows private entities to use Aadhaar authentication. Voluntary/mandatory does not matter. The only provision that allowed private companies to use Aadhaar is Section 57 and that has been struck down qua private entities. Their continued use of Aadhaar authentication is in violation of the Act, a violation of the Court orders and punishable under Section 36 of the Act. Further, their storage of the Aadhaar number and demographic details would automatically be in contravention of Section 8(3) of the Act and punishable under Section 40 of the Act.”
What does the RBI’s previous notification say and should it not be revised vis-a-vis the SC judgement on Aadhaar? Is it compliant with the judgment?
Srikanth explains that banks were forced to link Aadhaar to bank accounts under the Prevention of Money Laundering Act (PMLA). “Prepaid wallets were forced to link Aadhaar both under PPI licensing guidelines. While the use of Aadhaar by private parties is no longer permissible, master directions on KYC still remains un-updated, even though it mentions the 8 modifications made on June 1, 2017 citing now unconstitutional executive order G.S.R. 538(E) regarding PML Second amendment Rules dated June 1, 2017 and is violating SC judgement,” he says.
Srikanth further adds, “The RBI is also allowing banks to continue to offer commercial services using Aadhaar enabled Payments System when the SC judgement clearly says that access to private entities are restricted to prevent commercial exploitation. Banks must be forced to issue debit cards to every account holder and AePS (for Micro ATM as well as merchant payments using Aadhaar Pay / BHIM Aadhaar) must be phased out as they violate the law of land. It must be noted that while debit card users have a minimum number of free transactions per month, the poor in rural areas to whom debit cards were not issued use AePS pay business correspondent fees (part of which banks, even government takes as GST) for every transaction including subsidy withdrawal.”
Legally, how long can the RBI take post the SC order to issue a direction to limit the use of Aadhaar e-KYC?
“Whether or not the RBI gives a direction, the SC directions are binding on the banks. Banks are risking being in contempt of court, sitting around and waiting for RBI instructions. Most of these banks are big enterprises with full fledged legal teams and law officers. Supreme Court directions are binding without the help of any further authority to publish them or issue appropriate instructions. Having said that, the RBI, being a statutory body and tasked with the regulation of banking activities, should forthwith issue directions to the banks to comply with SC orders. They have a more specific duty under Article 144 of the Constitution to act in aid of the supreme court,” explains Prasanna.
In the light of the SC judgement, can the RBI grant approval to NPCI to operate Aadhaar-EPS and Aadhaar-PBS for payment transactions? Should it not revise its order?
Prasanna says that RBI’s “approval” to NPCI to continue to use Aadhaar based payments is in violation of SC judgment which limited it to use under Section 7 and for PAN linking.
It must be noted that the NPCI is a private nonprofit company collectively owned by banks and there are alternate ways to credit subsidy payments using the account number without using Aadhaar.
**
The RTI responses:
Update: The story has been updated to include the RTI responses.
