Despite RBI Deadline For Data Localisation, Major Payment Networks Like Visa And MasterCard Fail To Comply

Though Reserve Bank of India’s (RBI) deadline for payment companies to comply with its data localisation norms came to an end on Monday (15 October), well-known international brands like Visa, Mastercard and American Express are still holding out, Hindu Business Line has reported.

To protect the sovereignty of financial data belonging to Indian consumers, RBI issued guidelines to payment companies in April, asking them to set up infrastructure to store data within the physical confines of the country. It had given them six months to comply with the same.

A majority of the companies, both Indian (PhonePe) & foreign-based ( Google Pay, WhatsApp), have complied. However, some 15 companies are in breach of the deadline. RBI has indicated that though it will not impose penalties on errant firms, it has asked them to submit a time-bound schedule for compliance.

Data localisation is important as it allows RBI to analyse data on financial transactions emerging out of India and use it for analysis and fraud prevention. Data which is stored in servers based out of India is beyond the reach of RBI as Indian laws do not apply to it.

Companies like Visa & Mastercard that haven’t yet complied with RBI norms, dominate the Indian payments ecosystem. It is estimated that these card networks along with the American Express, handle more than 70 per cent of the digital transactions in the country.

In order to break the duopoly of Visa & MasterCard in India and reduce transaction costs, Rupay card scheme was launched in 2016 by the National Payments Corporation of India (NPCI).