Balancing Act: RBI Won’t Punish Companies For Delay But Stays Firm On Data Localisation Norms

The Reserve Bank Of India (RBI), India’s banking regulator, has refused to extend the deadline for its data localisation norms. The RBI has stressed that all payment companies that store financial data belonging to Indian consumers will have to store the data within the physical boundaries of the country.

Though the deadline for compliance expired yesterday (15 October), the regulator has indicated that it will not penalise non-compliant firms in the near future. However, it has asked them to submit a time-bound schedule to adhere to the regulations.

This regulation attracted intense lobbying against it, from multinational payment processing companies to American senators. Before the regulation, several payment companies stored financial data of transactions done in India, in servers set up outside India. This makes it difficult for RBI to use the data for analysis and prevent frauds as Indian laws don’t apply to such data.

Many payment companies like PhonePe have complied with the rules. RBI had given a six-month deadline to payment companies for ensuring localisation of at least financial data, back in April.