We value your privacy & take necessary steps to protect your information.
REQUEST A CALLBACK
The rapid transformation of the Indian economy into a cashless one, particularly with the establishment of e-commerce as a legitimate mode of consumerism, there has been an equally urgent need for innovating and adopting digital payment systems. On one hand, there was a need to bring the required technology into the foray and on the other hand, there needed to be a regulatory framework in place to govern the digital payment providers and systems. At its most nascent stage, the electronic payments space was regulated by Section 18 read with section 10(2) of the Payment and Settlement Systems Act, 2007 (the “PSS Act”). The aim of the PSS Act was to ensure a safe and effectual system of payments and settlement. At the time of its implementation, transactions were heavily dependent on cash or bank transfer, however, with the evolution of the digital payments system, these service providers came to be regulated by the Intermediaries Directions (“Intermediary Directions”) issued by the Reserve Bank of India (“RBI”) vide notification dated 24.11.2009. Under this scheme, banks were required to maintain a nodal account of the intermediaries with permissible credits and debits as also the settlement cycle for credit to the merchants’[1].
The RBI analysed the current regulatory framework in place by way of a discussion paper[2] which ultimately paved the way for the RBI to issue detailed guidelines (“Guidelines”) applicable to payment aggregators (“PAs”), which came into effect from 01.04.2020. The Intermediary Directions, in their definition of ‘intermediaries’ included every available kinds of electronic payment system and made no distinction between payment gateways and payment aggregators. However, the Guidelines make a departure from the earlier position and have expressly differentiated between PAs and payment gateways. PAs have been defined as entities that act as facilitators between merchants and customers and in this process, receive, pool and subsequently transfer the payments made by the customer to the merchants. In India, these entities include fintech startups such as PayU, Instamojo, Paytm, Razorpay amongst others. In contrast, payment gateways are merely the technology and infrastructure providers for the smooth functioning of the electronic payment system.
BASIC TENETS OF THE GUIDELINES Authorization: Non-bank PAs will now require authorisation from RBI under the Guidelines. Existing non-bank entities offering PA services, will need to apply for authorisation before 30.06.2021 and can function without any disturbance to their operations till approval from RBI. E-commerce marketplaces will need to separate their PA business from their market place business.
Capital Requirements: PAs will need to initially have a minimum net worth of INR 15 crores whether applying fresh or already existing. Thereafter, the net worth will need to be increased to 25 crores within the time prescribed under the Guidelines. The net-worth of INR 25 crores shall always be maintained thereafter.
Governance: The Guidelines make it obligatory on the PAs to communicate any change in control or ownership to the RBI and also disclose all the details pertaining to handling complaints, refund / failed transactions, return policy etc.
Anti-Money Laundering: The Guidelines make the Prevention of Money Laundering Act, 2002 applicable on the PAs. PAs must also follow the Know Your Customer (KYC) directions as prescribed in the “Master Direction – Know Your Customer (KYC)”.
Merchant On-boarding: PAs are required to undertake background and antecedent check of the merchants, to ensure that such merchants do not have any malafide intention of duping customers and do not sell fake / counterfeit / prohibited products, etc.
Settlement/Escrow Account: PAs are required to set up one escrow account with a scheduled commercial bank for the funds they collect. The account can be used by the PAs only for debits and credits specified in the Guidelines and not for Cash on Delivery transactions. The RBI has also prescribed strict timelines within which PAs must settle amounts with merchants.
Customer Grievance Redressal and Dispute Management Framework: PAs are obligated to put in place a formal, publicly disclosed customer grievance redressal and dispute management framework.
Security, Fraud Prevention and Risk Management: PAs are required to ensure prevention of fraud and ensure customer protection and to this end, they are mandated to put in place a Board approved information security policy, establish mechanisms for handling cybersecurity incidents and breaches and submit System Audit Reports to the RBI.
DISECTING THE GUIDELINES While the guidelines are a positive step towards customer protection, certain clarifications need to be addressed:
While the aforementioned ambiguities would need to be clarified by the RBI in the form of FAQs or notifications, the Guidelines are in conformity with the increasing push for a digital payment ecosystem and a cash-less economy and most certainly, are the right step forward towards achieving transparency, accountability and consumer protection.
[1] Notification no: RBI/2009-10/231 , DPSS.CO.PD.No.1102 /02.14.08/ 2009-10, November 24, 2009 [available on https://rbidocs.rbi.org.in/rdocs/notification/PDFs/DOIPS241109.pdf] last accessed on 27.07.2020
[2] Discussion Paper on Guidelines for Payment Gateways and Payment Aggregators; Reserve Bank of India Department of Payment and Settlement Systems [available on https://rbidocs.rbi.org.in/rdocs/PublicationReport/Pdfs/DPSSDISCUSSIONPAPEREFCF5B7E17F9431185BD4FD57E540F47.PDF] last accessed on 27.07.2020.