On 17 September 2019, RBI released its 'Discussion Paper' on framing regulations for Payment Gateways and Payment Aggregators'. Discussion Paper is placed on RBI's website inviting comments from stakeholders. Discussion Paper will lead to framing of comprehensive regulations covering payment gateways and aggregators. In Part I of this Article we examine the regulatory approaches that RBI has discussed.
Payment gateways and aggregators are critical intermediaries in digital payments ecosystem. They act as a bridge between customers and merchants by offering e-payment collection and settlement. Some known payment gateways/intermediaries operating in India are – Paypal, Citrus, Razorpay and Instamojo etc.
Current RBI Regulatory Framework | Under Payment and Settlement Systems Act, 2007
Umbrella legislation to regulate payment and settlement systems in India is the Payment and Settlement Systems Act, 2007 (PSS Act). This Act prohibits any entity from operating payment systems unless authorised by RBI.
As early as 2009, RBI recognized the need to safeguard customer confidence and ensuring that electronic/digital payments are duly transmitted to merchants without undue delay. With this objective, in November 2009 RBI passed directions under PSS Act (Intermediary Circular). Through this Circular, RBI extended its regulatory oversight, albeit indirect, by requiring payment intermediaries to open Nodal Accounts which allowed only permissible debits and credits and also prescribed max T+3 settlement period for passing credit to merchants.
For almost a decade, payment intermediaries could avail 'Safe Harbour' under PSS Act by ensuring compliance with Intermediary Circular.
Need for new RBI Regulatory Framework
Seeing rapid innovation, expanding fintech and e-commerce activities RBI has considered it opportune to review extant regulatory framework and evaluate whether a regime of direct regulation is required. RBI has observed stress points as under.
|Source of Risk||Payment intermediaries operate highly intensive technology and customer business. Inadequate governance can impact customer confidence|
|Customer Grievance||Customers having limited access to payment intermediaries, are invariably pushed to relying on merchants or banks for grievance redressal|
|KYC, Data Privacy||Payment intermediaries handle sensitive customer data. Hence, KYC, data privacy acquire importance from security and customer confidence|
Proposed Regulatory Framework
RBI is contemplating three (3) options for regulating payment intermediaries.
|OPTION I||OPTION II||OPTION III|
|Existing Framework||Limited Regulation||Full and Direct Regulation|
|Continue operations in compliance with Intermediary Circular||Payment
Intermediaries to follow norms:
||Payment Intermediaries required to obtain License from RBI under PSS Act|
|Licensing||Authorisation from RBI under PSS Act required|
|Capital Requirement||Minimum Net-worth of Rs. 100 crores|
|Governance||'Fit and Proper' eligibility for Promoters Nodal Officer for Customer Grievances Comprehensive disclosure on merchant policies, pricing, customer Anti-Money Laundering|
In a hint signifying transition to Full and Direct Regulation, RBI has cautioned e-commerce marketplaces to segregate payment gateways and aggregation services from their primary business within three months. Since e-marketplaces' primary business does not fall within RBI's regulatory ambit, in case regulatory prescriptions for payment aggregators are issued, they would end up being subjected to dual regulation.
Part II of this Article will cover critical issues – impact on existing payment intermediaries, Online Payment Gateway Service Providers (OPGSPs), Merchant Discount Rate (MDR) etc. - that Full and Direct Regulation approach will impact.
30 September 2019
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.