INTRODUCTION

The fintech sector has continued to grow in India despite the Covid-19 pandemic challenges. According to a recent report titled 'Pulse of Fintech H2'20' published by KPMG, India is now one of the largest fintech markets worldwide and has managed to attract USD 2.7 billion in fintech investment in 2020, the second-best year after the 2019 peak of USD 3.5 billion. To this extent, funding continued to remain the highest in the digital payments space, with an increased investor focus on late stage companies and profitability.1

Digital payments have now become well entrenched in Indian households across income groups, according to a recent study conducted by the People Research on India's Consumer Economy (PRICE) in partnership with the National Payments Corporation of India ("NPCI").2 In the backdrop of this growth in digital payments adoption, there is now an increased regulatory focus on consumer protection, security controls and tokenisation to safeguard the financial data of consumers. Further, in order to create new touch points for digital payments in India, industry stakeholders are working towards further evolving the acceptance infrastructure for offline solutions to cater to under-served areas and non-smartphone users.

This newsletter highlights the key developments in the Indian fintech space from January 01, 2021 to March 31, 2021.

RECENT LEGAL DEVELOPMENTS

Clarification on the Guidelines on Regulation of Payment Aggregators and Payment Gateways

Through a notification dated March 31, 2021,3 the Reserve Bank of India ("RBI"), as a one-time measure, has extended the timeline for compliance by non-bank payment aggregators ("PAs") with the 'Guidelines on Regulation of Payment Aggregators and Payment Gateways' dated March 17, 2020 ("PA Guidelines"),4 with respect to instructions issued to PAs and merchants on-boarded by them to not store customer card credentials within their database or server. The timeline for compliance has been extended by 6 (six) months from June 30, 2021 to December 31, 2021, to enable payment system providers and participants to put in place workable solutions, such as tokenisation, within the framework set out under the PA Guidelines and the RBI's guidelines on 'Tokenisation - Card transactions' dated January 08, 2019.5

The RBI has also made public certain other clarifications on the PA Guidelines, which include the following:

  1. The PA Guidelines will come into effect for nonbank PAs from the date of their authorisation with the RBI, subject to the submission of application for authorisation before June 30, 2021.
  2. The PA Guidelines are applicable to e-commerce marketplaces that are undertaking payment aggregation, and to this extent, e-commerce marketplaces availing the services of a PA will be considered as merchants.
  3. The PA Guidelines are not applicable to 'delivery versus payment' transactions, however, they cover transactions where the payment is made in advance while the goods are delivered in a deferred manner
  4. Authorised PAs or the merchants on-boarded by them cannot store customer card credentials within their database or server, except for the limited purpose of transaction tracking.
  5. The RBI's 'Directions for opening and operation of accounts and settlement of payments for electronic payment transactions involving intermediaries' dated November 24, 2009,6 will be considered repealed for authorised PAs from the date of their authorisation, and considered repealed with effect from June 30, 2021 except for such PAs who have applied for authorisation and a decision on it is pending with the RBI.
  6. Existing entities can continue to maintain nodal accounts till they have been authorised by the RBI.
  7. Pre-funding the escrow-account with own or merchant's funds by PAs has been allowed to tide over temporary mismatches and the taking back of surplus pre-funding is not allowed.

IndusLaw has provided a detailed analysis on the above clarifications on the PA Guidelines in a separate alert dated April 12, 2021.7

Framework for processing of e-mandates for recurring online transactions

The RBI in August 2019 had put in place a framework for registering and processing e-mandates for recurring online transactions (i.e., merchant payments) using cards and pre-paid payment instruments ("PPIs"), that was later extended to the Unified Payment Interface ("02") as well (the "e-Mandate Framework").8 This framework prescribes certain conditions for permitting recurring transactions, including an additional factor of authentication (AFA) during e-mandate registration, modification and revocation, as well as for the first transaction; pre and post-transaction notifications; transaction limits; option for withdrawal of e-mandate; and dispute resolution and grievance redressal.

Through a notification dated March 31, 2021,9 the RBI, as a one-time measure, has extended the timeline for industry stakeholders, from March 31, 2021 to September 30, 2021 ("Extended Timeline"), to comply with and complete the process of migration to the e-Mandate Framework for processing of recurring transactions (domestic or cross-border). This extension has been granted in view of the slow customer onboarding onto the framework, stakeholder requests, and to prevent customer inconvenience. During the Extended Timeline, however, no new mandates for recurring online transactions should be registered by stakeholders unless they are in compliance with the e-Mandate Framework. The RBI has also stipulated that any further delay in ensuring complete adherence to the e-Mandate Framework beyond the Extended Timeline will attract stringent supervisory action.

To view the full article, please click here.

Footnotes

1. https://assets.kpmg/content/dam/kpmg/xx/pdf/2021/02/pulse-of-fintech-h2-2020.pdf

2. https://www.npci.org.in/PDF/npci/press-releases/2021/NPCI-Press-Release-Digital-Payments-well-entrenched-in-Indian-household.pdf

3. https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12050&Mode=0#ANN1

4. https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11822&Mode=0

5. https://rbidocs.rbi.org.in/rdocs/notification/PDFs/NT103FB1ACF7FF52B4F77BF82BDE43375F3AE.PDF

6. https://rbidocs.rbi.org.in/rdocs/notification/PDFs/DOIPS241109.pdf

7. https://induslaw.com/app/webroot/publications/pdf/alerts-2021/Infolex-Article-Clarification-PA-Guidelines-April-12-2021.pdf

8. https://rbidocs.rbi.org.in/rdocs/notification/PDFs/47EMANDATE39D1306C26AE4B44B2EA0050F23E7E3D.PDF https:/d/rbidocs.rbi.org.in/rdocs/notification/PDFs/UPI100120203AB8E817DFA44A77B2F0B38790F6578C.PDF https://rbidocs.rbi.org.in/rdocs/notification/PDFs/DPSSSIDEC420205A3895EA5B6044F2B4AB7A133FE35AD7.PDF

9. https://rbidocs.rbi.org.in/rdocs/notification/PDFs/NOT11820DB6EC9DF8A4611926B0A897918D64F.PDF

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.