RBI unlikely to extend deadline on data localization regulations
Major payment firms had sought more time to comply with RBI norms, which mandate storage of data locally
Mumbai: The Reserve Bank of India (RBI) is unlikely to extend the deadline for foreign payment companies such as Mastercard, Visa and PayPal to adhere to its data localization norms, a senior official aware of the matter said. Earlier, major payment firms had sought more time to comply with RBI norms, which mandates storage of data within the country.
“Over 60 companies have already complied with RBI rules. It’s some of the major players which are yet to fall in line,” said the official mentioned above.
“We will also not accept data mirroring which was one of the suggestions made by these firms,” he said, requesting anonymity.
On Wednesday, RBI officials met representatives of payment system providers that are likely to be impacted by the new norms. These companies highlighted their concerns and have sought grace period from the central bank, said a person familiar with the development, who did not want to be named.
“The deadline set by RBI was technically 6 October. RBI gave payment companies six months’ time from the date of issue of circular (6 April) to comply with the norms. The date to submit compliance report by these companies is 15 October,” said an industry expert, who did not want to be named.
Mails sent to Amazon India, Mastercard and Visa failed to get any response. The RBI spokesperson declined to comment.
On Tuesday, WhatsApp said that it has built a system that stores payments-related data locally in India as the Facebook Inc.-owned messaging service begins the process of complying with the data localization norms.
WhatsApp is the first global company to officially comply with these norms. Last month, a senior government official, requesting anonymity, said that at a meeting of Google’s chief executive Sundar Pichai with information technology (IT) minister Ravi Shankar Prasad at Google’s US headquarters in August, the company had agreed to comply with the norms but sought time until end-December. Google is yet to confirm the development.
Besides Visa, American Express, Facebook, PayPal, and Mastercard among others, Google and WhatsApp are also required to store their data locally.
At a time when the deadline is not even a week away, most payment firms still have limited data storage in India and are struggling to comply with the new data localization norms.
“All system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in India. This data should include the full end-to-end transaction details/information collected/carried/processed as part of the message/payment instruction,” RBI said in its 6 April circular.
It said for the overseas part of the transaction, the data may be stored in a foreign country.
On Monday, finance minister Arun Jaitley met RBI deputy governor B.P. Kanungo, economic affairs secretary Subhash Chandra Garg, financial services secretary Rajiv Kumar and IT secretary Ajay Prakash Sawhney to discuss RBI’s data localization norms for global financial technology companies.
Shayan Ghosh contributed to this story.