RBI sets down new guidelines to better regulate non-bank payment aggregators
In a move to regulate payment intermediaries, the Reserve Bank of India (RBI) notified a set of guidelines for payment aggregators (PA) and payment gateways (PG) on Tuesday.
The guidelines require existing non-bank payment aggregators to apply for authorisation from RBI by June 30, 2021.
Merchant sites, including e-commerce entities, cannot save customer card details and related data, according to the guidelines. E-commerce entities, which run their own PA services, will be required to maintain distance from the marketplace operations.
This regulation will impact the wholly-owned payment intermediaries of online marketplaces such as Paytm wallet and Paytm Mall, Amazon Pay for Amazon India and PhonePe for Flipkart.
“E-commerce marketplaces providing PA services shall not continue this activity beyond the deadline prescribed. If they desire to pursue this activity, it shall be separated from the marketplace business and they shall apply for authorisation on or before June 30, 2021,” RBI said in its guidelines.
As part of the guidelines, the RBI has stated that all existing PAs applying for authorisation should have a net worth of Rs 15 crore by March 31, 2021 — a reasonable ask as compared to the threshold of Rs 100 crore mandated in the discussion paper of September 2019 for stakeholder consultation on the guidelines.
While startups agree that the timeframe decided by RBI is sufficient for compliance, they have sought some clarification.
“The guidelines have removed the option of ATM PIN as a factor of authentication instead of an OTP, which might change the customer experience to some extent,” Harshil Mathur, CEO of payment gateway and aggregator Razorpay, said. The platform is backed by Ribbit Capital and Sequoia.
“The guidelines also state that escrow account balance should be maintained with only one bank for PAs. Given the recent freeze on YES Bank and to avoid a similar situation, we will request the central bank to allow partnering with a second bank so that customer transactions are not impacted,” Mathur told TechCirlce.
Industry body Payment Council of India said the guidelines provided a comprehensive mechanism for licensing.
“These guidelines will streamline the serious players with a clear focus and help in boosting merchant acquisition in India,” Vishwas Patel, chairman of PCI and director at Infibeam Avenues which owns payment gateway, CCAvenue, said.
He told TechCircle that PCI will approach RBI to ease merchant onboarding by avoiding duplicity of KYC.
“When a merchant is on-boarded on a payment gateway, a fresh KYC is done by the gateway. Since the same has been done by the bank with which the merchant has an account, we are exploring if the documentation can be shared for faster on-boarding,” Patel said.
The guidelines issued under Section 18 of the Payment and Settlement Systems Act 2007 also lay down stringent guidelines for compliance to secure customer payments data.