Explained: What the RBI extension for e-mandate compliance on recurring payments means for stakeholders
The March 31 deadline for compliance with e-mandate on credit and debit card-based recurring transactions had banks and service providers scrambling to notify users that April 1 onwards, the payments would have to be made manually. The move would have impacted service providers such as OTT platforms Amazon and Netflix, as well as digital services and platform providers for businesses, including SaaS companies.
However, on Wednesday, the Reserve Bank of India (RBI) granted an extension till September 30, 2021, in response to requests from Indian Banks Association (IBA) and businesses including startups which stood to lose revenues.
So, what’s this all about?
RBI allowed e-mandate on cards for recurring payments in August 2019, similar to the standing instructions for payment given on net banking. Registration for e-mandate facility by a card user will require an additional factor authentication (AFA) apart from the first transaction. Subsequent transactions will be exempt from AFA, making the process frictionless.
Which services does the facility cover?
Card based e-mandate is applicable to all credit and debit cards as well as pre-paid instruments (PPIs) including mobile wallets. This was later extended to the Unified payment Interface (UPI). Initially the limit for AFA exemption for recurring transactions was capped at Rs 2,000, which was later increased to Rs 5000 from January 1, 2021, onwards.
What was the deadline for?
The deadline of March 31, 2021 was meant for banks to comply with the conditions set by RBI to enable the e-mandate as part of its August 2019 notification. Some of the compliance measures include:
- Pre-transaction notification sent to the user with the name of merchant, transaction amount, date and time of debit, transaction number and others.
- The cardholder can opt out of the particular transaction after receiving the notification using AFA.
- Post-transaction notification with details on the transaction.
- Facility for cardholder to withdraw an e-mandate at any point of time, immediately stopping all recurring payments
- Requirement for the merchant to delete all details of the user including payment instrument information such as card number and other details on withdrawal of e-mandate
How do the compliances help?
It helps in the prevention of fraud, mitigates risk and prevents cyberattacks and data breaches in case a merchant’s database is hacked.
Who does the extension benefit?
RBI noted the “non-compliance with serious concern” and also mentioned that it was extending the deadline based on request from IBA in the notification announcing the extension to the deadline.
Industry associations representing startups and investors IndiaTech told TechCircle that additional time was needed by both banks and payment aggregator as well as payment gateway companies.
“Due to the pandemic additional, requirements prescribed by RBI and the complex nature of this project, the payments ecosystem felt they needed more time to put the necessary infrastructure and mechanisms in place to comply,” said Rameesh Kailasam, CEO of IndiaTech.
He further added, “This holds relevance for both B2B and B2C scenarios considering a range of services that require regular recurring payments for availing services from email providers, cloud services, SaaS platforms or even your regular media subscriptions, OTT services, utility bills, SIPs, mutual funds, insurance payments amongst many others.”