Business

RBI bars Mastercard from onboarding new customers in India

By Dan Neff

The Reserve on Wednesday has barred US-based card network Mastercard from onboarding new domestic debit, credit or prepaid customers on its card network in India from 22 July onwards.

The central bank’s supervisory action on Mastercard is citing its non-compliance with data localisation mandate wherein all foreign payment operators storing card and customer related data must do so in servers physically present in India.

“Notwithstanding lapse of considerable time and adequate opportunities being given, the entity has been found to be non-compliant with the directions on Storage of Payment System Data,” the central bank said in a circular.

Mastercard didn’t immediately comment.

RBI had issued its data storage circular in April of 2018 and given all system providers a time frame of six months to enforce these norms. The central bank said that Mastercard’s existing customers won’t be impacted because of these restrictions.

“This order will not impact existing customers of Mastercard. Mastercard shall advise all card issuing banks and non-banks to conform to these directions. The supervisory action has been taken in exercise of powers vested in RBI under Section 17 of the Payment and Settlement Systems Act, 2007 (PSS Act),” RBI said.

Mastercard is registered as a Payment System Operator authorised to operate a card network in the country under the PSS Act. Other leading card networks in India include US-based Visa and National Payments Corp of India’s RuPay.

ET had reported in March that the central bank had tightened its supervisory norms for payment companies storing customer data in India amid a slew of cyber-security breaches at tech start-ups.

All payment system operators from FY22 were mandated to submit detailed “compliance certificates” to the central bank twice a year, confirming adherence to all RBI regulations around security and storage of payment data. RBI had asked these certificates to be submitted on April 30 and October 31 every year.

These requirements are over and above those mandated by the central bank in April of 2018, when it asked all payment companies to submit board-approved annual System Audit Reports (SAR) by CERT-empanelled auditors.

These companies were also asked to submit a one-time compliance report with data localisation norms mandating that data relating to payments in India will be stored in a server physically present in the country by December of 2018.

For all the latest Business News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.

Dan Neff