Amid the RBI having stuck to October 15 deadline to its data localisation directive, a closed-door meeting reportedly took place between the RBI deputy governor-general BP Kanungo and top foreign data fiduciaries operational in India. Some of the US companies such as Visa and Mastercard reportedly demanded 12 months extension to comply with the RBI directive on data localisation.

Amid the RBI having stuck to October 15 deadline to its data localisation directive, a closed-door meeting reportedly took place between the RBI deputy governor-general BP Kanungo and top foreign data fiduciaries operational in India. Some of the US companies such as Visa and Mastercard reportedly demanded 12 months extension to comply with the RBI directive on data localisation.

According to reports, attendees of the meeting were representatives from Visa, MasterCard, American Express, Amazon, Western Union, Discover, MoneyGram and iSPIRT(Indian Software Products Industry Round Table).

Besides the meeting, the RBI directive has caused a concern for US senators as well. On October 12, two US senators had called on the PM Narendra Modi to soften India’s stance on data localisation, warning that measures requiring it represent “key trade barriers” between the two nations, reports Reuters.

Commenting on the development, Vinay Kalantri, founder and MD of The Mobile Wallet said, “US Senate’s India caucus that comprises over 30 senators writing to Indian PM should be considered as an early sign that the sensitive issue may escalate into an issue of `key trade barriers’ between the two nations.”

He added, “In my view, considering the `pros’ and `cons’ of the issue the RBI should soften its stand for now to give time for the payments firms to migrate to the new data localisation norms in an orderly fashion. It should get every stakeholder on the same page of the policy making architecture by putting an end to policy confusions instead of rushing through new benchmarks. By doing so, the apex bank will be serving the original purposes of payment companies; enhancing financial inclusion and putting to use their full potential to spur existing business and creating new business”.

Led by the homegrown companies’ representatives such as PhonePe, Paytm, Ola and Freshworks, iSPIRT have been supporting the RBI’s data localisation move.

After the unsuccessful meeting, terming iSPIRT members’ presence as a conflict of interest, Visa and Mastercard-led US companies group have now written to the Finance minister Arun Jaitley.

The letter stated, “The presence of such a party in the meeting may constitute as a conflict of interest, especially when they were asked by the RBI during the course of the meeting to provide technical expertise to companies on compliance to this directive. iSPIRT is a private association which is not a stakeholder in this consultation process. It must be noted that it is neither empanelled by the RBI, nor an official technical adviser to the government or the regulator,” reports ET.

The RBI Directive

On April 6, the RBI had issued a directive under Section 10(2) along with Section 18 of Payment and Settlement Systems Act 2007, (Act 51 of 2007) stating that all system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in India.

This data should include the full end-to-end transaction details/information collected/carried/processed as part of the message/payment instruction. For the foreign leg of the transaction, if any, the data can also be stored in the foreign country, if required.

Payments system providers shall ensure the data localisation compliance within a period of six months and report compliance of the same to the Reserve Bank latest by October 15, 2018. System providers shall submit the System Audit Report (SAR) after meeting the compliance. The audit should be conducted by CERT-IN empanelled auditors certifying completion of activity at (i) above. The SAR duly approved by the Board of the system providers should be submitted to the Reserve Bank not later than December 31, 2018.

It’s The Judgement Day; Yet, Not All Companies Are Ready To Comply

As per The Wire report, Out of 80 payments services providers that were told to store data locally, and not mirror it outside India, 64 are ready to store their data in India.

The companies which are yet to comply with the RBI directive include major card companies VISA and Mastercard.

Amazon India which also runs payments wallet Amazon Pay has been looking for more clarity on pertaining to the data localisation directive. The company has already been testing UPI payments under its Amazon Pay wallet. While Inc42 was able to make payments using a UPI PIN at Amazon Pay, the project could be delayed owing to the data localisation urgency.

In a response to Inc42, the company an Amazon spokesperson while didn’t address the company’s UPI timeline but had earlier stated, “By integrating UPI into Amazon, we are looking forward to offering our customers a great payment experience, and thereby accelerating momentum for UPI.”

Similarly, Google which recently rebranded its India-born payments wallet to Google Pay has reportedly sought “a couple of months” more to comply with the directive.

Last month, Google CEO Sundar Pichai in his meeting with the minister of electronics and information technology (MeitY) Ravisankar Prasad had conveyed that Google has agreed to abide by all the RBI requirements but it needed another two months to comply with.

As the major card companies are yet to comply with the directive. If not 12-months long, a short extension of 3-months could be expected from the RBI.

[The development was reported by ET.]