The Reserve Bank of India (RBI) on Wednesday barred global payments technology major Mastercard Asia from adding new customers in India from July 22, 2021.
This was after the company failed to comply with directions on Storage of Payment System Data. However, the order will not impact existing customers of Mastercard.
In an order, the RBI said it has imposed restrictions on Mastercard Asia from onboarding new domestic customers (debit, credit or prepaid) onto its card network from July 22, 2021.
"Notwithstanding the lapse of considerable time and adequate opportunities being given, the entity has been found to be non-compliant with the directions on Storage of Payment System Data. Mastercard shall advise all card-issuing banks and non-banks to conform to these directions. The supervisory action has been taken in exercise of powers vested in RBI under Section 17 of the Payment and Settlement Systems Act, 2007 (PSS Act)," the RBI said.
Mastercard said, "The company is fully committed to our legal and regulatory obligations in the markets we operate in. Since the issuance of the RBI directive requiring on-soil storage of domestic payment transaction data in 2018, we have provided consistent updates and reports regarding our activities and compliance with the required stipulations."
"While we are disappointed with the stance taken by the RBI in their communication dated July 14, we will continue to work with them to provide any additional details required to resolve their concerns. Building on our considerable and continued investments in India, we remain committed to working with our customers and partners in advancing on the Government’s Digital India vision," it said.
RBI said the supervisory action has been taken in the exercise of powers vested in RBI under Section 17 of the Payment and Settlement Systems Act, 2007 (PSS Act).
According to RBI circular on Storage of Payment System, all system providers were directed to ensure that within a period of six months the entire data (full end-to-end transaction details/information collected/carried/processed as part of the message/payment instruction) relating to payment systems operated by them is stored in a system only in India.
Also read: Kamath Committee approves recasts of 9 companies with over Rs 58,800 cr loans; to submit findings to RBI soon
They were also required to report compliance to RBI and submit a board-approved system audit report conducted by a CERT-In empanelled auditor within the timelines specified therein.
In April this year, the RBI had barred global card networking giants American Express Banking Corp and Diners Club International Ltd from adding new customers in India from May 1 after they failed to comply with RBI's directions on customers' data safety and storage.
First Published: IST