Reserve Bank of India on July 14th, 2021[1] has released that it will take supervisory actions on MasterCard / pacific Pte. Limited. There have been restrictions imposed on pacific Pte. ltd/ MasterCard Asia by Reserve Bank of India from onboarding new domestic customers onto its card network from July 22nd, 2021. It will include debit, credit, or prepaid. “Notwithstanding the lapse of considerable time an adequate opportunity is being given, the entity is non-compliant with the directions on storage of Payment System data,” the Reserve Bank stated in the press release. The existing customers of MasterCard will not be impacted by the order. All cards issuing banks and non-banks shall be advised to confirm these directions.

A Payment system operator such as MasterCard is authorized to operate a card network in the country under the payment and settlement system act, 2007 (PSS Act, 2007). And the Reserve Bank of India has taken supervisory action under Section 17 of the Payment and Settlement Systems Act, 2017.

In the notification released on 6 April 2018[2] about the storage of payment system data, it was stated in the notification that all system providers are directed to ensure that within six months the entire data Relating to the system operated by them should be stored in a system only in India. The data should include information collected, carried, processed as part of the message, the full end-to-end transaction details, and payment instructions. If the details are that if a foreign customer or is the case of the foreign transaction then the data obtained can also be stored in the foreign country. This compliance should have to be done latest by October 15, 2018. The System Audit Report Must be submitted by the system providers on the completion of the requirement as mentioned before. CERT-IN Will conduct the audit and certify the completion of activities mentioned before.

It was stated in the press release dated April 5, 2018[3], under paragraph 4 of the statement on developmental and regulatory policies that there has been a considerable expansion in the ecosystem of the country with new payment systems, players, and platforms. It is essential to ensure the safety and security of the payment system data by adopting the best global standards and continuous monitoring and surveillance to reduce the rest from data breaches. The Reserve bank of India decided that all payment operators will ensure that data related to the payment system operated by them are stored only in the country. The action will ensure that the Reserve Bank of India has unfettered access to all payment data for supervisory purposes and can maintain smooth monitoring and surveillance.

[1] RBI, Reserve Bank of India takes supervisory action on Mastercard Asia / Pacific Pte. Ltd. https://www.rbi.org.in/Scripts/BS_PressReleaseDisplay.aspx?prid=51895

[2] RBI, Storage of Payment System Data, RBI/2017-18/153, DPSS.CO.OD No.2785/06.08.005/2017-2018 https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11244&Mode=0

[3] RBI, Statement on Developmental and Regulatory Policies, https://rbi.org.in/Scripts/BS_PressReleaseDisplay.aspx?prid=43574

This Article Does Not Intend To Hurt The Sentiments Of Any Individual Community, Sect, Or Religion Etcetera. This Article Is Based Purely On The Authors Personal Views And Opinions In The Exercise Of The Fundamental Right Guaranteed Under Article 19(1)(A) And Other Related Laws being force In India, for the time being. Further, despite all efforts that have been made to ensure the accuracy and correctness of the information published, White Code Consulting & Governance shall not be responsible for any errors caused due to human error or otherwise.