We thank the Reserve Bank of India (RBI) for this opportunity to present our views and suggestions on the Discussion Paper on Guidelines for Payment Gateways and Payment Aggregators (Discussion Paper). It presents a detailed assessment of the payments ecosystem in the country, covers the various facets of the activities of the Payment Gateways (PG) and Payment Aggregators (PA) and presents different options towards their regulation.
Based on inputs from our members and other stakeholders, we have prepared our response, which reviews the various aspects of the Discussion Paper along with our comments and suggestions.
Current Regulatory Position
The operations of PGs/ PAs are indirectly regulated by the RBI under the Directions for opening and operation of accounts and settlement of payments for electronic payment transactions involving intermediaries (2009 Directions). PGs/PAs fall under the definition of “intermediaries” of the extant regulations. “Intermediaries would include all entities that collect monies received from customers for payment to merchants using any electronic/online payment mode, for goods and services availed by them and subsequently facilitate the transfer of these monies to the merchants in final settlement of the obligations of the paying customers.”
In addition to the obligations under the 2009 directions, payment industry players, including PGs/PAs, also abide by existing card schemes rules, contractual agreements with banks, the Payment Card Industry Data Security Standard (PCI-DSS) and Payment Application Data Security Standard (PA-DSS), and other requisite compliances under the provisions of the Information Technology Act 2008 and the newly passed Consumer Protection Act 2019.
As the RBI has rightly acknowledged, the current framework of indirect regulation has ensured the absence of any major complaint in the last ten years, thereby testifying for the adequacy of the existing governance framework. We agree that the extant regulations are sufficient to address the concerns and gaps highlighted in the Discussion Paper, as they have been doing over the last decade.
Nonetheless, we welcome regulatory improvements. We recommend that the risks underlying the proposals be appropriately addressed with a light-touch regulatory framework akin to a hybrid of Options 1 and 2 as put forth in the discussion paper.
The detailed submission has been attached with this blog. Please download the attachment.
In case of any further clarification or suggestion, please write to firstname.lastname@example.org and email@example.com