Business Today
Loading...

RBI circular on data storage to hit foreign payments firms

The development would impact every company dealing in payments data - from fintech firms that offer peer-to-peer money transfers and international transactions to gateway operators.  WhatsApp, for instance. Or any global company that maintains its servers outside India. 

twitter-logo Goutam Das   New Delhi     Last Updated: July 12, 2018  | 16:59 IST
RBI circular on data storage to hit foreign payments firms

Payment companies of all shades, operating in India, will now have to locate their servers within the country. The Reserve Bank of India, India's central bank, wants such companies to be compliant within six months. The reason: better supervision.

The development would impact every company dealing in payments data - from fintech firms that offer peer-to-peer money transfers and international transactions to gateway operators.  WhatsApp, for instance. Or any global company that maintains its servers outside India.  

However, Indian fin-tech companies such as Paytm or PayU have little to worry about. Their data is mostly in servers within the country. Why is that?

"While it came as a circular now, RBI had been informally pushing us from day one of our operations," a founder of a fin-tech company who did not want to be identified said. "We were not getting approvals without certifying that our servers are in India."

As long as six years back, RBI sent an e-mail asking this particular company to locate its servers within India. "I asked the RBI guys where is the circular? They asked me to treat the e-mail as circular. I was planning to use Amazon Web Services (a subsidiary of Amazon that provides cloud computing) but I couldn't," he said.

The RBI, on Thursday, issued a statement that stated: "In recent times, the payment ecosystem in India has expanded considerably with the emergence of new payment systems, players and platforms. Ensuring the safety and security of payment systems data by adoption of the best global standards and their continuous monitoring and surveillance is essential to reduce the risks from data breaches while maintaining a healthy pace of growth in digital payments. It is observed that at present only certain payment system operators and their outsourcing partners store the payment system data either partly or completely in the country. In order to have unfettered access to all payment data for supervisory purposes, it has been decided that all payment system operators will ensure that data related to payment systems operated by them are stored only inside the country within a period of 6 months." 

Youtube
  • Print

  • COMMENT
BT-Story-Page-B.gif
A    A   A
close