NEW DELHI/MUMBAI:Â As many as 80 per cent players in the payment industry, including Amazon, Paytm and WhatsApp, have complied with the norms for local storage of data, with RBI’s deadline coming to close on October 15, sources said.
However, they said some debit/credit companies are yet to comply with data storage norms and have reportedly sought more time.
The Reserve Bank is not contemplating review of its notification on data localization norms, the sources said.
In April, the central bank had given six months to global payment companies to store transaction data of Indian customers within India.
Although 80 per cent of the players operating in India have complied with the Reserve Bank directive, some global financial technology companies have reportedly sought an extension to the October 15 timeline.
“The RBI will look at things on a case-to-case basis while handling the subject,” one of the sources said, without mentioning if the central bank would take action or impose penalties for non-compliance.
Digital payments platform PhonePe said it has informed the Reserve Bank of India of its full compliance with the data localization mandate to ensure payments data of Indian users is stored within the country.
The central bank’s data localization policy had elicited mixed response from the payment services industry. While some of the prominent domestic payment companies like Paytm and PhonePe have been supportive of the dictum, global players like Google (that offers Google Pay) had argued for free movement of data.
Some international players have appealed for more time for compliance and also asked that they be allowed to mirror the data.
Paytm, which had vociferously supported data localization, said critical data must not be allowed to go out of the country, not even for processing.
“We have complied with this mandate since day one and have welcomed this initiative right from the beginning. It is important that we do not become mere internet colonies for global companies, and make every organization accountable towards the security and privacy of data of our fellow countrymen,” a Paytm spokesperson said.
US-based messaging platform WhatsApp has already said it has developed a system to store payments-related data in India.
An Amazon spokesperson said “compliance with local laws and regulation is a top priority for us in all the countries we operate in. We continue to work closely with the regulators towards this”.
Google is learnt to have agreed to follow the RBI’s local data storage norm for payment services but has asked for time until December to ensure compliance, a government source had indicated recently.
Critics of data localization argue that the move would have negative effects on the ability of companies to do business in India.
Finance Minister Arun Jaitley recently held a meeting with RBI Deputy Governor BP Kanungo and others to discuss the data localization norm for global financial technology companies.
IT industry body Nasscom said access to information can be ensured irrespective of location of the data. “Access can be provided even if the data is stored outside India. It is not clear how this (data localization mandate) ties in with the overall objective of ensuring enforcement,” Nasscom Senior Director and Head Public Policy Ashish Aggarwal said.
Moreover, the instances of problems being faced in accessing data need to be seen in the larger perspective of total number of transactions.
Nasscom has favored free flow of data, Aggarwal said adding that imposition of conditions that are “onerous and unnecessary” may trigger retaliatory measures from other countries.
In its April monetary policy review, the RBI had said that in order to ensure better monitoring of payment service operators it was important to have “unfettered supervisory access to data stored with these system providers as also with their service providers/ intermediaries/third party vendors and other entities in the payment ecosystem”.
“All system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in India,” it had said.
The RBI had further said that data should include the full end-to-end transaction details, information collected, carried, processed as part of the message, payment instruction. PTI