"It has been decided not to grant any further extension of time. Accordingly, banks not complying with the requirements shall compensate loss, if any, incurred by the card holder using card at POS (points of sale) terminals not adhering to the mandated standards," RBI said in a notification.
In this context, it said, since the credit card holder would be approaching the card issuing bank for any fraudulent POS transaction in India which have occurred after September 30, 2013), the bank should claim the amount paid by it to the customer from the respective bank which have acquired the POS transaction in question.
The credit card issuing bank would ascertain, within three working days from the date of card holder approaching the bank, whether the respective POS terminal where the said transaction occurred is compliant with mandated security features, it said.
In the event it is found that the POS terminals are non-compliant as mandated, it said, the issuing bank shall pay the disputed amount to the customer within seven working days, failing which a compensation of Rs 100 per day will be payable to the customer from the eighth working day.
The acquiring banks have to pay the amount paid by the bank without doubt within three working days of the issuing bank raising the claim, failing which the RBI would be constrained to compensate the issuing bank by debiting the account of the acquiring bank maintained with the bank, it said.
"RBI will also consider invoking the penal provisions under the Payment and Settlement Systems Act, 2007 for banks that have failed to adhere to the timeline of September 30," it said.
The notification further said it was also clearly emphasised in circular dated June 24, 2013 that no further extensions would be granted.
In addition, it was also indicated that in the event of a customer complaining of misuse of credit card after the date stipulated in this circular, the issuer or the acquirer who has not adhered to the timelines should bear the loss, it added.