Credit and Finance for MSMEs: "RBI has the right to ensure financial data is not hacked and protect the data of the consumer but not the way they are trying to do by regulating merchants,” said Dr Aruna Sharma, Former Secretary, Government of India.
Credit and Finance for MSMEs: The Reserve Bank of India’s framework for processing of e-mandates for recurring online transactions and guidelines related to the Payment Aggregators and Payment Gateways (PAPG) to address data security and privacy concerns will lead to challenges for not just payment aggregators, gateways, but also merchants, small businesses, banks, and others, according to experts. Empower India, a think tank, in a webinar organised to propose recommendations to enable uninterrupted payments experiences for customers noted that compliance to these guidelines might potentially cause the frequent occurrence of fraudulent activities, result in transaction failures, reduce consumer choice and portability, hamper user experience and customer satisfaction, and limit product innovation. “This not only creates challenges for payment aggregators and payment gateways but also banks, subscription-based services, a wide range of merchants and small business owners, and even the consumers,” the think tank said.
“When it comes to the data privacy issue, unless there’s a huge leak, the regulation should not operate in a heavy-handed manner. We have a huge cash economy and digital payments is the only way to tackle that. RBI has the right to ensure financial data is not hacked and protect the data of the consumer but not the way they are trying to do by regulating merchants,” said Dr Aruna Sharma, Former Secretary, Government of India.
Empower India noted that as per the RBI guidelines, starting September 30, 2021, banks need to notify their customers before and after any recurring debit and this requirement is agnostic of the payment mode. “This comes with a fair share of drawbacks as the e-mandate only addresses a small section of the merchant community. Moreover, the RBI also released the PAPG guidelines to address data security and privacy concerns behind storing card-on-file (COF) data that does not allow merchant sites to save customer card details.”
These guidelines create an “unusual situation for merchants and payment aggregators” who would be tackling consumer grievances while they won’t be able to resolve them until banks and card networks work towards implementing their solutions. While security and privacy concerns are justified, these issues will have to be weighed against the practicality and convenience provided by digital transactions. The think tank added that if merchants and payment aggregators are not allowed to store card on file details, there will be no way for them to offer seamless payment solutions for recurring and single-click online payments. This would make it difficult for the end-consumers to enter the details manually for every transaction. This will make digital transactions tedious, time-consuming, and inconvenient, and deter a large number of customers, according to Empower India.
“Overregulation of security and e-commerce will leave room for only 3-4 big players who can comply. India often ends up killing big industry via over-regulation. The Indian government should learn from other countries and how they have regulated such companies in the digital payments space in a balanced manner and not do it like China. Retaining flexibility is important for India to grow,” said Montek Singh Ahluwalia, Former Chairman, Planning Commission of India.