India’s Central Bank Holds Firm On Data Storage Mandate

The central bank will not budge.

Reuters reports that India’s central bank is “standing firm” on a push to keep payments-related consumer data within the country’s borders.

On the other side of the equation? Companies based in the United States that contend the directive would be costly, were they to comply — costly to the tune of millions of dollars.

The newswire stated the mandate in India may have a ripple effect and may push the needle toward a similar walling in of data.

As noted, the Reserve Bank of India (RBI) has a directive in place that says payments-related data needs to be stored only within India’s borders, as such actions allow for “better monitoring” of data and means data is in proximity that allows for “unfettered supervisory access.”

Card giants, including Mastercard, Visa and American Express, are lobbying to soften those requirements. The appeals have been rebuffed by the central bank, which said the compliance is mandatory. That trio of U.S. companies has said millions of dollars will have to be spent in the region in order to get local data centers up and running.

An unnamed source told Reuters “there is a feeling of helplessness, and we will have to comply.” U.S. sources also stated efforts to cut down on fraud would be stymied and that they should be allowed to maintain backups of that aforementioned data — located outside India. The moves come as India increasingly is showing traction in efforts to move beyond cash toward plastic and digital means of moving money.

Mastercard said it would work with the central bank to “to understand their need for access to domestic data and work towards a solution that meets the regulatory requirements.” The other card peers declined comment. In the past, Visa CEO Alfred Kelly stated the six-month compliance timeframe was “tough.”

The move is not without precedent, as China had also put forth regulations last year mandating that firms must bring their data and store it within that country too, though Reuters pointed out that the card companies do not have operations in the domestic market there.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.