The Reserve Bank of India (RBI) ban on Mastercard Asia Pacific to onboard new debit, credit or prepaid card customers has come into effect from 22 July. India’s central bank pulled the plug on Mastercard over non-compliance with directions on the “storage of payment system data” that mandates all system providers to store entire data of domestic customers relating to payment systems only in India. “Mastercard shall advise all card-issuing banks and non-banks to conform to these directions,” the RBI said.
In April 2018, the RBI had issued a circular notifying all payment networks to store data locally, including end-to-end transaction details, and information collected, carried, and processed as part of the message or payment instruction. The monetary authority directed the companies to report compliance and submit an audit report conducted by a CERT-In empanelled auditor “within the timelines specified therein.” The central bank initially gave companies six months to comply with the directions.
“Notwithstanding (the) lapse of considerable time and adequate opportunities being given, the entity has been found to be non-compliant with the directions on Storage of Payment System Data,” the RBI said in a release last week.
Mastercard is the third major payment system operator to face restrictions for non-compliance with RBI’s local data storage rules. The RBI had imposed similar restrictions on American Express Banking Corp and Discover Financial Services’ Diners Club card from 1 May for violating data storage norms. While Mastercard has been barred from onboarding new customers from 22 July, the restrictions will not impact existing customers.
Mastercard has a 33% share in India as against Visa’s 45%. Reports suggest that a ban on Mastercard is likely to create a monopoly of Visa in India’s credit card market since indigenous Rupay remains a major player only in the debit card market.