Data related to payments to be stored only in India: RBI
The Reserve Bank Wednesday said all data related to payments must be stored only in India and data processed abroad will have to be brought back to the country within 24 hours.
"The entire payment data shall be stored in systems located only in India...," the RBI said in its FAQs on certain implementation issues raised by the Payment System Operators (PSOs).
The FAQs further said there is no bar on processing of payment transactions outside India if so desired by the PSOs.
"However, the data shall be stored only in India after the processing. The complete end-to-end transaction details should be part of the data," the RBI said.
The RBI had issued a directive in April 2018 on 'Storage of Payment System Data'. It had advised all system providers to ensure that within a period of six months, payment data relating to Indian users should be stored in a system only in India.
In case the processing is done abroad, "the data should be deleted from the systems abroad and brought back to India not later than the one business day or 24 hours from payment processing, whichever is earlier".
During the six months, after RBI's data localisation directive, the scrutiny was concentrated on US payment players who have reached out to the Ministry of Finance and the Ministry of Electronics and Information Technology (MeitY) at multiple occasions, and have been lobbying to seek dilution of the RBI directive.
In October, electronic payment companies operating in India had to comply, and submit a report to the RBI on its directive to store payments data pertaining to Indian users within the country. These companies were also requested to get their systems audited by an external auditor and submit a compliance report by December this year.
Last week, the issue of data localisation was raised by several ecommerce firms during their meetings with Commerce and Industry Minister Piyush Goyal.