Reintroduction of the Data Protection Bill: Analysing the Implications for FinTech

– Financial Services Division (finserv@vinodkothari.com)

Background

The Ministry of Electronics and Information Technology (MeitY) introduced the revised draft of the Digital Personal Data Protection Bill, 2022[1] (‘Bill’) on November 18, 2022 for public comments. The Bill is intended to be technology and sector-agnostic and hence, shall serve as a broad guide for digital data protection across all sectors. It is expected that sector-specific regulators shall develop regulations based on the legislation passed based on the said Bill.

In this write-up, we intend to cover the broad prescriptions of the said draft Bill and their impact on the fintech industry.

Read more

Structured Default Guarantees

Analysing prevalent structures and their capital treatment

– Qasim Saif, Senior Manager | qasim@vinodkothari.com

The term that has been grabbing limelight in the world of finance, specifically for non-banking finance would be First Loss Default Guarantees (FLDGs). The growth of the fintech sector in India may be chiefly credited for making FLDGs as the latest buzzword. However, guarantees are not a new innovation; it has been commonly used in the finance sector since ages.

We are organising a Workshop on Emerging Regulatory Framework for NBFCs and digital lending on 19th, 20th and 21st September 2022. See details here – https://vinodkothari.com/2022/09/workshop-emerging-regulatory-framework-for-nbfcs/
Read more

The future of Loan-loaded Prepaid Payment Instruments

Financial Services Division | finserv@vinodkothari.com

The latest communication from the Reserve Bank of India (‘RBI’), barring issuers of prepaid payment instruments (PPIs) from having the same loaded by credit lines, has created a substantial flutter in the financial sector, particularly among the Fintech lenders. Based on the feedback received from market participants it seems that the RBI has been trying to remove any regulatory arbitrage that a non-bank PPI issuer may have as compared to a bank. Considering the gravity of the matter even the Payment Council of India has approached the Government of India to intervene in this matter[1]. There are reports[2] that many of the issuers of PPIs have reportedly stopped issuing PPIs post receiving the RBI circular.

The trigger for all this is a June 20, 2022 communication from the RBI, addressed to certain NBFCs and Fintech lenders, who have been extending credit facilities for loading prepaid cards, stating that prepaid payment instruments (PPIs) must not be loaded through credit lines. The aforesaid communication has raised questions on the existing business model of several fintech entities and threatens their existence. The relevant extract of the said communication states that:

“A reference is invited to the provisions contained in the paragraph 7.5 of the Master Direction on PPI (PPI-MD) dated August 27, 2021 (updated as on November 12, 2021) – “PPIs shall be permitted to be loaded /reloaded by cash debit to a bank account, credit and debit cards, PPIs (as permitted from time to time) and other payment instruments issued by regulated entities in India and shall be in INR only”

The PPI-MD does not permit loading of PPIs from credit lines. Such practices, if followed, should be stopped immediately. Any non-compliance in this regard may attract penal action under provisions contained in the Payment and Settlement Systems Act, 2007

Read more

The emerging concept of embedded finance

In the future will every company be a FinTech company?

finserv@vinodkothari.com

Introduction

Everyone has probably had some form of interaction with the concept of embedded finance while possibly not knowing what it is. This budding concept has its eyes set on massively changing the way business is done.

Today, convenience in trade and commerce is probably the most sought after by customers. The idea of having everything in one place at high speeds is what drives trade in this modern world. This is where embedded finance would come into play.

Embedded Finance (‘EmFi’) is a concept that typically allows non-financial entities to integrate financial services/ products into its own platform through the use of APIs (‘Application Programming Interface’) which is a software intermediary that allows two applications to talk to each other.

Put simply in the form of an example, let’s say you want to purchase a flight ticket. You reach the payment stage and see an option to purchase insurance as well, without having to leave the app you are currently using. This integration of an insurance purchase on a non-financial entities platform is just one small part of the bigger picture of embedded finance.

This article will focus on explaining the concept of embedded finance with specific focus on embedded lending.

Read more

Security Token Offerings & their Application to Structured Finance

Moving to DeFi

– Subhojit Shome, Executive | subhojit@vinodkothari.com

Introduction

As per a Forbes article[1] published in early 2021, DeFi and Security Token Offerings (STO) had scaled new heights with 2020 being “a banner year for capital formation and secondary trading” using security tokens. DeFi applications were reported to be prevalent across 15 countries around the world (including the major developed economies) and 39 of the top 100 largest banks in the world were reportedly working on security tokens or blockchain applications. Expert estimates[2] predict the security tokens industry to surpass the market volume for cryptocurrencies in the next five years and in terms of issue proceeds, the global security token market reaching $3 billion by 2025.

Figure 1: Estimated Growth of Security Token Offerings (STO)[3]

Blockchain-based tokens can be described as digitally scarce units of value the characteristics and circulation of which are prescribed via computer code.[4]

Read more

Financial Services firms foray into the metaverse

Beyond Social Media & Gaming

– Subhojit Shome, Executive | finserv@vinodkothari.com

Introduction

The ‘Metaverse’ has become the latest favourite buzzword on Wall Street with players from Big Tech, Gaming, Entertainment and the FMCG Industries touting it as the best thing to happen since sliced bread.

It is now the turn of the Banking and Financial Services Industry to jump onto the bandwagon and with big ticket traditional players, like JPMorgan and PwC, buying up prime virtual real estate in the metaverse and with revenue estimations from opportunities in the metaverse being projected at $1 trillion and beyond,[1] other players (both traditional and new age) cannot help but take notice.

In this overview, we attempt to provide a bird’s eye view of what the metaverse is and the opportunities that it offers specifically to those involved in the financial services space.

The Many Definitions of the Metaverse

The term – ‘Metaverse’ – is borrowed from American writer, Neal Stephenson’s dystopian sci-fi novel – Snow Crash – wherein it is used to describe a virtual-reality based successor to the internet.[2] 

In the real world context, the term has been variously defined and used, be it by tech gurus or c-suite executives. In general it has come to imply an interactive digital world with online communities providing immersive experiences.

Read more

De-novo Master Directions on PPIs

I. Introduction

The Reserve Bank of India (RBI) on August 27, 2021, issued the Master Directions on Prepaid Payment Instruments[1] (‘Master Directions’) repealing the Master Directions on Issuance and Operation of Prepaid Payment Instruments[2] (‘Erstwhile Master Directions’) with immediate effect. These Master Directions have been issued keeping in mind the recent updates to the Erstwhile Master Directions.

In this write-up we aim to cover the major regulatory changes brought about by the Master Directions.

II. Overview of key changes

1.  Classification of PPIs instruments

The Erstwhile Master Directions classified PPIs into three categories namely closed ended PPIs which could be issued by anyone and required no RBI approval, semi-closed PPIs and open ended PPIs which could be issued only by Banks. The new Master Directions have also classified PPIs in three categories i.e. Closed-ended PPI, Small PPIs and Full-KYC PPIs. However, since closed-ended PPIs are not a part of the payment and settlement system, they are not regulated by the RBI. A brief snapshot of the nature of the other two types of PPIs is presented below:

Basis Small PPI Full KYC PPIs
With cash loading facility Without cash loading facility
Issuer Banks and non-banks after obtaining minimum details of PPI holder (mobile number verified with OTP; self-declaration of name and unique identity/identification number of any OVD) Banks and non-banks after completing KYC of holder
Identification Process Verification of mobile number through an OTP

Self-declaration of name and unique identify number of any OVD as recognized in KYC Master Directions

Video-based Customer Identification Process
Nature of PPI Reloadable and can be issued in electronic form.

 

Electronic payment transactions have been divided into two categories- transactions that do not require physical PPIs and those which require. Hence, even cards could be issued.

Reloadable and can be issued in card or electronic form.

 

Loading/Reloading shall be from a bank account / credit card / full-KYC PPI.

 

Reloadable and can be issued in electronic form.

 

Electronic payment transactions have been divided into two categories- transactions that do not require physical PPIs and those which require. Hence, even cards could be issued.

Maximum amount that can be loaded In a month: INR 10,000

In a year: INR 120,000

No maximum limits
Maximum outstanding amount at any point of time INR 10,000 INR 200,000
Limit on debit during a month INR 10,000 per month No limit No limit
Usage of funds For purchase of goods and services only.

Cash withdrawal or fund transfer not permitted

 

Transfer to source or bank account of PPI holder, other PPIs, debit or credit card permitted subject to:

 

Pre-registered benefit – maximum INR 200,000 per month per beneficiary

 

Other cases – maximum INR 10,000

Cash Withdrawal Not permitted Permitted subject to limits:

 

INR 2000 per transaction and

INR 10,000 per month

Conversion To be converted into full-KYC PPIs within a period of 24 months from the date of issue of the PPI. Small PPI with cash loading can be converted into Small PPI without cash loading, if desired by the PPI holder. Not applicable
Restriction on issuance to a single person Cannot be issued to same person using the same mobile number and same minimum details more than once. No such restriction No such restriction
Closure Funds transferred back to source or Holders bank account after complying with KYC norms

 

Funds transferred to pre-designated bank account or

 

PPIs of the same issuer

 

The concept of ‘Small PPI’ and ‘Full-KYC PPI’ cannot be said to be a new introduction, rather, it is more of a merger of the existing variety of semi closed PPIs in Small PPI and the open ended PPI to Full KYC PPI. However, an important change that has been inserted is the recognition of non-bank PPI issuers to issue Full KYC PPI, who were earlier not allowed to issue open ended PPIs.

2. Validity of Registration

Earlier, the Certificate of Authorisation was valid for five years unless otherwise specified and was subject to review including cancellation of the same. However, under the Master Directions, the authorisation is granted for perpetuity (even for existing authorisation which becomes due for renewal) subject to compliance with the following conditions:

  1. Full compliance with the terms and conditions subject to which authorisation was granted;
  2. Fulfilment of entry norms such as capital, net worth requirements, etc.;
  3. No major regulatory or supervisory concerns related to operations, as observed during onsite and / or offsite monitoring;
  4. Efficacy of customer grievance redressal mechanism;
  5. No adverse reports from other departments of RBI / regulators / statutory bodies, etc.

Also, the concept of ‘cooling period’ was introduced in December 2020[3], for effective utilisation of regulatory resources. PPI issuer whose CoA is revoked or not-renewed for any reason; or CoA is voluntarily surrendered for any reason; or application for authorisation has been rejected by RBI; or new entities that are set-up by promoters involved in any of the above categories; will have a one year cooling period. During the said cooling period, entities shall be prohibited from submission of applications for operating any payment system under the PSS Act.

3. Cross border transactions in Indian denomination

The Erstwhile Master Directions provided that Cross Border Transactions in INR denominated PPIS was allowed only by way of KYC compliant semi-closed and open PPIs which met the conditions specified therein. However, under the Master Directions, such issuances have been permitted only in the form of Full-KYC PPI and other conditions as prescribed earlier have not been altered.

4. Maintenance of Current Account

Apart from maintaining an escrow account with a scheduled commercial bank, non-bank PPI issuer that is a member of the Centralised Payment Systems operated by RBI i.e. non-bank issuers as covered under Master Directions on Access Criteria for Payment Systems[4] which have been allowed to access Real Time Gross Settlement (RTGS) System and National Electronic Fund Transfer (NEFT) Systems and any other such systems as provided by RBI, shall also be required to maintain a current account with the RBI.

Transfer from and to such current account is permitted to be credited or debited from the escrow account maintained by the PPIs.

5. Ensuring additional safety norms

  • To ensure safety and security, PPIs issuers are now required to put in place a Two Factor Authentication (2FA) in place for all wallet transactions involving debit to wallet transactions including cash withdrawals. However, it is not mandatory in case of PPI-MTS and gift PPIs.
  • The Erstwhile Master Directions required PPI issuers to put in place a mechanism to send alerts to the PPI holder regarding debit/credit transactions, balance available /remaining in the PPI. In addition to the same, the Master Directions now require issuers to send alerts to the holder even in case of offline transactions. The issuer may send a common alert for all transactions as soon as the issuer receives such information. Separate alerts for each transaction shall not be required.

6. Miscellaneous

  • In case of co-branding, additionally it has been specified that the co-branding partner can also be a Government department / ministry.
  • The Erstwhile Master Directions provided banks and non-banks a period of 45 days to apply to the Department of Payment and Settlement Systems (DPSS) after obtaining the clearance under the Payment and Settlement Systems Act, 2007. The same has now been reduced to 30 days from obtaining such clearance.
  • In addition to the satisfactory system audit report and net worth certificate, RBI also requires issuers to submit a due diligence report for granting final Certificate of Authorisation (CoA).
  • Transfer of funds back to source account in case of Gift PPIs has been allowed after receiving the consent of the PPI holder.
  • To improve customer protection and grievance redressal, the Master Directions have provided customers of non-bank PPI issuers to have recourse to the Ombudsman Scheme for Digital Transactions.

7. Effect on existing issuers

The timeline for complying with the minimum positive net-worth of 15 crores by non-bank PPI issuers has been extended and shall now be met with by September 30, 2021 instead of March 31, 2020. Non-bank issuers shall submit the provisional balance sheet indicating the positive net-worth and CA certificate to the RBI on or before October 30, 2021, failing which they may not be permitted to carry on their business.

III. Conclusion

In this write-up we have aimed to cover the gist of changes introduced in the Master Directions as compared to the Erstwhile Master Directions. The changes made in the regulatory framework for the PPIs have created a level playing field for banks and non-banks, especially, with respect to issuance of full KYC PPIs. Comparatively, the new directions are way more liberal than the earlier one, which only indicates how bullish the regulator must be with respect to PPIs.

 

[1] https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12156#MD

[2] https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=11142

[3] https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12001&Mode=0

[4] MD51170116C65788DE8A564165B74D5FECE0626A73.PDF (rbi.org.in)

Payment and Settlement Systems: A Primer

– Siddarth Goel (finserv@vinodkothari.com)

Introduction

A payment denotes the performance or discharge of an obligation to pay, which may or may not involve money transfer. Payment is therefore a financial obligation in whatever parties have agreed constituting a payment. A payment and settlement system could be understood as a payments market infrastructure that facilitates the flow of funds in satisfaction of a financial obligation. The need for a payment system is an integral part of commerce. From the use of a payment system in an e-commerce purchase, a debit or credit card fund transfer, stock or share purchase. The payment obligation can also be settled without the presence of any financial intermediary (peer-to-peer). The payment transaction need not always be settled in money, it could be settled in security, commodity, or any other obligation as may be decided by payment system participants.

One of the earlier known payment mechanisms was the barter system. With the evolution of civilisation, the world moved to a system supported by tokens and coins that are still prevalent and are widely used as the mode of payment. The payment mechanism supported by physical currency notes or coins is simple, as it offers peer-to-peer, real-time settlement of obligation between the parties, by way of physical transfer of note or coin from one party to another.

In contemporary electronic payment systems, the manner of flow of funds from one payment system participant to another is central to the security, transparency, and stability of the payment system and financial system as a whole. The RBI’s main objective is to maintain public confidence in payment and settlement systems, while the other function being to upgrade and introduce safe and efficient modes of payment systems. The RBI is also the banker to all scheduled banks and maintains bank accounts on their behalf.  All the scheduled commercial banks have access to a central payment system operated by RBI. Thereby banks have access to liquidity funding line with RBI which have been discussed later in this chapter.

Electronic payments usually involve the transfer of funds via money in bank deposits. While securities settlement system involves trade in financial instruments namely; bonds, equities, and derivatives. The implementation of sound and efficient payment and securities settlement systems is essential for financial markets and the economy. The payment system provides money as a means of exchange, as central banks are in control of supplying money to the economy which cannot be achieved without public confidence in the systems used to transfer money. It is essential to maintain stability of the financial systems, as default under very large value transfers create the possibilities of failure that could cause broader systemic risk to other financial market participants. There is a presence of negative externality that can emanate from a failure of a key participant in the payment system.[1]

Read more

Understanding regulatory intricacies of Payment Aggregator business

-Siddarth Goel (finserv@vinodkothari.com)

Abstract

The penetration of electronic retail payments has witnessed a steep surge in the overall payment volumes during the latter half of the last decade. One of the reasons accorded to this sharp rise in electronic payments is the exponential growth in online merchant acquisition space. An online merchant is involved in marketing and selling its goods and/or services through a web-based platform. The front-end transaction might seem like a simple buying-selling transaction of goods or services between a buyer (customer) and a seller (merchant). However, the essence of this buying-selling transaction lies in the payment mode or methodology of making/accepting payments adopted between the customer and the merchant. One of the most common ways of payment acceptance is that the merchant establishes its own payment integration mechanism with a bank such that customers are enabled to make payments through different payment instruments. In such cases, the banks are providing payment aggregator services, but the market is limited usually to the large merchants only. Alternatively, merchants can rely upon third-party service providers (intermediary) that facilitate payment collection from customers on behalf of the merchant and thereafter remittance services to the merchant at the subsequent stage – this is regarded as a payment aggregation business.

The first guidelines issued by the RBI governing the merchant and payment intermediary relationship was in the year 2009[1]. Over the years, the retail payment ecosystem has transformed and these intermediaries, participating in collection and remittance of payments have acquired the market-used terminology ‘Payment Aggregators’. In order to regulate the operations of such payment intermediaries, the RBI had issued detailed Guidelines on Regulation of Payment Aggregators and Payment Gateways, on March 17, 2020. (‘PA Guidelines’)

The payment aggregator business has become a forthcoming model in the online retail payments ecosystem. During an online retail payment by a customer, at the time of checkout vis-à-vis a payment aggregator, there are multiple parties involved. The contractual parties in one single payment transaction are buyer, payment aggregator, payment gateway, merchant’s bank, customer’s bank, and such other parties, depending on the payment mechanism in place. The rights and obligations amongst these parties are determined ex-ante, owing to the sensitivity of the payment transaction. Further, the participants forming part of the payment system chain are regulated owing to their systemic interconnectedness along with an element of consumer protection.

This write-up aims to discuss the intricacies of the regulatory framework under PA Guidelines adopted by the RBI to govern payment aggregators and payment gateways operating in India. The first part herein attempts to depict growth in electronic payments in India along with the turnover data by volumes of the basis of payment instruments used. The second part establishes a contrast between payment aggregator and payment gateway and gives a broad overview of a payment transaction flow vis-à-vis payment aggregator. The third part highlights the provisions of the PA Guidelines and establishes the underlying internationally accepted best principles forming the basis of the regulation. The principles are imperative to understand the scope of regulation under PA Guidelines and the contractual relationship between parties forming part of the payment chain.

Market Dynamics

The RBI in its report stated that the leverage of technology through the use of mobile/internet electronic retail payment space constituted around 61% share in terms of volume and around 75% in share in terms of value during FY 19-20.[2] The innovative payment instruments in the retail payment space, have led to this surge in electronic payments. Out of all the payment instruments, the UPI is the most innovative payment instrument and is the spine for growth in electronic payments systems in India. Chart 1 below compares some of the prominent payment instruments in terms of their volumes and overall compounded annual growth rate (CAGR) over the period of three years.

The payment system data alone does not show the complete picture. In conformity with the rise in electronic payment volumes, as per the Government estimates the overall online retail market is set to cross the $ 200 bn figure by 2026 from $ 30 bn in 2019, at an expected CAGR of 30 %.[4] India ranks No. 2 in the Global Retail Development Index (GRDI) in 2019. It would not be wrong to say, the penetration of electronic payments could be due to the presence of more innovative products, or the growth of online retail has led to this surge in electronic payments.

What are Payment Aggregators and Payment Gateways?

The terms Payment Aggregator (‘PA’) and Payment Gateways (‘PG’) are at times used interchangeably, but there are differences on the basis of the function being performed. Payment Aggregator performs merchant on-boarding process and receives/collects funds from the customers on behalf of the merchant in an escrow account. While the payment gateways are the entities that provide technology infrastructure to route and/or facilitate the processing of online payment transactions. There is no actual handling of funds by the payment gateway, unlike payment aggregators. The payment aggregator is a front-end service, while the payment gateway is the back-end technology support. These front-end and back-end services are not mutually exclusive, as some payment aggregators offer both. But in cases where the payment aggregator engages a third-party service provider, the payment gateways are the ‘outsourcing partners’ of payment aggregators. Thereby such payments are subject to RBI’s outsourcing guidelines.

PA Transaction Flow

One of the most sought-after electronic payments in the online buying-selling marketplace is the payment systems supported by PAs. The PAs are payment intermediaries that facilitate e-commerce sites and merchants in accepting various payment instruments from their customers. A payment instrument is nothing but a means through which a payment order or an instruction is sent by a payer, instructing to pay the payee (payee’s bank). The familiar payment instruments through which a payment aggregator accepts payment orders could be credit cards, debit cards/PPIs, UPI, wallets, etc.

Payment aggregators are intermediaries that act as a bridge between the payer (customer) and the payee (merchant). The PAs enable a customer to pay directly to the merchant’s bank through various payment instruments. The process flow of each payment transaction between a customer and the merchant is dependent on the instrument used for making such payment order. Figure 1 below depicts the payment transaction flow of an end-to-end non-bank PA model, by way of Unified Payment Interface (UPI) as a payment instrument.

In an end-to-end model, the PA uses the clearing and settlement network of its partner bank. The clearing and settlement of the transaction are dependent on the payment instrument being used. The UPI is the product of the National Payments Corporation of India (NPCI), therefore the payment system established by NPCI is also quintessential in the transaction. The NPCI provides a clearing and settlement facility to the partner bank and payer’s bank through the deferred settlement process. Clearing of a payment order is transaction authorisation i.e., fund verification in the customer’s bank account with the payer’s bank. The customer/payer bank debits the customer’s account instantaneously, and PA’s bank transfers the funds to the PA’s account after receiving authorisation from NPCI. The PA intimates the merchant on receipt of payment and the merchant ships the goods to the customer. The inter-bank settlement (payer’s bank and PA’s partner bank) happens at a later stage via deferred net-settlement basis facility provided by the NPCI.

The first leg of the payment transaction is settled between the customer and PA once the PA receives the confirmation as to the availability of funds in the customer’s bank account. The partner bank of PA transfers the funds by debiting the account of PA maintained with it. The PA holds the exposure from its partner bank, and the merchant holds the exposure from the PA. This explains the logic of PA Guidelines, stressing on PAs to put in place an escrow mechanism and maintenance of ‘Core Portion’ with escrow bank. It is to safeguard the interest of the merchants onboarded by the PA. Nevertheless, in the second leg of the transaction, the merchant has its right to receive funds against the PA as per the pre-defined settlement cycle.

Regulatory approach towards PAs and PGs

The international standards and best practices on regulating Financial Market Infrastructure (FMI) are set out in CPSS-IOSCO principles of FMI (PFMI).[5] A Financial Market Infrastructure (FMI) is a multilateral system among participating institutions, including the operator of the system. The consumer protection aspects emerging from the payment aggregation business model, are regulated by these principles. Based on CPSS-IOSCO principles of (PFMI), the RBI has described designated FMIs, and released a policy document on regulation and supervision of FMIs in India under its regulation on FMIs in 2013.[6] The PFMI stipulates public policy objectives, scope, and key risks in financial market infrastructures such as systemic risk, legal risk, credit risk, general business risks, and operational risk. The Important Retail Payment Systems (IRPS) are identified on the basis of the respective share of the participants in the payment landscape.  The RBI has further sub-categorised retail payments FMIs into Other Retail Payment Systems (ORPS). The IRPS are subjected to 12 PFMI while the ORPS have to comply with 7 PFMIs. The PAs and PGs fall into the category of ORPS, regulatory principles governing them are classified as follows:

These principles of regulation are neither exclusive nor can said to be having a clear distinction amongst them, rather they are integrated and interconnected with one another. The next part discusses the broad intention of the principles above and the supporting regulatory clauses in PA Guidelines covering the same.

Legal Basis and Governance framework

The legal basis principle lays the foundation for relevant parties, to define the rights and obligations of the financial market institutions, their participants, and other relevant parties such as customers, custodians, settlement banks, and service providers. Clause 3 of PA Guidelines provides that authorisation criteria are based primarily on the role of the intermediary in the handling of funds. PA shall be a company incorporated in India under the Companies Act, 1956 / 2013, and the Memorandum of Association (MoA) of the applicant entity must cover the proposed activity of operating as a PA forms the legal basis. Henceforth, it is quintessential that agreements between PA, merchants, acquiring banks (PA’s Partners Bank), and all other stakeholders to the payment chain, clearly delineate the roles and responsibilities of the parties involved. The agreement should define the rights and obligations of the parties involved, (especially the nodal/escrow agreement between partner bank and payment aggregator). Additionally, the agreements between the merchant and payment aggregator as discussed later herein are fundamental to payment aggregator business. The PA’s business rests on clear articulation of the legal basis of the activities being performed by the payment aggregator with respect to other participants in the payment system, such as a merchant, escrow banks, in a clear and understandable way.

Comprehensive Management of Risk

The framework for the comprehensive management of risks provides for integrated and comprehensive view of risks. Therefore, this principle broadly entails comprehensive risk policies, procedures/controls, and participants to have robust information and control systems. Another connecting aspect of this principle is operational risk, arising from internal processes, information systems and disruption caused due to IT systems failure. Thus there is a need for payment aggregator to have robust systems, policies to identify, monitor and manage operational risks. Further to ensure efficiency and effectiveness, the principle entails to maintain appropriate standards of safety and security while meeting the requirements of participants involved in the payment chain. Efficiency is resources required by such payment system participants (PAs/PGs herein) to perform its functions. The efficiency includes designs to meet needs of participants with respect to choice of clearing and settlement transactions and establishing mechanisms to review efficiency and effectiveness. The operational risk are comprehensively covered under Annex 2 (Baseline Technology-related Recommendation) of the PA Guidelines. The Annex 2, inter alia includes, security standards, cyber security audit reports security controls during merchant on-boarding. These recommendations and compliances under the PA Guidelines stipulates standard norms and compliances for managing operational risk, that an entity is exposed to while performing functions linked to financial markets.

KYC and Merchant On-boarding Process

An important aspect of payment aggregator business covers merchant on-boarding policies and anti-money laundering (AML) and counter-terrorist financing (CFT) compliance. The BIS-CPSS principles do not govern within its ambits certain aspects like AML/CFT, customer data privacy. However, this has a direct impact on the businesses of the merchants, and customer protection. Additionally, other areas of regulation being data privacy, promotion of competition policy, and specific types of investor and consumer protections, can also play important roles while designing the payment aggregator business model. Nevertheless, the PA Guidelines provide for PAs to undertake KYC / AML / CFT compliance issued by RBI, as per the “Master Direction – Know Your Customer (KYC) Directions” and compliance with provisions of PML Act and Rules. The archetypal procedure of document verification while customer on-boarding process could include:

  • PA’s to have Board approved policy for merchant on-boarding process that shall, inter-alia, provide for collection of incorporation certificates, constitutional document (MoA/AoA), PAN and financial statements, tax returns and other KYC documents from the merchant.
  • PA’s should take background and antecedent checks of the merchants, to ensure that such merchants do not have any malafide intention of duping customers, do not sell fake/counterfeit/prohibited products, etc.

PAs shall ensure that the merchant’s site shall not save customer’s sensitive personal data, like card data and such related data. Agreement with merchant shall have provision for security/privacy of customer data.

Settlement and Escrow

The other critical facet of PA business is the settlement cycle of the PA with the merchants and the escrow mechanism of the PA with its partner bank. Para 8 of PA Guidelines provide for non-bank PAs to have an escrow mechanism with a scheduled bank and also to have settlement finality. Before understanding the settlement finality, it is important to understand the relevance of such escrow mechanisms in the payment aggregator business.

Escrow Account

Surely there is a bankruptcy risk faced by the merchants owing to the default by the PA service provider. This default risk arises post completion of the first leg of the payment transaction. That is, after the receipt of funds by the PA from the customer into its bank account. There is an ultimate risk of default by PA till the time there is final settlement of amount with the merchant. Hence, there is a requirement to maintain the amount collected by PA in an escrow account with any scheduled commercial bank. All the amounts received from customers in partner bank’s account, are to be remitted to escrow account on the same day or within one day, from the date amount is debited from the customer’s account (Tp+0/Tp+1). Here Tp is the date on which funds are debited from the customer’s bank account.  At end of the day, the amount in escrow of the PA shall not be less than the amount already collected from customer as per date of debit/charge to the customer’s account and/ or the amount due to the merchant. The same rules shall apply to the non-bank entities where wallets are used as a payment instrument.[7] This essentially means that PA entities should remit the funds from the PPIs and wallets service provider within same day or within one day in their respective escrow accounts. The escrow banks have obligation to ensure that payments are made only to eligible merchants / purposes and not to allow loans on such escrow amounts. This ensures ring fencing of funds collected by the PAs, and act as a deterrent for PAs from syphoning/diverting the funds collected on behalf of merchants. The escrow agreement function is essentially to provide bankruptcy remoteness to the funds collected by PA’s on behalf of merchants.

Settlement Finality

Settlement finality is the end-goal of every payment transaction. Settlement in general terms, is a discharge of an obligation with reference of the underlying obligation (whatever parties agrees to pay, in PA business it is usually INR). The first leg of the transaction involves collection of funds by the PA from the customer’s bank (originating bank) to the PA escrow account. Settlement of the payment transaction between the PA and merchant, is the second leg of the same payment transaction and commences once funds are received in escrow account set up by the PA (second leg of the transaction).

Settlement finality is the final settlement of payment instruction, i.e. from the customer via PA to the merchant. Final settlement is where a transfer is irrevocable and unconditional. It is a legally defined moment, hence there shall be clear rules and procedures defining the point of settlement between the merchant and PA.

For the second leg of the transaction, the PA Guidelines provide for different settlement cycles:

  1. Payment Aggregator is responsible for the delivery of goods/service– The settlement cycle with the merchant shall not be later than one day from the date of intimation to PA of shipment of goods by the merchant.
  2. Merchant is responsible for delivery– The settlement cycle shall not be later than 1 day from the date of confirmation by the merchant to PA about delivery of goods to the customer.
  3. Keeping the amount by the PA till the expiry of refund period– The settlement cycle shall not be later than 1 day from the date of expiry of the refund period.

These settlement cycles are mutually exclusive and the PA business models and settlement structure cycle with the merchants could be developed by PAs on the basis of market dynamics in online selling space. Since the end-transaction between merchant and PA is settled on a contractually determined date, there is a deferred settlement, between PA and the merchant.  Owing to the rules and nature of the relationship (deferred settlement) is the primary differentiator from the merchants proving the Delivery vs. Payment (DvP) settlement process for goods and services.

Market Concerns

Banks operating as PAs do not need any authorisation, as they are already part of the the payment eco-system, and are also heavily regulated by RBI. However, owing to the sensitivity of payment business and consumer protection aspect non-bank PA’s have to seek RBI’s authorisation. This explains the logic of minimum net-worth requirement, and separation of payment aggregator business from e-commerce business, i.e. ring-fencing of assets, in cases where e-commerce players are also performing PA function. Non-bank entities are the ones that are involved in retail payment services and whose main business is not related to taking deposits from the public and using these deposits to make loans (See. Fn. 7 above).

However, one could always question the prudence of the short timelines given by the regulator to existing as well as new payment intermediaries in achieving the required capital limits for PA business. There might be a trade-off between innovations that fintech could bring to the table in PA space over the stringent absolute capital requirements. While for the completely new non-bank entity the higher capital requirement (irrespective of the size of business operations of PA entity) might itself pose a challenge. Whereas, for the other non-bank entities with existing business activities such as NBFCs, e-commerce platforms, and others, achieving ring-fencing of assets in itself would be cumbersome and could be in confrontation with the regulatory intention. It is unclear whether financial institutions carrying financial activities as defined under section 45 of the RBI Act, would be permitted by the regulator to carry out payment aggregator activities. However, in doing so, certain additional measures could be applicable to such financial entities.

Conclusion

The payment aggregator business models in India are typically based on front-end services, i.e. the non-bank entitles are aggressively entering into retail payment businesses by way of providing direct services to merchants. The ability of non-bank entitles to penetrate into merchant onboarding processes, has far overreaching growth potential than merchant on-boarding processes of traditional banks. While the market is at the developmental stage, nevertheless there has to be a clear definitive ex-ante system in place that shall provide certainty to the payment transactions. The CPSS-IOSCO, governing principles for FMIs lays down a good principle-based governing framework for lawyers/regulators and system participants to understand the regulatory landscape and objective behind the regulation of payment systems. PA Guidelines establishes a clear, definitive framework of rights between the participants in the payment system, and relies strongly on board policies and contractual arrangements amongst payment aggregators and other participants. Therefore, adequate care is necessitated while drafting escrow agreements, merchant-on boarding policies, and customer grievance redressal policies to abide by the global best practices and meet the objective of underlying regulation. In hindsight, it will be discovered only in time to come whether the one-size-fits-all approach in terms of capital requirement would prove to be beneficial for the overall growth of PA business or will cause a detrimental effect to the business space itself.

 

[1] RBI, Directions for opening and operation of Accounts and settlement of payments for electronic payment transactions involving intermediaries, November 24, 2009. https://www.rbi.org.in/scripts/NotificationUser.aspx?Mode=0&Id=5379

[2] Payment Systems in India – Booklet (rbi.org.in)

[3] https://m.rbi.org.in/Scripts/AnnualReportPublications.aspx?Id=1293

[4] https://www.investindia.gov.in/sector/retail-e-commerce

[5] The Bank for International Settlements (BIS), Committee on Payment and Settlement Systems (CPSS) and International Organisation of Securities Commissions (IOSCO) published 24 principles for financial market infrastructures and  and responsibilities of central banks, market regulators and other authorities. April 2012 <https://www.bis.org/cpmi/publ/d101a.pdf>

[6]Regulation and Supervision of Financial Market Infrastructures, June 26, 2013 https://www.rbi.org.in/scripts/bs_viewcontent.aspx?Id=2705

[7] CPMI defines non-banks as “any entity involved in the provision of retail payment services whose main business is not related to taking deposits from the public and using these deposits to make loans”  See, CPMI, ‘Non-banks in retail Payments’, September 2014, available at <https://www.bis.org/cpmi/publ/d118.pdf>

 

Our other related articles:

Overview of Regulatory Framework of Payment and Settlement Systems in India by Anita Baid – Vinod Kothari Consultants

RBI to regulate operation of payment intermediaries – Vinod Kothari Consultants

Major recommendations of the Committee on Payment Systems on Payment and Settlement System Bill, 2018 – Vinod Kothari Consultants

Factoring Law Amendments backed by Standing Committee

-Megha Mittal 

[finserv@vinodkothari.com]

In the backdrop of the expanding transaction volumes, and with a view to address the still prevalent delays in payments to sellers, especially MSMEs, the Factoring Regulation (Amendment) Bill, 2020 (‘Amendment Bill’) was introduced in September, 2020, so as to create a broader and deeper liquid market for trade receivables.

The proposed amendments have been reviewed and endorsed by the Standing Committee of Finance chaired by Shri. Jayant Sinha, along with some key recommendations and suggestions to meet the objectives as stated above.  In this article, we discuss the observations and recommendations of the Standing Committee Report  in light of the Amendment Bill.

Read more