Mumbai: The Reserve Bank of India (
RBI) has restricted American Express (AmEx) and Diners Club International Ltd. from adding new domestic customers from May 1, 2021, for not following the rules on 'Storage of Payment System Data.'
The two companies were found not following the RBI's directions on ensuring that data of transactions, payments, instructions, and customer information collected by them is stored in a system within India.
A statement issued by the bank said that American Express and Diners Club are Payment System Operators authorised to operate card networks in the country under the Payment and Settlement Systems Act, 2007 (PSS Act). The RBI has taken action under Section 17 of the PSS Act.
Read moreAccording to the terms of RBI's circular on 'Storage of Payment System Data' dated April 6, 2018, all payment system providers were to ensure that within a period of six months, the entire data related to their daily operations are stored in a system only in India.
Also, they were required to report compliance to RBI and submit a Board-approved System Audit Report (SAR) conducted by a CERT-In empanelled auditor within the timelines specified in the guidelines.
Read moreThe two companies were the entrants in India and had established themselves as trusted names, especially among the affluent sections of the society, before the arrival of Visa and Master Card.
In addition, they were also required to submit a Board-approved System Audit Report (SAR) and report compliance to the federal bank, as per a circular dated 2018.
RBI stated, "In terms of RBI circular on Storage of Payment System Data dated April 6, 2018, all Payment System Providers were directed to ensure that within a period of six months the entire data (full end-to-end transaction details/information collected/carried/processed as part of the message/payment instruction) relating to payment systems operated by them is stored in a system only in India."
"They were also required to report compliance to RBI and submit a Board-approved System Audit Report (SAR) conducted by a CERT-In empanelled auditor within the timelines specified therein," the statement added.
