“One of history’s few iron laws is that luxuries tend to become necessities and to spawn new obligations.”
When Barclays opened the world’s first ATM in 1967, it was marketed as a revolutionary robot-cashier. It was a luxury available to a few. Now it’s a necessity. Especially in India which only has 14.72 bank branches per 1,00,000 adults – making ATMs the only way to access cash for many Indians.
Fintech services like buy-now-pay-later (BNPL) which seem like luxuries now may similarly permeate our saving, spending, and borrowing habits. Much like the ATM, they too are becoming necessary to keep the financial services ecosystem going. This will of-course give rise to new obligations for each participant in the ecosystem. Regulators must keep up with technological advancement to regulate effectively. Banks and payment companies must build features to avoid payment frauds, prevent money-laundering and ensure compliance with evolving regulations.
Welcome to another edition of FinTales – your monthly dose of all things fintech. On the FinTales menu today is a three-course meal.
Appetizers: bite-sized snackable updates about recent fintech developments.
Main-Course: meatier stories on BNPL, data localisation, merchant’s role in payments regulation, and offline digital payments.
Dessert: a sweet change in Aadhaar e-KYC norms.
Napkins tucked, let’s start.
************************************************************************
The appetizers
Pay with UPI when you visit Marina Bay Sands next year
Last month, RBI announced its partnership with the Monetary Authority of Singapore (MAS) to link UPI and PayNow. PayNow is MAS’s peer-to-peer retail payment solution. The partnership will enable instant, seamless and low-cost cross-border payments (between Indian and Singaporean residents). And obviate the need to onboard UPI users on PayNow and vice-versa. The linkage is expected to go live by July 2022.
RBI welcomes innovation to tackle financial frauds
The theme for the fourth cohort of RBI’s regulatory sandbox is prevention and mitigation of financial frauds. RBI hopes that fintech companies will use this opportunity to design tools for quicker detection and prevention of frauds.
RBI gives a boost to digital payments with increase in IMPS limits
The RBI increased the transaction limit for IMPS from Rs. 2 lakhs to Rs. 5 lakhs. Before this, transactions above Rs. 2 lakhs could only be routed through RTGS and NEFT. But IMPS has the best features of both RTGS and NEFT. So this change will give another leg-up to digital payments.
RBI issues first banking license in six years
RBI has issued a small finance bank license to a consortium of Centrum Financial Services Limited and BharatPe. The bank will be called the Unity Small Finance Bank. This is the first time that a payments start-up has managed to obtain a rare banking license from the RBI.
************************************************************************
The main-course
BNPL: a buyer’s paradise, a regulator’s blur, or both?
The reason for BNPL’s success is simple: it is a perfectly timed point-of-sale loan which lets you access credit when you need it. It makes the ‘payment’ experience invisible (air quotes on ‘payment’ because BNPL is a short-term unsecured debt packaged as a payment option). To make the most of this opportunity, last month BharatPe launched BNPL for micro-purchases through its mobile application PostPe.
Now under the current regulatory framework, lending is the forte of regulated entities like banks and NBFCs. So, fintech players (like BharatPe) partner with banks or NBFCs to offer BNPL products. In these arrangements, the fintech player takes on the customer acquisition cost. They perform functions like underwriting, application processing, collections etc.
While BNPL products like PostPe offer stellar benefits to merchants and customers alike, the regulatory framework for BNPL is grey. Many BNPL products rely on UPI to extend credit despite NPCI disallowing credit through UPI. We wrote about this in our last FinTales edition. As a stop-gap measure (and to avoid any regulatory exposure), BNPL providers are loading money in customers’ e-wallets, and enabling payments through UPI or card networks.
Another unsolved piece of the regulatory puzzle is the digital lending guidelines. RBI’s working group’s report on digital lending regulations is still awaited. So, the success of products like PostPe depends on how RBI and NPCI regulate this space.
Minor relaxations on the way (but data localisation is here to stay)
RBI’s stance on payments data localisation is a thorny issue. Especially for multinational banks that store most of their data on foreign servers. These banks have been requesting RBI for relaxation of the data localisation norms. After discussions, RBI has reportedly agreed to make some concessions. Now, the multinational banks can store these details abroad: names and addresses of users and select transaction details like date and amount, name of the beneficiary, and reference number. But other details like purpose of remittance and mobile number of users must be stored locally. RBI communicated this relaxation to the banks through the Indian Banks’ Association.
To recap, RBI notified the payments data localisation norms in 2018. It has been quite strict about enforcing these norms. It penalized Master Card, American Express and Diners Club for not storing payments data locally, and banned them from on-boarding new customers till they ensure compliance.
The RBI issued these relaxations so that banks can conduct money laundering checks, suspicious transaction checks and screen customers against sanctions lists. Foreign banks maintain their software for these checks at a central global hub. And they need to pool payments data from different countries to conduct screening. So, RBI made these relaxations only for better risk mitigation. It is unlikely that RBI will consider any other reasons (like cost, ease of operations or effective delivery of services) to further relax the data localisation norms.
A seat at the policy-making table for merchants
Elizabeth Warren once said, “If you don’t have a seat at the table, you’re probably on the menu.” Digital merchants seem to have taken a cue from this adage. They have formed a new association – the Merchant Payments Alliance of India (MPAI) – to voice their concerns on payment regulations. Prominent tech and media companies like BookMyShow, Disney+ Hotstar, Facebook, Future Generali, Microsoft, Netflix, Spotify, Times Internet, and Zoom are founding members of MPAI.
The timing of MPAI’s launch suggests that RBI’s restrictions on recurring transactions and card data storage may have triggered this initiative. RBI’s attempts to enhance data security and reduce fraud have left merchants holding the short end of the stick. For instance, merchants must ensure their technical systems are compliant with the same security standards applicable to banks. But unlike banks, merchants are not allowed to store any card data of customers. RBI’s restrictions on recurring payments (which kicked in on 1 October 2021) also left merchants in the lurch. Over the last few weeks, several merchants (that accept subscription-based payments) sent frantic reminders to their customers about potential payment failures.
Merchants also have the most to lose if payment processes are friction-ridden and clunky. Delayed or failed payments widen the gulf between a customer’s desire to buy and an actual purchase. And banks, on the other hand, have little incentive to improve the payment experience. Payments is not their key revenue source. They earn revenue from traditional functions like accepting deposits and lending. Banks may not therefore push for enabling regulation in the payments’ ecosystem. Merchants need to do this on their own.
The involvement of merchants could also lead to better policy making. As the MPAI Secretariat notes, merchants have access to data (like billing cycles) which could help craft and implement regulations more effectively. One of MPAI’s first projects will be a report based on customers’ payment experiences – a valuable perspective that only merchants (who own the customer interface) can provide. Merchants are important stakeholders in the digital payment ecosystem. We are hopeful that industry associations like MPAI will give them a chance to be heard by regulators.
No 4G, no problem: RBI pushes for offline digital payments
An offline digital payment sounds like an oxymoron. But it’s not. It is one of the many benefits that technical advancements in financial services offer. Offline digital payments are touted as a tool for financial inclusion. They will extend the reach of digital payments to areas which don’t have reliable internet connectivity. To give this initiative a leg-up, the RBI plans to create a framework for retail digital payments in offline mode.
Though RBI has proposed a formal framework only last month, it has been testing waters for quite some time. One of the early initiatives on this front was NPCI’s launch of USSD based mobile banking service in 2012. To use this service, a user dials *99# on her mobile phone and transacts through an interactive menu displayed on the screen. Offline digital payments were also a theme for the first cohort of RBI’s regulatory sandbox. The six entities which successfully exited the sandbox offer offline payment solutions based on near field communication, bluetooth or interactive voice response system technologies. In 2020, RBI launched a pilot project to test offline payments up to Rs. 200 (through cards, wallets, and mobile services). The pilot project covered 2.41 lakh small-value transactions worth Rs. 1.16 crores. With these initiatives, the regulator realised the potential of offline digital payments. And thus, decided to launch a formal framework.
Pilot projects and the regulatory sandbox results prove that we have the technical chops needed to make offline digital payments a reality. But, the success of offline digital payments will depend on the RBI’s ability to chart out a clear path which addresses security concerns, customer complaints and transaction failures.
************************************************************************
And finally, dessert
RBI opens the door to Aadhaar e-KYC for non-banks
Know-thy-customer is the first commandment of the financial services industry. Aadhar e-KYC – which verifies the identity of customers through mobile OTP or biometrics – is one of the most convenient, cost effective and reliable ways to execute this commandment. So far, RBI only permitted banks to conduct Aadhar e-KYC. But last month, RBI opened this much coveted door for NBFCs and other non-bank payment system providers (PSOs) too. Now, NBFCs and PSOs can perform Aadhar e-KYC after they obtain the RBI’s and UIDAI’s authorisation.
UIDAI and RBI have been wary of letting non-banks access the Aadhar database (following complaints of misuse). But the regulators realized that this may do more harm than good. Especially after the pandemic which led to meteoric growth in demand for digital financial products. Currently, NBFCs and PSOs use other methods to perform KYC – like Aadhar XML, verification of documents through DigiLocker etc. But these KYC processes are friction-ridden, costly and at times erroneous. So, access to Aadhar e-KYC is necessary to create a level playing field for non-bank entities.
Aadhar e-KYC will palliate many KYC concerns of non-bank entities. First is the reduced KYC cost. Aadhar e-KYC is cheaper than other forms of KYC. UIDAI has also proposed a steep reduction in Aadhar e-KYC charges (from Rs. 20 to Rs. 3). The financial services industry works on wafer thin margins, so KYC costs are an important differentiator. The reduced cost will enable non-banks to lower customer acquisition cost and offer cheaper financial products. Second is the speed and customer convenience. Aadhar e-KYC is faster. Customers just need to provide their Aadhar number and biometric details or OTP. And voila! KYC is done. The third is reliability. Aadhar e-KYC lowers fraud and is more robust compared to other KYC modes.
All in all, this is some much needed sweet news for the fintech ecosystem.
*******************************************************************************
That’s it from us.
Tell us what you think about the developments we covered. Or if you’d like us to cover any other development in the next edition. If you missed our previous editions, you could read them here. Write to us at contact@ikigailaw.com.
See you in November!
Yours,
Ikigai Fintech Team
