The Reserve Bank of India (RBI) on Wednesday deferred new rules on automatic debit by six months, in a relief to banks, customers and the digital payments ecosystem unprepared for the 31 March deadline. The new electronic mandate rules for debit and credit cards will now take effect on October 1st.
A central bank notification said the industry has not fully implemented the new framework it announced in August 2019, and that “non-compliance will be dealt with seriously”. The delay in implementation by some stakeholders has given rise to a situation of possible large-scale consumer inconvenience and default, the RBI said.
A large number of credit and debit card users set auto payment instructions for goods and services ranging from electricity and gas to music and movie subscriptions, and the new rules threatened to spell chaos for millions of users.
The framework required use of additional factor authentication during registration, modification and revocation of e-mandates. An additional factor authentication is also required during the first transaction of the e-mandate
In December, the RBI granted more time to migrate to the new framework by March 31, following a request from the Indian Banks’ Association (IBA). “Any further delay in ensuring complete adherence to the framework beyond the extended timeline will attract stringent supervisory action now,” the RBI said.
For banks and payment institutions, the change posed a major challenge, requiring them to overhaul existing recurring payment flows and maintain standardisation for smooth execution of payments.
Executives at two fintech firms said on condition of anonymity that the industry had sought another extension due to the infrastructure burden on merchant partners, banks and payment processors.
“It has been an arduous task for banks, which are already facing infrastructure outages, to now upgrade their systems and bring standardisation of payment flows for the RBI’s new mandate for recurring payments. Over that, the any fault in the system increases the risk of payment failures, which will further erode consumer trust on recurring payments as a use case,” said one executive, asking not to be named.
The framework required use of additional factor authentication during registration, modification and revocation of e-mandates. An additional factor authentication is also required during the first transaction of the e-mandate. “As we move towards compliance with the e-mandate circulars, the significant scale of infrastructure development required to be built by various stakeholders cannot be underestimated,” said digital payments expert Ram Rastogi, who has headed product management for UPI and other payment infrastructure.