Tag: deadline

RBI deadline to stop storage of card details worries start-ups

Banking & Finance

[ad_1]

Read More/Less


With the deadline to implement an RBI norm that prohibits payment gateways and payment aggregators from storing customer card details closing in, consumer tech start-ups are a worried lot.

Accepting the diktat could reduce the ease of payments for half a billion Internet users in India.

This could even increase barriers of entry for the next billion Internet users who are just getting hold of technology services like food delivery, online retail, and on-demand video streaming.

The RBI had suggested tokenisation as a measure for non-bank payment aggregators to replace actual card details of customers with an alternative code termed as ‘token’. The token has to be unique for a combination of card, token requestor (an entity that accepts tokenisation request from the customer and sends it to the card network to issue a token), and device.

The safety provided by tokenisation is that if a company is hacked, the hacker cannot use that data for another platform.

One device, one card

But in tokenisation, the consumers will only be able to use one card to make transactions on one device. Each platform will generate a unique token corresponding to the user’s card and device.

On the challenges attached to tokenisation, Rameesh Kailasam, CEO of Indiatech, told BusinessLine, “The ecosystem may not be ready for such measures, because companies will be expected to create a token with each payment aggregator/payment gateway which will override the intent of recurring payments. Essentially, customers will not have the feasibility of placing repeat orders, making EMI payments, and standing transactions against their card.”

The RBI rule on stopping card storage was initially given an implementation deadline of July but was later extended to January 2022 following industry demand.

Indiatech.org, an industry association of Indian start-ups including Ola, hike, Makemytrip, and Nykaa among others, has recommended that companies that are able to afford industry certifications like Payment Card Industry Data Security Standard (PCI DSS) Level 1 be allowed to save customer’s card details with necessary reporting and audit mechanisms built to inform the RBI. Further, it suggested that beyond-device tokenisation should be allowed.

The central bank’s motive to bring these rules was to guard customer data against frequent data breach cases in tech companies. Cybercrime cases in India have grown exponentially since the pandemic. Per data shared by the Union Minister of State for Home Affairs, G Kishan Reddy, in the Lok Sabha in March, between August 30, 2019, and February 28, 2021, as many as 3.17 lakh cybercrime incidents were registered on the National Cyber Crime Reporting Portal.

Data security

Commenting on the relation of data security issues with companies’ storing customer card details, independent security researcher, Rajashekhar Rajaharia said, “Storing customer data is not what leads to data breaches. It is weak and, in some cases, outdated encryptions used by the Internet companies that expose them to data leaks and hackers.

“In addition to this, the Indian government also needs to conduct data audits of companies as done in countries like the US and Europe,” he added.

[ad_2]

CLICK HERE TO APPLY

Leave a comment , , , , , , ,

UCBs fear disruption as RBI’s deadline on the appointment of MDs looms large

Banking & Finance

[ad_1]

Read More/Less


Hundreds of urban co-operative banks (UCBs) may have to change their Managing Directors by August 25, 2021, if the Reserve Bank of India (RBI) does not give them leeway on its directions on the appointment of Managing Director (MD) and Whole-Time Director (WTD), according to an apex body of co-operatives.

The National Federation of Urban Cooperative Banks and Credit Societies (NAFCUB) has requested the RBI to allow incumbent MDs of UCBs to complete their tenure and make its directions on appointment of MD/WTD applicable only to fresh appointments.

The Federation emphasised that the aforementioned arrangement will be least disruptive and also give banks time to comply with the RBI directions.

Jyotindra Mehta, President, NAFCUB, feared that if RBI insists on adherence to the timeline prescribed in the directions, it could lead to a situation where hundreds of banks will need to change their MDs within two months. He emphasised that it will be not easy for the banks to find suitable candidates.

Cooperative vs corporate structure

He observed that while making most of the provisions of the Banking Regulation Act, 1949, applicable to UCBs, RBI has to keep in mind that the directions/ guidelines it issues under these provisions are compatible with the democratic structure of the cooperative banks and their essential cooperative character.

In a letter to RBI Governor Shaktikanta Das, Mehta underscored that this was an assurance given by the Minister in the Parliament during the discussion on the Bill to amend the Banking Regulation Act, 1949, when some members raised apprehensions that the provisions of Bill would allow authorities to undermine cooperative character of cooperative banks.

He opined that this challenge is most evident when it comes to the provisions regarding constitution and powers of board, appointment of chairman and managing director.

“However, it appears that RBI has largely brought about changes through the directions (on Appointment of MD/ WTD) without visualising the disruption it would cause in the sector.

“It has practically incorporated same provisions that are prescribed for banks that have corporate structure,” Mehta said.

Directions

As per the directions, while MDs of UCBs appointed with prior RBI approval in terms of its guidelines on constitution of Board of Management can continue till completion of his/ her tenure or for a period of three years from the date of initial appointment, whichever is earlier, other UCBs have to review the ‘Fit and Proper’ status of the existing MD in terms of the directions.

Such UCBs have to confirm the same, with the approval of Board of Directors, to RBI’s regional offices within a period of two months from the date of the directions, which were issued on June 25, 2021.

The directions prescribe eligibility and propriety criteria, tenure of MD/WTD, procedure for obtaining RBI approval for appointment/ re-appointment/ termination of MD/WTD, among others.

While NAFCUB appreciated the need for steps to be taken to upgrade professionalism and bring in more transparency in the managements of many of the UCBs, it also stated that about 90 per of these Banks are very small sized entities in comparison to commercial banks and pose no major risk to the banking system.

As at March-end 2020, there were 1,539 UCBs in the country. About 88 per cent of these Banks had deposits of less than ₹500 crore and about 93 per cent had advances of less than ₹500 crore.

Appointment vs election of directors

Referring to UCBs management structure being decades old and, in some cases, even over a century old, Mehta said they will need time to change and to adopt concepts such as “appointment” of directors, (as against elected) “CMD”, “WTD” and so on, which are totally alien to them, as they do not exist in cooperative lexicon

The NAFCUB chief feared that suddenly forcing the banks to implement all these concepts all at once would be highly disruptive, inviting chaos.

He said stretching the appointment exercise over a period of time of, say, 4-5 years or more in stages will help the sector.

[ad_2]

CLICK HERE TO APPLY

Leave a comment , , , ,