Another version of this article was first published on Finextra dated July 20th, 2022.
The Reserve Bank of India (RBI) has notified via a circular that non-bank prepaid payment instruments (PPIs) cannot be loaded through credit lines. The clarification has hit many Buy Now Pay Later (BNPL) offerings – including the new-age ‘challenger credit cards’ that were working on this model – such as PPI cards offered by fintechs, which were backed by NBFC-offered credit lines.
BNPL offerings by fintechs are already being withdrawn (as per media reports), even as the industry has reached out to the regulator for clarity on some ambiguities within the circular. Meanwhile, the move has thrown open a discussion on the future of BNPL as well as that of fintech innovation in the country.
As of today, prepaid cards and wallets can continue to be loaded through the means specifically permitted (under section 7.5 of the RBI Master Direction on Prepaid Payment Instruments), which include:
- Cash
- Debit to bank account
- Credit and debit cards
- PPIs
- Other payments instruments issued by regulated entities
Who is impacted? Are bank PPIs covered?
The communication is addressed to non-bank PPI issuers. But, whether it also applies to PPIs offered by banks is still not clear, with many suggesting these are outside the scope. For instance, a BNPL offering where the prepaid card is issued by a payments bank and the credit line is offered by an NBFC or another bank partner.
Though the RBI has been approached for clarity on this, the clarification in the circular is given for section 7.5 of the PPI Master Directions, a provision that applies to PPIs in general. The provision simply lists the modes through which any PPI can be funded, indicating that now all PPIs cannot be funded through a credit line.
This means that BNPL offerings from banks/fintechs, challenger credit cards from neobanks, and even postpaid facilities via wallets using this route have been impacted.
Impact on bank vs non-bank credit lines
The second point of ambiguity is what the term ‘credit line’ encompasses. In common parlance, it refers to on-demand credit offerings or a preset borrowing limit that the borrower can utilise based on need. These are often unsecured and may be revolving lines of credit.
Looking at the circular, the crux of the RBI’s concern seems to be not with PPIs being loaded by credit per se, but by a method not explicitly permitted under regulations. After all, the PPI MD does clearly permit PPIs to be loaded through credit cards.
Looking at it this way, an NBFC-provided line of credit that settles to a PPI directly is not allowed. However, ambiguity arises in relation to lines of credit that are linked to a bank account.
For instance, an overdraft facility provided by a bank to a customer over a savings/current account. The PPI MD also allows PPIs to be loaded from a ‘bank account,’ without specifying the type of bank account or who owns it. This may thus include a savings account, a current account, or even a third-party account.
Going by the above explanation, it would appear that loading from this kind of overdraft facility, since it happens via a bank account, should be allowed. However, ambiguities remain on whether loading from the following is allowed:
- Overdraft and cash credit facilities provided to customers from banks via a separate current account, independent of the customer’s existing savings/current account.
- Loading with a fixed-tenure loan instead of a revolving line of credit.
- Loan accounts in general, which may be third-party bank accounts, not owned by the customer.
- NBFC-P2P lending loans, where lender funds are collected in an escrow account and then disbursed to a borrower, usually a bank account.
- Government offered credit lines like the ‘Emergency Credit Line Guarantee Scheme’ (ECLGS), say if they reach a bank account first?
Way forward for fintech innovation
BNPL companies and other players in this space are looking at workarounds:
- First of all, clarity from the RBI on the scope of the circular will help a lot – options like providing overdraft facilities from banks over existing bank accounts or issuance of actual loans from regulated entities.
- Immediate options in the meanwhile include an NBFC licence with approval to issue credit cards, as permitted under the recent RBI MD on credit card and debit card issuance remain an option.
- Co-branded and debit/credit/prepaid cards, which can be offered by banks or non-banks are another immediate option.
- Future options for credit payments at PoS include UPI-based credit transactions via UPI linked to credit cards (starting with RuPay), which the RBI announced earlier in June, and OCEN, which will create ‘lending service providers’ with multiple lending partners.
Is BNPL banned?
In short, no. Only one specific model is affected. It will likely be regulated however. BNPL, in fact, is on RBI’s agenda, with the latest Payments Vision Document (discussed below) proposing to examine this in detail.
The RBI’s report on digital lending also discussed BNPL, suggesting that instead of acting as secured/unsecured credits going under the guise of deferred payments or the like, these be treated as part of balance sheet lending. Separately, the report also proposed that loans be disbursed to full KYC PPIs where the borrower doesn’t have a bank account.
Easing card payments: Extended tokenisation deadline and AFA relaxation
This June two important steps for easing card payments have been taken:
Extending deadline for card tokenisation:
The RBI extended the deadline for card tokenisation till September 30th, which was earlier expiring on June 30th. The notification notes considerable progress with over 19.5 crore tokens created till date.
The additional time has been granted to sort out any pending issues. Among the highlighted issues are, improving transaction processing that is yet to gain traction across all merchant categories and implementing systems for guest checkouts.
In a separate notification, the RBI also encouraged cardholders to tokenise their cards.
For background, in order to make card payments more secure, the RBI had mandated that no one, apart from card networks and banks, can store card data. Tokenisation replaces stored card data with a randomly generated token, emerging as a good solution for merchants and payment aggregators (PAs) to continue enabling seamless card payments for customers, even without the card data.
The step has necessitated an ecosystem-wide change to card processing, which the industry has been working towards since the last year. Specific use-cases like guest checkouts, recurring payments, card EMIs, BIN-based offers, etc., each in fact necessitate different solutions to be developed.
The extension is thus a welcome step, allowing time for individual issues to be sorted and bringing in greater efficiency and success rates to the new card flows. For merchants as well, this grants additional breathing space to migrate their stored card data to a compliant form.
RBI raises limit of e-mandates for transactions up to ₹15,000
For card mandates, the limit of AFA waiver of ₹5,000 has been enhanced to ₹15,000. This means that OTPs for recurring payments will be required only for mandates which exceed this new limit.
The relaxation isn’t only for cards alone but also for UPI and PPIs. NPCI separately released a circular on this for UPI AutoPay. The circular requires all UPI apps and merchants to mandatorily enable the intent & QR flow for mandates by September 30th.
RBI Payments Vision 2025: ‘E-Payments for Everyone, Everywhere, Everytime’
In June, the RBI also released its Payments Vision Document 2025 – a document it issues every three years, setting out its policy agenda for payments landscape.
Last year, in the midst of the pandemic, the RBI’s focus was on making e-payments quick, secure, and affordable. For this, RBI took crucial steps such as creating the regulatory sandbox, relaxing AFA requirements, waiving NEFT/RTGS charges and making them 24×7, and regulating payment aggregators to name a few.
Aiming to further elevate payment systems in the country, this time the RBI has set out 47 initiatives, aiming to achieve 10 outcomes like a 3x increase in digital payments, 50% annualised growth of UPI, and increase in cards acceptance infrastructure to 250 lakhs and so on.
These initiatives can broadly be classified as follows based on their impact:
| Innovation | • Alternative authentication via behavioral biometrics, location/historical payments, etc • Regulate big tech and fintechs in payments • Framework for IOT and context-based payments • Link credit cards & credit components of banking products to UPI |
| Centralised Payment Systems | • Liquidity bridge for e-Kuber/ RTGS • Payee name look-up for beneficiary check for NEFT/RTGS/ IMPS • Support longer market trading & settlement hours due to 24×7 NEFT/RTGS • Review the need for IFSC for bank transfers |
| Fraud/Risk | • Broader LEI use for sanctions screening, KYC, invoice reconciliation, etc • Leverage ODR system & enhance CPFIR for fraud monitoring • Digital payments protection fund |
| Card Payments | • Interoperability for contactless transit cards • Implement a national card switch for card payments at PoS |
| Payment System Operators | • Ring-fence domestic payments systems • Increase PSO oversight including on-site inspections • Regulate all payment intermediaries including offline PAs • Evaluate charges for all payment systems • Create payment system for processing online merchant payments using internet/mobile banking |
| International | • Implementing 2FA for cross-border transactions • Introduce CBDC for domestic & cross-border • Expand RTGS to settle in USD, Pound, Euro, etc. • Allow other central banks to hold current/settlement accounts with RBI |
| Others | • Payments for differently-abled persons • Customer outreach by ramping up e-BAAT • Coordinate migration of govt. receipts & payments to digital mode • Comprehensive review of PSS Act & regulations |
Other notable updates
RBI lifts ban on Mastercard
The RBI has lifted its July 2021 restrictions on Mastercard for onboarding new customers, in view of satisfactory compliance with data localisation norms.
Deadline extended for implementation of Master Directions on credit & debit cards
On account of the non-readiness of cards industry, the RBI has extended the deadline for the following specific provisions of its recent Master Directions on Credit & Debit Card Issuance to October 1st:
(i) OTP consent credit card activation.
(ii) No breach of sanctioned credit limit without explicit consent.
(iii) No capitalization of unpaid charges and compounding of interest.
Introduction of UPI for REITs and InvITs
Increasing UPI use-cases, SEBI has allowed investors to subscribe to units of Infrastructure Investment Trusts (InvITs) & Real Estate Investment Trusts (REITs) up to Rs. 5 lakhs per application value.
MeitY declares IT resources of NPCI, HDFC Bank & ICICI Bank as CII
MeitY has declared the IT resources of CBS, NEFT & RTGS of HDFC Bank and ICICI Bank and NPCI’s UPI, IMPS & NFS as Critical Information Infrastructure (CII) under the IT Act, 2000. This essentially means heightened cybersecurity protection under the law for these systems. For instance, a cyberattack on them can be considered as an act of cyberterrorism (punishable with imprisonment up to a lifetime).
Rajya Sabha report on regulation of e-commerce
A Rajya Sabha Parliamentary Standing Committee has published a Report on Promotion & Regulation of E-commerce. Among its many suggestions is setting up of a comprehensive regulatory framework for e-commerce players & enhanced CCI powers. It also includes some specific suggestions for PSOs such as revisiting zero MDR, periodic cybersecurity audits for PAs & strengthening infrastructure to mitigate transaction failure.
PIDF status update
The PIDF scheme for payments infra (PoS terminals) subsidies has been reviewed to enhance the subsidy amount & simplify the claim process. As of end-April 2022, its total corpus stands at Rs. 811.4 crore, with the deployment of 1.18 crore devices.
RBI publishes 3rd cohort of regulatory sandbox
The RBI has published the list of selected entities for the 3rd cohort on MSME lending. Also, the theme for the 4th cohort of the RBI’s regulatory sandbox has been announced, which is Prevention and Mitigation of Financial Fraud.
| This edition has been assisted by Urmil Shah and edited by Sunny Lamba. |
References:
PPI Circular | Tokenisation extension | E-mandate limit | RBI Payments Vision Document | RBI Mastercard Ban | UPI for REITs | HDFC ICICI NPCI | Regulation of E-Commerce | PIDF | RBI 3rd Cohort | RBI 4th Cohort
