The Reserve Bank of India (RBI) has restricted American Express and Diners Club International Ltd. from adding new domestic customers from May 1 for not complying with data storage rules. The two companies have been found guilty of not complying with RBI’s directions on ‘Storage of Payment System Data’, according to the RBI.
American Express Banking Corp. and Diners Club International Ltd. are Payment System Operators authorised to operate card networks in the country under the Payment and Settlement Systems Act, 2007 (PSS Act). The RBI has taken the action under Section 17 of the PSS Act, a statement issued by the central bank said.
According to the terms of RBI’s circular on ‘Storage of Payment System Data’ dated April 6, 2018, all payment system providers were directed to ensure that within a period of six months the entire data (including full end-to-end transaction details, information collected, carried, processed as part of the message and payment instruction) relating to payment systems operated by them is stored in a system only in India.
They were also required to report compliance to RBI and submit a Board-approved System Audit Report (SAR) conducted by a CERT-In empanelled auditor within the timelines specified therein.