The Reserve Bank of India (RBI) has restricted American Express and Diners Club International Ltd. from adding new domestic customers from May 1 for not complying with data storage rules. The central bank says its order won't impact existing customers. The two companies have been found guilty of not complying with the rules on 'Storage of Payment System Data', according to a statement issued by the central bank.
It cracked the whip on the two companies in the form of supervisory action after the two entities were found not following the RBI's directions on ensuring that data of transactions, payments, instructions and customer information collected by them is stored in a system within India.
American Express Banking Corp. and Diners Club International Ltd. are Payment System Operators authorised to operate card networks in the country under the Payment and Settlement Systems Act, 2007 (PSS Act). The RBI has taken action under Section 17 of the PSS Act, a statement issued by the central bank said.
According to the terms of RBI's circular on 'Storage of Payment System Data' dated April 6, 2018, all payment system providers were to ensure that within a period of six months the entire data related to their daily operations is stored in a system only in India.
They were also required to report compliance to RBI and submit a Board-approved System Audit Report (SAR) conducted by a CERT-In empanelled auditor within the timelines specified in the guidelines. American Express and Diners Club were early entrants in India and had established themselves as trusted names, especially among the affluent sections of the society, before the arrival of Visa and Master Card.