[By Sibasish Panda & Janhavi Mahalik]
The authors are students of National Law University Odisha.
Introduction
India had been touted to bring a digital technology revolution in this decade with the Central Bank playing a pivotal role. It is at the cusp of a Fin-tech revolution with the market expected to hit $150Bn by 2025. It had to play a balancing role to facilitate innovative approaches by the Fin-tech companies vis-a-vis protection of consumer rights. To further this goal, the Reserve Bank of India (RBI) has also set up separate Fin-tech units under the Department of Payments and Settlement of Systems. Securing the cross-border payments was at the helm of the RBI’s focus. In light of recent judicial pronouncements, the RBI has overhauled the regulatory framework governing cross-border payment service providers. Formerly requiring partnership with an authorised dealer bank, Online Payments Gateway Service Providers (OPGSPs) are now directly overseen by the RBI and renamed Payment Aggregators – Cross Border (PA-CB). In this article the authors aim to analyse the stance of the Fin-tech companies post the guidelines.
Understanding the Scope of the Regulations
Under the new regulations, entities involved in the processing of import and export activities of cross-border payment transactions must comply with the instructions laid out by the RBI. This includes Authorised Dealer (AD) banks, Payment Aggregators (PAs), and PA-CBs. Non-banks aiming to operate as Payment Aggregators for cross-border transactions need RBI authorisation by April 30, 2024. This authorisation categorised as import-only, export-only, or both, is essential for offering cross-border payment services. Existing non-bank providers of these services must notify the RBI about their activities within 60 days and seek approval to continue. Entities offering cross-border trade settlement services must have a minimum net worth of Rs 15 crore at the application time, increasing to Rs 25 crore by March 31, 2026. Non-bank lenders without prior business in the segment must have a minimum net worth of Rs 15 crore when applying.
Payment aggregators are now under the PMLA microscope.
The current RBI regulations require all Payment Aggregators and Payment Gateways to undergo registration with the Financial Intelligence Unit India (FIU-IND) before seeking authorization. Consequently, they will be categorized as “reporting entities” by the Prevention of Money Laundering Act (PMLA). From now any payment transaction deemed suspicious will be reported to the Financial Intelligence Unit as per the new guidelines. This finally comes as a clear stance from the RBI on the issue that was contested in PayPal Payments Private Limited v Financial Intelligence Unit India. The tussle of whether PayPal qualified to be a “payment system operator” under the act was answered in affirmative by the court, thus qualifying it to be a reporting entity as defined under section(1)(a) of the act. This move is aimed at bolstering India’s position which is under the Financial Action Task Force (FATF) review which was scheduled in November this year.
Payment aggregators asserted their role as mere “transaction interfaces,” facilitating import-export transactions between Indian and overseas parties without directly handling payments between payer and beneficiary. Despite this, classifying them as reporting entities increases compliance burdens, especially for Fintech startups with modest business plans. The start-up Fintech companies with a small goal business plan now have to rewire their finances and meet the costs that come with setting the infrastructure to maintain and furnish records of all the transactions. The broad definition of reporting entities encompasses banks and payment firms conducting their Know Your Customer (KYC) checks, extending to technology service providers. Now to mandate even technology service providers to do the same will increase the cost of compliance and will also be burdensome on the state machinery to process the data multiple times. The authors however feel that keeping in mind the stringent nature of the PML act, Fintech companies must take a conservative reading of the same before reporting any transaction to the FIU-IND.
Balancing stringency and the ease of doing business.
The recent stringent control by regulators on Fin-tech companies, coupled with current guidelines, underscores India’s aim to secure cross-border transactions giving paramount importance to customer data, privacy, and security. The payment aggregator business is heavily influenced by merchant onboarding policies and adherence to anti-money laundering (AML) and counter-terrorist financing (CFT) regulations. While the BIS-CPSS principles may not cover AML/CFT and customer data privacy, these factors directly impact merchant operations and customer safeguarding. When designing a payment aggregator business model, considerations extend to regulations like data privacy, competition policy promotion, and specific investor and consumer protections.
The PA-CB Guidelines mandate payment aggregators to comply with KYC/AML/CFT regulations outlined by the RBI, following the “Master Direction – Know Your Customer (KYC) Directions,” and now by categorising them as “reporting entities” also adhere to the provisions of Money Laundering under the PMLA act and rules. The added due diligence checks during merchant onboarding along with KYC and transaction monitoring added to the woes of these Fin-tech companies. While the compliance checks seem burdensome, the RBI has made an attempt to ensure the seamless processing of all trade payments efficiently. The latest guidelines have streamlined fund flows, making transactions more convenient. Such as the OPGSP guidelines, which aim to simplify transactions, PA-CBs are required to uphold an Import Collection Account (ICA) and an Export Collection Account (ECA) for their corresponding transactions.
Notable distinctions include the OPGSP guidelines, which required the transfer of balances in the ICA to the overseas exporter’s account within two days of receiving funds. The RBI, as per the PA – CB Directions, has aligned the timelines for fund settlement from the ICA with those specified in the Payment Guidelines for settling funds from domestic payment aggregators’ escrow accounts. This adjustment provides greater flexibility to PA–CBs, allowing settlement timelines from the ICA to be tied to the receipt of delivery confirmation intimation or the expiration of relevant refund periods. Additionally, PA-CBs involved in export transactions are not obliged to establish separate Nostro accounts for fund flows.
It is also felt that applying as an export PA-CB will be easier than applying as an import PA-CB because it would be easier when onboarding a foreign merchant. It is crucial to establish a presence in the respective regions due to RBI regulations mandating comprehensive KYC and due diligence for merchants with imported goods/services exceeding ₹2,50,000 per unit. The RBI closely monitors outgoing funds from India, particularly in cross-border payments where the transaction currency differs from the settlement currency. For transactions in INR, the settlement will be in dollars, requiring India to exchange its currency for dollars.
Although RBI has placed the Foreign Exchange Management Act (FEMA) compliances on the AD banks thus relieving the PA-CBs of the same it seems the increased scrutiny outweighs the right balance of ease of doing business.
Departure from the OPGSP and the draft OEIF guidelines.
The PA-CB guidelines represent a significant departure from the previous regulatory framework governing cross-border transactions and the draft Online Export Import Facilitators (OEIF) directions introduced last year. The definition of payment aggregator has now been expanded to encompass all entities facilitating cross-border payment for import and export transactions. This includes both Online Payment Gateway Service providers and entities approved by the RBI to act as collection agents for foreign entities.
Before the PA-CB Guidelines, non-bank entities like OPGSPs and collection agents collaborated with customers and merchants, relying on the infrastructure of AD Banks. Now, to maintain their role in cross-border e-commerce payments, these entities need to obtain licensing as PA-CBs under the new guidelines. Previously, AD banks dominated cross-border e-commerce payments, with limited participation from Fin-techs like OPGSPs. Managing risks associated with returns and chargebacks poses a significant challenge within the OPGSP framework. AD Category-I banks serve as intermediaries between OPGSPs and the RBI, overseeing operations. Despite these efforts, ongoing challenges persist, complicating cross-border transactions, particularly in new business scenarios.
To address these challenges, the RBI introduced the draft OEIF guidelines. These guidelines raised concerns by excluding “services” from the definition of export/import products, limiting it to “goods and digital products.” This exclusion had potential repercussions for many small exporters, given that services constituted a significant portion of exports, including numerous small-value digitally exported services. The RBI’s lack of a clear definition for “digital products” introduced ambiguity, leaving questions about whether software, services, non-fungible tokens, and cryptocurrency products fell within this category.
Moreover, the RBI’s failure to provide a precise definition of “digital products” confused classification. The new guidelines now allow the RBI to facilitate payments for all permissible cross-border trade transactions, promoting the growth of small Fin-tech companies engaged in various freelancing and skill-based services. With direct registration, payment aggregators now report directly to the RBI, eliminating the intermediary role of AD banks, and providing much-needed regulatory transparency for Fin-tech companies.
Conclusion
Global cross-border payment transactions gained significant momentum, witnessing a notable 13% surge from 2022, according to the Global Payments report. Projections indicate that the global cross-border payments market is expected to reach $238.9 billion by 2027. With the issuance of new guidelines RBI’s intention seems clear; it demands committed players and the reckless ones are to be steered away from the market.
In a bid to reclaim the payments turf, banks are investing heavily in technology and customer-centric solutions. However, given the fintech sector’s agility and innovative prowess, banks are in a tight race, trying to match the speed and convenience that payment aggregators offer.
Until now the banks’ due diligence was rather light as they expected the payment companies to do their job. The clearly defined roles with escrow accounts now will give the regulators time to intervene before a settlement in case of suspicious transactions. This is a positive move for the industry. Rather than operating in a grey area with multiple queries from government agencies, this demarcates the boundaries very clearly.
While the low rate of licensing approvals and the regulatory guidelines introduce challenges, they also pave the way for a more transparent and secure cross-border payment ecosystem. Fintech companies need to adapt their operations to meet compliance requirements while exploring the opportunities presented by direct engagement with regulatory authorities. The balance between regulatory oversight and fostering innovation will be crucial for the successful navigation of India’s fintech landscape.