Critical Infrastructure Security , Fraud Management & Cybercrime , PSD2

RBI Moves to Boost Digital Payment Transactions

Proposed New Umbrella Entity Would Handle Smaller Transactions for Those Not Using Banks
RBI Moves to Boost Digital Payment Transactions

In a move designed to support India’s ongoing shift to cashless transactions, the Reserve Bank of India is proposing the creation of a new digital retail payment system similar to the National Payments Corp. of India, which now handles close to 60 percent of retail electronic payment transactions.

See Also: Cybersecurity Trends Report 2020: Bangladesh

RBI says the creation of the New Umbrella Entity, or NUE, would help extend the reach of digital payments to more people, especially those who do not use banks.

The NUE would help boost the growth of nonbank - or fintech - firms that handle digital transactions in competition with banks, RBI says.

RBI says India needs a second payment system to handle the anticipated growing volume of smaller transactions by consumers who don’t rely on a bank.

S. Vasudevan, chief general manager at RBI, says the NUE would help reduce risks and also encourage competition and innovation, thus contributing to financial stability.

“RBI is consciously building this entity to create more competition and cater to the small and medium sector, trade finance sectors and facilitate easy movement of funds even for small value and encourage small finance banks in the country to reach to the masses via digital payments,” says Delhi-based Sriram Natarajan, president of Quinte Financial Technologies, a global fintech solutions company.

Global Trend

RBI’s move follows an international trend toward central banks, including those in England and Switzerland, expanding access to payment systems by fintech firms. In Europe, the move is fueled by PSD2, the Revised Payment Services Directive.

“Traditionally, around the world, only licensed financial institutions are able to access the national payment networks,” says Tom Wills, director, Secure Strategies, a financial consulting group based in Singapore. “This is partly because this type of business was historically only the domain of banks, and partly because banks are required by regulation to manage risk (financial risk, operational risk, cyber risk) more stringently than industry in general.”

So far in India, nonbank participants that have been given access to central payment systems, such as Real Time Gross Settlement System and National Electronic Fund Transfer system, include stand-alone primary dealers, clearing corporations, central counterparties, retail payment system organizations, and select financial institutions, including National Bank for Agriculture and Rural Development, Export-Import Bank of India, and Deposit Insurance and Credit Guarantee Corporation.

Security leaders believe that the working model for the NUE will be similar to NPCI, which is a not-for-profit organization under the provisions of Section 25 of Companies Act 1956 (now Section 8 of Companies Act 2013). NPCI is an initiative of RBI and the Indian Banks' Association.

“The NUE appears to work similarly to NPCI itself and the model is for the clearing and settlement of digital payments to be routed in and out of NUE,” says Prakash Ranjan, a security practitioner from a payments bank. “This is evolved with an intention to provide infrastructure to the entire banking system in India for physical as well as electronic payment and settlement systems.”

Wills notes that the NUE will need to take risk management steps to help prevent money laundering and fraud. “The NUE will have to set and enforce the appropriate level of risk management for nonbank participants in the scheme,” he says.

Essential Steps

Nonbanks accessing to the centralized payment system need to follow a similar model adopted by the banks earlier in connecting to NPCI's UPI using their payment service provider, says Natarajan says.

Nonbanks ramping up the handling of small transactions by leveraging the NUE will need to understand the use of standards such as PCI-DSS and ISO 27001-2013 in the processing of payment transactions, he adds.


About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Vice President - Conferences, Asia, Middle East and Africa, ISMG

Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a group editor for CIO & Leader, IT Next and CSO Forum.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.