Norm on Storage of Payment System Data by RBI
Considering the current trend in data storage technology, data is usually kept in multiple locations in order to have back up for data centres. RBI’s mandate on all payment operators (global and local) in India to store all end-to-end transaction data “only within the country” has been buzzing in the current payment ecosystem worldwide. The mandate is applicable to every company handling payments data — starting from fintech firms that offer peer-to-peer money transfers to gateway operators which are operated globally for international fund transfers. RBI states that for better monitoring and surveillance of transactional data, it is required to have easy and unrestricted supervisory access to data stored in the payment eco-system. The intention behind the regulation is to have a quicker resolution for payment related breach cases while forensic investigators will have non-restricted access to the breach environment. Also, if we have local laws and regulations in place, it become...