From Facebook to Amazon, global majors seek US help on RBI data norms

On April 6, the RBI directed all payments service providers to store their data only in India
Major US multinationals operating in India have sought the help of the US Treasury to ensure that strict local data storage norms of the Reserve Bank of India (RBI) are watered down.

Highly-placed sources said companies like Visa, Mastercard, American Express, PayPal, Google, Facebook, Microsoft and Amazon, as well as global banks, had several calls between themselves to form industry-level lobby groups opposing the RBI’s data localisation guidelines.

A few other powerful lobby groups such as the Securities Industry and Financial Markets Association (SIFMA), the Global Financial Markets Association (GFMA), and the US-India Business Council (USIBC) are also working on behalf of the US companies to try and dilute local storage rules.

Business Standard has learnt that the groups asked the US Treasury to discuss the data storage issue with Indian officials at all platforms the two countries would meet, including the G-20, the US-India Strategic Dialogue, and the IMF Annual Meet. 

According to a Reuters report, finance ministry officials, in a meeting with RBI officials and payments industry representatives in June, offered data mirroring as an alternative to storing payments data exclusively in India.

The RBI has remained non-committal and said a frequently asked questions (FAQ) section on the issue would address much of the apprehensions.

The RBI on April 6 directed all payments service providers to make sure “that the entire data relating to payment systems operated by them are stored in a system only in India” to enable better monitoring through “unfettered supervisory access to data stored”. The circular gave companies six months, till October 15, to comply with the circular. The RBI has also called for an audited compliance report to be submitted before the end of this calendar year.

The companies took up the issue at inter-government level when their lobbying with the central bank failed, and the RBI remained adamant on not even extending the deadline on its strict data storage norms, said sources.

Besides, at a policy level, the US government is opposed to financial data localisation and has promoted the importance of free flow of data across borders in all of its multilateral trade and investment negotiations. According to US policies, data localisation prevents cross border flow of trade and delays routine business.

Data localisation measures pose a significant problem for US firms doing business across borders, due to the importance of free-flowing data for digital trade,” said a paper by the United States International Trade Commission (USITC).

At a time when the US is imposing trade restrictions on countries, including India, the data localisation issue can make trade relations complicated between the two nations.

Most of the US companies mentioned in the story did not respond to emails sent. Some replied back saying they won’t be commenting.

An email sent to the RBI also remained unanswered. However, a person familiar with the thinking of the RBI said the central bank was absolutely sure it didn’t want to give up on its demand, no matter what the lobbying was. The government cannot technically order the RBI to water down the issue, but any such request is hard to ignore for the regulator.

“These are suggestions from the finance ministry, not an order,” said the person.

According to sources, India is justified in insisting on local data storage, but the bone of contention is keeping an exclusive access on the data. Even in the strictest cases, such as in Russia and China, specific data can be transferred but only after storing it first onshore. In Europe, the UK and Sweden are in favour of free flow of data, whereas others such as Germany and France strongly oppose it.

“The RBI maintains that it has every right to store the financial data of Indians. The RBI has no problem if the foreign leg of a cross-border transaction be stored overseas, but why would it allow sharing financial data of its citizens with other countries,” said the person cited above.

International payment and switch providers had earlier told Business Standard that the RBI’s directive on data localisation would weaken its measures to prevent and trace global frauds and financial crimes. It would also serve as a roadblock to bringing new technology to India as well as impair innovation and data analytics. It would force all global players to reconsider their business models for the region, even causing some of them to close operations due to economic unfeasibility or conflict in regional privacy laws.  

In 2016, for example, the online payment company PayPal suspended its Turkish operations in response to a requirement that PayPal fully localise its information systems within Turkey.
Tough Stance
  • On April 6, the RBI directed all payments service providers to store their data only in India
  • The deadline for compliance of data localisation norms is October 15
  • Payment companies also need to submit audited compliance report by the end of this year
  • Major US firms failed to soften RBI stance, despite repeated pleas
  • US companies have formed industry-level lobby groups to approach the US Treasury
  • US treasury officials requested Indian counterparts to dilute the RBI’s stance
  • FinMin has suggested mirroring data instead of exclusive storage
  • But, RBI remains non-committal on the issue

Outbrain