Digital Banking

[Link]. RBI Notifications

1 Restriction on storage of actual card data [i.e. Card-on-File (CoF)]
2 Introduction of Legal Entity Identifier for Cross-border Transactions
3 Integrated Ombudsman Scheme, 2021
4 Tokenisation – Card Transactions: Permitting Card-on-File Tokenisation (CoFT) Services
5 Master Directions on Prepaid Payment Instruments (PPIs)
6 Review of incentive and other measures to enhance distribution of coins
7 Tokenisation – Card Transactions : Extending the Scope of Permitted Devices
8 Monitoring of Availability of Cash in ATMs
9 Framework for Outsourcing of Payment and Settlement-related Activities by Payment System
Operators
10 Access for Non-banks to Centralised Payment Systems
11 Cassette - Swaps in ATMs

Restriction on storage of actual card data [i.e. Card-on-File (CoF)]

RBI/2021-2022/142
[Link].S-1211/02-14-003/2021-22

December 23, 2021

All Payment System Providers and Payment System Participants

Madam / Dear Sir,

Restriction on storage of actual card data [i.e. Card-on-File (CoF)]

In terms of our circular [Link].1810/02.14.008/2019-20 dated March 17, 2020 on

“Guidelines on Regulation of Payment Aggregators and Payment Gateways”, the authorised non-
bank payment aggregators and merchants on-boarded by them were prohibited from storing card
data (CoF) from June 30, 2021. At the request of industry stakeholders, this timeline was extended
to December 31, 2021 vide circular [Link].S33/02-14-008/2020-2021 dated March 31,
2021. Further, regulations on CoF Tokenisation (CoFT) were issued vide circular [Link].S-
516/02-14-003/2021-22 dated September 07, 2021 on “Tokenisation – Card Transactions: Permitting
Card-on-File Tokenisation (CoFT) Services”.

2. In light of various representations received in this regard, we advise as under:

the timeline for storing of CoF data is extended by six months, i.e., till June 30, 2022; post this, such
data shall be purged; and

in addition to tokenisation, industry stakeholders may devise alternate mechanism(s) to handle any
use case (including recurring e-mandates, EMI option, etc.) or post-transaction activity (including
chargeback handling, dispute resolution, reward / loyalty programme, etc.) that currently involves /
requires storage of CoF data by entities other than card issuers and card networks.
3. This directive is issued under Section 10 (2) read with Section 18 of Payment and Settlement
Systems Act, 2007 (Act 51 of 2007).

Yours faithfully,

(Sudhanshu Prasad)
General Manager (Officer in Charge)

Reference link: [Link]

Introduction of Legal Entity Identifier for Cross-border Transactions

RBI/2021-22/137
A.P. (DIR Series) Circular No. 20

December 10, 2021

To

All Category-I Authorised Dealer Banks

Madam / Sir,

Introduction of Legal Entity Identifier for Cross-border Transactions

The Legal Entity Identifier (LEI) is a 20-digit number used to uniquely identify parties to financial
transactions worldwide to improve the quality and accuracy of financial data systems. LEI has been
introduced by the Reserve Bank in a phased manner for participants in the over the counter (OTC)
derivative, non-derivative markets, large corporate borrowers and large value transactions in
centralised payment systems.

2. In order to further harness the benefits of LEI, it has been decided that AD Category I banks, with
effect from October 1, 2022, shall obtain the LEI number from the resident entities (non-individuals)
undertaking capital or current account transactions of ₹50 crore and above (per transaction) under
FEMA, 1999. As regards non-resident counterparts/ overseas entities, in case of non-availability of
LEI information, AD Category I banks may process the transactions to avoid disruptions. Further, AD
Category I banks may encourage concerned entities to voluntarily furnish LEI while undertaking
transactions even before October 1, 2022. Once an entity has obtained an LEI number, it must be
reported in all transactions of that entity, irrespective of transaction size.

3. AD Category-I banks shall have the required systems in place to capture the LEI information and
ensure that any LEI captured is validated against the global LEI database available on the website of
the Global Legal Entity Identifier Foundation (GLEIF).

4. AD banks may bring the contents of this circular to the notice of their constituents concerned and
advise entities who undertake large value transactions (₹50 crore and above) under FEMA, 1999 to
obtain LEI in time, if they do not already have one issued.

5. Entities can obtain LEI from any of the Local Operating Units (LOUs) accredited by the GLEIF, the
body tasked to support the implementation and use of LEI. In India, LEI can be obtained from Legal
Entity Identifier India Ltd. (LEIL) ([Link] which is also recognised as an
issuer of LEI by the Reserve Bank under the Payment and Settlement Systems Act, 2007. The rules,
procedures and documentation requirements may be ascertained from LEIL.

6. The directions contained in this circular are being issued under sections 10(4) and 11(1) of the
Foreign Exchange Management Act (FEMA), 1999 (42 of 1999) and are without prejudice to
permissions/approvals, if any, required under any other law.

Yours faithfully

Ajay Kumar Misra

Chief General Manager-in-Charge

Reference link: [Link]

Reserve Bank - Integrated Ombudsman Scheme, 2021

DEPUTY GOVERNOR

Reserve Bank of India

Mumbai

Reserve Bank - Integrated Ombudsman Scheme, 2021

NOTIFICATION

Ref. CEPD. PRD. No.S873/13.01.001/2021-22

November 12, 2021

In exercise of the powers conferred by Section 35A of the Banking Regulation Act, 1949 (10 of 1949),
Section 45L of the Reserve Bank of India Act, 1934 (2 of 1934) and Section 18 of the Payment and
Settlement Systems Act, 2007 (51 of 2007), and in supersession of its Notifications Ref. (i) CEPD. PRS.
No. 6317/13.01.01/2016-17 dated June 16, 2017; (ii) CEPD. PRS. No. 3590/13.01.004/2017-18 dated
February 23, 2018; and (iii) CEPD. PRS. No. 3370/13.01.010/2018-19 dated January 31, 2019, the
Reserve Bank of India, being satisfied that it is in public interest to do so, and to make the alternate
dispute redress mechanism simpler and more responsive to the customers of entities regulated by it,
hereby integrates the three Ombudsman schemes – (i) the Banking Ombudsman Scheme, 2006, as
amended up to July 01, 2017; (ii) the Ombudsman Scheme for Non-Banking Financial Companies,
2018; and (iii) the Ombudsman Scheme for Digital Transactions, 2019 into the Reserve Bank -
Integrated Ombudsman Scheme, 2021 (the Scheme).

2. The Scheme covers the following regulated entities:

i. all Commercial Banks, Regional Rural Banks, Scheduled Primary (Urban) Co-operative Banks
and Non-Scheduled Primary (Urban) Co-operative Banks with deposits size of Rupees 50
crore and above as on the date of the audited balance sheet of the previous financial year;

ii. all Non-Banking Financial Companies (excluding Housing Finance Companies) which (a) are
authorised to accept deposits; or (b) have customer interface, with an assets size of Rupees
100 crore and above as on the date of the audited balance sheet of the previous financial
year;

iii. all System Participants as defined under the Scheme.

3. The regulated entities shall comply with the Scheme from the date of its implementation.

4. The format for filing a complaint under the Scheme is annexed.

5. The Scheme shall come into force from November 12, 2021.

(M. K. Jain)

Reference link: [Link]

Tokenisation – Card Transactions: Permitting Card-on-File Tokenisation (CoFT) Services

RBI/2021-22/96
[Link].S-516/02-14-003/2021-22

September 07, 2021

All Payment System Providers and Payment System Participants

Madam / Dear Sir,

Tokenisation – Card Transactions: Permitting Card-on-File Tokenisation (CoFT) Services

We invite reference to our circular [Link] No.1463/02.14.003/2018-19 dated January 8,

2019 on “Tokenisation – Card transactions”, permitting authorised card networks to offer card
tokenisation services subject to the conditions listed therein. Initially limited to mobile phones and
tablets, this facility was subsequently extended to laptops, desktops, wearables (wrist watches,
bands, etc.), Internet of Things (IoT) devices, etc., vide our circular [Link].S-469/02-14-
003/2021-22 dated August 25, 2021 on “Tokenisation – Card Transactions : Extending the Scope of
Permitted Devices”.

2. Reference is also invited to our circulars [Link].1810/02.14.008/2019-20 dated March

17, 2020 (as updated from time to time) and [Link].S33/02-14-008/2020-2021 dated
March 31, 2021 on “Guidelines on Regulation of Payment Aggregators and Payment Gateways”,
advising that neither the authorised Payment Aggregators (PAs) nor the merchants on-boarded by
them shall store customer card credentials [also known as Card-on-File (CoF)].

More enhancements to the CoF and clarity on interest has been listed in the circular. This can be
referred to in the below link.

Reference link: [Link]

Master Directions on Prepaid Payment Instruments (PPIs) (Updated as on November 12, 2021)

RBI/DPSS/2021-22/82
[Link].S-479/02.14.006/2021-22

August 27, 2021

(Updated as on November 12, 2021)

All Prepaid Payment Instrument Issuers (Banks and Non-banks) and System Participants

Madam / Dear Sir,

Master Directions on Prepaid Payment Instruments (PPIs)

This has reference to the Master Direction dated October 11, 2017 on Issuance and Operation of
Prepaid Payment Instruments (PPI-MD) and subsequent amendments made thereto. Keeping in view
the recent updates to PPI guidelines, it has been decided to issue the Master Directions afresh.

2. These Directions are issued under Section 18 read with Section 10(2) of the Payment and
Settlement Systems Act, 2007.

Yours faithfully,

(P. Vasudevan)
Chief General Manager

Reference link: [Link]

Review of incentive and other measures to enhance distribution of coins

RBI/2021-22/93
DCM (CC) No.97527/03.41.01/2021-22

August 27, 2021

The Chairman / Managing Director &

Chief Executive Officer
(All Scheduled Commercial banks including RRBs)

Madam / Dear Sir,

Review of incentive and other measures to enhance distribution of coins

Please refer to our Master Direction DCM (CC) No.G-2/03.41.01/2021-22 dated April 01, 2021 on
“Currency Distribution & Exchange Scheme (CDES)” for bank branches including currency chests
which inter alia, provides for financial incentives of ₹25 per bag to banks for distribution of coins
over the counter.

2. Keeping in view the overall objectives of Clean Note policy and to ensure that all bank branches
provide better customer service to members of public with regard to exchange of notes and
distribution of coins, the afore-said Scheme has since been reviewed and it has now been decided to
revise the incentive being paid to the banks for distribution of coins with a major thrust on alternate
avenues so as to extend the outreach. Accordingly, paragraph 2 (Incentives) [Link]. (iii) stands revised
as follows:

a) Revised scheme of incentive for distribution of coins

b) Banks to provide coins to bulk customers

c) Engaging Business Correspondents (BCs) for distribution of coins

d) Engaging Cash in Transit (CIT) entities for distribution of coins

More details on the above points can be referred to in the below link

Reference link: [Link]

Tokenisation – Card Transactions : Extending the Scope of Permitted Devices

RBI/2021-22/92
[Link].S-469/02-14-003/2021-22

August 25, 2021

The Chief Executive Officer / President

All authorised card networks

Madam / Dear Sir,

Tokenisation – Card Transactions : Extending the Scope of Permitted Devices

We invite reference to our circular [Link] No.1463/02.14.003/2018-19 dated January 08,

2019 on “Tokenisation – Card transactions”, permitting authorised card networks to offer card
tokenisation services to any token requestor, subject to the conditions listed therein. The facility was
available only for mobile phones and tablets of interested card holders. There has been an uptake in
the volume of tokenised card transactions during the recent months.

2. On a review of the framework and keeping in view stakeholder feedback, it has been decided to
extend the scope of tokenisation to include consumer devices – laptops, desktops, wearables (wrist
watches, bands, etc.), Internet of Things (IoT) devices, etc. All other provisions of the circular
referred to above shall continue to be applicable. This initiative is expected to make card
transactions more safe, secure and convenient for the users.

3. This directive is issued under Section 10 (2) read with Section 18 of Payment and Settlement
Systems Act, 2007 (Act 51 of 2007).

Yours faithfully,

(P. Vasudevan)
Chief General Manager

Reference link: [Link]

Monitoring of Availability of Cash in ATMs

RBI/2021-22/84
DCM (RMMT) No.S153/11.01.01/2021-22

August 10, 2021

The Chairman /
Managing Director & CEO
All Banks

Dear Sir / Madam,

Monitoring of Availability of Cash in ATMs

As you are aware, the Reserve Bank of India has a mandate to issue banknotes and the banks are
fulfilling this mandate by dispensing banknotes to the public through their wide network of branches
and ATMs. In this connection, a review of downtime of ATMs due to cash-outs was undertaken and it
was observed that ATM operations affected by cash-outs lead to non-availability of cash and cause
avoidable inconvenience to the members of the public.

2. It has, therefore, been decided that the banks/ White Label ATM Operators (WLAOs) shall
strengthen their systems/ mechanisms to monitor availability of cash in ATMs and ensure timely
replenishment to avoid cash-outs. Any non-compliance in this regard shall be viewed seriously and
shall attract monetary penalty as stipulated in the “Scheme of Penalty for non-replenishment of
ATMs” in the Annex. The Scheme shall be effective from October 01, 2021.

Yours faithfully,

(Subrata Das)
Chief General Manager-in-Charge

Encl: As above

Reference link: [Link]

Framework for Outsourcing of Payment and Settlement-related Activities by Payment System
Operators

RBI/2021-22/76
[Link].S-384/02.32.001/2021-2022

August 3, 2021

The Chairman / Managing Director / Chief Executive Officer

All Non-Bank Payment System Operators

Madam / Dear Sir,

Framework for Outsourcing of Payment and Settlement-related Activities by Payment System

Operators

The Payment System Operators (PSOs), by virtue of services they provide and the construct of
models on which they operate, largely outsource their payment and settlement-related activities to
various other entities.

2. In order to enable effective management of attendant risks in outsourcing of such activities, it was
announced in the Statement on Developmental and Regulatory Policies released with the bi-monthly
Monetary Policy Statement 2020-21 on February 05, 2021, that a framework for outsourcing of
payment and settlement-related activities by PSOs, will be issued by the Reserve Bank of India.
Accordingly, a framework for the same is provided in the Annex. The PSOs shall ensure that all their
outsourcing arrangements, including the existing ones, are in compliance with this framework by
March 31, 2022.

3. This framework is issued under Section 10 (2) read with Section 18 of Payment and Settlement
Systems Act, 2007 (Act 51 of 2007).

Yours faithfully,

(P Vasudevan)
Chief General Manager

Reference link: [Link]

Access for Non-banks to Centralised Payment Systems

RBI/2021-22/73
[Link] No.S290/04.04.009/2021-22

July 28, 2021

The Chairman / Managing Director / Chief Executive Officer

Authorised Non-bank Payment System Providers

Madam / Dear Sir,

Access for Non-banks to Centralised Payment Systems

A reference is invited to Paragraph 9 of the Statement on Developmental and Regulatory Policies

dated April 07, 2021 wherein it was announced that the Reserve Bank shall encourage participation
of non-banks in Reserve Bank of India-operated Centralised Payment Systems (CPS) viz. Real Time
Gross Settlement (RTGS) and National Electronic Fund Transfer (NEFT) systems, in a phased manner.
A reference is also invited to the Master Directions on Access Criteria for Payment Systems dated
January 17, 2017 wherein Reserve Bank had prescribed criteria for access to CPS.

2. Direct access for non-banks to CPS lowers the overall risk in the payments ecosystem. It also
brings advantages to non-banks like reduction in cost of payments, minimising dependence on
banks, reducing the time taken for completing payments, eliminating the uncertainty in finality of
the payments as the settlement is carried out in central bank money, etc. The risk of failure or delay
in execution of fund transfers can also be avoided when the transactions are directly initiated and
processed by the non-bank entities.

3. On a review of extant arrangements and after detailed discussions with Payment System Providers
(PSPs), it is advised that, in the first phase, authorised non-bank PSPs, viz. PPI Issuers, Card Networks
and White Label ATM Operators shall be eligible to participate in CPS as direct members as per the
approach presented in the Annexure hereto.

4. The Master Directions on Access Criteria for Payment Systems dated January 17, 2017 are also
being modified accordingly. For operational and user convenience, Reserve Bank has placed a set
of FAQs on the subject on its website.

5. These instructions are issued under Section 10 (2) read with Section 18 of Payment and
Settlement Systems Act, 2007 (Act 51 of 2007) and come into effect from the date of this circular.

Yours faithfully,

(P Vasudevan)
Chief General Manager

Reference link: [Link]

Cassette - Swaps in ATMs

RBI/2021-22/71
DCM (Plg.) No.S39/10.25.007/2021-22

July 12, 2021

The Chairman / Managing Director & Chief Executive Officer

All Scheduled Commercial Banks including RRBs
Urban Co-operative Banks / State Co-operative Banks /
District Central Co-operative Banks.

Madam / Dear Sir,

Cassette - Swaps in ATMs

Please refer to our circular RBI/2017-18/162/DCM (Plg.) No.3641/10.25.007/2017-18 dated April 12,
2018 on the captioned subject wherein banks were advised to consider using lockable cassettes in
their ATMs which shall be swapped at the time of cash replenishment. The same was advised to be
implemented in a phased manner covering at least one third ATMs operated by the banks every
year, such that all ATMs achieve cassette swap by March 31, 2021.

2. In this regard, representations have been received from Indian Banks’ Association on behalf of
various banks expressing difficulties in meeting this timeline. Accordingly, it has been decided to
extend the timeline for implementation of cassette swap in all ATMs till March 31, 2022.

3. Banks shall monitor progress and make the required course correction at the end of every
quarter, at the level of Board / ACB and report status within seven days of the end of the quarter,
starting from the quarter ended September 2021, to the Chief General Manager-in-Charge,
Department of Currency Management, Reserve Bank of India, Central Office, Amar Building, Fourth
Floor, Sir P. M. Road, Fort, Mumbai 400 001. The said report should be sent by e-mail. No hard copy
need be sent.

Yours faithfully,

(Subrata Das)
Chief General Manager-in-Charge

Reference link: [Link]