RBI guidelines and impact on recurring transactions
Since 2019 RBI has issued multiple guidelines with respect to recurring transactions which has an impact to the merchants, payment facilitators and issuers. To begin with, in August 2019, RBI issued a guideline for cards and PPI which was subsequently extended to UPI in January 2020. The key highlight of the guideline is consent of the customer is required before a merchant creates a mandate. Issuers need to create a unique identifier for every successful mandate creation and the same needs to send across by the merchant or its payment facilitator throughout the mandate lifecycle. Further basis this guideline, issuers have to send a pre-debit notification to the customer at least 24 hours prior to the actual payment being debited and in parallel allow the customer to pause / cancel the mandate via mobile banking app, internet banking or IVR channel. This guideline is applicable to recurring transactions on cards, UPI and digital wallets. Although the initial deadline to implement the guideline was 31 March 2021, RBI has extended the same on 30 September 2021.
The guideline further recommends a subsequent recurring transaction’s AFA relaxation is till INR 5000. Beyond this amount, a customer needs to provide the consent for the recurring transactions with a 2FA, issuers can decide whether it can be done by an OTP, internet banking platform or mobile banking app via a notification. Finally, it is applicable for all domestic and international transactions originating from cards and UPI aliases issued in India.
Due to this guideline, it is expected to create a significant disruption to cardholders and merchants in coming few quarters.
The customer has to perform a 2FA before auto debit is executed for transactions above INR 5000. This will dissolve the whole purpose of auto debit and the customer might miss the notification for consent which may lead to blocking/ hold on the service. On the other hand, due to this regulation the customer will have a view of all the recurring transactions on its mobile banking app or internet banking channel.
Merchant / Payment facilitator’s impact
The payment facilitator needs to integrate with the recurring payment platform of issuers and perform various sets of integration as mentioned below to remain complaint:-
E-mandate repository — This feature will be able to create / register e-mandate, perform recurring validation, store all recurring parameters (periodicity, frequency, amount cap etc)
Recurring payment platform — The merchant or the payment facilitator need to integrate with the recurring payment platform of the issuer for validation of subsequent transactions in certain scenarios
Notification engine — This module should be able to consume the invoice details of the mandate from the merchants and pass on to the issuer
Channel integration — There has to be front end provided to the end customer where customers can view / cancel mandates. If the customer cancels the mandate — downstream details will be sent across to the payment facilitator via an API and subsequently to the merchant
Back-office application — Merchants / Payment facilitator should be provided a back office system to view the mandate, transaction logs, daily, weekly, monthly reports. It should also provide bank wise dashboards, MIS extraction reporting, admin functionalities etc.
There are 3 broad integrations for the issuers. An issuer need to create a recurring payment platform or leverage from an ecosystem enabler.
Switch / host enhancements : There can be couple of models for switch integration. First one is the switch / host of the issuer is connected with the recurring payment platform with its APIs for the mandate validation. This implementation model is time consuming for issuers. The alternate one is a light integration model where the transaction validation is already done via the payment facilitator — with the recurring payment platform. Once validation is successful via the network message the successful validation flag value is sent across to the issuer. The issuer host basis the successful validation flag further sends the transaction downstream for other mandatory validations post which the transaction is approved / declined.
Pre-transaction notification : The merchant pushes the invoice to the payment facilitator sends the details via an API to the recurring processing platform. Post receiving the details the platform needs to integrate with the notification engine of the issuer bank.
Channel integration : The issuer need to provide a dashboard view to the customers on the set of existing recurring mandates — it can be viewed either via the internet banking, mobile banking or IVR channel. A white labeled solution or a SSO integration with the respective channel of the issuer needs to be performed.
Impact on the ecosystem post compliance*
The overall impact post the compliance:-
Journey ahead and opportunities
Basis the regulatory guidelines there is a significant impact on card transactions and customer experience on recurring payments will get affected.
Customers will be tempted to consider other payment modes like UPI, NACH and digital wallets in place of cards. In the recent few years, UPI has already eliminated some of the dependence on card transactions by allowing instant payment transactions while offering services like proxy identifiers, low-limit recurring payments for subscriptions and low-value EMIs. Digital wallets too have emerged as one of the major payment modes through
new functionalities such as one-click payments, bill payments, auto debits and marketplace payments. e-NACH mandates have looked to address the high-value B2B and B2C recurring payment market, allowing customer to set limits and variable recurring payment amounts.
Despite the availability of these alternative methods and their advantages, it is difficult to consider them as replacements for card recurring transactions. Although UPI has been considered a preferred mode for low-value retail transactions, RBI guidelines are also applicable on recurring transactions through UPI. The UPI readiness on recurring payment is currently at an evolving stage with significant part of the ecosystem needs to catchup. e-NACH mandates lack a seamless customer experience with higher mandate initiation timelines. Also, like digital wallets, they involve additional steps or considerations which again limits their viability as true alternatives.
The biggest advantage of this regulation has opened up debit card, wallets, and UPI recurring transactions itself will pump in humongous growth in overall digital transactions in the market. In the short run, the changes in the RBI’s regulations will have a major impact on how customers seamlessly perform recurring transactions — in the short run it will remain a barrier to the significant factor for growth of digital transactions in bill payments, subscriptions businesses, etc. While the need for building customer confidence cannot be overlooked, and it can’t be at the cost of customer experience or convenience. All ecosystem enablers are required to develop or integrate solutions that can support the regulatory requirement and in parallel maintain a balance between security and customer convenience to ensure faster and seamless adoption by customers.
Going ahead, the other disruptive compliance of tokenization implementation of card on file (CoF) transactions which is effective from 1st of Jan 2022 — it will further have impact on the recurring transactions. The ecosystem would require clarity on the mechanism of how the pre-debit notification be triggered on a token card credential. The ecosystem will look forward towards solving this problem in days to come.