RBI imposes limits on business card usage and restricts the sharing of customer data
The Reserve Bank of India (RBI) has recently issued new rules for credit and debit cards meant for business accounts, to enhance the security and efficiency of card transactions. The new rules, which came into effect immediately, cover various aspects of card issuance, conduct, and data sharing The RBI has also ordered Visa to stop using an unauthorized route to make business-to-business card payments, which involved fintech companies as intermediaries in this article, we will discuss the main features and implications of the new rules, as well as the reasons behind the RBI’s actions.
The new rules issued by RBI are as follows:
Monitoring the end use of funds:
The RBI has directed the card issuers to put in place an effective mechanism to monitor the end use of funds by cardholders, especially for large-value transactions. The card issuers should also ensure that the card transactions comply with the applicable laws and regulations, such as the Foreign Exchange Management Act, of 1999, the Prevention of The Income Tax Act of 1961 and the Money Laundering Act of 2002.
Restricting data sharing:
The RBI has made it illegal for card issuers to provide any outsourced partners with consumer card data unless the partners must perform their duties. The card issuers should also obtain the explicit consent of the cardholders before sharing their card data with any third party. The card issuers should also ensure that the storage and ownership of the card data remain with them and that the card data is not compromised or misused by any party.
Supporting tokenization:
The RBI has allowed card issuers to support the tokenization of card data, which is a process of replacing the actual card number with an