How Equipped Is The Fintech Industry To Implement RBI’s Norms On Recurring Payments

“7 calls between 12:20 am and 04:29 am this morning from my credit card co asking me to authorise a legitimate $12.99 monthly auto-debit… thank you @RBI for such well thought through regulation.” — Govindraj Ethiraj, founder, IndiaSpend, Boom

Are you a subscriber to any platform that requires recurring payments? In that case, you might have received email messages and SMSes from merchants and banks clarifying that starting from October 1, recurring payments, aka subscription-based payments, would not be as seamlessly processed as they used to be.

You may have to reauthenticate and approve these payments every time you renew these subscriptions.

According to various reports, more than 50-60% of the recurring payments are bound to fail post-October 1, 2021.

Given this scenario, several platforms such as Netflix, Disney+ Hotstar, Facebook, Google India, Max Life Insurance, Bajaj Allianz General Insurance and PolicyBazaar, where users had earlier opted to pay via merchant standing instructions (an e-mandate for processing recurring payments), have asked subscribers to reroute payments via auto-pay (standing instructions) or re-authenticate the payments.

New Rules On Recurring Payments: What’s The Issue

In August 2019, the Reserve Bank of India came up with a framework for e-mandate-based recurring transactions. According to the RBI directive, an issuer shall send a pre-transaction notification to the cardholder at least 24 hours before the actual charge/debit happens as a risk mitigation and customer facilitation measure.

As per the new rules, the cardholder can opt out of that particular transaction or the e-mandate after receiving the pre-transaction notification. Thus, a subscriber will have the time to withdraw the e-mandate every time an issuer raises an invoice for the recurring transaction.

Initially, no AFA validation was required for a transaction below INR 2,000. But in December 2020, the upper limit was increased to INR 5,000.

Almost all industry players agree that the RBI’s new rules are customer-centric. But they cite inadequate infrastructure and the lack of coordination among merchants, fintech players and banks as the key reasons why banks and merchants could not implement the directive that came with a sunset clause.

For instance, banks are supposed to send a pre-transaction notification to subscribers in the case of recurring payments. But they do not have the mechanism to keep track of all e-mandates on one’s card/s and accordingly send email and text messages to each subscriber.  The banks further need to update users’ responses whether users want to continue or withdraw their subscriptions.

According to a spokesperson of the Kotak Mahindra Bank, it is fully geared up to comply with the regulation that came into effect on October 1, 2021. But to ensure a smooth transition, the merchant/merchant aggregators’ ecosystem should also be ready. The bank is, therefore, closely working with them to ensure minimal disruption for customers.

That is why even after repeated notifications issued by the RBI, banks are still in the process to integrate these rules. Meanwhile, some cardholders may face failed auto transactions, and they are now asked to reroute their payments.

In an email to its users, HDFC Bank stated that effective from October 1, it would not approve any standing instruction given at a merchant website/app on HDFC Bank’s credit/debit card, unless the process is RBI compliant.

“A common industry-wide platform is being developed, and HDFC Bank has completed its internal development and integration. We are now working jointly with merchants to make this platform live for customers at the earliest,” the bank said.

There could be a bigger impact if the new norms are seen in the context of similar developments. For instance, the central bank has already released the PAPG (Payment Aggregators and Payment Gateways) guidelines that do not permit merchants to store customer card details apart from issuing banks and card networks.

Although such measures indicate a rise in digital consumerism and safeguarding people against internet frauds, experts believe this will make digital transactions tedious, time-consuming and inconvenient and eventually deter a large number of customers. Moreover, merchants and payments aggregators will not be able to resolve consumer grievances as they cannot store relevant consumer data.

Speaking on this at a session organised by a think tank Empower India, Aruna Sharma, former secretary, government of India said that the country has a huge cash economy, and digital payment is the only way to change it. The RBI has the right to ensure that financial data is not hacked and protect consumer data but not in the way it is trying to do by regulating merchants.

From SI Hub To MandateHQ: Fintechs Rise To The Occasion

Right after the RBI’s announcement in 2019, BillDesk and Visa partnered to launch Standards Instructions Hub (SI-Hub) and roll out a seamless and secure way to make recurring payments using cards with a one-time enrollment.

“SI-Hub will enable cardholders to decide when, how much and the duration of their recurring payments through a simple dashboard interface. It is a plug-and-play offering by BillDesk that banks can roll out to their customers with minimal integration effort,” said T.R. Ramachandran, group country manager, Visa India and South Asia.

Bringing all the e-mandates on one platform, SI Hub allows consumers to manage, modify or cancel their recurring payments any time to give them a choice to discontinue or tweak services. This is done by generating a unique SI Hub ID used during the authorisation and throughout the mandate life cycle for notification, debit, cancellation and more.

In 2021, Mastercard joined hands with Razorpay to build a similar recurring payments platform called MandateHQ to help its clients comply with the RBI’s new norms.

Just like SI Hub, MandateHQ aims to offer a comprehensive solution that helps manage the card-based e-mandate life cycle. By July 2021, the company onboarded three banks and said it was in talks with 20 others.

Meanwhile, PayU came up with a platform called Zion to meet its clients’ requirements.

PayU’s chief product officer Manas Mishra said, “Zion provides multiple features, including AFA, notifications to customers and a dashboard for subscription management. It is designed to adhere to all aspects of subscription payments with minimum integration effort required from banks. PayU is currently working with key banking institutions and issuers to help them integrate the new platform.”

Commenting on the recurring payments economy, Mishra said, “It has tremendous potential in a market like India. The RBI’s initiatives will fuel sustainable growth and innovation in the subscription economy in the long run.”

After Initial Hiccups, Stakeholders Predict Subscription Economy To Grow 5-6x  

Digital payments in India are expected to grow more than 3x to INR 7,092 Lakh Crore by 2025 from around INR 2,162 Lakh Crore in FY20, says a report by analytics firm RedSeer. And the 160 Mn unique mobile payment users in 2019 will grow by five times to reach nearly 800 Mn by that time.

This growth will reflect in the subscription market as well, and it is bound to grow manifold. In such a scenario, the RBI is justified to safeguard consumers’ rights and data privacy before it is too late.

One of the reasons behind the exponential growth of India’s subscription economy is the UPI-based autopay that is fast becoming the favourite mode of recurring payments.

Commenting on the burgeoning growth and the ensuing problems, Anand Kumar Bajaj, founder, MD and CEO of Mumbai-based fintech startup PayNearby, pointed out that India is the only country to offer PINs on cards for PoS terminal transactions and OTPs for online payments. But with the rise of digital payments, the vulnerability to cyberattacks and digital frauds has also been growing incrementally.

“Therefore, even as we work towards promoting digital payments, it is also important to strengthen the infrastructure to make it secure. Now is the best time to infuse regulatory control as it will protect customer data and avoid digital frauds, especially in the case of unsuspecting customers who often fall prey to data breaches,” he said.

“Users need to review all recurring payments and register those with their banks by providing standing instructions to their respective banks. They should also be aware that the new guidelines will not impact any recurring transaction under the UPI, AutoPay and e-NACH,” added Bajaj.

Harshil Mathur, cofounder and CEO of Razorpay, said, “With the RBI increasing the AFA limit to INR 5,000 (from the earlier INR 2,000), we believe that the size of the recurring mandate-based payments market will grow five-six times in the next few years. Earlier, this was viewed as a grey area, but the RBI’s regulation gives clarity to consumers, merchants and banks.”

According to Razorpay, subscription companies across North America, the EU and the Asia Pacific clocked a CAGR of 18% in the past seven years to see their sales grow by more than 300%.

India which has witnessed a digital payments revolution in the last few years will also record exceptional growth in the subscription economy particularly in the post-covid-era that has increased per capita SaaS consumption and digital content. Numerous fintech founders and CEOs, Inc42 spoke to, agree to the opinion that India’s subscription economy will grow 5-6x by 2025-2026 regardless of the RBI’s latest move.

And, at a time when the Indian government is being criticised for not offering due clarity over the CoWin app consent mechanism, RBI prioritising users’ consent mechanism is a foundational step in the long run, barring some initial hiccups.