Resources

What It Takes To Be A Payment Gateway Or Payment Aggregator?

What It Takes To Be A Payment Gateway Or Payment Aggregator?
SUMMARY

To become a payment aggregator, it is essential for the company to understand and comply with local regulations

Developing a secure, efficient, scalable, and reliable technology infrastructure is essential for a payment aggregator’s success

Additionally, seeking legal and financial advice from experts with experience in the payment industry is highly recommended

Inc42 Daily Brief

Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy

As small businesses and merchants embrace the digital payment options to stay competitive in an evolving landscape, online payment aggregators and gateway providers are bracing up to facilitate convenient, simplified, and efficient payment experiences. 

But in view of increasing cyber-security frauds, a surge in demand for payment gateway infrastructure, and rising applications for establishing payment aggregator operations, industry regulators proposed stringent guidelines for PAPGs in March 2020.

While payment gateway providers are mandated to have a licence from the RBI to acquire merchants and enable digital payment acceptance solutions, payment aggregators are necessitated to meet the following criteria to acquire in-principle authorization – 

  • A net worth of INR 15 Cr by March 2021
  • A net worth of INR 25 Cr by March 2023
  • A net worth of INR 25 Cr by the end of third financial year after obtaining licence 

The implementation of these capital requirements imposed on non-bank payment aggregators will ensure that only authentic entities with a sustainable business model operate in the Indian market. 

Besides these requirements, there are other regulatory and statutory measures that fintech startups need to comply with. Here is an overview of some of them.

Statutory Measures Fintech Firms Need To Comply With

Established as a legal entity: To become a payment aggregator, it is essential for the company to understand and comply with local regulations. This includes being established and registered as a legal entity in India, like a company or Limited Liability Partnership (LLP), in accordance with the Indian law. 

Obtaining licences: To thrive as a payment aggregator, securing approvals and required licences from the Reserve Bank of India (RBI) and other regulatory bodies is indispensable. Depending on the business model, the fintech firm may need to apply for a Payments System License or tie-up with a player that holds one.

Developing a technical infrastructure: Developing a secure, efficient, scalable, and reliable technology infrastructure is essential for a payment aggregator’s success. This involves investing in robust data security measures to ensure seamless payment transactions with capabilities to manage high volumes for merchants and third-party platforms. 

Compliance with RBI regulations: Payment aggregators must be wary of mitigating fraud risks and maintaining capital adequacy standards in the interest of both, the business, and merchants. Implementing risk management practices and adhering to regulations laid down by the RBI, Payment and Settlement Systems Act, 2007, and Payment Card Industry Data Security Standard (PCI DSS),s will help establish security, protect sensitive financial data, and preserve goodwill in the payment ecosystem.

Initiating partnerships with banks: The payment aggregator space is competitive – but establishing partnerships with banks, financial institutions, and technology providers can help to enhance services. 

Setting up adequate systems for onboarding merchants: An advanced technology infrastructure and a streamlined onboarding process for merchants can instantly differentiate a payment aggregator from its competitors. Aggregators must educate merchants with respect to the integration of their infrastructure into their applications or websites and equip them with the necessary tools like APIs, SDKs, and documentation. 

Complying with data privacy regulations: Irrespective of the country the payment aggregator is operating from, it is crucial to comply with local data privacy regulations for safeguarding user and transaction data. 

Round-the-clock transaction monitoring: As a payment aggregator, it is imperative to implement real-time transaction monitoring systems and fraud detection tools. These insights help businesses gain valuable data on customer behaviour and payment trends, and secure payment transactions.  

Marketing and business development: Growing as a payment aggregator demands curating well thought-out marketing, sales, and business development plan. By developing a strategy, players can attract new merchants, expand their customer base, and improve the potential for business growth. 

Employing a legal and compliance team: Payment aggregators must stay abreast of industry trends and regulatory changes to ensure compliance with RBI regulations and other relevant laws. For the same, it is important to conduct internal, as well as external audits periodically. 

In Conclusion

After meeting all the regulatory and technical requirements, fintech firms can officially launch their payment gateway or aggregator service in India. But given that the payment industry in India is highly regulated and the regulatory environment constantly evolves, it is crucial to stay updated on the latest guidelines and requirements to ensure ongoing compliance.

Additionally, seeking legal and financial advice from experts with experience in the payment industry is highly recommended.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

Inc42 Daily Brief

Stay Ahead With Daily News & Analysis on India’s Tech & Startup Economy

Recommended Stories for You