RBI sticks to 15 October deadline for companies to comply with data localisation

The **RBI** will not relax the 15 October deadline for global financial technology (fintech) companies to comply with its **data localisation** norms in the public interest, according to sources. The central bank in April gave six months time to global payment companies to store transaction data of Indian customers within India. The RBI’s data localisation norms will kick in from 15 October. However, the US wants to prohibit data localisation to ensure free flow of information across borders. [caption id=“attachment_4762651” align=“alignnone” width=“1280”] Representational Image. Image: Reuters[/caption] “We want to have prohibitions on data localisation to ensure free flow of information, free flow of data across borders, disciplines around countries requiring companies to give up their source code, permanent ban on taxation or duties on digital transmissions,” Dennis Shea, deputy US trade representative and US ambassador to the WTO, told a Washington audience on 12 October. According to the sources, global fintech companies reportedly sought an extension of the 15 October deadline but it seems that the RBI is not inclined to relax the norms. Data localisation requires data about residents be collected, processed, and stored inside the country, often before being transferred internationally, and usually transferred only after meeting local privacy or data protection laws. Although domestic companies have welcomed the guidelines, global companies fear increase in their expenses for creation of local servers. To avoid this rise in cost, global companies in recent meeting with the RBI proposed to provide mirror data instead of original data to which the central bank did not agree, the sources said. Last week, Finance Minister **Arun Jaitley** met RBI Deputy Governor B P Kanungo to discuss RBI’s data localisation norms. The meeting was also attended by Economic Affairs Secretary Subhash Chandra Garg, Financial Services Secretary Rajiv Kumar and IT Secretary Ajay Prakash Sawhney. The RBI in April said in order to ensure better monitoring of payment service operators it is important to have “unfettered supervisory access to data stored with these system providers as also with their service providers/ intermediaries/third party vendors and other entities in the payment ecosystem”. “All system providers shall ensure that the entire data relating to payment systems operated by them are stored in a system only in India,” it had said. The RBI further said data should include the full end-to-end transaction details, information collected/carried/ processed as part of the message/payment instruction.