The fight over data control between U.S. payment firms and the Indian government came to a head with a sweeping ruling on Mastercard, which will not be allowed to issue new payment cards to Indian customers starting July 22.
The Reserve Bank of India contends Mastercard is not complying with rules that require foreign payment companies to store data on Indian payments within the country. The July 22 ban is indefinite, but it does not impact existing Mastercard customers in India.
India's data storage policy, issued in 2018, includes unfettered supervisory access to data stored in local systems. Payment companies must include full end-to-end transaction details, and information that is collected, carried and processed as part of the messaging and payment instructions. "Notwithstanding a lapse of considerable time and adequate opportunities being given, the entity has been found to be non-compliant," the reserve bank said in its letter. It did not return a request for comment by deadline.
In an email, Mastercard's public relations office said: "Since the issuance of the 2018 directive requiring on-soil storage of domestic payment transaction data, we have worked closely with the RBI to ensure that we comply with the requirements. While we are disappointed with the stance taken by the RBI, we will continue to work with them and provide any additional details needed to resolve their concerns."
Mastercard wasn't always so agreeable with the rules. Former CEO Ajay Banga had said local data storage would make Indian payments less safe because the local regulators don't allow information from one nation to be shared with another. U.S. payment firms lobbied the Indian government to change the rules, a dispute that briefly involved the Trump administration. Mastercard and Visa reportedly began storing data at local technology centers later in 2018, with PayPal following suit in 2019.
Mastercard is the second-largest payment processor in India, controlling 33% of the country's card transactions, behind Visa's 45% and Rupay's 20%, according to Bloomberg, which cited PPRO data (the Reserve Bank of India does not disclose market share data).
The decision on Mastercard could cause some negative impact for banks that issue its cards in India, though most banks in the country spread their issuance across several brands.
The Reserve Bank of India's Mastercard ban follows earlier bans on American Express and Diners Club International, which were accused of similar violations.
The battle over data matters because payment information has become central to modern financial services, including as a substitute for credit data. By mandating local data storage, India is potentially restricting the ability of that data to be analyzed in concert with information from other markets as part of a global payment or financial innovation strategy. The Indian government's posture has been that the data storage rules protect consumer privacy.
Mastercard's battle with the Indian government over payment processing and data comes against a backdrop of massive investments in India. Mastercard has invested hundreds of millions of dollars in local technology development and financial inclusion, with Indian workers making up more than 10% of the card brand's workforce. Visa has also invested in technology in India and has partnered with local fintechs.
Other U.S. companies are seeking a share of the same market. Facebook has invested nearly $6 billion in Reliance, a local technology company with products that aid Facebook's merchant and payment development in India. At the same time, India's hard stance on cryptocurrency led Facebook to say it probably would not include India as a market for its Libra (now Diem) stablecoin project.
Google has also battled India regulators over how Google manages registration for India's national digital payment rail. And Amazon has sought local partnerships to expand its payment apps in India while facing protests from local labor and small business groups. India has also put antitrust pressure on Walmart, which acquired Flipkart in part to build a banking beachhead in India.
The North Carolina-based bank rolled out a multiyear program to provide loans, investments and philanthropic support to communities in the western part of the state.
Consumer Financial Protection Bureau Director Rohit Chopra said the FICO credit-scoring model has drawbacks in price, predictiveness and market competition, and stakeholders should develop a more open-sourced model that uses artificial intelligence.
Analysts say lenders' shares could rally on deregulation, lighter tax burdens and a resurgence of M&A. Declining interest rates and lower loan losses could further bolster bottom lines and attract investor interest.
The contract gives the nation's oldest bank access to more than $3 billion in deposits a month. Comerica, the current administrator, has received a three-year extension of service to help with the transfer.