New regulations for credit and debit cards linked to business accounts

The Reserve Bank of India (RBI) has recently introduced new regulations for credit and debit cards linked to business accounts, aiming to enhance the monitoring and usage of funds. These updated rules, effective immediately, are part of the RBI’s continuous efforts to tighten oversight in the banking sector and ensure the responsible use of financial services. Here’s a summary of the key changes and their implications for businesses and card issuers:

1. Monitoring Fund Usage: The RBI mandates that issuers of business credit and debit cards establish mechanisms to effectively monitor how funds are utilized. This move is intended to prevent misuse of business funds and ensure that they are employed for their intended purposes.
2. Restriction on Data Sharing: Under the new regulations, card issuers are prohibited from sharing customer data with third-party outsourcing partners unless it is crucial for the partners to fulfill their functions. This measure aims to safeguard customer privacy and prevent unauthorized access to sensitive information.
3. Consent for Data Sharing: In cases where data sharing is necessary, card issuers must obtain explicit consent from the cardholder. This ensures that cardholders are aware of and agree to their data being shared with specific third parties.
4. Data Storage and Ownership: The RBI emphasizes that all card-related data must be retained and owned by the card issuer. This rule is designed to ensure the security and integrity of customer data, mitigating the risk of data breaches and unauthorized use.
5. Visibility of Information: Information displayed through a co-branding partner’s (CBP) platform must be accessible only to the cardholder and cannot be accessed or stored by the CBP. This provision aims to protect the cardholder’s transaction-related data from potential misuse.
6. Encrypted Data Display: For cardholder convenience, transaction-related data may be securely drawn from the card issuer’s system in an encrypted format and displayed on the CBP platform. This process must be carried out with robust security measures to prevent data leakage.
7. Interest on Partial Payments: Addressing concerns about interest charges on partial payments, the RBI clarifies that if a cardholder fails to pay the total amount due by the payment deadline, the interest-free credit period is forfeited. Interest will then be charged from the transaction date on the outstanding amount, considering any payments, refunds, or reversed transactions, rather than the total amount due.

These amendments, as outlined by the RBI, are designed to bolster the security and transparency of credit and debit card transactions associated with business accounts. By implementing these measures, the RBI aims to enhance the trust and confidence of businesses and cardholders in the banking system while promoting responsible financial behavior.