Digital Payments Corporate Regulations
1. Meaning of Digital Payments in Corporate Law
Digital payments refer to electronic transfer of money through technology-enabled systems such as:
UPI and mobile payments
Debit and credit cards
Prepaid payment instruments (wallets)
Internet banking and IMPS/RTGS/NEFT
Payment gateways and aggregators
Companies involved may be:
Banks and NBFCs
Payment system operators
Fintech companies
Merchants and platform intermediaries
2. Rationale for Regulating Digital Payments
Digital payments are strictly regulated because:
They involve handling public funds
They pose systemic financial risk
Cyber fraud and money laundering risks are high
Consumer protection is essential
Payment systems are critical infrastructure
Indian courts recognise digital payments as a matter of public interest and financial stability.
3. Legal and Regulatory Framework Governing Digital Payments
A. Payment and Settlement Systems Act, 2007 (PSS Act)
Primary statute governing payment systems
RBI authorisation mandatory for:
Payment system operators
Payment aggregators
Wallet providers
B. Reserve Bank of India Act, 1934
Empowers RBI to regulate monetary and payment systems
C. Banking Regulation Act, 1949
Applies to banks providing digital payment services
D. Companies Act, 2013
Corporate governance and director responsibilities
Risk management and disclosures
E. Information Technology Act, 2000
Cybersecurity and electronic transaction security
F. Prevention of Money Laundering Act, 2002
KYC and AML compliance for payment companies
4. Key Corporate Regulatory Requirements for Digital Payments
A. Licensing and Authorisation
RBI authorisation under PSS Act mandatory
Fit and proper criteria for promoters and directors
B. Capital and Net Worth Requirements
Minimum net worth prescribed for:
Payment aggregators
Wallet providers
Continuous capital adequacy monitoring
C. Governance and Risk Management
Board-approved risk and security policies
Audit and compliance committees
Periodic system audits
D. Consumer Protection Obligations
Transparent pricing and disclosures
Timely grievance redressal
Refund and chargeback mechanisms
E. Data Protection and Cybersecurity
Secure handling of payment data
Compliance with IT Act and data security rules
Restrictions on cross-border data access
F. AML and KYC Compliance
Customer identification
Transaction monitoring
Reporting of suspicious transactions
5. Obligations of Directors and Management
Directors must:
Exercise due care over digital payment systems
Ensure compliance with RBI and statutory directions
Oversee cybersecurity and fraud prevention
Failure may result in:
Regulatory penalties
Personal liability
Disqualification
Criminal exposure in severe cases
6. Judicial Approach to Digital Payments Regulation
(At least 6 Case Laws)
1. Internet and Mobile Association of India v. Reserve Bank of India
Principle:
RBI has broad powers to regulate digital financial systems in public interest.
Relevance:
Validates RBI’s authority over digital payment companies.
2. Peerless General Finance and Investment Co. Ltd. v. RBI
Principle:
RBI can impose regulatory restrictions to protect depositors and the financial system.
Relevance:
Supports regulation of payment entities handling public money.
3. ICICI Bank v. Shanti Devi Sharma
Principle:
Banks are liable for unauthorised electronic transactions due to system failures.
Relevance:
Establishes liability of digital payment providers.
4. Canara Bank v. Canara Sales Corporation
Principle:
Banks owe a duty of care in handling customer funds and information.
Relevance:
Applied to corporate digital payment operators.
5. SEBI v. Rakhi Trading Pvt. Ltd.
Principle:
Technology cannot be used to manipulate financial systems.
Relevance:
Supports regulation of algorithm-driven payment and settlement mechanisms.
6. CBI v. Arif Azim (Sony Sambandh Case)
Principle:
Cyber misuse of financial platforms is punishable under law.
Relevance:
Highlights importance of secure digital payment infrastructure.
7. State of Maharashtra v. Mohd. Yakub
Principle:
Economic offences require strict interpretation to protect public interest.
Relevance:
Supports strict enforcement of digital payment regulations.
7. Regulatory Concerns Specific to Digital Payment Companies
Fraud and phishing risks
Data breaches and cyber attacks
Money laundering and terror financing
Operational and settlement failures
Cross-border data misuse
8. Consequences of Non-Compliance
Cancellation or suspension of RBI authorisation
Monetary penalties
Criminal prosecution
Refund and compensation liabilities
Reputational and market damage
9. Best Practices for Corporate Compliance
Early and continuous RBI engagement
Strong internal compliance teams
Periodic IT and security audits
Incident response and disaster recovery plans
Board-level oversight of payment risks
10. Conclusion
Digital payments corporate regulations in India are stringent, technology-neutral, and risk-based. Courts and regulators consistently emphasise that handling public money through digital means imposes heightened legal responsibility. Companies operating in this space must therefore maintain robust governance, security, and compliance frameworks to ensure legality, trust, and systemic stability.
RELATED Blog
comments