After almost two years since the first guidelines concerning e-mandates on credit cards were issued by it, the RBI has cracked the whip! There will be no further extension beyond September 30, 2021. The delay in implementation mainly allows banks and Merchants to set up infrastructure at their end to support AFA (Additional Factor of Authentication) safeguards for recurring online payments.
The Affected Payments and AFA:
Not all payments are affected, though. The ‘only-once’ kind of payments are acceptable. As are the existing recurring payments on credit card EMIs of loan repayments and the like. But auto-debits on credit cards, even when authorized earlier, will face some inconvenience. They have to register and get the AFA validation done by the issuer or make payments manually for each payment instance.
In other words, transactions that were set up for payment at regular intervals will not go through after September 30, and you have to do it manually. While doing so, you can register for the AFA validation. In this regard, the RBI guidelines lay down that, ‘cardholder shall be given an option to provide the e-mandate for either a pre-specified fixed value of a recurring transaction or for a variable value of the recurring transaction’. The only condition is that for all such cases, RBI defined an overall cap of Rs. 5000/-
What happens after the AFA Verification?
Once the AFA verification is successful, all subsequent transactions are followed through without any hurdles. Changes to any of the parameters from the customer side will have to be validated following a similar process.
Since the main objective of this framework is to safeguard customers from fraudulent transactions and make the process convenient, no new mandate for recurring online transactions can be taken up unless such mandates are compliant with this framework.
Customer Caution:
The one aspect that seems to be a showstopper is the additional requirement of keeping the customer informed regarding every transaction linked to the credit card, allow changes to and even terminate the transaction. The communication with the customer has to be before and after the due date. In the ‘before’ context, it is mainly to inform about the impending auto-debit with the option to opt-out. And after the transaction, the customer is informed in the least about the name of the merchant, transaction amount, date/time of debit, reference number of transaction / e-mandate, the reason for debit, etc.
Infrastructure Needs:
Going about this involves having a suitable infrastructure. Because some Merchants and financial institutions have not had set up the required infrastructure, the RBI had to postpone the implementation. But now this extension, it has warned, is the last one.
From October 1 this year, customers must be aware that any disruption to their services with auto-debit mandates may be due to non-compliance with this extra AFA stipulation. In short, this means customers will have to pay their bills directly to the service providers to continue getting the service.
Key Highlights of RBI Guidelines for Auto-Debit, 2021:
- Pre-debit notification to credit card users 24 hours before an actual debit by SMS or email
- Pre-transaction notification should at least mention the merchant’s name, transaction amount, date/time of debit, etc.
- Cardholder should have the facility to opt-out of that particular transaction or the e-mandate
- The registration process allows the cardholder to give an e-mandate for either a pre-specified fixed value or for a variable value
- Cardholders should undertake a one-time registration process with AFA validation by the issuer
- The issuer to provide an online facility to withdraw any e-mandate at any point in time
So, until all stakeholders fully implement these norms, customers with an auto-debit or e-mandates will have to experience a bit of inconvenience.