 (8).png)
1 hour ago
1
ARTICLE AD BOX
Summary
RBI’s withdrawal of Paytm Payments Bank’s banking licence signalled its commitment to financial stability. However, its nod for a lightly regulated non-bank financial player to access its core payments system raises questions of risk exposure.
Over the course of just three days last week, India witnessed three important developments in the banking space, all of which have a significant bearing on the larger issue of financial stability.
On 23 April, reports appeared that the Reserve Bank of India (RBI) had granted a non-bank called PayPoint approval to access its Centralised Payment System (CPS).
The same day, finance minister Nirmala Sitharaman was reported to have met bank chiefs to discuss AI-related risks in the context of global concerns over Anthropic’s Mythos model, which is seen as a threat to the data security of financial systems.
And then on 24 April, RBI issued an order to cancel the banking licence of Paytm Payments Bank, which must start winding up operations.
Take these one by one. The CPS approval for a banking correspondent and issuer of pre-paid payment instruments was a first.
For long, RBI policy had been to limit access only to banks and other approved institutions like National Payments Corporation of India (NPCI), Clearing Corporation of India, Nabard and Exim Bank. Though it issued a circular some years ago indicating that fintech players would get access, approvals were tightly held.
This was because core payment systems like Real Time Gross Settlement and National Electronic Funds Transfer, which are an integral part of the RBI-run CPS, can’t afford risk exposure.
This system serves as a unified platform for processing both large-value and retail transactions. It helps reduce systemic risks across the ecosystem by ensuring finality in financial settlements. Indeed, it is the very backbone of the country’s financial system.
Opening the CPS to a non-bank over which RBI’s oversight is less rigorous than for banks raises a question. Do the perceived benefits for a non-bank player in terms of speed and lower cost warrant such risk exposure? The broad issue of vulnerabilities is back in focus.
Consider the cautionary note struck by the finance minister on the data security of banks.
Globally, banks and regulators are anxious about the ability of Mythos to spot digital-security gaps that could be exploited by bad actors. As Our View in the 24 April edition of Mint pointed out, India’s digital infrastructure overseen by RBI, including payment rails run by NPCI (for UPI most notably), relies on shared layers of software.
Even where the top layer is proprietary, underlying systems are often shared across institutions. As the above-mentioned editorial observed, “A gap in one place could expose others.” This may require pre-emptive action on the part of all involved.
That brings us to last week’s third development: the cancellation of Paytm Payments Bank’s banking licence. In RBI’s words, “The affairs of the bank were conducted in a manner detrimental to the interest of the bank and its depositors.”
While the central bank has not disclosed what exactly it found remiss with the payment bank’s functioning—reports suggest violations of know-your-customer norms—it was clearly deemed enough to warrant the revocation of its licence.
Regardless of how that decision was made, this episode strengthens the case for exercising extreme caution when it comes to India’s banking system. If the CPS is to be opened further from hereon, tighter safeguards should be put in place. Given how seriously the central bank takes financial stability, it’s probably on to it already.
English (US) ·