prpri Financial Regulation of Third Party App Providers: A Hollow Framework Financial Regulation of Third Party App Providers: A Hollow Framework
Ganesh BL & Advaye Sawhny 


The developments in the case of Abhijit Mishra vs. Union of India at the Delhi High Court, question the very legality in the operations of Google Pay and Paypal (‘mobile applications’). It was contended that the operations of the mobile applications violate Section 4 of the Payment and Settlements Act, 2007 (‘PSS Act’), which mandates a payment system to receive an approval from the Reserve Bank of India (‘RBI’) to commence its operations. However, the RBI in its affidavit submitted on June 19, 2020, stated that these mobile applications are mere “Third-Party App Providers,” (‘TPAPs’) and are not payment systems, thereby negating the entire application of the PSS Act and therefore, the approval of the RBI.

The operations of financial corporations that facilitate payments in India are primarily governed by the PSS Act. The PSS Act, in its entirety, is applicable to all payment systems within India. Additionally, the PSS Act has designated the RBI as the primary regulator for regulating and supervising all payment and settlements in India.

Financial Regulation

In this article, the authors highlight the lacunae within the law to define these mobile applications and the absurd definition the RBI has adopted to label these mobile applications.

The Existing Framework

PSS Act-

Section 2(i) of the PSS Act defines a payment system as a system which enables a transaction between two entities, a payer and payee, involving a clearing, a settlement or a payment service but does not include a stock exchange. Furthermore Section 2(n) of the PSS Act, defines a “settlement,” as the settlement of payment instructions received, which include settlement of securities, foreign exchange or derivatives or other transactions. To rein in the application of the PSS Act, a party can also be a system provider who is a person who operates an authorised payment system. There exists no statuary definition under the PSS Act that leans towards the so called TPAPs. The rationale behind the RBI’s affidavit was hinged upon the notion that these mobile applications are mere aggregators of four partnered banks and are thereby mere intermediaries and not payment systems.

Master Circulars and Guidelines-

While the RBI in its affidavit did add that the mobile applications are intermediaries, it is pertinent to note that in 2009, the RBI issued its Master Directions for opening and operation of Accounts and settlement of payments for electronic payment transactions involving intermediaries. An intermediary as per these directions includes all entities that collect money from customers for payments to merchants using any electronic/online payment mode. Additionally, these directions as mentioned thereunder are within the statutory framework of the PSS Act and applies to all intermediaries facilitating financial transactions.

The introduction of payments via United Payments Interface (‘UPI’) plausibly contributed to the rationale of the RBI in disposing the application of the PSS Act. However, ironically, the entire UPI framework operates within the realm of the PSS Act, as stated in the UPI guidelines itself. If these mobile applications were to be categorised as per the UPI guidelines, they would in all likelihood be termed as payment system providers (“PSPs”), which are entities that provide for the Front-end Applications to customers by utilising the UPI libraries for facilitating payments. The app by the PSP can also be used for inter-bank transactions in a secured manner.

Furthermore, in 2017 the RBI issued its Master Directions on issuance and operations of Prepaid Payment Instruments (PPI’s). PPI’s can be defined as any instruments that facilitate purchase of goods and services, fund transfer and remittances against the value stored in such instruments. There are 3 types of PPI’s.

The first kind is a Closed PPI, which is when an instrument is issued for the purchase from a specific entity, with no third-party permission granted. Since they are not classified as payment systems RBI authorisation is not required. The second is a Semi-Closed PPI. These are issued by banks and non-banks which are approved by the RBI for purchase of goods and services, remittance facilities. They can be used at merchants or establishments which have a contract with the issuer to accept PPI’s as Payment Instruments. E-wallets such as Mobikwik and Oxigen are an example of this kind. The third kind is an Open PPI. The difference between a Semi Closed and an Open PPI is that the latter offers cash withdrawal services, which is prohibited for Semi Closed PPI’s. A travel card can be an example of this kind of PPI.

A Web of Entangled Provisions

The definition provided by the RBI precludes the application of the PSS Act. However, most statutory definitions within the aforementioned RBI Notifications, guidelines and legislations, points towards the application of the PSS Act. The definition which the RBI has resorted to adopt is not only absurd but also non-existent in any legislation or statutory instrument. Hence, on a prima facie reading of the affidavit provided by the RBI, the definition seems absurd given the widespread ramifications and obligations that may arise on behalf of these mobile applications if they were subject to the PSS Act and its ancillary statutes/directions.

While, there is no statutory definition of the term TPAPs, it finds a mention in  the RBI and National Payment Corporation of India (“NPCI”) guidelines, however, with no definitions. The aforementioned guidelines highlight certain responsibilities, which belong to the bank, not the app. These are highlighted in Annexure X. Under a circular issued by the NPCI, every TPAP must have a minimum of three sponsor banks and a maximum of ten. These apps transact through these sponsor banks. Initially, single sponsors were permitted, however, earlier this year, due to troubles with Yes Bank, transactions for the app Phone Pe were halted, which prompted a reaction. Google Pay has four sponsor banks and transacts on the UPI interface through them. The relationship between these sponsor banks and the TPAPs is governed by NPCI guidelines.

A lacuna which exists, worryingly so, is that the governance of TPAPs are done through the NPCI. The NPCI is a Non-Profit Company which has been registered under Section 25 of the Companies Act, 1956. Guidelines issued by a Non-Profit Company cannot be considered as substantive law. Although assurances have been given by the NPCI and the RBI that in the event of a dispute there are enough mechanisms to redress them. The NPCI’s procedural guidelines mention a liability without going into specifics.  However, a lack of a substantive law such as the PSS Act, for TPAPs which handle big money in transaction on a daily basis is a cause for concern. This is compounded by the fact that they do not require the prior RBI approval. Google Pay also contended that they cannot be classified as PPI’s. They do not even feature on the NPCI’s list of PSPs as well. Bringing these apps under the ambit of the PSS Act or RBI Guidelines would allow for them to be held accountable.


While the Delhi High Court is yet to arrive at a conclusion, the response by the RBI and the final decision of the Court is bound to impact the digital economy as a whole, given that these mobile applications have impregnated the financial framework of the country in the past few years. A lack of substantive laws governing TPAPs could have an adverse impact on a growing digital economy. It is important that the legislators recognise and act on it.



Author Bio

Qualification: Graduate
Company: N/A
Location: Karnataka, IN
Member Since: 31 Jul 2020 | Total Posts: 1

More Under Corporate Law

Leave a Comment

Your email address will not be published. Required fields are marked *

Search Posts by Date

July 2021