New Umbrella Entities are not a good idea

Having multiple NPCI entities would be expensive and insecure. There is no benefit building multiple clearing and settlement centres. Its better to ensure that NPCI is neutral and redundant. We should build a separate standards setting body so that regulators can focus on running the system while the standards body can setting and maintain standards.

This article was first published in The Mint. You can read the original at this link.

Last week, following on from a Policy Paper that it had issued in January 2019, the Reserve Bank of India (RBI) released a document setting out the framework it plans to adopt to authorise the establishment of new umbrella entities ([[NUE]]s) for retail payments. Once in place, these newly authorised entities will be able to operate their own clearing and settlement systems; establish new standards and technologies; and develop innovative new payment systems that enhance customer access, convenience and safety. All NUEs will have to be interoperable with the National Payments Corporation of India (NPCI) - the umbrella entity that currently manages the entirety of retail payments - but, somewhat surprisingly, are also going to be allowed to set themselves up as for-profit entities and will, themselves, be able to participate in RBI’s payment and settlement systems.

I had studied the policy paper when it was issued last year and remember being surprised that the RBI was going down this path. The NPCI is right at the centre of the explosion in digital payments in the country and it wasn’t entirely clear to me why the RBI was trying to fix something that wasn’t broken.

NPCI Dominates Digital Payments

But then, if you take a closer look into the extent to which the NPCI has insinuated itself into the digital payments ecosystem, you start to get an idea of what the RBI might be worried about. Between [[UPI]], IMPS, Aadhaar enabled Payments, Bharat BillPay, and all the other payment systems that it manages, 48% of all electronic retail payments in the country pass through the NPCI infrastructure. It is not an understatement to say that when it comes to payments, NPCI is the fulcrum around which everything digital revolves. That being the case, perhaps the RBI’s concern stems from having the operations of so much of our payment system concentrated in one single entity.

But surely these is nothing wrong with having all digital transactions flow through a single entity - so long as that entity is neutral. NPCI is a not-for profit organisation with 56 member banks as its shareholders. It has representatives from these organisations on its board along with a nominee from the RBI. To my mind, this should be sufficient to ensure neutrality. If the concern is technical, surely we can build sufficient redundancy into NPCI’s technical architecture to ensure that there is no single point of failure in the system. If the RBI is worried about organisational failure, it should be able to implement regulations that require NPCI to adopt suitable governance structures that will forestall such organisational failure.

What I am sure about is that creating multiple umbrella entities is not an appropriate solution to this problem - particularly since the framework document allows for NUEs to establish themselves as for-profit entities that can participate in the payments ecosystem. It is hard to see how any such organisation can retain the neutrality that is needed in an umbrella entity.

Cost Benefit Analysis

And then there is the question of whether the trade-off is worth it. After all, making space for even one more entity at the core of our digital transaction architecture will come at considerable cost. Replicating the NPCI infrastructure will require heavy investments - particularly since this time around we will need to make sure that all the participants in one umbrella entity can seamlessly interact with those in the other. As much as it might be technically possible to make every umbrella entity interoperable with each other, doing so while still maintaining the security of the underlying infrastructure is going to be difficult and expensive. Is this really necessary and would the benefits outweigh the cost?

Finally there is the small matter of the additional regulatory burden that the RBI will have to shoulder now that it will have to manage not just one but a multiplicity of umbrella entities. The RBI already has its hands full regulating the NPCI. Having even one more entity to supervise will exponentially increase the oversight responsibilities of the Central Bank.

Fostering Innovation

Having said that, there are consequences to having NPCI be the only game in town. Any sort of monopoly results in market inefficiencies and if we have just one umbrella regulator we will never be sure that transaction costs are as low as they could be, or that variety of product offerings available to us might not be better. There are already signs that the NPCI might not be as nimble as it once was. The burden of managing the day-to-day operations of the digital payments infrastructure, countering fraud and phishing attacks has clearly taken a toll on the speed with which new products and players are entering the market.

The way I see it, the real problem is that NPCI is expected to both manage the digital payments industry as well as come up with the frameworks necessary to foster innovation. When it had just a small number products in its portfolio (and far fewer market participants to manage) NPCI performed both functions efficiently. Now that over half the digital payment transactions in the country pass through its pipes, the effort of just keeping the system working seems to be taking a toll on its ability to develop the protocols and standards that are needed to encourage innovation in the sector.

A New Standards Body

If that is the real problem I don’t see how creating more umbrella entities is the answer. What we need is to find a way to make it easier for the NPCI to do what is expected of it. One possible solution might be to create a separate and independent standards-setting body that is tasked with coming up with the protocols and standards necessary to foster innovation in the digital payments space.

What I am suggesting is nothing new. It is how most successful digital infrastructure systems work. Take the internet for example. The World Wide Web Consortium (W3C) develops new standards for the internet - standards that have, over time, given us features like native audio and video in our browsers as well as constantly evolving page structure elements that make our browsing experience what it is today. Once designed, these standards are then adopted by the various layers of the infrastructure that the internet depends on to function.

All I am suggesting is that we create a similar standards-setting body for digital payments in India. We invest it with the responsibility of devising the protocols necessary to ensure that our digital payments system keeps evolving. We give it the flexibility to either devise these standards itself or in consultation with all the participants in the digital payments ecosystem. Any new standard it suggests will have to first be approved by the NPCI but then it can be rolled out throughout the entire digital payments ecosystem.

This will free up the NPCI to focus on what it, and only it, can do - make sure that the Indian digital payments system continues to work smoothly. At the same time, by establishing a neutral and independent standards setting body we can make sure that the system as a whole evolves in the best traditions of digital infrastructure anywhere in the world.