Revisiting Recurring Payments On The First Anniversary Of RBI Emandate

According to RBI Emandate:

Every credit card and debit card based mandate for recurring payment and auto debit (“Standing Instruction”) will need to be re-initiated by the merchant in accordance with the new rules (henceforth “RegEM”), and processed by the issuer bank differently from before.

RegEM, which came into effect from 1 October 2021, stipulated the following changes in the workflow of a card-based recurring payment.

EXHIBIT A

The red box summarizes the new rules for setting up standing instructions under RegEM and the blue box, the ones for processing ongoing transactions under the mandate.

While you can find more details on RegEM in my blog post entitled RBI Emandate: Consumer Savior Or Revenue Killer?, suffice to say that, all my recurring payments started bombing after the regulation came into effect.

Cue to the present day.

It’s over a year since RegEM was enforced. By now, I’ve set up and canceled standing instructions with many Indian and foreign merchants under the new SI regime. Given below is a partial list:

  • Interactive Design Foundation
  • Disney+ Hotstar
  • The Ken
  • Economic Times ET Prime
  • Netflix

I’ll share the experience of my end-to-end journeys with these five merchants in this blog post.

#1. IDF

Interaction Design Foundation is a UX-design MOOC. We signed up for a course with this Danish company with credit card in March 2021. That was well before RegEM came into effect in October of that year, ergo neither IDF nor the credit card issuing bank was subject to the red box and blue box workflows rules in the above exhibit.

In March 2022, six months after RBI Emandate was enforced, our credit card got charged for the second year’s fees in advance. The amount exceeded ?5000. (The significance of this figure will be clear in a bit.) We asked IDF for a refund of this amount since we’d never signed up for the second year. IDF told us that all its courses renewed automatically and that it had sent us an email asking us to click a link if we didn’t want the annual subscription to renew automatically. The email probably went to our GMail spam folder and we missed it.

We then asked our credit card issuer bank to reverse the charge since we had not approved it. The CSR treated it as a fraud, canceled the credit card and reissued a new credit card after a couple of days. Since this didn’t solve our problem, we escalated the ticket.

A few days later, the bank understood the exact nature of the problem. Its Customer Service Manager told us that the bank couldn’t reverse the charge since it was legit. To the extent that we hadn’t opted out of the renewal by clicking on the link in IDF’s email, the bank had a point.

But this is not how recurring payments are supposed to work in the post-RegEM regime: As you can see in the blue box, since the amount exceeded ?5000, the bank was required to seek two factor authentication from us before it processed the merchant’s charge. Without doing that, it debited the charge to our credit card. This was a gross violation of RegEM.

#2. DISNEY+ HOTSTAR

We signed up for subscription of the streaming service in April 2022 with credit card. By then, RegEM was in place for six months. After we made the payment, the website said that this was a monthly recurring payment and that it would let us know of the next charge three days prior to the due date.

We did get the stipulated SMS next month.

#3. THE KEN

We signed up for a one month subscription of The Ken portal in July 2022 with credit card. After the payment was completed, we were told that this was a recurring payment. That was strange because we only wanted a one month subscription and were never told that it would autorenew. But there you go.

It’s not only me. Tweeples are reporting that other merchants are also treating every payment as a recurring payment now.

A couple of days before the one month period ended, I went to the merchant’s website to cancel the subscription. The cancelation went through smoothly. The subscription did not autorenew the following month (Phew!).

#4. ET PRIME

I bought a one month subscription for ET Prime portal in December 2022 and paid with credit card. The portal clearly said that all subscriptions would autorenew at the stated frequency.

Some people complain about the autorenewal part but I won’t – it’s up to a business to decide the terms of its offer just as it’s up to the consumer to accept or reject the offer.

@s_ketharaman: It’s unlikely that LTV will cross 3*CAC with a one month subscription, so autorenewal is a good business practice for a business.

As long as the merchant states upfront that the subscription will autorenew – as ET Prime did – I’m cool with autorenewals.

A couple of days before the subscription was due to expire, I went to ET Prime’s website to cancel it.

While the website had a CANCEL button, it went around in circles after I clicked it. I wasn’t sure if my cancelation request was actioned.

Therefore, I went to the credit card issuer bank’s website (so-called SiHub) to cancel my standing instruction against this merchant. (Ability to cancel a subscription from the bank’s website without interacting with the merchant is a major highlight of RegEM. This has been a standard feature in UK for ages. But it’s still not possible in USA.)

I had a harrowing experience.

The key CTA button on SiHub was missing. I tweeted to the bank attaching a screenshot. Its room-temperature IQ CSR didn’t read / understand my message and asked me to send a screenshot.

From past experience with this bank’s CSRs, I knew where this was going and, instead of wasting any more time with them, I decided to try the desktop version of SiHub.

The website didn’t load despite several attempts.

I tweeted the URL of the website to the bank and reported the problem. Once again, its dumb CSR didn’t get what I said and asked for a screenshot.

I escalated the ticket and kicked ass a bit, part of which involved giving a step-by-step guide of what the CSR should do before responding. (It reminded me of bodyshopping engagements where the customer has to tell “consultants” of IT Services companies exactly what to do!).

This worked. A customer support manager got involved. They understood the problem and had it fixed.

I was then able to cancel the subscription on SiHub.

On a side note, if a subscription renews, a bank generates Total Payment Value (TPV) and earns interchange revenues (Interchange = MDR – Acquirer Fees). If it doesn’t, it loses revenue. Therefore, it’s hard to say whether frequent outages of a bank’s SiHub is a feature or a bug!

#5. NETFLIX

By way of providing a six-month update of Reg Emandate, I’d already written about my experience with Netflix last year. The title of my post says it all: Netflix Implemented Emandate But Nobody Knew.


My experience with Netflix more-or-less uniformly repeated with all the other merchants viz.

  • I wasn’t explicitly told that I was issuing an electronic mandate
  • I never approved any of the recurring payments (While the ET Prime website said that all its plans would autorenew, the e-mandate itself never stated that the payment would be recurring)
  • I didn’t issue consent for any of the parameters of the standing instruction such as max amount, presentation frequency, and end date. The website / app had set them all unilaterally. Some of them – like 22/12/2050, the end date of Netflix subscription – were ridiculously long term!
  • The issuer bank did not seek 2FA even when the autodebit amount exceeded ?5000.

Since all my credit card companies display my standing instructions on their websites, I get that they have checked the Reg Emandate implementation checkbox. But, going by the aforementioned disconnects between what RegEM stipulates in theory and what happens in practice, I’m not sure how many of the provisions of RegEM have actually been implemented by the credit card industry.

I’m chalking this up to yet another case of a well-intentioned regulation that’s bungled by sloppy implementation.

I can’t help getting the déjà vu feeling of the other RBI payment regulations like Positive Pay and Card on File Tokenization (CofT).

UPDATE DATED 30 JULY 2024

It’s nearing the third anniversary of Reg Emandate. I purchased a paid plan today for a SAAS software for $29/mo. I paid with my regular credit card. The merchant’s website showed me the standard payment screen with credit card details like number, expiration date, name and CVV. After I hit the SUBMIT button, the payment went through. I also received an email from my credit card issuer bank that my recurring payment mandate has been set up. Interestingly, the merchant’s website did NOT follow any of the steps mentioned in the “Onetime Registration” column of EXHIBIT A above. In other words, the merchant was able to establish a recurring payment mandate without complying with the requirements stipulated under Reg EM. I wonder if RBI has quietly withdrawn Reg Emandate?

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply