According to an RBI press release, beginning July 22, the worldwide card network would not be allowed to onboard new credit, debit, or prepaid card clients in India. The restriction will not impact existing Mastercard customers.

The Reserve Bank of India (RBI) prohibited Mastercard Asia from signing up new card customers on Wednesday, just three months after fining American Express and Diners Club for failing to comply with local data storage regulations.

Beginning July 22, the global card network will not be permitted to onboard new credit, debit, or prepaid card clients in India, according to an RBI news statement. Existing Mastercard customers will not be affected by the ban. All card issuers have been asked instructed to follow the regulator's instructions.

"Notwithstanding the lapse of considerable time and adequate opportunities being given, the entity has been found to be non-compliant with the directions on Storage of Payment System Data," it said. MasterCard is yet to comment on this development.

In April 2018, the Reserve Bank of India imposed a six-month deadline for all payment system providers to keep all of their data in India. They were also obliged to notify RBI of their compliance and submit a board-approved system audit report completed by a CERT-In (Indian Computer Emergency Response Team)-empanelled auditor within certain timeframes. This, according to the regulator, is to provide better monitoring of regulated businesses in the event of fraud or money laundering.

Several organisations objected to the regulation, claiming that most of their processing was centralised and that reorganising worldwide operations would be impossible.

While data can only be held locally, RBI subsequently clarified that information can be transmitted overseas throughout the day for processing but must be removed from offshore servers within 24 hours.

"This 2018 regulation came about after law enforcement and regulatory agencies faced difficulties in getting data from such entities for investigative purposes. RBI gave enough time and opportunity to the entities for complying with the new regulations. Despite this, if these companies have not been able to achieve the requirement, the regulator found such punitive actions necessary," an official aware of the matter said on condition of anonymity.