Merchant On-Boarding Policy

(“Policy”)

Last Updated: May 20, 2024

Policy Statement

Google India Digital Services Private Limited (“Google”) as a Payment Aggregator (“PA”) has set out its policy for onboarding merchants for payment aggregator services as required under Guidelines on Regulation of Payment Aggregators and Payment Gateways issued by the Reserve Bank of India (“RBI”) on March 17, 2020 (as amended and clarified) (“PA Guidelines”), to the extent applicable.

Scope and Objectives

  • The scope and objectives of this Policy is as follows:

    • to comply with the requirement of PA Guidelines and other Applicable Laws, and adopt appropriate KYC and Merchant on-boarding process for online Merchants (as applicable) that have an existing banking relationship & maintain a bank account for settlement purposes;

    • to adopt a simple, secure, and robust process for appropriate identification, diligence and evaluation of prospective n-DvP Merchants to be on-boarded by Google;

    • to provide a clear delineation of roles and responsibilities as well as information on the PA onboarding process; and

    • ensure transparency with relevant stakeholders.

  • This Policy must be read & complied in conjunction with Google Pay for Business Program Additional Terms of Service (“ToS”), Merchant Service Agreement (“MSA”) and other policies, as applicable.

Governance

Google’s Board of Directors (also referred to as the “Board”), bears overall responsibility for ensuring that the said Policy, Applicable Laws and regulations are adhered to, and are consistent with sound and prudent practices.

Definitions

All capitalized terms in this Policy, unless defined in-line, shall have the meanings set out below:

  • Applicable Laws” means all statutes, regulations, rules, guidelines and circulars to the extent applicable to PA services undertaken by Google, the foremost of which are directions, circulars and guidelines issued by the RBI, or rules, guidelines, directions, instructions, requests issued by acquiring bank, card network organisation or as applicable.

  • Equivalent e-Document” means an electronic equivalent of a document, issued by the issuing authority of such document with its valid digital signature including documents issued to the digital locker account of the Merchant / User as per Rule 9 of the Information Technology (Preservation and Retention of Information by Intermediaries Providing Digital Locker Facilities) Rules, 2016.

  • Merchant” means: an entity who uses Google Pay to collect payments from its customers for goods and services purchased from a merchant through any online platforms.

  • nDvP” means Non Delivery versus Payment [refer: clarifications dated 31 March 2021 issued by RBI].

  • Payment Participants” means all parties involved in the payment system including acquiring bank, issuer or card associations (as applicable) as defined and specified under the Applicable Law.

Merchant on-boarding phases

Google has formulated the process to on-board Merchants that is carried out in the following phases:

  • Phase – 1: Information Collection: Google collects information along with relevant documents of a Merchant as captured in Annexure A (“KYC Documentation & Information”) to conduct necessary onboarding checks to its satisfaction and to ensure that Google is able to satisfy competent authorities that the onboarding checks have been carried in compliance with the Applicable Laws. If necessary, Google will seek additional information, undertaking(s), reports or declaration(s) from the Merchant.

  • Phase – 2: Assessment and Evaluation: Google, before enrolling a Merchant for PA services, undertakes a simplified process of appropriate Merchant identification based on the Merchant types, including basic assessment, evaluation and where possible, validation of the information collected from the Merchant. This exercise covers, but is not limited to the below:

    • Onboarding checks based on the information collected from Merchants, identification of beneficial owner(s), sanctions and Politically Exposed Person (“PEP”) screening, and other appropriate checks.

    • Due diligence on the Merchant.

    • Confirmation from the Merchant that it is not engaged in and will not use the PA services for prohibited products and services notified by Google.

    • Confirmation from the Merchant that its infrastructure is Payment Card Industry-Data Security Standard (“PCI-DSS”) and Payment Application-Data Security Standard (“PA-DSS”) infrastructure compliant (as applicable).

    • Confirmation from the Merchant that its website (where applicable) clearly indicates the terms and conditions of the service and timeline for processing returns and refunds.

    • Confirmation from the Merchant that its site, database or server shall not save customer card credentials and such related data.

    • Google undertakes a comprehensive security assessment during the merchant onboarding process.

    • Google may also provide such information to a Payment Participant, and any regulator or law enforcement authority as required under Applicable Law.

  • Phase-3: Account Activation: Upon completion of the aforementioned steps to the satisfaction of Google, the Merchant will be able to receive PA services. To complete the activation, a service agreement will be executed by Google with the Merchant.

  • Google reserves the right to reject or cancel onboarding a Merchant to the PA services, at any time and where Google is unable to apply appropriate checks, either due to non-cooperation of such Merchant or non-reliability of the information furnished by them.

  • Support for merchant onboarding: Merchants can reach out to Google Pay India Customer Care through Help Center for any support required during the onboarding process.

Policy Review and Approval

  • The Policy is reviewed annually and duly approved by the Board, to effect- any changes in Applicable Laws and need for revision in internal processes.

  • Till such review of the Policy, the contents of the Policy will always be read in tandem with modifications which may be advised by the RBI, NPCI and/ or by any regulators as applicable and/ or by Google from time to time. The relevant provisions of the Policy would be amended/ modified in due course to make it consistent with the Applicable Laws.

Annexure A
KYC Documentation & Information

KYC documents or equivalent e-documents and information listed below basis Merchant types will be collected by Google at the time of onboarding Merchants, as applicable. Google, with Merchants’ consent (in MSA or ToS etc.), may seek additional information and documents, as the case may be, to satisfy the onboarding checks.

KYC Documents from:

  • Constitution/ incorporation/ registration documents, Board Resolution, Shareholding pattern, PAN, GST Registration Certificate, in case of legal entities/ firms (to the extent applicable and required as the case may be).

  • Documents related to identification/ address in case of Individuals (relevant associated individuals in case of legal entities like Beneficial Owner, Authorised Signatory, Director).

  • Optional supporting documents like financial statements etc. if required.

Merchant Information such as:

  • Name

  • Address

  • Business Entity/ Registration type

  • Line of business/ Merchant Category Code (MCC)

  • Settlement Bank Account Number

  • Annual turnover

  • Other business information like website, email, phone number, etc. as required

The extent of applicability will depend on the type of online Merchants.

In case of an individual Merchant or associated individual of a legal entity Merchant, who is a PEP or close associates of PEPs, Google will seek additional information, such as information about source of funds, identity, etc. as required and applicable, prior to taking a decision to on-board such online Merchant.