Is PayU in serious non compliance of ITA 2000? What is CERT-In or RBI doing?

PayU is a significant player in the online payment settlement system in India. It was one of the earliest payment gateways and took over significant market share from CCAVENUE. However, of late some thing has happened to this Company.  It is not responding to customer queries the way a payment gateway should do.

Last time when I observed a similar development in an online web service company, it was NEt4India and eventually it went  bankrupt sinking the money of lakhs of its customers.

The regulators of India namely CERT IN and RBI could not identify the problem of Net4India and the National Company Law Tribunal did not understand the business of Net4India and allowed it to be liquidated without valuing its digital assets of over Rs 100 crores. (check for articles on this topic on

Now I am afraid that similar  problem may be in the making  in PayU.

I am giving below a series of twitter messages exchanged with PayUCare regarding a complaint of payments withheld by the company. It could be for renewal of KYC in the beginning but if it was only that simple, it should have been resolved by now.

Unfortunately the correspondence indicates that there is no follow up on the complaint and the internal systems must have failed and one department is not able to communicate to other.

There is also no other communication channel between the customer and the company where responses may be expected.

It is clear that the Twitter complaints are being responded to by a bot which is supposed to be driven by AI but it is an AI with no intelligence.

In this context it is only Twitter PayUCare which is atleast returning some acknowledgements. Otherwise there is no e-mail or phone on which the company can be contacted.  There is a so called “relationship manager” on e-mail who simply forwards the mail to his “team”.

A typical response from the relationship manager is captured below.



I leave it to the technology specialists to defend these types of Bots which are more an irritant and instruments of diversion of customer complaints than instruments of resolution of grievances. I am not sure if  even the e-mail is bot generated.

But, I want to highlight the failure of CERT-IN and RBI in maintaining a trustworthy regulatory framework for payments.

Under ITA 2000/8 it is mandatory for PayU to have a grievance redressal system and publish the name of the  grievance redressal officer along with his contact details.

This is a requirement under section 79 of ITA 2000. We expect CERT IN to raise this issue with Pay U. (My complaint  with CERT IN has already been made).

Further Reserve Bank of India also has a responsibility to ensure that all these Fintech Intermediaries follow certain basic principles of customer care including providing a proper contact point.

Normally these disputes are supposed to be resolved privately but I am placing this for open debate  because the company has not left any option to contact them, escalate the grievance to a higher level. Even the regulators are not alert to their responsibilities and I am sure that RBI is considering more licenses to PayU for expanding its footprint in the Indian FINTECH industry.

Let me see if this post opens the eyes of the company and the regulators. I hope my speculation that like Net4India, PayU is on a path to withdraw from Indian business does not turn out to be true.


At last, on16th August 2022, the pending payment was received.


Print Friendly, PDF & Email

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.