RBI issues new Master Directions to consolidate all regulations related to Payment Aggregators; effective immediately

RBI issues new Master Directions to consolidate all regulations related to Payment Aggregators; effective immediately

by | Sep 19, 2025 | Central, NBFC | 0 comments

RBI issues new Master Directions to consolidate all regulations related to Payment Aggregators; effective immediately

The Reserve Bank of India (“RBI”) has issued the Reserve Bank of India (Regulation of Payment Aggregators) Directions, 2025 (“2025 Directions”).

The 2025 Directions entail the following:

  1. Rationalisation of the definition of various categories of Payment Aggregators (“PAs”);
  2. The authorisation process;
  3. The process for carrying out due diligence of merchants by PAs;
  4. Permissible operations in escrow accounts;
  5. Periodic reports that have to be submitted

Key Takeaways:

  1. Authorisation:
  • A non bank entity has to apply for authorisation through the online portal of RBI.
  • An entity, regulated by any of the financial sector regulator(s), shall apply along with a ‘No Objection Certificate’ (NOC) from such regulator(s), within 45 days of obtaining the NOC.
  • A Payment Aggregator having a Certificate of Authorisation (CoA) issued by RBI, and
    • already carrying on business as a PA-P – shall intimate RBI. A revised CoA shall be issued to the PA.
    • desirous of commencing business in another PA category – shall intimate RBI at least 30 days prior to commencing the new business.
  1. Capital Requirements:
  • For an entity seeking authorisation, to commence or carry on PA business must have net-worth of ₹15 crore at the time of tendering application and shall attain a minimum net-worth of ₹25 crore by the end of third financial year of grant of authorisation.
  • The minimum networth, as applicable, has to be maintained by a PA on an ongoing basis.
  1. Governance:
  • A Payment Aggregator must have a dispute resolution mechanism to handle payment related disputes in transactions facilitated by it.
  • The mechanism should also include timelines for processing refunds, etc.
  • The policy has to ensure adherence to the instructions issued by RBI including on Turn Around Time (TAT) for resolution of failed transactions.
  1. Security, Fraud Prevention and Risk Management Framework:
  • Adequate Information and Data Security infrastructure and systems for detection and prevention of frauds have to be put in place.
  • Specific data storage requirements mentioned in RBI circular DPSS.CO.OD No.2785/06.08.005/2017-2018 dated April 6, 2018 has to be complied with.
  1. Reports to be submitted:
Frequency Details of reports to be submitted
Annual Net-worth Certificate – Audited Annual report with statutory auditor certificate on Net-worth – by September 30th
IS Audit Report and Cyber Security Audit Report with observations noted
Quarterly

 

 Auditor’s Certificate on Maintenance of Balance in Escrow Account – by 15th of the month following the quarter end
Bankers’ Certificate on Escrow Account Debits and Credits – Internally Audited – by 15th of the month following the quarter end in case of PA – O and PA – P.
Bankers’ Certificate on InCA / OCA Debits and Credits – Internally Audited – by 15th of the month following the quarter end in case of PA – CB.
Monthly Statistics of Transactions Handled – by 7th of next month

For regulatory updates and update-related services, drop a mail at inquiries@lexplosion.in.

Source: Reserve Bank of India

Share this:

Related Posts:

Submit a Comment

Your email address will not be published. Required fields are marked *

Sign up for our

Newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

Lexplosion will use the information you provide on this form to be in touch with you and to provide updates and marketing.