RBI Issues Revised Guidelines for Payment Aggregators

• 18 Sep 2025

On 15th September 2025, the Reserve Bank of India (RBI) issued revised guidelines for Payment Aggregators (PAs) aimed at strengthening consumer protection, improving transparency, and reducing risks of digital fraud in the payment ecosystem.

Key Points

• Dispute Resolution Policy: Payment Aggregators must adopt a board-approved dispute resolution policy with clearly defined timelines for processing refunds, ensuring prompt and transparent grievance redressal for customers.
• Fraud Prevention and Data Security: The guidelines require PAs to establish robust data security infrastructure and implement fraud detection and prevention mechanisms to safeguard consumers against rising digital threats.
• Authorisation Requirements: Banks remain exempt from seeking RBI authorisation to operate as PAs, but non-bank entities must apply through RBI’s online portal, while entities regulated by other financial regulators must submit a No-Objection Certificate (NoC) within 45 days of obtaining it.
• Restrictions on Marketplace Role: Payment Aggregators are prohibited from engaging in marketplace business activities and are restricted to aggregating funds only for merchants with whom they have a direct contractual relationship.
• Authentication Rules for Transactions: The use of ATM PINs as an authentication factor for card-not-present transactions has been disallowed, reinforcing secure and standardised authentication practices.
• No Arbitrary Transaction Limits by Pas: PAs are barred from imposing transaction amount limits on specific payment modes, with this responsibility resting solely with card-issuing banks, based on customer credit profiles and spending behaviour.
• Strengthening Consumer Protection: The framework overall ensures greater accountability of PAs while safeguarding consumer interests in an increasingly digital payment landscape.