RBI Releases Final Guidelines for Payment Aggregators: New Rules to Curb Irregularities

In a major step towards strengthening India’s digital payment infrastructure, the Reserve Bank of India (RBI) has released the final operational guidelines for Payment Aggregators. These guidelines replace the earlier draft issued in April 2024 and incorporate feedback from industry stakeholders. The RBI’s primary aim is to address growing concerns about irregularities and arbitrary practices by some non-bank aggregators. By enforcing clear operational, financial, and compliance norms, the new directions seek to bring consistency, enhance consumer protection, and mitigate risks. The regulation applies to both new and existing aggregators, making it mandatory to align with the prescribed rules within a specified timeframe. This development is expected to reshape how digital transactions are facilitated in India, especially for merchants and consumers relying on third-party payment services. It also signals the central bank’s increasing scrutiny over fintech operations to balance innovation with financial stability.

Categorization of Payment Aggregators

The final guidelines classify Payment Aggregators into three types: PA-P (Physical Aggregators), PA-O (Online Aggregators), and PA-CB (Cross-Border Aggregators). This classification helps tailor regulations to the unique functions and risks associated with each category. Online PAs, for example, are required to comply with stricter data security and fraud-prevention measures. Physical PAs, which manage offline payment services, must ensure operational consistency and infrastructure standards. Cross-border PAs, which handle foreign payments, are placed under enhanced scrutiny to ensure compliance with FEMA and other foreign exchange regulations. By segmenting PAs in this way, the RBI ensures that each type is regulated according to its specific operational footprint.

Net Worth and Capital Requirements

The guidelines mandate a minimum net worth of ₹15 crore for non-bank entities applying for PA licenses. This must be increased to ₹25 crore within three years of receiving authorization. The aim is to ensure that only financially stable entities operate in the space, reducing systemic risk and protecting end-users. Banks serving as payment aggregators are exempt from these requirements, as they are already governed by stringent financial regulations. For new players, compliance with this capital requirement is critical to obtaining and retaining RBI approval. The move is expected to push smaller, less-capitalized players to either scale up or exit the sector.

Escrow Account and Fund Management

The RBI has mandated that all Payment Aggregators route customer funds through escrow accounts held with scheduled commercial banks. These accounts must be structured to prevent the PA from misusing the funds. Customer money must either be settled directly with the merchant or refunded without delay. This rule particularly tightens controls on cross-border transactions where foreign exchange laws also apply. Defined fund movement timelines are set to prevent float misuse. Overall, this enhances fund flow transparency and protects consumers in cases of aggregator insolvency or malpractice.

Governance, Compliance & Accountability

The new norms introduce rigorous governance checks for Payment Aggregators, including ‘fit and proper’ criteria for promoters and directors. The RBI has emphasized that arbitrary decision-making and inadequate grievance redressal will not be tolerated. Regular audits, timely compliance reporting, and the maintenance of a public grievance mechanism are now mandatory. Non-compliance could lead to penalties or license cancellations. The RBI also retains the right to periodically revise or tighten norms to reflect changes in technology and emerging risks. This signals a more interventionist regulatory stance, aimed at balancing innovation with consumer protection.