Regulation Name: Payment Aggregators Regulations Draft
Publishing Date: 19 April 2024
Region:  India
Agency: Reserve Bank of India

The Reserve Bank of India (RBI) has proposed comprehensive regulations aimed at enhancing oversight and accountability in the burgeoning payment aggregator (PA) industry. These regulations, outlined in a recent draft, cover a wide array of areas ranging from definitions to due diligence requirements and storage of card data.

One significant aspect of the proposed regulations is the redefinition of PAs. According to the draft, PAs are defined as entities that onboard merchants and facilitate the aggregation of payments made by customers for goods and services through various payment channels, whether online or physical. This includes both e-commerce transactions and face-to-face payments at physical Point-of-Sale (POS) terminals. The regulations also distinguish between different types of merchants, categorizing them based on their turnover and tax registration status, thereby streamlining the regulatory framework for different merchant segments.

In terms of financial requirements, the RBI mandates that PAs maintain a minimum net worth on an ongoing basis to ensure financial stability and security. Additionally, the draft proposes strict guidelines regarding the use of escrow accounts, particularly concerning the routing of funds for Delivery versus Payment (DvP) transactions and the exclusion of cash-on-delivery transactions from the scope of PA regulations.

Another crucial aspect of the proposed regulations pertains to Know Your Customer (KYC) and due diligence requirements for PAs. The draft outlines detailed procedures for verifying merchants, including Contact Point Verification (CPV) and obtaining Officially Valid Documents (OVDs) for different merchant categories. PAs are also required to monitor merchant transactions continuously, ensuring compliance with the merchant’s business profile and implementing risk-based payment limits.

Furthermore, the regulations emphasize the importance of data security and compliance with wire transfer guidelines. PAs are required to register with the Financial Intelligence Unit-India (FIU-IND) and adhere to strict timelines for completing due diligence on existing merchants.

The draft regulations also address the engagement of agents by non-bank PAs and the regulation of payment transactions involving multiple PAs. Additionally, stringent guidelines are proposed for the storage of card data, with restrictions on storing Card-on-File (CoF) data for face-to-face transactions.

Overall, the proposed regulations aim to strengthen the regulatory framework governing payment aggregators, ensuring the integrity, security, and transparency of payment transactions in the rapidly evolving digital payment landscape. Stakeholders are invited to provide feedback on the draft regulations before their formal implementation, reflecting RBI’s commitment to fostering a robust and inclusive payment ecosystem in India.

Read the full amendment here.