CivilsWisdom.
Updated · Today
Polity IR Econ Env S&T Security Geo Social Culture History
Economics April 21, 2026 5 min read Daily brief · #1 of 37

Digital Payments – E-mandate Framework, 2026

The Reserve Bank of India issued the Digital Payments – E-Mandate Framework, 2026 (RBI/DPSS/2026-27/396), consolidating eight earlier circulars into a single...

GS Paper 3 (Indian Economy Technology)

What Happened

  • The Reserve Bank of India issued the Digital Payments – E-Mandate Framework, 2026 (RBI/DPSS/2026-27/396), consolidating eight earlier circulars into a single set of directions governing recurring transactions across cards, prepaid payment instruments, and UPI.
  • The framework, effective April 21, 2026, applies uniformly to all payment system providers and participants processing domestic and cross-border recurring transactions.
  • Issuers are mandated to send pre-transaction notifications at least 24 hours before any recurring debit, with customers retaining the right to opt out of any individual transaction using authenticated validation.
  • Recurring transactions up to ₹15,000 can proceed without additional factor authentication (AFA); higher thresholds of ₹1,00,000 are permitted without AFA for specified categories including insurance premiums, mutual fund subscriptions, and credit card bill payments.
  • No charges may be levied on customers for availing the e-mandate facility; the framework extends the existing zero-liability policy for unauthorised electronic transactions to e-mandates.
  • Auto-replenishment of FASTag and National Common Mobility Card (NCMC) balances is explicitly exempted from the pre-transaction notification requirement.
  • Acquiring entities bear responsibility for ensuring merchant compliance with the new framework.

Static Topic Bridges

E-Mandate (Standing Instruction) in Indian Payment Systems

An e-mandate is a digital standing instruction given by a customer to a payment system participant authorising recurring debits — without the customer needing to authenticate each individual transaction. Introduced in India around 2019 and progressively expanded, e-mandates streamline subscription-based payments for services such as OTT platforms, insurance, SIPs, and utility bills. The legal basis rests on the Payment and Settlement Systems Act, 2007, under which the RBI has regulatory authority over payment systems.

  • E-mandates cover both fixed-amount and variable-amount (within prescribed caps) recurring instructions.
  • The framework applies across debit cards, credit cards, prepaid payment instruments, and UPI-based recurring mandates.
  • First-time registration of any e-mandate requires AFA (e.g., OTP); subsequent debit processing follows the mandate without fresh AFA up to prescribed limits.
  • Customers can modify or withdraw e-mandates at any time through the issuer.

Connection to this news: The 2026 framework replaces eight fragmented circulars with a single consolidated direction, standardising notification timelines, authentication thresholds, and consumer protection rules across all recurring payment channels.

Additional Factor Authentication (AFA) and Transaction Security

AFA refers to the use of more than one form of verification — such as a one-time password (OTP), biometric, or PIN — to authenticate a payment transaction. The RBI has progressively mandated AFA for digital transactions to curb fraud. The ₹15,000 AFA-exemption threshold for e-mandates balances consumer convenience against fraud risk, while higher thresholds for low-risk categories (insurance, MF, credit card bills) recognise the structured, contracted nature of those payments.

  • AFA is required for initial e-mandate registration and for amounts exceeding prescribed thresholds.
  • The ₹1,00,000 limit without AFA applies only to insurance premiums, mutual fund subscriptions, and credit card repayments under registered e-mandates.
  • The zero-liability policy ensures customers are not penalised for fraud if they report it in a timely manner.

Connection to this news: The tiered AFA architecture — ₹15,000 standard, ₹1,00,000 for specified categories — reflects RBI's risk-proportionate approach, providing friction-free recurring payments while protecting consumers from large unauthorised debits.

RBI's Regulatory Authority over Payment Systems

The Reserve Bank of India derives its regulatory power over payment and settlement systems from the Payment and Settlement Systems (PSS) Act, 2007. Under Section 10 of the Act, the RBI can issue directions to system providers and participants. Master Directions, such as this framework, serve as consolidated reference documents replacing multiple earlier circulars, improving regulatory clarity.

  • The PSS Act designates the RBI as the regulator and supervisor of payment systems in India.
  • "Directions" issued under the Act are binding on all payment system operators including banks, non-bank issuers, and UPI participants.
  • Consolidation of circulars into Master Directions is part of the RBI's regulatory simplification initiative.

Connection to this news: By issuing this as a Master Direction, the RBI signals a move from incremental, reactive circulars to a structured, comprehensive governance document for e-mandates — improving legal clarity for both industry participants and consumers.

Consumer Protection in Digital Payments — Zero Liability Policy

The RBI's customer protection framework for electronic transactions (first outlined in the 2017 circular on limiting liability of customers in unauthorised electronic banking transactions) protects customers from bearing the cost of fraudulent or unauthorised debits. Liability is determined by the time taken to report: zero liability if the fraud is not the customer's fault and is reported promptly; limited liability if reported within a specified window.

  • Zero liability applies when the negligence lies with the bank or a third party.
  • Limited liability applies to transactions reported within 4–7 working days depending on the channel.
  • The 2026 e-mandate framework explicitly extends this protection to recurring mandate-based debits.

Connection to this news: Extending zero-liability to e-mandates addresses a consumer concern — that a standing instruction, once registered, could be exploited for unauthorised debits beyond the customer's awareness — and closes a potential gap in fraud protection coverage.

Key Facts & Data

  • Circular reference: RBI/DPSS/2026-27/396, issued April 21, 2026
  • Effective date: April 21, 2026 (immediate effect)
  • Previous circulars superseded: 8 earlier directions on e-mandates
  • Standard AFA-free limit: ₹15,000 per recurring transaction
  • Higher AFA-free limit: ₹1,00,000 for insurance premiums, mutual fund investments, credit card bill payments
  • Pre-notification window: Minimum 24 hours before any recurring debit
  • Exemptions: FASTag auto-replenishment, National Common Mobility Card (NCMC) balance top-up
  • Customer charges: Nil (expressly prohibited)
  • Legal basis: Payment and Settlement Systems Act, 2007
  • Governing body: Reserve Bank of India, Department of Payment and Settlement Systems (DPSS)
On this page
  1. What Happened
  2. Static Topic Bridges
  3. E-Mandate (Standing Instruction) in Indian Payment Systems
  4. Additional Factor Authentication (AFA) and Transaction Security
  5. RBI's Regulatory Authority over Payment Systems
  6. Consumer Protection in Digital Payments — Zero Liability Policy
  7. Key Facts & Data
Display