CivilsWisdom.
Updated · Today
Polity IR Econ Env S&T Security Geo Social Culture History
Economics April 21, 2026 4 min read Daily brief · #11 of 11

RBI issues consolidated directions on Digital Payments – E-mandate framework, 2026

The Reserve Bank issued consolidated directions titled "Digital Payments – E-mandate Framework, 2026," bringing all existing instructions on recurring electr...

GS Paper 3 (Indian Economy Technology)

What Happened

  • The Reserve Bank issued consolidated directions titled "Digital Payments – E-mandate Framework, 2026," bringing all existing instructions on recurring electronic payment mandates into a single comprehensive document.
  • The framework took effect immediately upon issuance on April 21, 2026, replacing all earlier circulars on e-mandates.
  • A key consumer protection rule mandates that issuers send a pre-transaction notification at least 24 hours before any scheduled auto-debit, giving customers the opportunity to block individual transactions or cancel the mandate altogether.
  • Recurring payments up to ₹15,000 can proceed without Additional Factor of Authentication (AFA), while payments above this threshold — except for insurance premiums, mutual fund subscriptions, and credit card bill repayments (allowed up to ₹1,00,000 without AFA) — require OTP-based authentication.
  • Card issuers are now permitted to map existing e-mandates to reissued cards, eliminating the need for customers to re-register standing instructions when a card is replaced or renewed.
  • Cross-border recurring transactions have been brought under the framework's ambit for the first time; for non-recurring cross-border card transactions, the two-factor authentication requirement takes effect from October 1, 2026.

Static Topic Bridges

E-Mandate and Recurring Payments: Regulatory Background

An e-mandate is a standing instruction authorised by a customer to allow a merchant or financial institution to debit a specified amount from their account periodically — for subscriptions, EMI repayments, insurance premiums, and similar recurring obligations. The RBI first introduced guidelines on e-mandates on cards in January 2020 and subsequently extended the framework to UPI in 2021, capping transaction limits and mandating pre-debit notifications as consumer safeguards.

  • E-mandates operate on cards (debit and credit), Prepaid Payment Instruments (PPIs), and UPI rails.
  • Registration of an e-mandate is valid only after the customer completes Additional Factor of Authentication at the time of setup — a one-time consent mechanism.
  • The ₹15,000 per-transaction AFA-exempt threshold (raised from the earlier ₹5,000 limit in 2021) applies to general recurring debits; specific categories like insurance and mutual fund SIPs enjoy a higher ₹1,00,000 limit.

Connection to this news: The 2026 directions consolidate this multi-year regulatory evolution into one master document, adding card-reissue mapping provisions and cross-border transaction coverage as new consumer-friendly elements.

Additional Factor of Authentication (AFA)

AFA is any second layer of verification beyond a static password or card number — typically a One-Time Password (OTP) sent to a registered mobile number. The RBI mandates AFA for card-not-present transactions to reduce fraud and protect consumers from unauthorised recurring debits.

  • AFA is required at mandate registration for all e-mandates, regardless of transaction value.
  • For subsequent recurring debits, AFA is triggered only when the debit amount exceeds the prescribed threshold (₹15,000 general; ₹1,00,000 for specified categories).
  • The zero-liability policy for unauthorised electronic transactions has been extended to e-mandates under the 2026 framework — customers cannot be held liable if they report unauthorised debits promptly.

Connection to this news: The 2026 framework standardises when AFA applies across all payment rails (cards, UPI, PPI), reducing inconsistency that had emerged as different instruments scaled up.

Payment and Settlement Systems Act, 2007

The Reserve Bank derives its authority to regulate payment system operators from the Payment and Settlement Systems (PSS) Act, 2007. The Act designates the RBI as the regulator for all payment systems in India, empowering it to authorise, regulate, and supervise payment system operators and to issue directions to payment system participants.

  • Under the PSS Act, the RBI can issue directions binding on all Payment System Providers and Participants.
  • The Act covers systems that enable fund transfers between a payer and a beneficiary — encompassing cards, UPI, PPIs, and NEFT/RTGS.
  • Violations can attract monetary penalties and revocation of authorisation.

Connection to this news: The E-mandate Framework 2026 is issued under powers conferred by the PSS Act, making compliance mandatory for all banks, card networks, UPI apps, and PPI operators in India.

Key Facts & Data

  • Threshold for AFA-free recurring payments: ₹15,000 per transaction (general category)
  • Higher AFA-free threshold for insurance premiums, mutual fund subscriptions, and credit card bill payments: ₹1,00,000 per transaction
  • Mandatory pre-debit notification window: at least 24 hours before the scheduled debit
  • Scope: domestic and cross-border recurring transactions on cards, PPIs, and UPI
  • Cross-border non-recurring card transactions: 2FA mandatory from October 1, 2026
  • No charges to be levied on customers for availing the e-mandate facility
  • Card-reissue mandate mapping: issuers may now link existing mandates to replacement cards without fresh customer registration
On this page
  1. What Happened
  2. Static Topic Bridges
  3. E-Mandate and Recurring Payments: Regulatory Background
  4. Additional Factor of Authentication (AFA)
  5. Payment and Settlement Systems Act, 2007
  6. Key Facts & Data
Display