RBI Extends E-Mandate Rules to Cross-Border Recurring Digital Payments
New RBI regulations impose Rs 15,000 transaction limit, mandatory 24-hour pre-notifications, and customer opt-out options to combat digital fraud
En resumen
- The Reserve Bank of India has extended its E-mandate rules to cover cross-border recurring electronic payments via cards, prepaid instruments, and UPI.
- The new regulations set a Rs 15,000 per-transaction limit and Rs 1 lakh cap for credit card, insurance, and mutual fund payments without additional authentication.
- Financial institutions must provide 24-hour pre-transaction notifications and customer opt-out facilities validated through additional factor authentication.
Resumen generado por IA
Por qué importa
The RBI has been progressively strengthening digital payment security in India. The E-mandate framework was initially introduced for domestic recurring payments and is now being extended to cover cross-border transactions to prevent digital fraud.
In a move aimed to minimise digital fraud, the Reserve Bank of India (RBI) has also brought cross border recurring electronic payments using cards, pre paid instruments and UPI under its E mandate (electronic mandate) rules.
The revised master directors said financial institutions have to provide a customer with a facility to opt-out of any particular transaction or the e-mandate, validated through a additional factor authentication (AFA). An intimation of this opt out has to be sent to the customer.
The customer has been given the choice to either set an e-mandate for pre-specified fixed amount or for a variable amount subject to the overall cap fixed by the RBI. In the case of variable e-mandates, the issuer shall provide the customer with a facility to specify the maximum value of any recurring transaction, RBI said.
"Any modification in, or withdrawal of, an existing e-mandate shall require AFA validation by the issuer," RBI said.
The central bank has set a Rs 15,000 per transaction limit for recurring electronic mandate transactions and a Rs 1 lakh limit for recurring payment of credit card, insurance and mutual funds without any AFA.
Banks and other financial institutions have to send a pre-transaction notification to the customer, at least 24 hours prior to the actual charge / debit with details like merchant's name, transaction amount, date / time of debit, reference number of e-mandate, reason for debit and e-mandate registered by the customer.
Pre-transaction notification is not required for e-mandates registered to auto-replenish balances of FASTag, and National Common Mobility Card (NCMC).
RBI instructions on limiting liability of customers for unauthorised transactions shall also be applicable to recurring transactions under e-mandates as well.
RBI rules currently limit liability for unauthorized electronic transactions based on reporting speed. Liability is zero for bank negligence or reporting within 3 working days (third-party breach). For four to seven days delay, liability caps range from Rs 5,000 for basic savings accounts to Rs 25,000 on credit card payments. Bank policies determin liabilities after seven days.
Banks cannot levy charges on customers availing the e-mandate facility for recurring transactions. Existing e-mandate(s) can be mapped to reissued cards, RBI said.
Banks have to ensure compliance with these directions by merchants on-boarded by them.
Preguntas abiertas
- When exactly do these rules come into effect?
- How will banks implement the pre-transaction notification system?
- What specific penalties apply for non-compliance?
