India - June 28, 2025

RBI issues directives pertinent to Aadhar Enabled Payment System.

team maverick June 28, 2025

0 6 min read

The Reserve Bank of India (RBI) has today issued Reserve Bank of India [Aadhaar Enabled Payment System (AePS) – Due Diligence of AePS Touchpoint Operators] Directions, 2025.

RBI had issued draft directions on due diligence of AePS on Bank’s website on July 31, 2024, for stakeholder comments. The draft directions introduced the concept of AePS Touchpoint Operator (ATO) and aimed at streamlining the process for onboarding of ATOs by acquiring banks.

DRAFT DIRECTION –

Aadhaar Enabled Payment System (AePS) is a payment system operated by National Payment Corporation of India (NPCI) that facilitate interoperable financial transactions through the Business Correspondent (BC) / Bank Mitra of any bank, using the Aadhaar authentication. AePS plays a prominent role in enabling financial inclusion.

In recent times, there have been instances of frauds perpetuated through AePS due to identity theft or compromise of customer credentials. To protect bank customers from such frauds, and to maintain trust and confidence in the safety and security of the system, a need is felt to enhance the robustness of AePS. Accordingly, as announced in Statement on Developmental and Regulatory Policies dated February 08, 2024, it has been decided to issue directions for streamlining the process for onboarding of AePS touchpoint operators and on-going due diligence. Detailed instructions are placed in the Annex. Banks and NPCI shall ensure compliance to these directions within three months from the date of issue.

These directions are issued under Section 18 read with Section 10(2) of the Payment and Settlement Systems (PSS) Act, 2007 (Act 51 of 2007).

Definitions –

In these directions, the terms herein shall bear the meanings assigned to them below:

Aadhaar Enabled Payment System (AePS): It is a Payment System in which transactions are enabled through Aadhaar number and biometrics or OTP authentication. AePS enables basic banking services, viz., cash withdrawal, balance enquiry, mini statement, cash deposit, fund transfer, etc.

Acquiring bank: The bank which onboards the AePS touchpoint operators.

AePS Touchpoint: The terminal deployed by acquirer banks to facilitate AePS transactions, using Aadhaar based biometric / OTP authentication.

AePS Touchpoint Operator: The agent onboarded by the acquiring bank who operates the AePS touchpoint.

2. Onboarding of AePS Touchpoint Operators –

2.1: The acquiring bank shall carry out due diligence of all AePS touchpoint operators onboarded by it, in accordance with the Customer Due Diligence procedure for individuals, stipulated in Part-I, Chapter-VI of the Master Direction – Know Your Customer Direction, 2016 (as updated from time to time), issued by the Reserve Bank.

2.2: The acquiring bank shall carry out updation of KYC in cases where an AePS touchpoint operator has not performed any financial transaction for a continuous period of six months, before enabling him / her to transact further.

2.3: NPCI and acquiring banks shall ensure that any AePS touchpoint operator is onboarded only by one acquiring bank.

Ongoing Due Diligence

The acquiring bank shall monitor the activities of AePS touchpoint operators on an ongoing basis and set operational parameters, in accordance with the following principles:

3.1: Transaction limits shall be set for AePS touchpoint operators based on their risk profile.

3.2: Transactions of AePS touchpoint operators shall be consistent with their location of operation and risk profile.

Adherence to NPCI instructions –

All System Participants are required to adhere to the rules and regulations, governing the operation of AePS, issued by NPCI (System Provider of AePS).

Upon receiving feedback on the draft, those have been examined and suitably incorporated in the final directions. The Directions, inter alia, cover the following: