Recurring digital transactions have become central to India’s digital commerce ecosystem. Subscription-based services, OTT platforms, insurance renewals, SIP investments, utility payments, FASTag recharges, and software-based recurring billing models increasingly depend upon automated payment infrastructure. At the same time, growth in recurring payment systems has also raised concerns relating to customer consent, unauthorised debits, transaction visibility, authentication controls and grievance redressal. On these lines, the Reserve Bank of India (RBI) issued the “Digital Payments: E-Mandate Framework, 2026” through circular RBI/CO.DPSS.POLC.No.S56/02.14.003/2026-27 dated April 21, 2026. The Directions consolidate the regulatory framework governing recurring digital payment transactions processed through cards, Unified Payments Interface (UPI) and prepaid payment instruments (PPIs).
The 2026 Directions seek to harmonise earlier RBI circulars into a consolidated framework while strengthening customer protection safeguards, authentication requirements and transaction transparency mechanisms. The framework reflects RBI’s continuing approach of balancing frictionless digital payment systems with enhanced regulatory oversight and consumer protection standards.
The issuance of consolidated directions is operationally significant because recurring transaction compliance obligations were previously governed through multiple RBI circulars and clarifications issued over several years. The consolidated framework, therefore, seeks to provide greater regulatory clarity and a unified compliance structure for payment system participants.
Applicability of the Directions
The Directions repeal and consolidate multiple RBI circulars issued between 2019 and 2024 relating to recurring transactions and e-mandates. The consolidated framework supersedes earlier instructions concerning e-mandates on cards, recurring online transactions, UPI-based recurring payment mechanisms and related clarifications issued to regulated entities and industry bodies. The consolidation is operationally significant because it reduces fragmentation within the regulatory framework and provides stakeholders with a unified compliance reference point for recurring digital transactions.
The Directions apply to all Payment System Providers and Payment System Participants involved in processing recurring transactions through cards, PPIs and UPI-based payment systems, including domestic and cross-border recurring transactions. Importantly, the framework extends beyond traditional banking institutions and covers the broader digital payments ecosystem, including card issuers, payment aggregators, payment gateways, wallet operators, UPI ecosystem participants, fintech intermediaries, acquiring entities and merchants processing recurring digital transactions. This broad applicability reflects the increasingly interconnected nature of recurring digital payment infrastructure and places compliance responsibilities across multiple layers of the payment ecosystem.
Key Highlights of the Directions
The framework broadly treats an “e-mandate” as a customer authorisation permitting recurring debit transactions through specified payment instruments and channels. The recognition of recurring digital transactions across cards, UPI and PPIs reflects RBI’s intention to maintain technology-neutral regulation while ensuring uniform customer protection standards across payment systems.
Registration and Revocation of E-Mandate
The Directions reiterate the requirement of Additional Factor Authentication during registration of e-mandates. Customers opting for e-mandate facilities are required to complete a one-time registration process, and registration may take place only after successful AFA validation, in addition to normal issuer authentication requirements. The framework further requires every e-mandate to specify a validity period. Customers must also be provided with the ability to modify the validity period or withdraw the e-mandate at any time, and issuers are required to communicate this facility clearly during registration.
The Directions additionally provide that e-mandates may either be for a pre-specified fixed amount or for a variable amount subject to the overall cap prescribed by RBI. In case of variable recurring transactions, issuers are required to provide customers with the facility to specify the maximum permissible transaction amount.
Processing of First Transaction and Subsequent Recurring Transactions
The Directions distinguish between the processing of the first transaction and subsequent recurring transactions under the e-mandate framework. The first transaction under an e-mandate requires AFA validation. Subsequent recurring transactions may be processed without AFA, subject to compliance with RBI-prescribed transaction thresholds and notification requirements. The framework also requires payment system participants to maintain systems capable of ensuring compliance with recurring transaction limits, customer communication obligations and transaction monitoring requirements.
Pre-Transaction Notification
The Directions mandate that issuers send pre-transaction notifications at least 24 hours prior to the actual debit. Such notifications are required to include merchant name, transaction amount, date and time of debit, reference number of the e-mandate and reason for debit. Customers must additionally be provided with the option to opt out of individual transactions or withdraw the e-mandate entirely, subject to AFA validation. The framework exempts auto-replenishment mandates for FASTag and National Common Mobility Card (NCMC) balances from the requirement of pre-transaction notification.
Post-Transaction Notification
The Directions also require issuers to send post-transaction notifications after processing recurring transactions. The notifications must contain transaction details together with grievance redressal information. The RBI indicated that the inclusion of grievance redressal details has been incorporated based on stakeholder feedback.
Transaction Limits and Velocity Check
The Directions prescribe differentiated authentication thresholds for recurring transactions. Recurring transactions up to INR 15,000 may be processed without AFA. Transactions exceeding this threshold would require AFA validation. However, the framework provides enhanced exemption thresholds for certain categories of financial transactions. Insurance premium payments, mutual fund subscriptions and credit card bill payments may be processed without AFA up to INR 1,00,000 per transaction.
The framework additionally contemplates velocity checks and transaction monitoring mechanisms for recurring digital payments. These measures are intended to strengthen fraud prevention and risk management controls within recurring payment ecosystems. The revised thresholds are commercially significant for sectors involving high-value recurring digital transactions and appear intended to balance transaction convenience with risk-based authentication standards.
Dispute Resolution and Grievance Redressal
The Directions require issuers to establish appropriate dispute resolution and grievance redressal systems for recurring transactions processed through e-mandates. Further, RBI’s existing instructions relating to limitation of customer liability for unauthorised electronic banking transactions have expressly been extended to recurring transactions processed under e-mandates. This clarification is particularly important because recurring transactions often operate without transaction-specific customer intervention once the mandate is registered.
Other Provisions
The Directions expressly prohibit charging customers for availing e-mandate facilities for recurring transactions. The framework also clarifies that existing e-mandates may be mapped to reissued cards. This clarification is operationally significant because recurring transactions are frequently disrupted due to card expiry or replacement. Additionally, acquiring entities are required to ensure merchant compliance with the framework. This provision increases accountability across the payments chain and reinforces the role of acquiring institutions in overseeing merchant conduct.
Conclusion
The RBI’s Digital Payments: E-Mandate Framework, 2026 is a significant consolidation and refinement of India’s recurring digital payments architecture. By harmonising earlier circulars and strengthening operational safeguards, the Directions create a more predictable, secure and consumer-centric framework for recurring digital transactions. The framework aims to balance digital payment convenience with stronger regulatory oversight, customer transparency and fraud mitigation measures.
Authors – Manisha Singh (Partner) and Shivi Gupta (Associate Partner)