Mumbai, April 21, 2026
The Reserve Bank of India (RBI) on Tuesday issued consolidated guidelines for e-mandates in digital payments, mandating an additional factor of authentication (AFA) to enhance the security of recurring transactions.
The new norms are applicable to all payment system providers and participants handling auto-debit payments across cards, prepaid payment instruments, and the Unified Payments Interface (UPI), covering both domestic and cross-border transactions. The directions have come into effect immediately.
Under the revised framework, customers opting for the e-mandate facility will have to complete a one-time registration process.
“The mandate will only be activated after successful validation of an additional authentication factor, over and above the standard verification process carried out by issuers,” RBI said.
The central bank also clarified that the first transaction under any e-mandate must mandatorily go through this additional authentication layer.
To further strengthen safeguards, the RBI said recurring transactions exceeding Rs 15,000 will require additional authentication.
High-value payments such as insurance premiums, mutual fund subscriptions, and credit card bill payments above Rs 1 lakh will also need this extra layer of verification before processing.
The framework provides flexibility to users, allowing them to set e-mandates for fixed or variable amounts within limits prescribed by the central bank.
In the case of variable mandates, issuers must enable customers to define a maximum transaction value.
Any modification to an existing mandate will require fresh authentication.
Each e-mandate will come with a defined validity period, and customers will have the option to modify or cancel the mandate at any time.
The RBI has directed issuers to clearly communicate these features to users during the registration process to ensure transparency.
Importantly, the central bank clarified that customers will not be charged for availing the e-mandate facility for recurring payments.
It also stated that payments executed under e-mandates will not be subject to any separate limits or controls set by customers beyond the prescribed framework.(Agency)
FOLLOW NOW
