The Reserve Bank of India (“RBI”) has on September 15, 2025, issued the Reserve Bank of India (Regulation of Payment Aggregators) Directions, 2025 (“Consolidated PA Directions”), which consolidate and supersede the earlier ‘Guidelines on Regulation of Payment Aggregators and Payment Gateways’ of 2020 and 2021 (“Erstwhile PA Guidelines”) that governed entities engaged in online payment aggregation and the framework for Cross-Border Payment Aggregators of 2023 that regulated entities engaged in payment aggregation involving import and export transactions.

These Consolidated PA Directions formally categorise and regulate three categories of Payment Aggregators (“PA”): – PA – Online (“PA–O”), PA – Cross Border (“PA–CB”) and, for the first time, PA-Physical (“PA–P”) (i.e., PAs that facilitate transactions where acceptance device and payment instrument are physically proximate while making such transactions).

The key changes proposed by these Consolidated PA Directions include the following:

1. PA-P now within RBI’s Regulatory Fold. PAs that facilitate point-of-sale transactions where the acceptance device and the payment instrument are physically proximate (also called PA-Physical or PA-P) would be treated as regulated PAs and accordingly, would be subject to the prudential, operational and compliance requirements applicable to PAs. In particular, a non-bank PA-P would need to – (a) apply for and obtain authorisation from the RBI to operate as a PA-P; (b) meet the minimum net-worth thresholds prescribed for non-bank PAs at the time of application and on an ongoing basis; (c) comply with the Know Your Customer (KYC) / Customer Due Diligence (CDD) obligations; (d) maintain and operate escrow accounts and settlement arrangements in the manner and form directed by the RBI; (e) register with the Financial Intelligence Unit–India (“FIU–IND”); and (f) comply the reporting, audit, cyber-security and governance obligations set out in the Consolidated PA Directions.

Transition Plan for PA–P – Entities presently carrying on only PA-P business would need to apply to the RBI for authorisation by December 31, 2025; failure to make the requisite application would require such entities to wind up their PA-P operations by February 28, 2026. Entities that are already authorised as PAs and are carrying on PA-P activity must intimate the RBI, upon receipt of which the RBI would issue a revised Certificate of Authorisation (CoA). Entities whose applications for PA-O or PA-CB authorisation are pending with the RBI must notify the RBI of any existing PA-P business by December 31, 2025.

2. KYC Overhaul for PAs. A significant change in the KYC framework is the mandatory use of the Central KYC Records Registry (CKYCR) for undertaking KYC of the merchants at the time of their onboarding, replacing the earlier requirement of general compliance with the KYC norms prescribed under the Reserve Bank’s Master Direction on KYC. The consolidated PA Directions also introduce a simplified due diligence process for small merchants having a turnover of up to INR 40 lakh or export turnover of up to INR 5 lakh, permitting PAs to adopt an alternate KYC mechanism for such small merchants. This process may include verification of PAN / Form 60, production of one Officially Valid Document (OVD), and physical verification of the merchant’s place of business.

The Consolidated PA Directions also permit PAs to avail services of agents for assisted digital KYC and video-based CIP (V-CIP), while making it clear that the PA would remain responsible for the due diligence of the merchants.

Another major change is the explicit requirement for non-bank PAs (including those whose applications for RBI authorisation are pending) to register with the FIU-IND and comply with reporting obligations under the Prevention of Money-Laundering Act, 2002 and the rules framed thereunder (“PMLA”). Importantly, while the Erstwhile PA Guidelines emphasised on merchant background checks at the time of onboarding, the Consolidated PA Directions go a step further by imposing a positive obligation on PAs to monitor merchant transactions on an ongoing basis to ensure consistency with the merchant’s business profile.

3. Stricter Escrow Conditions. The Consolidated PA Directions consolidate and clarify escrow and collection account rules for PAs. Notable changes include: (a) PA-CB inward / outward collections must be maintained in separate Inward Collection Accounts (InCA) and Outward Collection Accounts (OCA) with specific operational restrictions (e.g., no co-mingling, limits on pre-funding and maintaining separate currency-wise accounts for INR and each non-INR transactions); (b) the PA escrow rules (including the concept and calculation of a ‘core portion’ eligible for interest) have been restated and extended to apply explicitly to PA-P as well as PA-O; and (c) third party pay outs from the escrow account have now been permitted only where the merchant has physical / online presence and annual turnover more than INR 40 lakh or annual export turnover of more than INR 5 lakh and where such third party is the payee interfacing with the payer for the underlying transaction

4. Settlement Timelines Liberalised. Under the Erstwhile PA Guidelines, PAs were bound by prescriptive timelines for final settlement with merchants. The Consolidated PA Directions mark a significant shift by liberalising this framework; settlement credits to merchants can now to be affected in accordance with the agreement between the PA and the merchant, provided such agreements are fair, equitable, and transparently disclose the settlement timelines. This contractual flexibility aligns settlement practices more closely with commercial arrangements, while retaining safeguards to ensure that merchants are treated fairly, and timelines remain transparent.
   5. Reporting, audit and governance. The Consolidated PA Directions set out a detailed governance schedule, including the requirement to obtain quarterly auditors’ certificates on escrow balances (and for PA-CB, on InCA and OCA with currency-wise segregation), undertake monthly reporting of transaction statistics to the RBI, and submit both an annual system audit report and an annual cyber-security audit report conducted by CERT-In empanelled auditors, along with ongoing cyber incident reporting.

   6. Ring Fencing of Marketplace Payments. The Consolidated PA Directions now explicitly require PAs to ensure that any marketplace they onboard do not accept payments for sellers who are not separately onboarded as a seller on that marketplace’s platform. In effect, PAs will be required to place reliance on the marketplace to confirm that payments are accepted only from duly onboarded sellers, a measure aimed at strengthening merchant due diligence and mitigating the risk of unauthorised transactions.

The Consolidated PA Directions substantially raise and broaden the regulatory baseline for PAs by consolidating prior regulatory guidelines and introducing several new, operationally significant requirements. Given the breadth and depth of these changes, it is essential for all stakeholders; including banks, non-bank PAs, marketplaces, and other participants in the payments ecosystem to carefully assess their current practices and promptly implement necessary adjustments to ensure full compliance with the updated regulatory framework.