Context:
The Reserve Bank of India (RBI) is tightening regulatory oversight on newly licensed payment aggregators (PAs) to ensure systemic integrity and prevent misuse of the digital payments ecosystem. This move follows the RBI’s broader effort to secure the digital financial space post-licensing of over 50 PAs.
Key Highlights:
Enhanced Regulatory Scrutiny
- RBI has initiated regular audits and field inspections of newly licensed payment aggregators.
- Focus areas include:
- KYC compliance for merchant onboarding
- Validation of genuine online business operations
- Payout mechanisms such as vendor payments, cashback, and refunds.
Mandatory Full KYC for Merchants (Proposed)
- RBI is working on a draft circular mandating full KYC for every merchant before onboarding.
- Some field verifications are already underway to assess adherence by agents and staff.
Payout Processing Under Review
- RBI is concerned about payout flows, particularly whether these must be processed only through settlement accounts to ensure traceability.
- This affects businesses handling cashbacks, returns, or B2B payouts.
Governance Reforms Mandated
- RBI has directed fintechs to:
- Adopt board-approved internal controls
- Strengthen management compliance systems
- Appoint independent directors to ensure regulatory hygiene
- Examples:
- PhonePe appointed ex-Standard Chartered India CEO Zarin Daruwala as independent director.
- PayU named ex-HDFC MD Renu Sud Karnad as chairperson.
Shift from Bank-led Audits to Direct RBI Oversight
- Earlier audits were largely procedural and bank-conducted.
- Now, RBI audits are direct and more rigorous, examining operational and risk frameworks across departments.
TET
