Context:
The Reserve Bank of India (RBI) on June 28, 2025, released final guidelines for due diligence and onboarding of Aadhaar Enabled Payment System (AePS) Touchpoint Operators (ATOs). The move is aimed at strengthening fraud risk management, improving accountability, and ensuring compliance with KYC norms. The guidelines will come into force from January 1, 2026.
Key Provisions of the RBI Guidelines:
Mandatory Due Diligence by Acquiring Banks
- Banks must conduct KYC and due diligence on all AePS Touchpoint Operators before onboarding them.
- The process must comply with RBI’s Master Direction on Know Your Customer (KYC).
Inactivity Rule
- If an ATO is inactive for 3 consecutive months (i.e., no financial or non-financial AePS transactions), the bank must re-verify KYC before reactivating them.
Existing KYC Validity
- If the ATO’s due diligence has already been completed in another role, such as a Business Correspondent (BC) or sub-agent, the same KYC records may be reused.
Ongoing KYC Compliance
- Acquiring banks must periodically update the KYC records of all onboarded ATOs to maintain data integrity and reduce fraud risks.
Significance of the Move:
- Enhances user trust in AePS-based services, especially in rural and semi-urban areas.
- Strengthens fraud prevention and detection by ensuring ATOs are continuously monitored.
- Creates a standardized compliance framework across banks and payment operators.
What is AePS?
- The Aadhaar Enabled Payment System allows customers to perform banking transactions such as cash withdrawals, balance inquiries, and fund transfers using Aadhaar authentication at micro-ATM or banking correspondent touchpoints.
