Source: Mint
Context:
The Reserve Bank of India (RBI) has expanded the scope of its e-mandate (electronic mandate) framework. The revised rules now explicitly include cross-border recurring payments made via cards, UPI, and prepaid instruments (PPIs). The move is designed to curb digital fraud and give consumers more granular control over “auto-debit” transactions.
What are the New E-Mandate Framework?
An e-mandate allows a merchant to automatically debit a customer’s account for recurring services (like Netflix, insurance premiums, or SIPs) without requiring manual approval for every single payment.
1. AFA and The “Opt-Out” Right
- Additional Factor Authentication (AFA): Any creation, modification, or withdrawal of an e-mandate now strictly requires AFA (usually an OTP or biometric check).
- Flexibility: Customers must be given the facility to opt out of a specific upcoming transaction or the entire mandate at any time.
2. Transaction Limits (AFA-Exempt)
To balance security with convenience, the RBI allows small-value recurring payments to go through without an OTP, provided they stay within these limits:
- Standard Transactions: Up to ₹15,000 per transaction.
- Special Categories: Up to ₹1 lakh for credit card bills, insurance premiums, and mutual fund installments.
3. The 24-Hour Rule
Banks and financial institutions must send a notification to the customer at least 24 hours before the actual money is debited. This notification must include:
- Merchant name and transaction amount.
- Date/time of debit and the reason.
- A reference number for the e-mandate.
- Note: This is not required for auto-replenishing FASTag or NCMC (Common Mobility Card) balances.
Key Concepts: Keyword Q&A
Q: What is a “Variable E-Mandate”?
A: This is used when the monthly bill isn’t the same (e.g., an electricity bill). The RBI now mandates that for variable payments, the customer must be able to set a maximum cap for any single transaction to prevent being overcharged.
Q: How is “Liability” handled for unauthorized transactions?
A: The RBI’s “Limited Liability” rules now apply to recurring payments.
- Zero Liability: If the bank is at fault or if you report a third-party breach within 3 working days.
- Capped Liability: If reported within 4–7 days, your maximum loss is capped between ₹5,000 (savings account) and ₹25,000 (credit cards).
Q: What happens if I get a new credit card?
A: The RBI has simplified the process by allowing banks to map existing e-mandates to reissued or replaced cards, so you don’t have to set them up all over again.
Conceptual MCQs
Q1. According to the revised RBI rules, what is the minimum notice period a bank must give a customer before a recurring payment is debited?
A) 1 hour
B) 12 hours
C) 24 hours
D) 48 hours
Q2. For which of the following categories has the RBI set a higher AFA-exempt limit of ₹1 lakh per recurring transaction?
A) Grocery subscriptions
B) OTT platforms like Netflix
C) Mutual Fund installments and Insurance premiums
D) International travel bookings
Q3. Under what circumstance does a customer have “Zero Liability” for an unauthorized electronic transaction?
A) If they never check their bank statements.
B) If the unauthorized transaction is reported within 3 working days of a third-party breach.
C) Only if the transaction is under ₹100.
D) If the customer shared their OTP with the merchant.
Answers
- Q1: C (The 24-hour notification is mandatory to allow the customer time to “opt out” if they wish.)
- Q2: C (High-value utility/investment payments have a higher threshold to avoid frequent OTP hurdles.)
- Q3: B (Swift reporting is the key to total protection under RBI’s safety norms.)
Exam Relevance
| Exam Focus Area | Relevance Level |
| RBI Grade B | Finance (Payment Systems, Digital Fraud, Consumer Protection) |
| SEBI Grade A | Financial Awareness (Mutual Fund SIP mandates) |
| Banking (PO/Clerk) | General Awareness (UPI limits, E-mandate rules) |
