The Reserve Bank of India has introduced an updated Digital Payments E-mandate Framework for 2026, bringing major changes to recurring auto-debit transactions across UPI, credit cards, debit cards, and prepaid instruments. The revision comes as digital payment usage grows rapidly, with the central bank aiming to make transactions smoother while strengthening safeguards against fraud.
A key highlight is the easing of authentication requirements for smaller recurring payments. Transactions of up to ₹15,000 can now be processed automatically without requiring an OTP every time. However, users must first set up a one-time e-mandate using Additional Factor Authentication (AFA), such as an OTP or PIN. Once this is completed, eligible payments within the limit—like OTT subscriptions, DTH services, utility bills, EMIs, insurance premiums, SIPs, and recurring deposits—will be debited seamlessly.
The framework also introduces higher limits for select categories. Payments such as insurance premiums, mutual fund investments, and credit card bills can go up to ₹1 lakh without repeated authentication, provided they are registered under an e-mandate. For all other transactions above ₹15,000, OTP-based verification will still be required.
To improve transparency, banks and payment providers must send pre-debit notifications at least 24 hours before a transaction is processed. These alerts will include details like the amount, date of debit, and merchant name, giving users the option to review, modify, or cancel the payment. Customers can choose how they receive these alerts, such as via SMS or email. However, automatic recharges for FASTag and National Common Mobility Card (NCMC) are exempt from this requirement.
The revised rules place strong emphasis on user control. Customers can view, pause, modify, or cancel their mandates at any time through their bank or payment platform, using AFA authentication. For variable payments like utility bills, users can also set a maximum debit limit to prevent unexpected charges. Banks must clearly communicate the validity period of mandates at the time of registration.
Importantly, the RBI has stated that no fees can be charged for enabling e-mandates, ensuring broader accessibility. Post-transaction alerts are mandatory, and proper grievance redressal systems must be in place. The central bank has also extended its zero-liability policy to these transactions, meaning users will not bear losses from unauthorised debits if they report them promptly.
In addition to e-mandate changes, new rules have been proposed for digital wallets or prepaid payment instruments (PPIs). These include a maximum wallet balance of ₹2 lakh, a monthly cash loading limit of ₹10,000, a ₹10,000 cap on gift cards, and a ₹3,000 cap for transit wallets. Banks may also be permitted to issue PPIs after notifying the Department of Payment and Settlement Systems.
Overall, the updated framework is designed to reduce friction in everyday payments by minimising repeated authentication, while ensuring strong consumer protection through alerts, controls, and liability safeguards.
(With inputs from IANS)
