RBI Caps Recurring Payments at ₹15,000 Without OTP, Boosts Digital Payment Safety

The Reserve Bank of India has rolled out a consolidated e-mandate framework aimed at streamlining recurring digital payments while reinforcing customer protection. A key highlight of the updated guidelines is the introduction of a ₹15,000 cap per transaction for recurring payments that can be processed without requiring additional authentication such as a one-time password (OTP).

This move brings uniformity across payment channels, including UPI, debit and credit cards, and prepaid payment instruments (PPIs), ensuring a consistent experience for users and merchants alike.

RBI Introduces Unified Framework for Recurring Payments

How the ₹15,000 No-OTP Limit Works

One-Time Authentication for Mandate Registration

Under the revised framework, customers are required to register an e-mandate through an initial approval process involving additional factor authentication (AFA). Once the mandate is authorized, recurring transactions up to ₹15,000 can be automatically executed without repeated OTP verification.

Extra Security for Higher Transactions

For payments exceeding ₹15,000, the system mandates additional authentication for each transaction. This ensures that higher-value debits are subject to stricter scrutiny, reducing the risk of fraud or unauthorized access.

The ₹15,000 cap is a critical feature of the new framework, as it balances convenience with fraud prevention. It enables seamless payments for routine expenses such as OTT subscriptions, utility bills, EMIs, and memberships, without interrupting users for repeated approvals. At the same time, it limits exposure in case of unauthorised transactions.

Key Exceptions for Essential Financial Payments

Higher Limits for Important Commitments

The Reserve Bank of India has introduced specific exemptions for certain financial categories. Recurring payments related to insurance premiums, mutual fund investments, and credit card bill payments can go up to ₹1 lakh without OTP, provided they fall under registered e-mandates.

This exception reflects the typically higher value and essential nature of these financial obligations, ensuring that customers do not face disruptions in critical payments.

Enhanced Transparency and Customer Control

Mandatory Pre-Debit Notifications

To strengthen user awareness, the new rules require banks and payment service providers to send pre-debit notifications at least 24 hours before a transaction is processed. These alerts must include details such as the merchant’s name, transaction amount, and scheduled debit date.

Easy Opt-Out and Cancellation Options

Customers are given the flexibility to cancel or opt out of a mandate before the transaction is executed. This added layer of control empowers users to prevent unwanted or erroneous debits.

Post-transaction alerts are also mandatory, along with robust grievance redressal systems to address customer complaints efficiently.

Greater Flexibility for Users

Modify, Pause, or Revoke Mandates Anytime

The framework ensures that users retain full control over their recurring payment instructions. Customers can modify, pause, or revoke mandates at any time, with changes authenticated through AFA.

Upper Limits for Variable Payments

For variable recurring payments—such as utility bills that may fluctuate—users can set a maximum limit to prevent unexpected or excessive debits beyond a predefined threshold.

Strengthening Safety and Consumer Protection

Zero Liability for Unauthorized Transactions

In a major consumer protection step, the RBI has extended its zero-liability policy for unauthorized electronic transactions to cover e-mandates. This means customers will not be held responsible for fraudulent debits, provided they report such incidents promptly.

Inclusion of Cross-Border Transactions

The updated guidelines also expand the scope of the framework to include cross-border recurring payments, making it more comprehensive and aligned with the growing global nature of digital transactions.

No Additional Charges for Users

Another significant aspect of the framework is that banks and payment providers are not allowed to charge customers for using e-mandate services. This ensures that the benefits of automated payments remain accessible without additional financial burden.

Conclusion

The Reserve Bank of India’s revised e-mandate framework represents a major step forward in the evolution of India’s digital payments ecosystem. By setting a ₹15,000 cap for recurring payments without OTP, the central bank has struck a careful balance between convenience and security.

The inclusion of higher limits for essential financial transactions, combined with enhanced transparency, user control, and zero-liability protection, strengthens trust in automated payment systems. As digital transactions continue to grow rapidly in India, these measures are expected to make recurring payments more seamless, secure, and user-friendly while safeguarding consumers against potential risks.