Online transactions gained momentum in the post-COVID era when several businesses took to the internet to sell their products. This trend allowed several financial players to develop and introduce online payment applications. The RBI, in a move to make online transactions secure, issued mandates to regulate recurring payments using credit/debit cards. These e-mandate regulations apply to automated monthly subscriptions like monthly subscriptions, insurance premiums, utility bill payments and similar services.
This article discusses some of the prominent RBI e-mandate regulations currently being followed by online subscription-based service providers.
Key Takeaways
With online transactions gaining widespread recognition as one of the primary payment methods, regulatory bodies like the RBI issued certain policies to curb fraud.
RBI e-mandate regulations were established to keep a check on illegal transactions and to secure recurring transactions for users and merchants.
These regulations require users to authenticate recurring transactions ranging from ₹ 5000 to ₹15000.
Razorpay has developed payment solutions that comply with RBI e-mandate regulations, making it easy for member merchants to transact securely.
Key Provisions of RBI e-mandate Regulations (Effective October 1, 2021)
What Is An E-Mandate?
E-mandates are regular, mandatory deductions. E-mandates refer to standing instructions that enable recurring payments to be auto-debited. It is a digital authorisation granted by cardholders to a merchant via the issuing bank, permitting recurring payments to be automatically debited at specified intervals. It is also called a standing instruction or a recurring payment mandate. RBI e-mandate regulations allow merchants to initiate recurring transactions within a limited range of ₹5000 to ₹15000 with just one instance of authentication.
The RBI introduced the following e-mandate rules for customer security and overall sanity of online transactions:
Additional Factor Authentication:
Any mandate modification or change requires an additional factor authentication (AFA). This is usually done through an OTP sent to the cardholder’s number for validation.
Transaction Limit Without AFA
Transactions of INR 5000 or below can be processed without AFA after the mandate is registered. For higher amounts, AFA mandate is necessary.
Opt-Out Facility
Customers can opt out of the mandate at any time using a secure link in their notification.
Special Categories
Recurring transactions such as mutual fund subscriptions, insurance premiums, and credit card bill payments require AFA for every transaction above Rs. 1,00,000.
Non-compliant Transactions Declined
Any recurring payments without proper e-mandate registration or failing AFA authorization are declined.
Separate e-mandates per subscription
Each recurring mandate must be set up distinctly for individual subscriptions or services.
How Do RBI E-Mandates Work?
E-mandates are processed in different stages. Here is how the workflow goes;
Mandate Registration: Customers authorise a recurring payment on the merchant’s platform. This is authenticated using AFA, which is OTP-based, i.e, merchants send an OTP to the customer’s phone number, which is used to validate the mandate.
Pre-Debit Notification: Customers receive a notification intimating them about the recurring debit.
Payment Processing: Amounts ranging between ₹5000 and ₹15000 are approved for auto-debit without further authentication.
Authentication For Higher Amounts: As per RBI’s regulations, further authentication is required for recurring payments exceeding ₹15000.
Modification/Cancellation: Users may modify/cancel e-mandates at any point of time through a secure link in their notifications.
Razorpay recognized early on that compliance should not compromise merchant and user experience. Our all-in-one platform supports merchants every step of the way—from mandate registration and authentication (AFA) to debit management and real-time notifications.
Where Are RBI E-Mandates Applicable?
The above-mentioned E-mandates are applicable to transactions of high amounts that are to be paid at regular intervals. It covers:
- Transactions using Indian debit/credit cards.
- Covers recurring transactions for domestic and cross-border payments.
- Extended to various payment instruments including UPI mandates.
- Does not apply to one-time payments.
Razorpay is compliant with the latest payment industry security standards, giving cardholders complete autonomy over their transactions.
Impact on Merchants and Consumers
With Razorpay, integration with several merchants is seamless.
Compliance is seamless: Razorpay automates all regulatory notifications, authentication flows, and opt-out mechanisms, reducing operational overhead for merchants.
Enhanced customer experience: End-customers can manage mandates in one place—view upcoming debits, receive 24-hour alerts, and revoke authorizations instantly.
Instant onboarding: Setting up recurring revenue streams is fast, whether for traditional businesses, SaaS startups, or fintech platforms.
Multi-channel support: Razorpay supports e-mandates for cards, UPI, and netbanking with dynamic transaction limits specific to each channel.
Strong partnerships: Razorpay is integrated with top banks, the NPCI, and global card networks to ensure continuous compliance and feature availability.
Simplify International Payments with Razorpay
Power your global business the right way. Switch from personal remittances to a fully compliant, business-grade payment platform.
Conclusion
The RBI issued e-mandates to make recurring payments safe and secure, thus limiting chances of misuse and financial fraud. Razorpay’s e-mandate compliant technology makes the process seamless and secure for member merchants. Razorpay’s Mandate HQ, developed in collaboration with Mastercard, enables banks and merchants to view, modify, and cancel mandates, with all phases visible to users. Razorpay takes continuous efforts to facilitate seamless e-mandate process with the necessary security.
FAQs
What counts as an e-mandate under RBI rules?
The RBI e-mandate rules are applicable to any recurring transactions made between merchant and users.
Is pre-debit notification mandatory every time?
As per RBI’s rules for e-mandates, a pre-debit notification is mandatory.
What happens if a mandate fails due to missing AFA?
If a mandate fails due to missing Additional Factor Authentication (AFA), the scheduled recurring payment will not be processed and the transaction is declined by the issuing bank.
Can customers cancel mandates mid-term?
Yes, customers can cancel e-mandates at any time, even mid-term, as per RBI regulations. This cancellation can be done through the merchant’s management portal, via Razorpay’s customer notification links, or directly with the issuing bank.
