Transaction Limits Shall Be Set For AePS Touchpoint Operators Based On Their Risk Profile

Aadhaar Enabled Payment System -Due Diligence of AePS Touchpoint Operators - DRAFT

FinTech BizNews Service

Mumbai, July 31, 2024: As part of enhancing the robustness of Aadhaar Enabled Payment System (AePS), it was announced in the Statement on Developmental and Regulatory Policies dated February 08, 2024, that the onboarding process of AePS Touchpoint Operators will be streamlined. In recent times, there have been instances of frauds perpetuated through AePS due to identity theft or compromise of customer credentials. To protect bank customers from such frauds, and to maintain trust and confidence in the safety and security of the system, it has been considered necessary to enhance the robustness of AePS. Accordingly, the Reserve Bank of India today released the draft directions on Due Diligence of AePS Touchpoint Operators.

Comments / feedback on the draft directions may be sent by email or by post to the Chief General Manager-in-Charge, Department of Payment and Settlement Systems, Reserve Bank of India, Central Office, 14th Floor, Shahid Bhagat Singh Marg, Mumbai-400001, on or before August 31, 2024.

Aadhaar Enabled Payment System -Due Diligence of AePS Touchpoint Operators - DRAFT

1. Definitions

In these directions, the terms herein shall bear the meanings assigned to them below:

1. Aadhaar Enabled Payment System (AePS): It is a Payment System in which transactions are enabled through Aadhaar number and biometrics or OTP authentication. AePS enables basic banking services, viz., cash withdrawal, balance enquiry, mini statement, cash deposit, fund transfer, etc.
2. Acquiring bank: The bank which onboards the AePS touchpoint operators.
3. AePS Touchpoint: The terminal deployed by acquirer banks to facilitate AePS transactions, using Aadhaar based biometric / OTP authentication.
4. AePS Touchpoint Operator: The agent onboarded by the acquiring bank who operates the AePS touchpoint.

2. Onboarding of AePS Touchpoint Operators

2.1 The acquiring bank shall carry out due diligence of all AePS touchpoint operators onboarded by it, in accordance with the Customer Due Diligence procedure for individuals, stipulated in Part-I, Chapter-VI of the Master Direction – Know Your Customer Direction, 2016 (as updated from time to time), issued by the Reserve Bank.

2.2 The acquiring bank shall carry out updation of KYC in cases where an AePS touchpoint operator has not performed any financial transaction for a continuous period of six months, before enabling him / her to transact further.

2.3 NPCI and acquiring banks shall ensure that any AePS touchpoint operator is onboarded only by one acquiring bank.

3. Ongoing Due Diligence

The acquiring bank shall monitor the activities of AePS touchpoint operators on an ongoing basis and set operational parameters, in accordance with the following principles:

3.1.1 Transaction limits shall be set for AePS touchpoint operators based on their risk profile.

3.1.2 Transactions of AePS touchpoint operators shall be consistent with their location of operation and risk profile.

4. Adherence to NPCI instructions

All System Participants are required to adhere to the rules and regulations, governing the operation of AePS, issued by NPCI (System Provider of AePS).