Draft Reserve Bank of India (Payments Banks – Debit Cards: Issuance and Conduct) Directions, 2025

DRAFT FOR COMMENTS

RBI/2025-26/--
DOR.AUT.REC.No./00-00-000/2025-26 XX, 2025

Reserve Bank of India (Payments Banks – Debit Cards: Issuance and Conduct) Directions, 2025

Table of Contents

Introduction

In exercise of the powers conferred by Section 35A of the Banking Regulation Act, 1949, and all other provisions / laws enabling the Reserve Bank of India (‘RBI’) in this regard, RBI being satisfied that it is necessary and expedient in the public interest so to do, hereby, issues the Directions hereinafter specified.

Chapter I - Preliminary

A. Short Title and Commencement

1. These Directions shall be called the Reserve Bank of India (Payments Banks - Debit Cards: Issuance and Conduct) Directions, 2025.

2. These Directions shall come into force with immediate effect.

B. Applicability

3. These Directions shall be applicable to Payments Banks (hereinafter collectively referred to as 'banks' and individually as a 'bank').

4. These directions cover the general and conduct regulations relating to debit and co-branded cards which shall be read along with prudential, payment and technology & cyber security related directions applicable to debit and co-branded cards, as issued by the Reserve Bank.

C. Definitions

5. In these Directions, unless the context otherwise requires, the terms herein shall bear the meanings assigned to them below:

(1) Cardholder is a person to whom a card is issued or one who is authorized to use an issued card.

(2) Card-issuer is a bank which issue debit cards.

(3) Card Loyalty / Reward Programme/s are those schemes linked to a debit card whereby the card-issuer or associated merchant establishments, upon use of the card/s, offer digital coupons, points, discounts, cash backs or other benefits having monetary value that can be used / redeemed for the same transactions or other future transactions after accumulation.

(4) Co-branded Card is a card that is issued jointly by a card-issuer and a co-branding entity bearing the names of both the partnering entities.

(5) Convenience Fee is a fixed or pro-rata charge on use of debit cards as one of the alternative forms of payment which is not ordinarily accepted vis-à-vis other forms of payment.

(6) Debit Card is a physical or virtual payment instrument containing a means of identification, linked to a Saving Bank / Current Account which can be used to withdraw cash, make online payments, do PoS terminal / Quick Response (QR) code transactions, fund transfer, etc. subject to prescribed terms and conditions.

(7) Form Factor is the physical or virtual instrument that can be used in place of a card to undertake a payment / banking transaction.

(8) Most Important Terms and Conditions (MITC) are the standard set of conditions for the issuance and usage of debit cards, thereby defining the responsibilities and liabilities of the card-issuer and the cardholder.

(9) Prepaid Card is a Prepaid Payment Instrument as defined in the Master Direction on Prepaid Payment Instruments dated August 27, 2021.

6. All other expressions unless defined herein shall have the same meaning as have been assigned to them under the Banking Regulation Act, 1949 or the Reserve Bank of India Act, 1934 or any statutory modification or re-enactment thereto or as used in commercial parlance, as the case may be.

Chapter II – Board Approved Policy and Procedures

7. A bank shall formulate comprehensive policy / policies and procedures with the approval of its Board covering, inter alia, the following aspects:

(1) Debit card issuance.

(2) Co-branding arrangement (as applicable).

(3) Standard operating procedure for discretionary blocking / deactivating / suspending a debit card.

(4) Time period for completion of formalities after blocking a lost card.

Redressal of grievances and compensation framework.

8. The specific aspects to be addressed in these policies / procedures are detailed in the relevant paragraphs of these Directions.

Chapter III – Debit Card

A. Issue of Debit Card

9. A bank shall formulate a comprehensive Board-approved debit cards issuance policy and issue debit cards to its customers in accordance with the same. Prior approval of the Reserve Bank is not necessary for banks desirous of issuing debit cards to their customers.

10. Debit cards shall only be issued to customers having Savings Bank / Current Accounts.

11. A bank shall not issue debit cards to cash credit / loan accounts. However, it will not preclude the banks from linking the overdraft facility provided along with Pradhan Mantri Jan Dhan Yojana accounts or Kisan Credit Card accounts with a debit card.

12. A bank shall not force a customer to avail debit card facility and shall not link issuance of debit card to availment of any other facility from the bank.

B. Review of operations

13. The bank shall undertake review of its operations / issue of debit cards on half-yearly basis. The review shall include, inter alia, card usage analysis including cards not used for long durations and the inherent risks therein.

Chapter IV – Form Factor

A. Issue of Form Factor

14. Card-issuers may issue other form factors in place of / in addition to a plastic debit such as wearables, after obtaining explicit consent from the customer.

15. Form factors shall be subject to all the specific and general guidelines applicable to the respective cards.

16. Card-issuers shall provide options for disabling or blocking the form factor in line with the instructions issued by the Reserve Bank from time to time.

Chapter V – Co-branding Arrangement

A. Board approved policy

17. The co-branding arrangement shall be as per the Board approved policy of the card-issuer. The policy shall specifically address issues pertaining to various risks, including reputation risk associated with such an arrangement and put in place suitable risk mitigation measures. Further, the information relating to revenue sharing between the card-issuer and the cobranding partner entity shall be indicated to the cardholder and also displayed on the website of the card-issuer.

B. Issue of Co-branded Cards

18. Prior approval of the Reserve Bank is not necessary for the issuance of co-branded debit cards / co-branded prepaid cards subject to conditions stipulated under this chapter. In addition to the conditions listed herein, the co-branding arrangement for debit cards and prepaid cards shall also be subject to the specific conditions applicable to such cards.

19. The co-branded card shall explicitly indicate that the card has been issued under a cobranding arrangement. The co-branding partner shall not advertise / market the cobranded card as its own product. In all marketing / advertising material, the name of the card-issuer shall be clearly shown.

20. The co-branded card shall prominently bear the branding of the card-issuer.

21. A card-issuer can partner with more than one co-branding partner for a card.

C. Due diligence

22. Card-issuers shall carry out due diligence in respect of the co-branding partner entity with which they intend to enter into tie-up for issue of such cards to protect themselves against the reputation risk they are exposed to in such an arrangement. Card-issuers shall ensure that in cases where the proposed co-branding partner is a financial entity, it has obtained necessary approvals from its regulator for entering into the co-branding arrangement.

D. Outsourcing of activities

23. Card-issuers shall also be liable for the acts of the co-branding partner. The card-issuer shall ensure adherence to Reserve Bank of India (Payments Banks – Managing Risks in Outsourcing) Directions, 2025, as amended from time to time. Card-issuers shall ensure that cash backs, discounts and other offers advertised by a co-branding partner are delivered to the cardholder on time. Card-issuers shall be liable for any delay or non-delivery of the same to the cardholders.

E. Role of co-branding partner entity

24. The role of the co-branding partner entity under the tie-up arrangement shall be limited to marketing / distribution of the cards and providing access to the cardholder for the goods / services that are offered.

25. The co-branding partner (CBP) shall not have access to information relating to transactions undertaken through the co-branded card irrespective of any other service offered by them to the card-issuer. Post issuance of the card, the CBP shall not be involved in any of the processes or the controls relating to the co-branded card except for being the initial point of contact in case of grievances. However, for the purpose of cardholder’s convenience, card transaction related data may be drawn directly from the card-issuer’s system in an encrypted form and displayed in the CBP’s platform with robust security. The information displayed through the CBP’s platform shall be visible only to the cardholder and shall neither be accessed nor be stored by the CBP.

F. Co-branding with card-issuers

26. Prior approval shall not be required by the banks (all banks including Payments Banks, State Co-operative Banks and District Central Co-operative Banks) and NBFCs registered with the Reserve Bank (NBFCs – ICC, HFC, Factor, MFI and IFC) to become a co-branding partner of card-issuers including Credit Card issuers. The role of the co-branding partner shall be as per the conditions stipulated under paragraphs 24 and 25.

Chapter VI – General Guidelines for Debit Cards

A. General Conditions

27. Card-issuers shall keep internal records to enable operations to be traced and errors to be rectified (taking into account the law of limitation for the time barred cases) as prescribed under Reserve Bank of India (Payments Banks – Know Your Customer) Directions, 2025, as amended from time to time.

28. The cardholder shall be provided with a record of the transactions after they have completed it, immediately in the form of receipt or another form such as the bank statement / email / SMS.

29. With a view to reducing the instances of misuse of lost / stolen cards, it is recommended to the card-issuers that they may consider issuing card with advanced features that may evolve from time to time.

30. In case card-issuers, at their discretion, decide to block / deactivate / suspend a debit card, it shall be ensured that a standard operating procedure is followed as approved by their Board. Further, it shall also be ensured that blocking / deactivating / suspending a card or withdrawal of benefits available on any card is immediately intimated to the cardholder along with reasons thereof through electronic means (SMS, email, etc.) and other available modes.

31. Card-issuers shall block a lost card immediately on being informed by the cardholder and formalities, if any, can follow within a reasonable period clearly defined in the Board approved policy.

32. Card-issuers shall provide to the cardholder the detailed procedure to report the loss, theft or unauthorised use of card or PIN. They shall provide multiple channels such as a dedicated helpline, dedicated number for SMS, dedicated e-mail-id, Interactive Voice Response, clearly visible link on the website, internet banking and mobile-app or any other mode for reporting an unauthorized transaction on 24 x 7 basis and allow the customer to initiate the blocking of the card. The process for blocking the card, dedicated helpline as well as the SMS numbers, shall be adequately publicized and included in the billing statements.

33. Card-issuers shall immediately send a confirmation to the cardholder subsequent to the blocking of a card.

34. A card-issuer shall not dispatch a card to a customer unsolicited. In case of renewal of an existing card, the cardholder shall be provided an option to decline the same if he / she wants to do so before dispatching the renewed card. Further, in case a card is blocked at the request of the cardholder, replacement card in lieu of the blocked card shall be issued with the explicit consent of the cardholder.

35. Any discounts, cashbacks, reward points, loyalty points or any other benefits offered by the card-issuer shall be provided in a transparent manner including source of such benefits. The accounting process for the same shall be verifiable in the books of the card-issuer. Detailed information regarding these benefits shall be displayed on the website of the card-issuer and a copy of the same shall also be provided to the cardholder.

36. The Reserve Bank has not prescribed any requirement for insurance cover on debit cards. However, in case a card-issuer or a card payment network provides an insurance cover, complimentary or chargeable (with the consent of the cardholder), the card-issuer shall ensure that the relevant nomination details are recorded by the Insurance Company and the availability of insurance is included, along with other information, in every statement. The information shall also include the details regarding the insurance cover, name / address and telephone number of the Insurance Company which will handle the claims relating to the insurance cover. In case of group insurance policy, the contact details of the concerned officials of the card-issuer shall be provided in the statements.

B. Terms and conditions for issue of cards to customers

37. The relationship between the card-issuer and the cardholder shall be contractual. Card-issuers shall make available to the cardholders in writing, a set of contractual terms and conditions governing the issue and use of such cards. These terms shall be expressed clearly and also maintain a fair balance between the interests of the parties concerned.

38. The terms and conditions for the issue and usage of a card shall be mentioned in clear and simple language (preferably in English, Hindi and the local language) comprehensible to the cardholder.

39. Card-issuers shall not levy any charge that was not explicitly indicated to the cardholders at the time of issue of the card and without getting their explicit consent. However, this shall not be applicable to charges like service taxes which may subsequently be levied by the Government or any other statutory authority. The details of all the charges associated with cards shall be displayed on the card-issuer’s website.

40. The convenience fee, if any charged on specific transactions, shall be indicated to the cardholder in a transparent manner, prior to the transaction.

41. The terms shall clearly specify the time-period for reversal of unsuccessful / failed transactions and the compensation payable for failure to meet the specified timeline.

42. The terms may be altered by the card-issuer, but 30 days’ notice of the change shall be given to the cardholder to enable them to withdraw if they so chooses. After the notice period of 30 days, the cardholder would be deemed to have accepted the terms if they had not withdrawn during the specified period. The change in terms shall be notified to the cardholder through all the communication channels available.

43. The terms shall put the cardholder under an obligation to take all appropriate steps to keep the card safe and not to record the PIN or code, in any form that would be intelligible or otherwise accessible to any third party if access is gained to such a record, either honestly or dishonestly.

44. The terms shall specify that the card-issuer shall exercise care when issuing PINs or codes and shall be under an obligation not to disclose the cardholder’s PIN or code to anyone, except to the cardholder.

C. Compliance with Other instructions

45. The issue of cards as a payment mechanism shall also be subject to relevant instructions on cash withdrawal, issue of international card, security issues and risk mitigation measures, card-to-card fund transfers, merchant discount rates structure, failed ATM transactions, etc, issued by the Department of Payment and Settlement Systems, Reserve Bank of India under the Payment and Settlement Systems Act, 2007, and the Foreign Exchange Department, Reserve Bank of India under Foreign Exchange Management Act, 1999, as amended from time to time.

D. Redressal of grievances

46. Card-issuers shall put in place a Grievance Redressal Mechanism within the card issuing entity and give wide publicity about it through electronic and print media. The name, direct contact number, email-id and postal address of the designated grievance redressal officer of the card-issuer shall be mentioned on the bills and account statements. The designated officer shall ensure that grievances of cardholders are redressed promptly without any delay. Specific timelines may be stipulated in the Board approved policy for issuance of cards, redressal of grievances and compensation framework. The grievance redressal procedure and the Board approved policy shall be displayed on the website of the card-issuer with a clearly visible link on the homepage.

47. Card-issuers shall ensure that their call centre staff are trained adequately to competently handle and escalate, a complaint, if necessary. The Grievance Redressal process shall have a provision for automatic escalation of unresolved complaints from a call center / base level to higher authorities. There shall be a system of acknowledging customers' complaints for follow up, such as complaint number / docket number, even if the complaints are received over phone.

48. Card-issuers shall be liable to compensate the complainant for the loss of their time, expenses, financial loss as well as for the harassment and mental anguish suffered by them for the fault of the card-issuer and where the grievance has not been redressed in time. For redressal of grievance, the customer must first approach the concerned card-issuer. If the card-issuer does not respond within a period of 30 days after filing of the complaint or rejects the complaint wholly / partly or if the customer is not satisfied with the response / resolution given by the card-issuer, the customer can lodge a complaint with the Ombudsman, Reserve Bank through any of the following methods:

(1) Online at https://cms.rbi.org.in.

(2) Physical complaint (letter / post) in the form as specified in Annexure ‘A’ of the Reserve Bank - Integrated Ombudsman Scheme, 2021 to “Centralised Receipt and Processing Centre, 4th Floor, Reserve Bank of India, Sector -17, Central Vista, Chandigarh - 160017”.

E. Confidentiality of customer information

49. Card-issuers shall not reveal any information relating to customers obtained at the time of opening the account or issuing the card to any other person or organization without obtaining their explicit consent, with regard to the purpose/s for which the information will be used and the organizations with whom the information will be shared. Card-issuers shall ensure strict compliance to the extant legal framework on data protection. Further, in case where the customers give explicit consent for sharing the information provided by them with other agencies, card-issuers shall clearly state and explain to the customer the full meaning / implications of the disclosure clause. The information sought from customers shall not be of such nature which will violate the provisions of law relating to maintenance of secrecy in the transactions. The card-issuers shall be solely responsible for the correctness or otherwise of the data provided for the purpose.

50. Under a co-branding arrangement, the co-branding entity shall not be permitted to access any details of customer’s accounts that may violate the card-issuer’s secrecy obligations.

51. Card-issuers, which were granted specific approvals for issuance of co-branded cards in the past, are advised to ensure that the co-branding arrangement is in conformity with the instructions issued under Chapter V above. In case, the co-branding arrangement is between two banks, the card issuing bank shall ensure compliance with the relevant instructions.

F. Outsourcing of various services

52. Card-issuers shall ensure adherence to the Reserve Bank of India (Payments Banks – Managing Risks in Outsourcing) Directions, 2025 , as amended from time to time. Further, the card-issuers shall not share card data (including transaction data) of the cardholders with the outsourcing partners unless sharing of such data is essential to discharge the functions assigned to the latter. In case of sharing of any data as stated above, explicit consent from the cardholder shall be obtained. It shall also be ensured that the storage and the ownership of card data remains with the card-issuer.

G. Compliance with Know Your Customer (KYC) Norms / Anti-Money Laundering (AML) Standards / Combating of Financing of Terrorism (CFT) / Obligation under the PMLA, 2002

53. The instructions / Directions on KYC / AML / CFT issued by RBI from time to time, shall be strictly adhered to in respect of all cards issued, including co-branded cards.

Chapter VII - Miscellaneous

A. Contents of the Most Important Terms and Conditions

54. Card-issuers shall provide to the cardholder the term-sheet containing the MITC. The document should contain the following details:

(1) Fees and Charges

(i) Joining fees if any

(ii) Annual membership/renewal fees, if any

(iii) Service charges levied for transactions

(2) Termination / Revocation of Card Membership

(i) Procedure for surrender of card by cardholder

(ii) Link provided exclusively for the above on the website

(iii) Contact details for the cardholder to initiate closure – email-id, dedicated telephone number for SMS, IVRS

(3) Loss / Theft / Misuse of Card

(i) Procedure to be followed in case of loss / theft / misuse of card - mode of intimation to card-issuer

(ii) Prominently visible web-site link, phone banking, SMS, e-mail, IVR, a dedicated tollfree helpline, reporting to home branch, etc. for reporting unauthorised transactions and initiating blocking of card

(iii) Liability of cardholder in case of (i) above in terms of Reserve Bank of India (Payments Banks – Responsible Business Conduct) Directions, 2025, as updated from time to time.

(4) Grievance Redressal and Compensation Framework

(i) Grievance redressal and escalation process

(ii) Timeline for redressal of grievances

(iii) Compensation framework for unsuccessful/failed transactions, delay in redressal of grievance, delay in blocking of lost or stolen cards/ processing the surrender of card, etc.

(iv) Contact particulars of card-issuer - 24-hour call centres, email-ids, helpline, other important telephone numbers

(v) Toll free number, email-id and dedicated telephone number for SMS for customer care services, contact details of Grievance Redressal Official

(5) Disclosure

(i) Type of information relating to cardholder to be disclosed with and without approval of cardholder

(6) Other details

(i) Insurance cover, if any, for cardholder and date of activation of policy

(ii) including nomination details

(iii) Complete postal address of card-issuer

B. Disclosure of the MITC

55. Items to be disclosed in stages:

(1) During marketing - Item no: 54 (1)

(2) At application - Any additional information that the customer may desire.

(3) Welcome kit - Item nos: all items from 54 (1) to 54 (6)

(4) On an ongoing basis, any change of the terms and conditions

(5) Note:

(i) The font size of MITC shall be minimum Arial-12

(ii) The normal terms and conditions communicated by the card-issuer to the cardholder at different stages shall continue as hitherto.

Chapter VIII – Repeal and Other Provisions

A. Repeal and saving

56. With the issue of these Directions, the existing Directions, instructions, and guidelines relating to Debit Cards: Issuance and Conduct as applicable to Payments Banks stand repealed, as communicated vide notification dated XX, 2025. The Directions, instructions and guidelines already repealed shall continue to remain repealed.

57. Notwithstanding such repeal, any action taken or purported to have been taken, or initiated under the repealed Directions, instructions, or guidelines shall continue to be governed by the provisions thereof. All approvals or acknowledgments granted under these repealed lists shall be deemed as governed by these Directions.

B. Application of other laws not barred

58. The provisions of these Directions shall be in addition to, and not in derogation of the provisions of any other laws, rules, regulations, or directions, for the time being in force.

C. Interpretations

59. For the purpose of giving effect to the provisions of these Directions or in order to remove any difficulties in the application or interpretation of the provisions of these Directions, the RBI may, if it considers necessary, issue necessary clarifications in respect of any matter covered herein and the interpretation of any provision of these Directions given by the RBI shall be final and binding.

D. Exemptions

60. The Reserve Bank of India may, if it considers necessary for avoiding any hardship or for any other just and sufficient reason, grant extension of time to comply with or exempt any bank, from all or any of the provisions of these Directions either generally or for any specified period, subject to such conditions as the Reserve Bank of India may impose.