Aadhaar Enabled Payment System – Due Diligence of AePS Touchpoint Operators - DRAFT - RBI - Reserve Bank of India
Aadhaar Enabled Payment System – Due Diligence of AePS Touchpoint Operators - DRAFT
DRAFT DIRECTIONS FOR COMMENTS
CO.DPSS.POLC.No. S **/ 02-01-001 / 2024-2025
Date of issue
The Chairman / Managing Director / Chief Executive
All Scheduled Commercial Banks including RRBs /
Urban Cooperative Banks / State Cooperative Banks / District Central Cooperative Banks / National Payments Corporation of India (NPCI)
Dear Sir / Madam,
Aadhaar Enabled Payment System – Due Diligence of AePS Touchpoint Operators - DRAFT
Aadhaar Enabled Payment System (AePS) is a payment system operated by National Payment Corporation of India (NPCI) that facilitate interoperable financial transactions through the Business Correspondent (BC) / Bank Mitra of any bank, using the Aadhaar authentication. AePS plays a prominent role in enabling financial inclusion.
2. In recent times, there have been instances of frauds perpetuated through AePS due to identity theft or compromise of customer credentials. To protect bank customers from such frauds, and to maintain trust and confidence in the safety and security of the system, a need is felt to enhance the robustness of AePS. Accordingly, as announced in Statement on Developmental and Regulatory Policies dated February 08, 2024, it has been decided to issue directions for streamlining the process for onboarding of AePS touchpoint operators and on-going due diligence. Detailed instructions are placed in the Annex. Banks and NPCI shall ensure compliance to these directions within three months from the date of issue.
3. These directions are issued under Section 18 read with Section 10(2) of the Payment and Settlement Systems (PSS) Act, 2007 (Act 51 of 2007).
Yours faithfully,
Chief General Manager-in-Charge
Encl.: Annex
CO.DPSS.POLC.No. S / 02-01-001 / 2024-2025
**** **, ****
Aadhaar Enabled Payment System -
Due Diligence of AePS Touchpoint Operators - DRAFT
1. Definitions
In these directions, the terms herein shall bear the meanings assigned to them below:
a. Aadhaar Enabled Payment System (AePS): It is a Payment System in which transactions are enabled through Aadhaar number and biometrics or OTP authentication. AePS enables basic banking services, viz., cash withdrawal, balance enquiry, mini statement, cash deposit, fund transfer, etc.
b. Acquiring bank: The bank which onboards the AePS touchpoint operators.
c. AePS Touchpoint: The terminal deployed by acquirer banks to facilitate AePS transactions, using Aadhaar based biometric / OTP authentication.
d. AePS Touchpoint Operator: The agent onboarded by the acquiring bank who operates the AePS touchpoint.
2. Onboarding of AePS Touchpoint Operators
2.1 The acquiring bank shall carry out due diligence of all AePS touchpoint operators onboarded by it, in accordance with the Customer Due Diligence procedure for individuals, stipulated in Part-I, Chapter-VI of the Master Direction – Know Your Customer Direction, 2016 (as updated from time to time), issued by the Reserve Bank.
2.2 The acquiring bank shall carry out updation of KYC in cases where an AePS touchpoint operator has not performed any financial transaction for a continuous period of six months, before enabling him / her to transact further.
2.3 NPCI and acquiring banks shall ensure that any AePS touchpoint operator is onboarded only by one acquiring bank.
3. Ongoing Due Diligence
The acquiring bank shall monitor the activities of AePS touchpoint operators on an ongoing basis and set operational parameters, in accordance with the following principles:
3.1.1 Transaction limits shall be set for AePS touchpoint operators based on their risk profile.
3.1.2 Transactions of AePS touchpoint operators shall be consistent with their location of operation and risk profile.
4. Adherence to NPCI instructions
All System Participants are required to adhere to the rules and regulations, governing the operation of AePS, issued by NPCI (System Provider of AePS).
***