RBI Tightens AePS Rules to Combat Fraud From January 2026

In response to a surge in fraudulent activities within Aadhaar Enabled Payment System (AePS) transactions, the Reserve Bank of India (RBI) has issued a set of stringent new guidelines aimed at strengthening the operational framework of AePS touchpoints. Effective from January 1, 2026, the revised norms require stricter KYC, activity monitoring, and a ‘one operator-one acquiring bank’ rule for touchpoint operators such as Business Correspondents (BCs) and Bank Mitras.

Why in News?

The RBI has issued new operational norms for AePS operators to address rising fraud cases. These will take effect from 1 January 2026 and must be implemented within three months. The guidelines are targeted at improving security, ensuring operator accountability, and mitigating risks of identity theft and transaction fraud.

Aim and Objectives

• To strengthen the security and reliability of AePS transactions.
• To prevent identity theft, credential misuse, and operational fraud at rural banking touchpoints.
• To enhance accountability of AePS touchpoint operators and the banks that manage them.

Key Guidelines Issued

KYC and Due Diligence

• Acquiring banks must conduct full KYC at onboarding as per RBI’s Master Direction (KYC), 2016.
• Operators inactive for over 6 months must undergo KYC re-verification before being reactivated.

One Operator–One Bank Rule

• AePS touchpoint operators will be allowed to work with only one acquiring bank.
• Implementation and enforcement lie with NPCI and the acquiring banks.

Operator Activity Monitoring

Banks must,

• Continuously monitor operator transactions.
• Assign transaction limits based on risk profile.
• Match transaction locations with registered operator addresses.

Real-time Irregularity Checks

• Designed to detect location mismatches, suspicious activity, or unauthorized access instantly.
• Helps in tackling fraud from stolen or cloned Aadhaar credentials.

Mandatory Adherence

• All entities must comply with NPCI’s AePS guidelines under the Payment and Settlement Systems Act, 2007.

Background

• AePS enables basic banking transactions like balance enquiry and cash withdrawal using Aadhaar authentication, especially in rural and semi-urban areas.
• It plays a critical role in financial inclusion, but the system has increasingly come under threat due to fraudulent activities exploiting loose KYC norms and multi-bank operator setups.