With the increasing use of Aadhaar Enabled Payment System (AEPS) in rural areas, digital banking has become a crucial tool for financial inclusion. However, the rise in fraud and identity theft has raised concerns, prompting the Reserve Bank of India (RBI) to take stringent action.
In response, RBI has introduced new guidelines for AEPS service providers and Touchpoint Operators (ATO), with the aim of improving security and transparency. These new rules will take effect from January 1, 2026. The primary goal of these measures is to safeguard customer interests and maintain trust in the AEPS system.
RBI’s Guidelines on ATO KYC Verification
Under the new RBI directives, banks are now required to conduct a thorough KYC verification and background check of any Touchpoint Operator (ATO) before integrating them into the AEPS network. This process will be similar to the verification done when onboarding new customers.
However, if an ATO has previously been a sub-agent for the bank and has already undergone a background check, no further verification will be needed. This exception will benefit banks expanding AEPS services in rural areas, where agent networks are often rapidly growing.
Mandatory KYC Re-Verification After 3 Months of Inactivity
Another significant aspect of the new AEPS withdrawal rules is the mandatory KYC re-verification for any ATO that has been inactive for more than three months. This rule is aimed at ensuring that sleeping agents or inactive accounts cannot be used for fraudulent transactions.
When an ATO remains inactive for a period of three months (without any transactions), they will need to undergo KYC verification again before resuming AEPS operations. This step is crucial to maintain the security of the system and prevent any fraudulent entities from infiltrating the network.
RBI’s Efforts to Combat Increasing AEPS Fraud
Fraud in AEPS transactions has become a growing concern. Recent reports show an increase in fraudulent activities, where fraudsters have stolen customer identities or misused Aadhaar data for unauthorized transactions.
In response to these threats, RBI is intensifying its efforts to secure the AEPS system and ensure that digital banking remains a safe platform for users. By enforcing KYC re-verification and other safety measures, RBI aims to enhance customer protection and prevent unauthorized access to accounts.
Legal Framework for the New AEPS Rules
The new AEPS withdrawal rules and guidelines have been issued under the Payment and Settlement Systems Act, 2007, specifically under sections 10(2) and 18.
RBI has also clarified that the rules and procedures for AEPS operators will be reviewed periodically to ensure that they are aligned with technological advancements and security enhancements. This will ensure that AEPS continues to evolve and remain resilient to new threats.
Impact of the New AEPS Rules on Rural Banking
With the expansion of AEPS in rural and remote areas, the new rules are designed to ensure that only legitimate agents can access the system. By making KYC re-verification mandatory after three months of inactivity, RBI is putting additional safeguards in place to prevent fraud.
These rules are particularly beneficial for banks in rural areas, where financial inclusion is growing but so are the risks associated with fraud. The added security measures will help banks build trust with customers and prevent misuse of their services.
How Will the KYC Re-Verification Work?
If an ATO has been inactive for three months, they will need to re-submit KYC documents before resuming any AEPS transactions. The required documents typically include:
- Government-issued ID proof (such as Aadhaar or PAN)
- Proof of address
- Photographs
Once the documents are verified, the ATO will be allowed to continue their AEPS services. This KYC re-verification is designed to block unauthorized agents from accessing the system, ensuring that only verified agents are allowed to process transactions.
The Role of RBI in Strengthening AEPS Security
RBI’s AEPS withdrawal rules are part of a broader initiative to enhance the security of the digital payment ecosystem in India. These measures ensure that only verified agents are allowed to operate in AEPS, protecting both customers and banks from fraudulent activities.
RBI continues to evolve its policies to stay ahead of potential threats and vulnerabilities in the digital banking system. With KYC re-verification and other safety protocols, the aim is to build a secure environment for online transactions and digital banking.
How Will These Changes Affect AEPS Users?
The AEPS withdrawal rules will not only affect ATO operations but also benefit AEPS users. By ensuring that only verified agents are part of the network, RBI is enhancing the overall security of the system.
Customers will benefit from a safer, more transparent digital banking experience. As more users in rural and semi-urban areas rely on AEPS for financial transactions, this move will significantly reduce the risk of fraud and identity theft.
Poco F7 vs iQOO Neo 10: Best Phone Under ₹35,000?
[…] RBI Introduces Strict Rules for AEPS Withdrawals from January 2026 […]