Skip to content
KYC Onboarding Spec by Rakesh Waghela

RBI Circulars

Why this page is structured this way: All in-window entries are listed descending by date so the most recent regulatory state is the first thing a reader sees. Use Cmd-F / Ctrl-F for ID-based lookup. Cross-references from the rest of the site point at anchors on this page.

TL;DR

Section titled “TL;DR”
  • 47 circulars indexed in this issuer’s section.
  • 5 issued in 2025 or later.
  • 0 entries flagged [unknown — verify] in at least one field.
  • All entries trace to a primary issuer URL (or Wayback fallback) where research could verify the source.
  • AI-generated; read the linked PDF before acting on any provision.

Conceptual overview

Section titled “Conceptual overview”

This page is the complete listing of RBI circulars in the project’s 2020–2026 sweep window. Each entry contains the verbatim circular ID, issue date, in-force date, status (in-force / superseded / withdrawn), applicable entity types, impact-area tags, a 2–4 sentence summary traceable to clauses, and the primary URL. Where the primary URL could not be re-fetched, an archive URL is provided in its place.

Entries (descending date)

Section titled “Entries (descending date)”

RBI/DPSS/2025-26/141

Section titled “RBI/DPSS/2025-26/141”
  • date_issued: 2025-09-15
  • issuer: RBI
  • title: “Reserve Bank of India (Regulation of Payment Aggregators) Directions, 2025”
  • applies_to: all-intermediaries
  • in_force_date: immediate
  • status: in-force
  • impact_areas: client-funds, settlement, upstreaming, onboarding, aml, cyber-security, grievance, file-format
  • primary_url: https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12896

Consolidates and supersedes the 2020 PA-PG guidelines, 2021 PPI directions interplay, and 2023 PA-CB framework into a unified Payment Aggregator regime covering online (PA-O), physical (PA-P), and cross-border (PA-CB) aggregators. Mandates CKYCR as first port-of-call for merchant CDD, simplified onboarding for small merchants (annual turnover <= Rs.40L domestic / Rs.5L export), MCC allotment, continuous monitoring, and refreshed escrow/governance norms. Directly affects brokers as merchants for PA-collected pay-ins, broker-side fund payouts, and CKYC-based merchant onboarding flows.

RBI/2025-26/63

Section titled “RBI/2025-26/63”
  • date_issued: 2025-06-30
  • issuer: RBI
  • title: “Aadhaar Enabled Payment System (AePS) - Due Diligence of Touchpoint Operators”
  • applies_to: all-intermediaries
  • in_force_date: 2025-06-30
  • status: in-force
  • impact_areas: onboarding, aml, surveillance, reporting, cyber-security
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12876&Mode=0

Mandates acquiring banks to onboard AePS touchpoint operators with full due diligence, monitor activity on an ongoing basis, set risk-based transaction limits, and address fraud arising from biometric cloning. Tangentially relevant to brokers operating last-mile cash collection or rural client onboarding via AePS channels.

RBI/2025-26/51

Section titled “RBI/2025-26/51”
  • date_issued: 2025-06-12
  • issuer: RBI
  • title: “Reserve Bank of India (Know Your Customer (KYC)) (Amendment) Directions, 2025”
  • applies_to: all-intermediaries
  • in_force_date: immediate
  • status: in-force
  • impact_areas: re-KYC, kyc-modification, dormant, onboarding, reporting
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12866&Mode=0

Extends the deadline for low-risk customer periodic KYC updation by one year (or up to 30-Jun-2026, whichever is later), authorises Business Correspondents to collect self-declarations for re-KYC, and prescribes 3 advance + 3 reminder customer intimations including at least one letter, plus full implementation by 01-Jan-2026. Provides RBI-side template for low-risk re-KYC convenience that overlaps with SEBI/KRA simplified re-KYC paths used by brokers.

RBI/2025-26/36

Section titled “RBI/2025-26/36”

Consolidates the 2022 Digital Lending Guidelines and 2023 DLG framework into a single set of Directions; introduces stricter rules for multi-lender platforms (effective 01-Nov-2025), KFS, APR disclosure, no third-party pass-through accounts, DLA reporting to RBI (from 15-Jun-2025), and data privacy obligations. Brokers’ affiliated NBFCs/banks offering MTF, digital margin loans, or pay-later products via lending apps must restructure RE-LSP arrangements.

RBI/2024-25/121

Section titled “RBI/2024-25/121”
  • date_issued: 2025-01-06
  • issuer: RBI
  • title: “Master Direction - Reserve Bank of India (Credit Information Reporting) Directions, 2025”
  • applies_to: all-intermediaries
  • in_force_date: 2025-01-06
  • status: in-force
  • impact_areas: reporting, file-format, mtf, margin
  • primary_url: https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12764

Consolidates Credit Information Companies (Regulation) Act requirements; mandates fortnightly credit data submission by 7th calendar day post 15th and last-day cutoffs, Uniform Credit Reporting Formats (UCRF Form 1/2/3), all-CIC membership, and data localisation in India. Broker-affiliated NBFC arms offering MTF/margin loans must furnish data on this fortnightly cadence.

RBI/2024-25/87

Section titled “RBI/2024-25/87”

Implements the July 2024 PML (Maintenance of Records) Amendment Rules: requires updated/additional customer information to be furnished to CKYCR within 7 days, applies CDD at UCIC level (one CDD per customer across all products at the same RE), and tightens record-keeping. UCIC-level CDD substantially reduces re-KYC friction for clients using broker + banking products at the same group.

RBI/2024-25/61

Section titled “RBI/2024-25/61”
  • date_issued: 2024-07-30
  • issuer: RBI
  • title: “Master Directions on Cyber Resilience and Digital Payment Security Controls for non-bank Payment System Operators”
  • applies_to: all-intermediaries
  • in_force_date: 2025-04-01
  • status: in-force
  • impact_areas: cyber-security, bcp-dr, system-audit, reporting
  • primary_url: https://www.rbi.org.in/scripts/NotificationUser.aspx?Id=12715&Mode=0

Issues comprehensive cyber resilience and digital payment security controls for non-bank PSOs (PAs, PPI issuers, card networks, etc.) covering governance, risk assessment, network/application security, vendor risk, incident response, BCP/DR. Phased implementation: large PSOs by 01-Apr-2025, medium by 01-Apr-2026, small by 01-Apr-2028. Brokers’ payment-collection rails inherit these controls when routed through non-bank PSOs.

RBI/2024-25/47

Section titled “RBI/2024-25/47”
  • date_issued: 2024-07-15
  • issuer: RBI
  • title: “Master Directions on Fraud Risk Management in Commercial Banks (including Regional Rural Banks) and All India Financial Institutions”
  • applies_to: all-intermediaries
  • in_force_date: 2024-07-15
  • status: in-force
  • impact_areas: surveillance, reporting, aml, system-audit
  • primary_url: https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12702

Issues a consolidated fraud risk management framework for SCBs and AIFIs, replacing 36 prior circulars. Mandates Board-level Special Committee for Frauds (SCBMF), Early Warning Signals and Red-Flagged Account framework, fraud reporting to RBI’s CRILC within 7 days, RFA-to-fraud classification within 180 days. Foundational for broker-bank fraud detection/co-investigation when broker accounts are flagged or attached.

RBI/2023-24/127

Section titled “RBI/2023-24/127”
  • date_issued: 2024-02-29
  • issuer: RBI
  • title: “Master Direction - Reserve Bank of India (Bharat Bill Payment System) Directions, 2024”
  • applies_to: all-intermediaries
  • in_force_date: 2024-04-01
  • status: in-force
  • impact_areas: client-funds, settlement, grievance
  • primary_url: https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12616

Streamlines BBPS regulation, redefines roles of Bharat Bill Payment Central Unit (BBPCU/NBBL) and Bharat Bill Payment Operating Units (BOUs/COUs), tightens escrow requirements and customer protection. Brokers’ use of BBPS-routed recurring payments (e.g. fees, margin top-ups via bill-presentment flow) inherit the revised settlement, dispute resolution, and KYC plumbing.

RBI/2023-24/100

Section titled “RBI/2023-24/100”
  • date_issued: 2023-12-29
  • issuer: RBI
  • title: “Master Direction - Reserve Bank of India (Internal Ombudsman for Regulated Entities) Directions, 2023”
  • applies_to: all-intermediaries
  • in_force_date: 2023-12-29
  • status: in-force
  • impact_areas: grievance, scores-odr, reporting
  • primary_url: https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12586

Harmonises Internal Ombudsman frameworks across banks, NBFCs, NBSPs and CICs; mandates auto-escalation of rejected complaints to the IO within 20 days, introduces Deputy IO role, fixes minimum qualifications and tenure, and binds REs to IO decisions absent specific override. Brokers’ bank/NBFC partners must establish or upgrade IO mechanisms - touches the cross-channel grievance flow for broker disputes routed via banking partners.

RBI/2023-24/89

Section titled “RBI/2023-24/89”

Announced in the December 2023 MPC; raises the AFA-free e-mandate / UPI AutoPay limit from Rs.15,000 to Rs.1,00,000 per transaction for subscriptions to mutual funds, payment of insurance premiums and credit card bill payments. NPCI operationalised this via UPI/OC-151A. Relevant for SIP collections, MTF interest auto-debits, and broker-MF subscription flows where MCC 6211 (Securities Brokers/Dealers) was included by NPCI.

RBI/2023-24/107

Section titled “RBI/2023-24/107”
  • date_issued: 2023-11-07
  • issuer: RBI
  • title: “Master Direction on Information Technology Governance, Risk, Controls and Assurance Practices”
  • applies_to: all-intermediaries
  • in_force_date: 2024-04-01
  • status: in-force
  • impact_areas: system-audit, cyber-security, bcp-dr, reporting
  • primary_url: https://www.rbi.org.in/scripts/BS_ViewMasDirections.aspx?id=12562

Issues a unified IT governance, risk, controls and assurance framework for SCBs (excl. RRBs), SFBs, PBs, NBFCs in Top/Upper/Middle Layers, CICs and large AIFIs; mandates Board-level IT Strategy Committee, IT Steering Committee, Head of IT and Head of Information Security. Effective from 01-Apr-2024. Indirectly governs broker-bank and broker-NBFC integrations (e-mandate engines, AA endpoints, V-CIP).

RBI/2023-24/80

Section titled “RBI/2023-24/80”
  • date_issued: 2023-10-31
  • issuer: RBI
  • title: “Regulation of Payment Aggregator - Cross Border (PA - Cross Border)”
  • applies_to: all-intermediaries
  • in_force_date: immediate
  • status: superseded
  • superseded_by: RBI/DPSS/2025-26/141
  • impact_areas: client-funds, settlement, aml, nri, reporting
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12561&Mode=0

Brings non-bank entities facilitating cross-border import/export payments under direct RBI authorisation as PA-CBs, mandating minimum net-worth (Rs.15 cr at application, Rs.25 cr by 31-Mar-2026), Import Collection Account (ICA) / Export Collection Account (ECA) with AD-I banks, FIU-India registration, per-transaction cap of Rs.25 lakh, and PMLA/KYC compliance. Relevant to brokers using PAs for inbound NRI fund transfers and outbound payouts.

RBI/2023-24/106

Section titled “RBI/2023-24/106”
  • date_issued: 2023-10-19
  • issuer: RBI
  • title: “Master Direction - Reserve Bank of India (Non-Banking Financial Company - Scale Based Regulation) Directions, 2023”
  • applies_to: all-intermediaries
  • in_force_date: 2023-10-19
  • status: in-force
  • impact_areas: mtf, margin, reporting, system-audit, cyber-security
  • primary_url: https://www.rbi.org.in/scripts/BS_ViewMasDirections.aspx?id=12550

Consolidates SBR framework classifying NBFCs into Base/Middle/Upper/Top layers with tiered prudential, governance, and disclosure norms. Broker-affiliated NBFCs (margin trading subsidiaries, holding companies) face layer-appropriate scrutiny on IT, capital, and disclosures. Upper Layer NBFCs must list on a stock exchange within 3 years of classification.

RBI/2023-24/72

Section titled “RBI/2023-24/72”

Aligns KYC Master Direction with the 2023 PMLA Rules, UAPA, and WMD Act amendments; mandates group-level AML/CFT policies, raises Principal Officer rank to management level, allows Board committee to set ML/TF risk assessment frequency, and tightens beneficial-ownership disclosures. Group-level policy and enhanced ML/TF requirements percolate into broker AML programs via the RBI-aligned PMLA framework.

RBI/2023-24/41

Section titled “RBI/2023-24/41”
  • date_issued: 2023-06-08
  • issuer: RBI
  • title: “Guidelines on Default Loss Guarantee (DLG) in Digital Lending”
  • applies_to: all-intermediaries
  • in_force_date: 2023-06-08
  • status: superseded
  • superseded_by: RBI (Digital Lending) Directions, 2025 dated 2025-05-08
  • impact_areas: mtf, margin, other
  • primary_url: https://www.rbi.org.in/scripts/NotificationUser.aspx?Id=12514&Mode=0

Permits Default Loss Guarantee (FLDG) arrangements between REs and LSPs with a cap of 5% of the outstanding loan portfolio, invocation within 120 days of overdue, accepted forms being cash deposits, FDs with lien, or bank guarantees. Affects broker-NBFC tie-ups offering MTF or margin loans via fintech LSP arrangements.

RBI/2023-24/24

Section titled “RBI/2023-24/24”

Permits Aadhaar OTP-based e-KYC in non-face-to-face mode for periodic updation, subject to the customer’s Aadhaar-linked mobile being identical to the one in the RE’s records. Aligns with FATF recommendations and the 2023 PMLA amendments. Provides the RBI-side basis that SEBI/KRAs use for accepting Aadhaar XML/Digilocker-based periodic updation for broker clients.

RBI/2023-24/16

Section titled “RBI/2023-24/16”
  • date_issued: 2023-04-10
  • issuer: RBI
  • title: “Master Direction on Outsourcing of Information Technology Services”
  • applies_to: all-intermediaries
  • in_force_date: 2023-10-01
  • status: in-force
  • impact_areas: system-audit, cyber-security, bcp-dr, reporting
  • primary_url: https://www.rbi.org.in/scripts/BS_ViewMasDirections.aspx?id=12486

Consolidates RBI requirements for outsourcing of IT services by SCBs, SFBs, PBs, UCBs (excl. Tier-1/2), CICs, NBFCs (excl. Base Layer) and AIFIs, mandating Board-approved IT outsourcing policy, due diligence, exit strategies, BCP/DR, and continuous oversight. Brokers’ bank/NBFC technology partners (CKYC providers, V-CIP vendors, hosting partners) face stricter regulatory scrutiny under this regime, indirectly affecting broker technology stacks.

RBI/2022-23/176

Section titled “RBI/2022-23/176”
  • date_issued: 2023-02-10
  • issuer: RBI
  • title: “Acceptance of UPI Payments by Foreign Nationals/Non-Resident Indians visiting India”
  • applies_to: all-intermediaries
  • in_force_date: immediate
  • status: in-force
  • impact_areas: nri, upi-block, onboarding, client-funds
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12453&Mode=0

Permits foreign nationals/NRIs visiting India to make UPI payments using their international mobile numbers linked to NRE/NRO accounts at participating banks; NPCI operationalised via its 10-Jan-2023 OC. Brokers serving NRI clients can extend UPI-based fund pay-in flows for clients with NRE/NRO accounts in the eligible countries (US, UK, SG, CA, AU, OM, QA, AE, SA, HK).

RBI/2022-23/111

Section titled “RBI/2022-23/111”
  • date_issued: 2022-09-02
  • issuer: RBI
  • title: “Guidelines on Digital Lending”
  • applies_to: all-intermediaries
  • in_force_date: 2022-09-02
  • status: superseded
  • superseded_by: RBI (Digital Lending) Directions, 2025 dated 2025-05-08
  • impact_areas: mtf, margin, grievance, dpdp, aa
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12382&Mode=0

Establishes the digital lending framework requiring Key Facts Statement, APR disclosure, no third-party pass-through accounts, data minimisation, customer consent for data sharing, and LSP due diligence. Existing digital loans had to comply by 30-Nov-2022. Directly relevant to broker-affiliated NBFCs/banks offering MTF, margin loans, and pre-funded products via digital apps.

RBI/2022-23/92

Section titled “RBI/2022-23/92”
  • date_issued: 2022-07-14
  • issuer: RBI
  • title: “Master Direction - Credit Card and Debit Card - Issuance and Conduct Directions, 2022”
  • applies_to: all-intermediaries
  • in_force_date: 2022-07-01
  • status: in-force
  • impact_areas: client-funds, mtf, grievance
  • primary_url: https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12300

Sets the eligibility criteria, governance, customer protection, OTP-based card activation, transparent interest rate disclosure, and co-branding rules for banks and NBFCs issuing credit/debit cards. Relevant to broker-bank co-branded cards offering BNPL or trade-linked spending; cross-cuts with the CoFT framework for recurring debits.

RBI/2022-23/64

Section titled “RBI/2022-23/64”
  • date_issued: 2022-06-16
  • issuer: RBI
  • title: “Processing of e-mandate for recurring transactions - Enhancement of limit”
  • applies_to: all-intermediaries
  • in_force_date: immediate
  • status: superseded
  • superseded_by: RBI/2023-24/89
  • impact_areas: mandate, client-funds
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12331&Mode=0

Raises the AFA-free limit for e-mandate recurring transactions from Rs.5,000 to Rs.15,000 per transaction. Reduces friction for broker-collected recurring debits (SIP-like collections, lower-value subscription fees) while preserving AFA for higher-value debits.

RBI/2021-22/162

Section titled “RBI/2021-22/162”

Enables small-value (<= Rs.200) offline digital payments by cards/wallets/mobile, with on-device wallet limit Rs.2,000 (subsequently raised). NPCI operationalised this via UPI Lite (UPI/OC-138, Sep-2022). Mostly tangential to broking but adds a UPI-Lite rail that can be used for low-value fee collections.

CO.DPSS.POLC.No.S-1211/02-14-003/2021-22

Section titled “CO.DPSS.POLC.No.S-1211/02-14-003/2021-22”
  • date_issued: 2021-12-23
  • issuer: RBI
  • title: “Restriction on storage of actual card data [i.e. Card-on-File (CoF)]”
  • applies_to: all-intermediaries
  • in_force_date: 2022-06-30
  • status: in-force
  • impact_areas: client-funds, cyber-security, mandate
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12211

Extends the deadline for purging stored card-on-file data by merchants/PAs/PGs (other than issuers/networks) from 31-Dec-2021 to 30-Jun-2022 (subsequently further extended to 30-Sep-2022). Brokers/PAs collecting card-based subscription fees or recurring MTF interest had to migrate to tokens or move customers to alternate rails (UPI AutoPay, eNACH).

RBI/2021-22/121

Section titled “RBI/2021-22/121”

Launches a single-window grievance redress scheme integrating the Banking Ombudsman 2006, NBFC Ombudsman 2018 and Digital Transactions Ombudsman 2019 schemes, with one portal/email/address for customers of all RBI-regulated entities. Brokers’ partner banks/PAs/NBFC arms fall under this scheme; complaints about funding rails (failed UPI/NEFT/IMPS pay-in or e-mandate failures) are routed here.

RBI/2021-22/126

Section titled “RBI/2021-22/126”

Unifies the erstwhile Banking Ombudsman 2006, NBFC Ombudsman 2018, and Digital Transactions Ombudsman 2019 schemes into a single window with cost-free redress against deficiencies in services by RBI-regulated entities. Broker disputes routed via banking channels (failed pay-in/out, e-mandate failures, UPI-block disputes) ultimately fall within this scheme via the bank/PA/NBFC partner.

RBI/2021-22/110

Section titled “RBI/2021-22/110”
  • date_issued: 2021-10-22
  • issuer: RBI
  • title: “Scale Based Regulation (SBR): A Revised Regulatory Framework for NBFCs”
  • applies_to: all-intermediaries
  • in_force_date: 2022-10-01
  • status: superseded
  • superseded_by: RBI/2023-24/106
  • impact_areas: mtf, margin, reporting, cyber-security
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12179&Mode=0

Introduces the four-layer Base/Middle/Upper/Top regulatory framework for NBFCs based on size, activity, and interconnectedness. Broker-group NBFCs (MTF subsidiaries, holding companies) face tiered prudential/governance norms; Upper Layer NBFCs must list within 3 years. Subsumed into the 2023 SBR Master Direction.

CO.DPSS.POLC.No.S-516/02-14-003/2021-22

Section titled “CO.DPSS.POLC.No.S-516/02-14-003/2021-22”
  • date_issued: 2021-09-07
  • issuer: RBI
  • title: “Tokenisation - Card Transactions: Permitting Card-on-File Tokenisation (CoFT) Services”
  • applies_to: all-intermediaries
  • in_force_date: immediate
  • status: in-force
  • impact_areas: client-funds, cyber-security, mandate
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12159&Mode=0

Permits authorised card networks to offer Card-on-File Tokenisation services and prohibits storage of actual card data by any entity in the transaction chain other than card issuer/network. Brokers and PAs accepting card-based recurring debits had to migrate to tokens with explicit customer consent and AFA validation. Final cut-off was 01-Oct-2022 after extensions.

RBI/2021-22/95

Section titled “RBI/2021-22/95”

Permits CoFT via card networks/issuers from 01-Jan-2022 and prohibits storage of actual card data by any entity in the transaction chain other than card issuer/network. Brokers and their PAs accepting card-based recurring fees/subscription must adopt token-based flows; cross-cuts with the e-mandate framework.

RBI/2021-22/82

Section titled “RBI/2021-22/82”

Consolidates PPI framework into Small PPIs (minimum-detail) and Full-KYC PPIs (full KYC per RBI KYC MD); raises Full-KYC PPI limit to Rs.2 lakh; mandates interoperability; permits cash withdrawal from full-KYC non-bank PPIs. Brokers offering PPI-linked spending products or co-branded wallets must follow this regime.

CO.DPSS.POLC.No.S-469/02-14-003/2021-22

Section titled “CO.DPSS.POLC.No.S-469/02-14-003/2021-22”

Extends the device-based tokenisation framework beyond mobile phones/tablets to laptops, desktops, wearables, and IoT devices. Cards used for broker pay-in flows on web platforms could now be tokenised on desktop browsers without storing actual card data.

RBI/2021-22/41

Section titled “RBI/2021-22/41”

Permits authorised card networks to extend tokenisation services beyond mobile/tablet to laptops, desktops, wearables and IoT devices. Brokers’ desktop web checkout flows benefit by allowing card payments to be tokenised at all consumer endpoints.

RBI/2021-22/35

Section titled “RBI/2021-22/35”

Enhances V-CIP with facial recognition, formalises risk-based periodic KYC updation timelines (2 yrs high-risk, 8 yrs medium-risk, 10 yrs low-risk), and permits self-declaration via email/mobile/digital channels for routine updates where no change has occurred. Broker re-KYC alignment with SEBI’s risk-based schedule for low/medium/high risk clients draws directly from this RBI framework.

RBI/2020-21/87

Section titled “RBI/2020-21/87”
  • date_issued: 2021-01-05
  • issuer: RBI
  • title: “Introduction of Legal Entity Identifier for Large Value Transactions in Centralised Payment Systems”
  • applies_to: all-intermediaries
  • in_force_date: 2021-04-01
  • status: in-force
  • impact_areas: settlement, reporting, non-individual
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12022&Mode=0

Mandates LEI for all RTGS/NEFT transactions of Rs.50 crore and above by non-individual entities, effective 01-Apr-2021. Applies to brokers, exchanges and clearing corps for high-value fund movements; non-individual broker entities also require LEI for cross-border transactions of Rs.50 crore+ effective 01-Oct-2022.

RBI/2020-21/80

Section titled “RBI/2020-21/80”
  • date_issued: 2020-12-18
  • issuer: RBI
  • title: “Amendment to Master Direction (MD) on KYC - Centralized KYC Registry - Roll out of Legal Entity Template & other changes”
  • applies_to: all-intermediaries
  • in_force_date: 2021-04-01
  • status: in-force
  • impact_areas: onboarding, re-KYC, non-individual, reporting, file-format
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12008&Mode=0

Extends CKYCR coverage to Legal Entities, requiring REs to upload KYC for LE accounts opened on or after 01-Apr-2021. Customers with a CKYC identifier can authorise REs to fetch existing records via consent, removing duplicate document submission unless info has changed or EDD applies. Aligns RBI-side CKYC plumbing with SEBI KRA/CKYCRR pipelines used by brokers for non-individual onboarding.

RBI/2020-21/70

Section titled “RBI/2020-21/70”

Makes RTGS available 24x7 effective 00:30 hrs on 14-Dec-2020. Enables broker-side large-value fund movement (e.g. UCC settlement bank, custodian payouts, FPI pay-in) across all hours, which removed the gating constraint on weekend/holiday large-value transfers between brokers and settlement banks.

RBI/2020-21/74

Section titled “RBI/2020-21/74”
  • date_issued: 2020-12-04
  • issuer: RBI
  • title: “Processing of e-mandates for recurring transactions”
  • applies_to: all-intermediaries
  • in_force_date: 2021-01-01
  • status: superseded
  • superseded_by: RBI/2022-23/64
  • impact_areas: mandate, upi-block, client-funds, aml
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12002

Raises the Additional Factor of Authentication (AFA) relaxation threshold for e-mandates and standing instructions on cards, PPIs, and UPI from Rs.2,000 to Rs.5,000 per transaction, effective 01-Jan-2021; transactions above the limit require AFA each cycle. Non-compliant SI arrangements had to cease by 31-Mar-2021. Applies to broker-side recurring debits for SIPs, MTF interest, and subscription products routed via banking rails.

RBI Master Direction DPSS.CO.PD.No.1810/02.14.008/2019-20

Section titled “RBI Master Direction DPSS.CO.PD.No.1810/02.14.008/2019-20”
  • date_issued: 2020-03-17
  • issuer: RBI
  • title: “Guidelines on Regulation of Payment Aggregators and Payment Gateways”
  • applies_to: all-intermediaries
  • in_force_date: 2020-04-01
  • status: superseded
  • superseded_by: RBI/DPSS/2025-26/141
  • impact_areas: client-funds, settlement, upstreaming, grievance, cyber-security
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11822

Foundational PA-PG regime requiring RBI authorisation for non-bank PAs, escrow account regime in place of nodal accounts, net-worth (Rs.15-25 cr), governance, KYC/AML, merchant due diligence and grievance officer. Superseded in toto by the consolidated PA Directions 2025 (15-Sep-2025) but operative for almost the entire 2020-2025 review period for broker pay-in/pay-out flows.

RBI/DPSS/2019-20/174

Section titled “RBI/DPSS/2019-20/174”
  • date_issued: 2020-03-17
  • issuer: RBI
  • title: “Guidelines on Regulation of Payment Aggregators and Payment Gateways”
  • applies_to: all-intermediaries
  • in_force_date: 2020-04-01
  • status: superseded
  • superseded_by: [unknown — verify] (PA Master Direction Sep 2025)
  • impact_areas: client-funds, upstreaming, settlement, cyber-security, grievance
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11822

Brings non-bank Payment Aggregators (PAs) under RBI authorisation with net-worth thresholds (Rs.15-25 crore), mandatory escrow account regime in lieu of nodal accounts, governance, KYC of merchants, and grievance officer requirements. Directly relevant to brokers using PAs for client fund collection (e-mandate/UPI/cards) and to fund pay-in/pay-out routing.

RBI/2019-20/138

Section titled “RBI/2019-20/138”
  • date_issued: 2020-01-09
  • issuer: RBI
  • title: “Amendment to Master Direction (MD) on KYC”
  • applies_to: all-intermediaries
  • in_force_date: immediate
  • status: superseded
  • superseded_by: RBI/2021-22/35
  • impact_areas: onboarding, kyc-modification, aml, digi-locker, esign
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11783&Mode=0

Introduces Video-based Customer Identification Process (V-CIP) as an alternate digital onboarding method requiring real-time encrypted audiovisual interaction with geotagging and concurrent audit verification. Operationalises Digital KYC, equivalent e-documents, and Aadhaar-based offline/online authentication aligned with the amended PML Rules. This is the cornerstone amendment that enabled banks/NBFCs to onboard customers remotely, mirroring the path SEBI later adopted for broker KYC.

RBI/2019-20/138 (consolidated)

Section titled “RBI/2019-20/138 (consolidated)”
  • date_issued: 2020-01-09
  • issuer: RBI
  • title: “Amendment to Master Direction (MD) on KYC - Permitting Video-based Customer Identification Process (V-CIP)”
  • applies_to: all-intermediaries
  • in_force_date: immediate
  • status: in-force
  • impact_areas: onboarding, esign, digi-locker, aml
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11783&Mode=0

Lays out the operational requirements for V-CIP: live video by trained official, randomised question for liveness, geotagging within India, document images side-by-side with face, encryption, audit trail. SEBI’s video-IPV framework for broker onboarding (Apr-2020) shares the bulk of these design requirements; the RBI MD remains the regulatory anchor for V-CIP used in bank-arms of brokers.

RBI/DOS/CSITE/BC.4083/2019-20

Section titled “RBI/DOS/CSITE/BC.4083/2019-20”

Issues a graded cyber-security framework (Levels I-IV) for UCBs based on digital depth and payment-system interconnectedness. Tangentially relevant where brokers use UCB settlement banks for client funds (rare, but in-scope for the bank side of the pipeline).

RBI/2019-20/111

Section titled “RBI/2019-20/111”

Makes NEFT available 24x7x365 from 16-Dec-2019 (issued just before the 2020 review window but operative throughout it). Combined with RTGS 24x7 (effective 14-Dec-2020), brokers’ fund pay-in and pay-out flows can now move outside banking hours, enabling intra-day liquidity transfers, weekend funding for next-day settlement, and EOD margin top-ups.

RBI/DNBS/2016-17/53

Section titled “RBI/DNBS/2016-17/53”
  • date_issued: 2017-06-08
  • issuer: RBI
  • title: “Master Direction - Information Technology Framework for the NBFC Sector”
  • applies_to: all-intermediaries
  • in_force_date: 2017-06-08
  • status: superseded
  • superseded_by: RBI/2023-24/107
  • impact_areas: system-audit, cyber-security, bcp-dr, reporting
  • primary_url: https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=10999

Issues IT governance, policy, information security, IT operations, IS audit (at least annually), BCP/DR and IT outsourcing baseline for NBFCs; Systemically Important NBFCs to comply by 30-Jun-2018, others below Rs.500 cr by 30-Sep-2018. Now superseded by the 2023 IT Governance Master Direction but is foundational for broker-affiliated NBFC IT controls during 2020-2024.

RBI Master Direction DNBR.PD.009/03.10.119/2016-17

Section titled “RBI Master Direction DNBR.PD.009/03.10.119/2016-17”
  • date_issued: 2016-09-02
  • issuer: RBI
  • title: “Master Direction - Non-Banking Financial Company - Account Aggregator (Reserve Bank) Directions, 2016”
  • applies_to: all-intermediaries
  • in_force_date: 2016-09-02
  • status: in-force
  • impact_areas: aa, dpdp, onboarding, kyc-modification
  • primary_url: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=10598&Mode=0

Establishes the NBFC-AA category as a regulated consent intermediary that “retrieves, collects, consolidates, organises and presents” customer financial information without storing/transacting on it. Updated 06-Sep-2024 to classify NBFC-AAs as Base Layer NBFCs, mandate adherence to RBI Operational Risk Management Guidance (Apr 2024), and to bring them under RB-Integrated Ombudsman Scheme 2021. Brokers using AA-sourced bank-statement data for income proof, MTF underwriting, or limit assignment depend on this framework.

RBI/2015-16/418

Section titled “RBI/2015-16/418”

Mandates banks to put in place a Board-approved cyber-security policy distinct from IT/IS policy, a cyber-crisis management plan, baseline controls, and reporting of unusual incidents to RBI’s CSITE Cell. Foundational for bank-broker integrations, settlement bank cyber requirements, and ancillary controls flowing into broker partner-bank obligations.

RBI Master Direction DBR.AML.BC.No.81/14.01.001/2015-16

Section titled “RBI Master Direction DBR.AML.BC.No.81/14.01.001/2015-16”
  • date_issued: 2016-02-25
  • issuer: RBI
  • title: “Master Direction - Know Your Customer (KYC) Direction, 2016”
  • applies_to: all-intermediaries
  • in_force_date: 2016-02-25
  • status: in-force
  • impact_areas: onboarding, re-KYC, kyc-modification, aml, fatca-crs, non-individual, minor-joint, nri, dormant, closure, transmission
  • primary_url: https://www.rbi.org.in/scripts/bs_viewmasdirections.aspx?id=11566

The foundational RBI KYC Master Direction codifying CDD, EDD, simplified DD, beneficial ownership, periodic updation, record-keeping, FATF compliance, FATCA/CRS reporting, and PEP handling. Continuously amended (Jan 2020 V-CIP, Dec 2020 CKYC LE, May 2021 facial-recognition V-CIP, Apr 2023 NFTF e-KYC, Oct 2023 PMLA alignment, Nov 2024 UCIC-level CDD, Jun 2025 update). Broker KYC under SEBI/PMLA closely mirrors this MD for bank-broker overlap (joint clients, beneficial ownership, screening lists).

Practical notes

Section titled “Practical notes”
  • [gotcha] Circular IDs are case-sensitive and the issuer’s exact punctuation matters when looking them up on the official site.
  • [industry practice] Most ops teams subscribe to the issuer’s email distribution list rather than scraping the site — leads to more reliable real-time tracking.
  • [risk trade-off] Some entries are marked [unknown — verify] where the agent could not re-fetch the primary URL or the document used informal numbering; treat those as leads, not citations.

Verified through

Section titled “Verified through”

2026-05-14

AI-generated and not legal advice. See the project README for the full disclaimer.

Built by Rakesh Waghela — Technology & Product Consultant

LinkedIn @webiyo Topmate

Available for consulting and collaboration on technology, product strategy, and system architecture. Connect on LinkedIn.

· We respect your privacy and comply with GDPR

Disclaimer: This documentation was generated using Claude Code, an AI-powered LLM by Anthropic, as a research and capability estimation exercise. AI models can hallucinate — information here may be inaccurate, incomplete, or outdated. Any resemblance to the products or documentation of any specific vendor or organization is purely coincidental and unintended. This project is not directly inspired by any particular product, vendor, or proprietary system, and no plagiarism is intended. All content is based on publicly available information. This is not legal, financial, or compliance advice.