Following the Reserve Bank of India’s (RBI) draft guidelines on offline payment aggregators (PAs), several fintech players and industry associations have started to submit their feedback to the regulator, attempting to make a strong case for doing away with the mandate of full Know Your Customer (KYC) details of their merchants.
While players like Decentro have already shared their suggestions to the RBI, others like PhonePe, BharatPe, and Mobikwik, along with industry bodies like the Payment Council of India (PCI), are deliberating with the members to draft the same.
The common pitch, however, remains the same across the board—easing full KYC requirements, including physical verification for small and medium category merchants to heightened operational expenses that come along.
“PAs have the most queries on KYC cost for small and medium merchants, as physical KYC verification across the country is a costly affair. So, most PAs are trying to seek whether there is any alternative cost-effective way to do the verification,” said Vishwas Patel, joint Managing Director, Infibeam Avenues and Chairman of PCI.
The industry body is collecting feedback from its members, including PAs like Billdesk, Infibeam, Cashfree, Mswipe, Paytm, and PayU, and will submit feedback before the deadline of May 31.
After mandating non-bank online payment gateways to secure PA licence, the RBI has now decided to bring offline payment service providers, i.e., the ones facilitating face-to-face transactions via PoS or QR codes, under its purview.
Two consultation papers
Two consultation papers were floated on April 16. The first deals with activities of offline PAs, while the second proposes to strengthen the ecosystem’s safety by expanding instructions for KYC, due diligence of existing and new merchants and operations in escrow accounts for both online and offline providers.
Since a full KYC is typically done by banks while opening a settlement account for merchants, PAs have been restricting their role to a “light touch” KYC.
This includes e-KYC (onboarding via verification of documents like Aadhaar or Digilock) or remotely via video, which captures live photographs of the customer by an authorised agent.
However, the proposed rules mandate them to undertake a full bank-grade KYC verification, including an in-person visit to the merchant outlets for checks, i.e. Contact Point verification (CPV). Meanwhile, a re-KYC is suggested for existing merchant clients.
While some of the players are hoping for a complete pushback of the full KYC requirement for small and medium merchants, others are attempting to reach a middle ground by pitching to make it necessary only for “high-risk merchants”.
Who are high-risk merchants?
A merchant is usually classified to be in the high-risk category, if the industry has a higher risk of fraud and chargebacks, such as gaming and crypto.
“We have requested the RBI to reconsider the CPV requirement for small and medium merchants. In-person verification can be restricted to high- risk merchants,” said Rohit Taneja, Founder and CEO, Decentro.
Meanwhile, some PAs are planning to request an extension and division of timelines to complete the due diligence of the existing merchants (online and offline) based on the risk they carry—as opposed to an umbrella deadline of September 30, 2025, for all.
For instance, PAs could complete full KYC verification of high-risk merchants on first priority, within the first 12 months, followed by the verification of medium- and low-risk merchants in the next 24 and 36 months, respectively, a senior executive of a payments firm said.
Digital CPV, third-party settlements
Another founder of an omnichannel payments firm said they have submitted to the RBI for carrying out “Digital CPV” as it may not only keep the cost intact but also addresses limitations of the traditional CPV method.
“A traditional CPV would not guarantee 100 percent result. What if the establishment is rented, or is shared among multiple businesses? Discrepancies can arise even then. Digital CPV could serve the same purpose rather better by leveraging new-age technologies like geotagging, facial recognition etc.,” he said.
Further, some players have suggested to allow PAs to continue with collection and settlement of funds into third party accounts, as directed by merchant clients.
The proposed rules suggest stopping this industry practice of direct settlement of funds from the merchant’s (particularly a marketplace) escrow account to vendors, also called split settlement.
The PAs argue that this could disrupt the business policies of small marketplaces which typically do not open escrow or pass-through accounts with banks, and rely on PAs for the service.
“Some fintechs are requesting to limit this practice to marketplaces with a closed ecosystem; the ones which are registered and full-time contract-vendors,” mentions Astha Srivastava, Principal Associate, Ikigai Law.
Touted as gatekeepers, non-bank PAs have come under RBI lens for severe lapses in the due diligence process of merchants who have been carrying out illegal and fraudulent activities either directly or indirectly via another entity in the backend.
In many instances, KYC details were false. In some cases, merchants were registered as travel companies but were engaged in the transfer of cryptocurrencies and betting. There were also instances of many businesses operating under a single KYC merchant.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
