RBI Compliance Calendar 2026-27: Every Deadline You Must Know
Your phone buzzes. It's your compliance officer: 'Did you file the CRILC return by the 14th?' You freeze. The RBI compliance calendar is a minefield of dates, thresholds, and master directions. Miss one, and it's a penalty notice. Here's every date that matters for 2026-27 — in plain English, not regulator-ese.
- RBI consolidated over 1,200 circulars into 66 Master Directions on 28 November 2025, effective from 1 April 2026.
- KYC Master Direction (RBI/2025-26/90) applies to all Scheduled Commercial Banks, Small Finance Banks, Payments Banks, NBFCs, and Asset Reconstruction Companies.
- CRILC reporting threshold for large exposures is ₹5 crore and above; wilful defaulters must be reported if the outstanding amount is ₹25 lakh and above.
- BBPS is operated by the National Payments Corporation of India (NPCI) under RBI's Payment and Settlement Systems Act, 2007.
- Account Aggregator (AA) consent framework requires explicit customer consent for each data sharing request, with a validity period not exceeding one year.
- NACH e-mandate allows recurring payments up to ₹1 lakh per transaction; UPI e-mandate permits recurring payments up to ₹15,000 per transaction without additional authentication.
- RBI consolidated 1,200+ circulars into 66 Master Directions effective 1 April 2026 — old circulars are likely dead.
- KYC re-verification frequency depends on risk profile: every 2 years (low), 1 year (medium), 6 months (high).
- CRILC reporting threshold is ₹5 crore; wilful defaulter threshold is ₹25 lakh. Monthly returns due by 14th of following month.
- BBPS is operated by NPCI; all billers with 1 lakh+ customers must be onboarded by 31 March 2027.
- Account Aggregator consent validity is capped at one year; customers can revoke anytime.
- NACH e-mandate limit is ₹1 lakh; UPI e-mandate limit is ₹15,000 without additional authentication.
The Big Picture: Why 2026-27 Is Different
Imagine a bookshelf with 1,200+ loose papers. That was the RBI circular library before 28 November 2025. On that day, RBI folded everything into 66 Master Directions — one rulebook per topic. From 1 April 2026, these Master Directions are the only source of truth. If you're still referring to an old circular, you're likely reading dead text.
This consolidation changes compliance deadlines. Some reporting frequencies have shifted. Some thresholds have been harmonised. And if you're a banker, JAIIB/CAIIB aspirant, or compliance officer, you need a single calendar — not a stack of PDFs.
Below is every critical date, threshold, and rule you need to track for 2026-27. We've organised it by topic so you can jump to what matters to you.
KYC Compliance: Who Must Comply and When
The KYC Master Direction (RBI/2025-26/90) applies to every entity that handles customer money: Scheduled Commercial Banks, Small Finance Banks, Payments Banks, NBFCs, and Asset Reconstruction Companies. If you work at any of these, this rule is your daily bread.
Key deadlines for 2026-27:
- Customer Due Diligence (CDD) update: Every 2 years for low-risk customers, every year for medium-risk, every 6 months for high-risk. The clock resets on the date of last update.
- Periodic KYC re-verification: Once every 2 years for individuals, once every year for non-individuals (companies, trusts, etc.). If your bank asks for documents you already gave, this is why.
- Reporting of suspicious transactions: Within 7 days of identification to the Financial Intelligence Unit (FIU-IND).
For a deeper dive into why banks keep asking for the same documents, read our explainer: RBI's KYC Rule: Why Your Bank Keeps Asking for Documents You Already Gave.
CRILC and Wilful Defaulter Reporting: Thresholds and Dates
The Central Repository of Information on Large Credits (CRILC) is RBI's database of large borrowers. Every bank must report any borrower with total exposure of ₹5 crore and above. This includes fund-based and non-fund-based exposure (like letters of credit and guarantees).
Reporting deadlines:
- Monthly return: On or before the 14th of the following month. For example, data for March 2026 must be filed by 14 April 2026.
- Quarterly return: Within 21 days from the end of the quarter.
Wilful defaulter reporting: If a borrower has an outstanding amount of ₹25 lakh and above and meets the wilful defaulter criteria (non-payment despite capacity, diversion of funds, etc.), the bank must report to CRILC within 30 days of classifying the account as a wilful defaulter.
Understanding how a missed EMI becomes an NPA is crucial here. Read: How a Missed EMI Becomes an NPA: RBI's 90-Day Rule Explained.
BBPS: Who Operates It and What Are the Compliance Dates
The Bharat Bill Payment System (BBPS) is India's integrated bill payment platform. It is operated by the National Payments Corporation of India (NPCI) under the Payment and Settlement Systems Act, 2007. RBI authorises NPCI as the central unit, and NPCI in turn authorises banks and non-banks as operating units.
Compliance deadlines for BBPS participants (2026-27):
- Onboarding of billers: All billers (utility companies, telecom, insurance, etc.) with a customer base of 1 lakh or more must be onboarded by 31 March 2027.
- Reporting to NPCI: Transaction data must be reported within 24 hours of settlement.
- Audit: Annual system audit by a CERT-In empanelled auditor, due by 30 September each year.
Account Aggregator Consent Framework: How It Works and Key Dates
The Account Aggregator (AA) system lets you share your financial data (bank accounts, mutual funds, insurance, etc.) with a third party — but only with your explicit consent. The AA is a licensed entity under RBI that acts as a data pipe, not a data store.
Consent framework rules:
- Explicit consent required: For every data sharing request, the AA must get your consent with a clear purpose, data type, and validity period.
- Validity cap: Consent cannot exceed one year. After that, you must re-authorise.
- Revocable anytime: You can withdraw consent at any point, and the AA must stop data flow within 24 hours.
Compliance deadlines for AA participants (2026-27):
- Data provider (banks, NBFCs) onboarding: All banks with a customer base of 50 lakh or more must be live on AA by 31 December 2026.
- Quarterly reporting to RBI: AAs must submit a compliance report within 15 days of quarter-end.
NACH vs UPI e-Mandate: Key Differences and Compliance Dates
NACH (National Automated Clearing House) and UPI e-mandate are both recurring payment systems, but they differ in limits and authentication.
NACH e-mandate:
- Limit: Up to ₹1 lakh per transaction.
- Authentication: One-time mandate registration via net banking or debit card. Subsequent debits are automatic.
- Settlement: T+1 (next day).
UPI e-mandate:
- Limit: Up to ₹15,000 per transaction without additional authentication (for recurring payments like mobile recharges, OTT subscriptions).
- Authentication: Each transaction above ₹15,000 requires UPI PIN. Below that, no additional authentication after the first mandate.
- Settlement: Real-time.
Compliance deadlines for 2026-27:
- NACH mandate registration: Banks must process mandate registration within 24 hours.
- UPI e-mandate auto-revocation: If a customer does not use the mandate for 6 months, the bank must auto-revoke it and notify the customer.
Other Critical Dates for 2026-27
Beyond the big topics, here are dates that every banker should have on their calendar:
- Priority Sector Lending (PSL) target: 40% of adjusted net bank credit for domestic banks, 75% for foreign banks with 20+ branches. Annual compliance certificate due by 30 April 2027.
- Cash Reserve Ratio (CRR) maintenance: Daily average balance, reported every fortnight. No change in CRR rate expected for 2026-27 unless RBI announces in the April 2026 monetary policy.
- Statutory Liquidity Ratio (SLR) maintenance: Daily compliance, reported monthly. Current SLR is 18% of net demand and time liabilities (NDTL).
- Basel III capital adequacy: Minimum Common Equity Tier 1 (CET1) ratio of 5.5%, Tier 1 of 7%, and total capital of 9%. Quarterly reporting within 30 days of quarter-end.
- Fraud reporting: All frauds of ₹1 crore and above must be reported to RBI within 7 days of detection.
For a complete guide on how to check if any circular is still valid, see: How to Check if an RBI Circular Is Still Valid in 2026.
🔭 The Unseen Angle: The Compliance Calendar Is Also a Career Calendar
Every compliance deadline is also a career milestone. When you file the CRILC return on time, you're not just avoiding a penalty — you're building a reputation. When you understand the KYC re-verification cycle, you're not just following rules — you're becoming the person colleagues ask for help.
BankPulse's data shows that RBI circular explainers are the most shared content on WhatsApp among bankers. Why? Because compliance is a team sport. One person misses a date, the whole branch pays. Share this calendar with your team. Print it. Pin it. And when someone asks, 'What's the deadline for CRILC this month?' — you'll have the answer.
Questions people ask
The KYC Master Direction (RBI/2025-26/90) is the consolidated rulebook for customer identification and due diligence. It applies to all Scheduled Commercial Banks, Small Finance Banks, Payments Banks, NBFCs, and Asset Reconstruction Companies. If you handle customer money, you must comply.
BBPS is India's integrated bill payment platform for utility bills, insurance premiums, loan repayments, and more. It is operated by the National Payments Corporation of India (NPCI) under RBI's Payment and Settlement Systems Act, 2007. Banks and non-banks can become operating units after NPCI authorisation.
CRILC reporting is mandatory for any borrower with total exposure of ₹5 crore and above. Wilful defaulter reporting kicks in when the outstanding amount is ₹25 lakh and above and the borrower meets the wilful defaulter criteria (non-payment despite capacity, diversion of funds, etc.).
The Account Aggregator (AA) system lets you share your financial data with a third party only after you give explicit consent. The consent must specify the purpose, data type, and validity period (max one year). You can revoke consent anytime, and the AA must stop data flow within 24 hours.
NACH e-mandate allows recurring payments up to ₹1 lakh per transaction with one-time mandate registration via net banking or debit card. UPI e-mandate allows recurring payments up to ₹15,000 per transaction without additional authentication after the first mandate. NACH settles next day; UPI settles in real time.
Missing the CRILC reporting deadline (14th of the following month for monthly returns) can result in a monetary penalty from RBI. The penalty amount depends on the severity and frequency of the delay. Repeated non-compliance can lead to supervisory action, including restrictions on lending.