KYC/AML/CFT Obligations for Payment System Operators

Live · in forceNo withdrawal recorded as of 20 Jun 2026. Reviewed by Vikram Jain; always verify against the official RBI source below.

Issued by RBI: 22 Dec 2009 · Decoded by BankPulse: 20 Jun 2026, 17:18 IST

⏱ ~2 min read

Quick answerRBI mandates all PSS Act-authorized payment system operators to implement Board-approved KYC/AML/CFT policies under PMLA 2002, covering cross-border remittances and agent compliance, effective December 22, 2009.

What changed

Payment system operators were brought under the Prevention of Money Laundering Act, 2002 via the 2009 amendment, requiring them to adopt KYC/AML/CFT guidelines. RBI issued detailed instructions in Annex-I and Annex-II for cross-border inward remittances, aligned with FATF recommendations. Operators must ensure their agents and sub-agents also comply with these norms.

What it means for you

Banks and payment firms must formalize KYC/AML/CFT frameworks with board approval, increasing compliance costs but strengthening anti-money laundering defenses. Non-compliance risks penal action under the PSS Act. The circular extends liability to agents, requiring robust oversight of third-party networks.

What you must do

Review and update your KYC/AML/CFT policy with board approval to align with PMLA 2002 and FATF standards.
Ensure cross-border inward remittance processes comply with the detailed guidelines in Annex-I and Annex-II.
Verify that all agents and sub-agents adhere to these KYC/AML/CFT norms and document their compliance.
Communicate the circular's contents to all relevant constituents and maintain audit trails.
Prepare for potential penal provisions under the PSS Act for any guideline violations.

Who it affects

All payment system operators authorized under the Payment and Settlement Systems Act, 2007, Agents and sub-agents of payment system operators in India, Banks involved in cross-border inward remittance activities

What is the legal basis for these KYC/AML/CFT guidelines?

The guidelines are issued under Section 18 of the Payment and Settlement Systems Act, 2007, and are mandated by the Prevention of Money Laundering Act, 2002 as amended in 2009.

Do these guidelines apply to agents of payment system operators?

Yes, the guidelines apply mutatis mutandis to all agents and sub-agents, and the operator is solely responsible for ensuring their compliance.

What happens if a payment system operator does not comply?

Non-compliance attracts penal provisions under the PSS Act or the rules made thereunder, as stated in the circular.

Key dataSee the live numbers behind this topic: RBI Penalty Tracker, Credit & Deposit Growth — updated from official RBI data.

AI-drafted · 3-model AI consensus fact-check · under the editorial review of Vikram Jain · decoded & published by BankPulse · 20 Jun 2026, 17:18 IST

Official RBI source: https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=5432&Mode=0 — Plain-English summary by BankPulse (bankpulse.ai), reviewed by Vikram Jain. Independent platform, not affiliated with the Reserve Bank of India; never reproduces RBI text verbatim.