RBI gives compliance breather for small-merchant UPI transactions

The Reserve Bank of India’s (RBI’s) latest clarification on Unified Payments Interface (UPI) transactions is set to bring relief to fintech players, such as PhonePe and Paytm, particularly those with deep merchant-acquiring netwo­rks in the unorganised retail segment. 

In a communication to the industry, the RBI clarified that UPI transactions proce­ssed for small merchants in the unorganised retail sector — commonly referred to as P2PM (peer-to-peer merchant) — do not require a payment aggregator (PA) partner, according to multiple industry sources. 

Business Standard has reviewed an email from the Self-Regulated PSO Associ­ation (SRPA) detailing the RBI’s response on the matter. 

The clarification follows industry representations seeking clarity on whether PA norms apply to P2PM transactions, which typically involve small merchants and low ticket sizes. The RBI and National Payments Corporation of India did not respond to detailed queries sent by Business Standard. 

With P2PM transactions now explicitly kept outside the purview of the Master Directions on Payment Aggr­e­gators (MD-PA), which man­date stringent due dili­gence, including Know Your Cust­omer (KYC) norms, the move is expected to ease com­plian­ce pressure on large fintech firms, such as PhonePe and Paytm.

 

These companies have extensive merchant-acquiring footprints, including widespread deployment of QR codes and soundboxes among long-tail merchants.

 

“It is advised that transactions as mentioned above (P2PM) do not require a PA and, as such, fall outside the purview of MD-PA. Further, the responsibility for conducting due diligence of P2PM merchants rests with the acquiring bank (payee PSP), in accordance with its internal policies,” the RBI said in its communication to the SRPA, the self-regulatory organisation for payment system operators.

 

The central bank also clarified that any intermediary facilitating P2PM transactions by providing technology support should be classified as a technology service provider (TSP) to the payee payment service provider (PSP).

 

The RBI’s position comes against the backdrop of the unique structure of P2PM transactions, where funds move directly from the customer’s bank account to the merchant’s bank account through UPI rails, without any holding or pooling of funds by an intermediary. The P2PM category was introduced by the NPCI in 2019.

 

This is in contrast to other peer-to-merchant (P2M) models, where licensed payment aggregators handle funds and settle them periodically through designated escrow accounts.

 

Vishwas Patel, managing director of AvenuesAI Ltd and chairman of the Payments Council of India, welcomed the RBI’s clarification. “This provides much-needed operational clarity for the payments ecosystem. By clearly distinguishing between fund-handling entities and technology facilitators, the guidance ensures proportionate regulation aligned with actual risk exposure,” said Patel.

 

Industry executives estimate that while such small merchants account for a majority of transaction volumes, they contribute less than 20 per cent of the total transaction value on a cumulative basis.

 

Original concerns 

The industry had sought clarity amid growing concerns over unit economics. Fintech firms feared that the high cost of merchant KYC under the PA framework could force them to offboard low-value merchants, potentially pushing them out of the digital payments ecosystem.

 

“The market may grow further now. For such merchants, bank account KYC is sufficient, and additional KYC could become a burden. These are mobile merchants such as street vendors or gig drivers who accept small-ticket monthly payments,” a source familiar with the matter said.

 

Under the PA norms issued in September 2025, fintech firms were required to complete prescribed due diligence for all merchants onboarded until December 31, 2025, within one year of the publication of the norms.

 

With P2PM now clarified as being outside the PA framework, such merchants may no longer be subject to scrutiny under those guidelines, with the onus shifting to acquiring banks.

 

However, some in the industry cautioned against complacency. “The circular is welcome, but PAs will need to ensure optimal compliance wherever required and not shift liability to third-party verifiers. Just because KYC for smaller merchants is lenient does not mean proper due diligence should not be followed,” another source said. 

RBI’s latest clarifications

• Peer-to-peer merchant (P2PM) transactions do not require a payment aggregator (PA) partner
• Funds move directly between customer and merchant accounts via UPI; no pooling or holding is involved
• Due diligence for P2PM merchants rests with acquiring banks or payee PSPs
• Firms providing tech support classified as tech service providers