Particle.news

Download on the App Store

RBI Proposes Unified Digital Banking Regulations With Stricter Security Rules

Open for public comment until August 11, the RBI’s draft digital banking directions aim to unify authorization standards by enforcing mandatory customer consent, prior RBI approvals, rigorous cybersecurity audits, bans on third-party product displays

Image
Image
Image

Overview

  • The draft Digital Banking Channels Authorisation Directions, 2025, issued on July 21, consolidate over 15 legacy circulars and invite feedback through the RBI’s Connect 2 Regulate platform until August 11
  • Banks must obtain prior RBI approval before launching full-scale transactional services such as fund transfers, loan applications and other online offerings
  • View-only services including balance enquiries and statement downloads can operate without approval if banks meet core banking, IPv6-compliant infrastructure and a minimum net worth of ₹50 crore criteria
  • Banks are required to secure explicit, documented customer consent with transparent disclosures on fees and risks and may not compel digital channel adoption for unrelated services like debit cards
  • Financial institutions must submit a CERT-In empanelled auditor’s report on internal IT controls, implement risk-based transaction monitoring and fraud surveillance and obtain explicit RBI permission before displaying any third-party products