Loading...

Home >> Blog >> RBI's New E-Mandate Rule 2026: ₹15,000 No-OTP Limit | Finowings

RBI's New E-Mandate Rule 2026: ₹15,000 No-OTP Limit | Finowings

   


Summary

  • RBI's 2026 e-mandate framework consolidates 8 older circulars into one unified rulebook, replacing the earlier ₹5,000 no-OTP limit set back in 2021.
  • Recurring payments up to ₹15,000 no longer need OTP each cycle — this covers most subscriptions, utility bills, and small EMIs.
  • SIPs, insurance premiums, and credit card bills get a higher ₹1,00,000 no-OTP limit, making these auto-debits far less likely to fail due to a missed OTP.
  • Loan EMIs above ₹15,000 are NOT covered by the higher limit — those still require OTP authentication every single time.
  • You still get a mandatory 24-hour pre-debit alert for every payment, with the option to opt out of a single transaction without cancelling the entire mandate.
  • As of July 2026, this remains the current, active rule — no re-registration needed for existing SIPs, insurance mandates, or subscriptions already set up.

RBI's New E-Mandate Regulation: What Changed in 2026 and What It Means for You

In 2026, RBI issued the Digital Payments – E-mandate Framework, replacing 8 older circulars. The headline change: recurring payments up to ₹15,000 no longer need an OTP each time, and SIPs, insurance premiums, and credit card bills get an even higher ₹1,00,000 no-OTP limit. You still get a mandatory alert 24 hours before every debit, and you can opt out of any single payment without cancelling the whole mandate.

As of July 2026, this remains the current, active framework — no further RBI updates have been issued since it was notified.

If you run a SIP, pay insurance premiums by auto-debit, or have Netflix/subscriptions on autopay, this rule affects you directly. Here's everything explained simply — no legal jargon.

What Is an E-Mandate?

An e-mandate is the standing permission you give a bank or payment app to automatically debit a recurring amount — a SIP instalment, an EMI, an insurance premium, or a subscription fee — without you approving each payment. You set it up once; the deductions then run on their own until you cancel them.

 

 

What Exactly Changed Under the 2026 Framework?

RBI notified the "Digital Payments – E-mandate Framework, 2026" (Circular No. RBI/DPSS/2026-27/396, dated April 21, 2026). It consolidates eight separate circulars issued between 2019 and 2024 into one single rulebook and comes into effect immediately.

The core change is simple: the no-OTP limit for recurring payments has moved from ₹5,000 (the old 2021 rule) up to ₹15,000 for regular auto-debits, and up to ₹1,00,000 for three specific categories — insurance premiums, mutual fund subscriptions (SIPs), and credit card bill payments.

Old Rule vs New Rule: Side-by-Side Comparison

Particular

Old Rule (2021–2024)

New Rule (2026)

General no-OTP limit

₹5,000 per transaction

₹15,000 per transaction

SIP/insurance/credit card bill limit

₹1,00,000 (added later, in 2024)

₹1,00,000 (retained, now unified)

Regulatory structure

Spread across 8 separate circulars

One consolidated Master Direction

Pre-debit alert

24 hours before debit

24 hours before debit (unchanged)

Applicability

Cards mainly, UPI added later

Cards, UPI, and PPIs — one uniform rule

Cross-border coverage

Inconsistent across circulars

Explicitly covered, domestic and cross-border

Card reissuance

Mandates often had to be re-registered

Existing mandate auto-maps to the reissued card

Grievance redressal info

Not always specified in notifications

Must be included in every post-debit alert

When Do You Need to Approve a Payment with OTP?

This is the most-asked question, so here's the direct breakdown:

  • First-ever payment on any mandate: Always needs OTP, no exceptions — even if the amount is small.
  • Recurring payments up to ₹15,000 (subscriptions, most EMIs, utility bills): No OTP is needed after the mandate is set up.
  • SIPs, insurance premiums, credit card bills up to ₹1,00,000: No OTP needed for these three categories specifically.
  • EMI payments above ₹15,000: Still need OTP every single time — loan EMIs are not covered by the ₹1 lakh exception.
  • Anything above ₹15,000 outside the three special categories: OTP required every time.
  • FASTag and NCMC top-ups: Exempted from the pre-debit notification requirement entirely, since they're small, frequent replenishments.

How Does This Affect Your SIPs?

If your monthly SIP instalment is under ₹1,00,000, it can now go through without you approving an OTP each month — as long as the mandate is already registered. You'll still get an alert at least 24 hours before each debit, with the option to skip that specific instalment if you want to.

What doesn't change: your SIP amount, your fund allocation, or your ability to pause or stop the SIP entirely — none of that is affected by this rule. This is purely about the authentication step behind the scenes.

How Does This Affect Your Insurance Premiums?

The same logic applies. If your annual or monthly premium is up to ₹1,00,000, the deduction can be processed without a fresh OTP, provided you've already set up the mandate with your insurer or bank. You still get the mandatory pre-debit alert and can opt out of a specific premium payment if needed — though skipping a premium payment can still lapse your policy, so that's worth being careful about.

 

 

How Does This Affect Your EMIs and Loan Repayments?

This is where people get confused, so it's worth being precise: EMIs above ₹15,000 are not covered by the ₹1 lakh exception. That exception applies only to insurance, SIPs, and credit card bills. If your home loan or car loan EMI is above ₹15,000, it will continue to require OTP authentication every single cycle, exactly as before. Only EMIs at or below ₹15,000 benefit from the no-OTP change.

How Does This Affect OTT Subscriptions and Recurring Bills?

Netflix, Spotify, gym memberships, utility bills — anything under ₹15,000 now runs without repeated OTP prompts once the mandate is set. This is the change most people will actually notice day to day, since these are the payments that used to fail most often due to a missed OTP notification.

What Protections Do You Still Have?

The new framework didn't remove any consumer protections — if anything, it tightened a few:

  • Mandatory 24-hour pre-debit alert, every time, with the merchant name, amount, date, and reason for the debit.
  • Opt-out facility on every alert — you can block a single transaction without cancelling the entire mandate.
  • Mandatory post-debit confirmation after every successful payment is now required to include grievance redressal details.
  • Zero-liability protection for unauthorised transactions applies to e-mandate debits too, provided you report them promptly.
  • No charges — banks and payment apps cannot charge you for using the e-mandate facility.
  • Free cancellation anytime, with OTP-based confirmation so no one else can cancel your mandate without your consent.

Does This Apply to UPI Autopay Too, or Just Cards?

Yes. This is a genuinely unified rule — it applies equally across cards, UPI, and prepaid payment instruments (PPIs). Whether your SIP mandate runs through a bank's NACH system, a card, or a UPI Autopay app, the same ₹15,000 / ₹1,00,000 limits and the same 24-hour alert rule apply. There's no separate, weaker, or stronger version depending on which payment rail you use.

What Should You Do Right Now?

  1. Nothing is required from you immediately — existing mandates continue to work; you don't need to re-register anything just because of this update.
  2. Check your notification settings — make sure your registered mobile number and email are current, since pre-debit alerts are your main window to catch or stop an unwanted debit.
  3. Review your active mandates periodically — most banking apps now show a dashboard of all your registered e-mandates; check that you don't have SIPs or subscriptions still running that you meant to cancel.
  4. Know your opt-out rights — you can block a single instalment without killing the whole SIP or subscription, useful if you're short on funds for one particular month.
  5. If an unauthorised debit happens, report it to your bank immediately — the zero-liability protection applies from the point of reporting, so speed matters.

 

 

Conclusion

RBI's 2026 e-mandate framework doesn't change what you pay — it changes how much friction there is in getting it paid on time. Recurring payments under ₹15,000 and SIPs/insurance/credit card bills under ₹1,00,000 will now go through more smoothly without OTP failures interrupting them. Your protections — the 24-hour alert, opt-out facility, and zero-liability cover — remain fully intact. The one thing worth double-checking: if you have loan EMIs above ₹15,000, don't expect this rule to remove your OTP step — that one still applies exactly as before.

Source: Reserve Bank of India, Circular No. RBI/DPSS/2026-27/396

DISCLAIMER: This blog is NOT any buy or sell recommendation. No investment or trading advice is given. The content is only for educational purposes. Always discuss with your SEBI-registered financial advisor for investment-related decisions.



Author

Dr Mukul Agrawal - Stock Market Expert

Founder & Market Analyst, Finowings

Dr. Mukul Agrawal is the Founder of Finowings and a stock market mentor, trader, and investor with over 20 years of real market experience. He is a Guinness World Record holder and has trained thousands of investors in stock market strategies, IPO analysis, and wealth creation.

He specializes in IPO research, fundamental analysis, and helping beginners understand how to invest safely in the stock market. Dr. Agrawal has also authored multiple books on investing and regularly shares insights on IPOs, market trends, and long-term wealth building.


Frequently Asked Questions

+
In 2026, RBI consolidated all e-mandate circulars into the "Digital Payments – E-mandate Framework, 2026." It raises the no-OTP limit for recurring payments to ₹15,000 generally, and to ₹1,00,000 specifically for SIPs, insurance premiums, and credit card bills.
+
The earlier limit was ₹5,000 for general recurring payments, introduced back in 2021, with a separate ₹1,00,000 exception for insurance, SIPs, and credit card bills added in 2024. The 2026 update consolidates and retains these limits under one unified rulebook.
+
No. Existing, validly registered mandates continue to operate under the new framework without any re-registration needed.
+
Yes, always. The very first transaction under any e-mandate requires OTP authentication, regardless of the amount, even if it falls under the higher ₹1,00,000 exception category.
+
No. The ₹1,00,000 exception applies only to insurance premiums, mutual fund subscriptions, and credit card bill payments. Loan EMIs above ₹15,000 still require OTP every cycle.
+
Yes. Regardless of the amount or category, you must receive a notification at least 24 hours before every debit, along with a facility to opt out of that specific payment.
+
That particular transaction is blocked. Your mandate itself stays active for future cycles unless you separately cancel it — so opting out of one month doesn't cancel your SIP or policy.
+
It covers both, along with prepaid payment instruments. The same limits and protections apply uniformly whether your mandate runs through a card, UPI, or a bank's NACH system.
+
FASTag and National Common Mobility Card (NCMC) auto-replenishments are specifically excluded from the pre-transaction notification requirement, since they're small, frequent top-ups.
+
No. RBI explicitly prohibits any charge from being levied on the customer for using the e-mandate facility for recurring transactions.


Liked What You Just Read? Share this Post:




Any Question or Suggestion

Post your Thoughts

Your email address will not be published. Required fields are marked *


Trending

Related Blogs

Click here for a Chance to Learn Free Technical Analysis
Subscribe on
YouTube
Follow us on
Instagram
Follow Us on
X
Like Us on
Facebook