In a significant stride toward fortifying India’s digital banking ecosystem, the Reserve Bank of India (RBI) has released the Draft Digital Banking Channels Authorisation Directions, 2025. This regulatory overhaul aims to streamline and standardize digital banking operations across all authorized banks in India, including commercial and cooperative banks. The draft directions reflect RBI’s commitment to balancing innovation with risk management, particularly in an era where digital finance is rapidly becoming the norm.
Key Objectives of the Draft Directions
At its core, the new directions aim to enhance security, compliance, and customer convenience in digital banking. The draft focuses on defining clear eligibility norms, strengthening governance frameworks, and ensuring inclusive access to banking through digital platforms like mobile and internet banking.
By laying down a structured authorization process, the RBI intends to ensure that only technologically and financially prepared banks offer digital services, thereby mitigating systemic risks associated with cyber threats and operational failures.
View Only vs. Transactional Banking Facilities
The directions differentiate between two core types of digital banking services:
View Only Facilities: These allow customers to check balances, download statements, and access other non-transactional services. All banks with Core Banking Solutions (CBS) and IPv6-capable infrastructure can offer these without prior RBI approval, though a Gap Assessment and Internal Controls Adequacy (GAICA) report must be submitted post-launch.
Transactional Facilities: These involve fund transfers and other services that impact customer accounts. Banks must obtain prior RBI approval and meet stricter eligibility criteria, including minimum net worth thresholds, cyber security audits, and proof of adequate technical and financial readiness.
Strengthened Technology and Risk Standards
One of the standout aspects of the draft is its emphasis on technological robustness and cyber resilience. The guidelines incorporate a series of already issued circulars—ranging from cyber fraud risk management to outsourcing of IT services—and expand their applicability to a wider set of banks, including Local Area Banks (LABs), Regional Rural Banks (RRBs), and Co-operative Banks.
Banks are also required to adopt risk-based transaction monitoring, ensure network-independent mobile banking, and implement clear customer consent protocols. These measures are particularly important to protect consumers against fraud and ensure accessibility across demographics and network limitations.
Customer-Centric Provisions
The Directions put a strong emphasis on customer protection and transparency. Explicit consent is mandated for digital services, and banks must provide terms in multiple languages, simplify registration processes, and ensure non-coercive enrollment. Crucially, banks are barred from making digital banking a precondition for availing other services, safeguarding the rights of customers who prefer offline banking.
Transition from Legacy Guidelines
With the final issuance of these directions, sixteen legacy circulars on internet and mobile banking—dating back to 2001—will be repealed. This streamlining marks a new chapter of regulatory clarity and consistency in India’s digital banking framework.