You are currently viewing Understanding Payment Aggregator License in India

Understanding Payment Aggregator License in India


Last Updated on February 6, 2024 by Kanakkupillai

Payment Aggregators are service providers that help e-commerce retailers receive payments. They are known as payment aggregators. This Aggregator allows merchants to accept direct bank transfers and credit card payments without holding a merchant bank.

As per RBI guidelines, payment aggregators help merchants accept various payment methods to satisfy their obligations. Merchants don’t need to have their integrated system. PAs allow merchants to interact with acquirers. They receive the payments, pool them and send the funds to merchants.

An intermediary, a Merchant Aggregator, allows businesses to accept payments electronically without needing a separate account with every credit card company or bank. This is an efficient and easy way for businesses, especially small to mid-sized businesses, to handle transactions in the fast-evolving digital marketplace.

Capital Requirements for Payment Aggregators Licence

A capital requirement is the minimum amount to be set aside for a business’s safe and effective operation. These capital requirements ensure the company can absorb losses, pay its obligations, and maintain stable operations. Financial regulators typically define the payment aggregator’s requirements.

The main goal of capital requirements is to protect the financial stability and health of payment aggregators. Payment aggregators must have enough financial resources to manage risks, absorb loss, and provide uninterrupted service. Capital requirements also instil confidence in customers and merchants, assuring them of the reliability and resilience of payment aggregators.

Specific capital requirements differ by jurisdiction. In India, payment aggregators must hold a net worth of INR 15 crore when they apply for their license. This amount must reach INR 25 million within three years. Moreover, the net worth of INR25 crore must continue to be maintained.

The net worth is designed as per the previous audited balance sheet. Then, it must be maintained as per the guidelines delivered in the RBI’s Guidelines on Regulation of Payment Aggregators and Payment Gateways (DPSS.CO.PD No.1164/02.14.008/2019-20).

Requirement Details
Minimum Net Worth at the time of application An amount of Rs. 15 Crores
The minimum Net Worth in 3 Years After Getting a License R 25 Crore
Ongoing Minimum Net Worth Requirement You can earn 25 trillion INR
Basis of Calculation Audited Balance Sheet
Please refer to the Regulation RBI Directive (DPSS.CO.PD No.1164/02.14.008/2019-20)

It’s not just a one-off thing. Payment aggregators need to continue meeting the requirements to remain licensed. Failure to comply can result in fines and even the suspension of your license.

Payment aggregators must monitor their financial situation regularly to ensure compliance with these requirements. They should also make the necessary adjustments to keep capital levels high. They may need to reduce costs, increase funds or optimize operations to meet capital requirements.

License for Payment Aggregators

The net worth of the company must be Rs. Minimum Rs.

Includes in Package

  • DIN and DSC are for Directors
  • Bank Accounts
  • RBI Authorisation and Licensing
  • Monthly and quarterly reporting: Conformance with the requirements

Introduction to Payment Aggregator License

A Payment Aggregator service (also known as Merchant Aggregator) provides mobile payment and e-commerce services.

Payment aggregators act as an intermediary between retailers and customers. Some institutions which act as payment Aggregators include:

  • An online transaction that does not require money.
  • The payment integration system is not a merchant-created product.
  • Acquirers assist with the payment to merchants. They assist by giving merchants customer information.

Payment Aggregators must be certified by the Payment Card Industry Data Security Standard (PCI DSS).

Payment Aggregator License

The information provided below will help you obtain a payment aggregator license.

What does Payment Gateway License License Mean?

You can accept payments via credit card (debit card), UPIs or Net Banking. Paying with credit or debit cards is also possible.

Documents needed to apply for a Payment Accumulator License

Documents required to get an aggregator license include:

  • A representative of the Registrar of Companies issuing a certificate of company formation.
  • Directors must prove their addresses.
  • DSC & DIN of Directors
  • Prove the address of the business
  • Bank details for your business
  • The Five-year Business Plan
  • Report from a Software Agency on Code Testing

Payment Aggregators: Benefits

Among the features offered by merchant aggregators are the following:

  • An online platform connecting consumers and retailers.
  • There are two sides to every coin: the merchants and settlement generation.
  • This is the concluding phase of payment.
  • The strategy is the most cost-effective option for smaller volume transactions.
  • Small businesses can run their business easily with the app
  • Registration is the only thing you must do to process an eCommerce transaction. Registering can increase your team’s talent and give customers more options.
  • Payment aggregators can generally offer low-cost or even no-fee online processors at launch, with minimal upfront costs.

What are the Risks of Payment Aggregation?

There are risks for online payment intermediaries.

  • Organizations need good governance to impact customer satisfaction and trust positively.
  • Two concerns are the lack of uniformity and insufficient redress mechanisms.
  • A sub-merchant can cheat an aggregator.
  • RBI does not regulate payment-aggregation markets. Double regulation could occur as RBI has not issued any regulations.
  • These aggregators handle sensitive customer data. When aggregators do not manage their data properly, data breaches can occur.

Payment Gateway vs. Payment Aggregator

We accept a variety of payment options. Below, we’ll describe these differences.

S. No. Parameter Payment Gateway Payment Aggregator
1. Payment Options Optional Payments and Restricted Payments Pay in several ways
2. Small Business Payment gateways have excessive transaction charges that can be confusing. When offering services to small businesses, payment gateways depend on payment aggregators.
3. Role Intermediary It is a good interface.
4. Digitalization of touchpoints You can choose between a web page, an app or even both. Both online and offline touchpoints.
5. Payment Success Rat Rate Payment portals allow you to make payments in any amount. The payment rate is greater.
6. What is it like to own a small business? Shared ownership of the network includes public or privately-owned banks and both merchants as well as payment aggregates. Fintech Players Owned
7. Permissions Payment and Settlement Systems Act (2007). Payment Aggregators are required to be certified by the Payment Card Industry Data Security Standard.

Basic IT Requirements For Payment Aggregator’s Licence

Here are some IT Security measures Payment Aggregators can implement.

  • Information Security Governance: To determine what risks an organization faces, it is important to conduct a comprehensive study. This includes the IT processes and system.
  • Data Security Standards: Data Security Standards, including PCI DSS (PCI Data Security Standards), PA DSS (Payment Card Industry Data Security Standards), Transport Channel Security Standards(TCS), as well as the latest encryption standards, will be adopted. Standards will be implemented.
  • Merchant onboarding: Onboarding is a comprehensive security assessment that ensures merchants adhere to the basic security controls described here.
  • Reporting Security Incidents: A notification will arrive at the RBI within 2 to 6 hours following a security breach. RBI gets a monthly report on cybersecurity and details of any prevention measures.
  • Cyber security audits & reports: The IT Committee receives quarterly and annual external audit reports from entities.
  • Risk Assessment: From a contractual, business and compliance perspective, the risk assessment should identify potential threats and vulnerabilities and their likely impact on an asset’s confidentiality, integrity, availability and accessibility.
  • Access to the Internet: The program administration must be documented and updated. You can use or ignore the minimum privilege rule, depending on your need.
  • Competency and staff: It is essential to conduct periodic assessments of each IT employee’s IT abilities.

The Cryptographic Requirement

The merchant aggregator should choose encryption algorithms that meet the standards set by international groups or are approved by professional organizations, government agencies and security vendors.

  • Forensic Ready: Other events can include database services, cryptography and logs.
  • Data Sovereignty: Use controls that prevent unauthorized entry.
  • Outsourcing Data Protection: An Outsourcing Agreement should have a clause allowing Payment Aggregators access to the Outsourcing Agreement. When submitting a security report, if deemed necessary by Payment Aggregators.
  • Payment Application Security: PA-DSS will provide guidelines for creating payment applications. Payment Aggregators are essential in evaluating the PCI-DSS compliance status as a share of their merchant onboarding procedure.
  • Security Incident Reporting: Payment Aggregators must agree to notify merchants of cybersecurity incidents.

Payment Aggregator license: Benefits.

Companies that accept this payment method are a diverse group of businesses.

  • B2B (Business to Business)
  • Business-to-Customer (B2C).
  • Software.
  • Services.
  • Agent

Compliance with the license requirements for payment Aggregators

The Payment Aggregators must submit their reports monthly, quarterly or annually.

Annual Report

S.No This article is about Due Date
1. Certificate of CA with Networth and Audited annual report 30 the September
2. Cybersecurity Audit Reports and IS Audit Reports are to include observations and a planned preventive or corrective action. External auditing is required. May 31
3. Certificates with Networth on September 30. Not audited, calculated using self-declaration. on November 31

Quarterly Report

S.No Topic Due Date
1 Escrow certificate by Auditors Next month
2. Escrow Certificates for Debits and credits that must be internally audited The 15th month is after the previous quarter.
3. Auditors’ certificate for nodal accounting in marketplaces
4. Report customer complaints 15 days after the end of each quarter. The that follows the end of each quarter.
5. Cyber Security Audit Report Internally Audited. Due date: 15th month following the end of the quarter. A date that is 15 days after the end of a quarter.

Monthly Report

S.No Topics Due Date
1. Statistic for transactions 7th of next month
2. Reporting fraud Next month’s 7 th
3. Find the root causes and complete analysis of cyber security incidents After the seventh month,

Non-Periodic Reports

S.No More information on this subject is available at
1. A one-time review of technology is advised when there are significant changes.
2. Is it possible to replace the Board of Directors

What penalties are prescribed in the PSS Act 2007, 2007 for Payment Aggregators (Payment Services Act)

The PSS Act of 2006 will penalize those who:

  • Operating Payment Aggregator Systems without Permission.
  • If the Merchant Aggregator fails to meet the conditions of the authorization.
  • Not produced by merchant-aggregator
  • The payment processor makes a false statement.
  • Violations of the Act include disclosure of non-public information and failure to comply with RBI orders.
  • The Reserve Bank can initiate criminal proceedings against anyone who violates rules, regulations, or orders. RBI prescribing.
  • The RBI can also fine violators of certain Acts.


1. Could I become a payment aggregator?

RBI approves payment aggregators. Aggregators can be either nonbanks or banks.

2. What is PA or Payment Aggregator?

The payment provider acts as a middleman between businesses and payment service providers to facilitate mobile payments. With an aggregator, businesses can accept card and bank payments from their clients without needing separate accounts.

3. Do you know what a credit card aggregator is?

The Aggregator is a third party that processes credit card transactions. Aggregators are third parties that process credit card payments.

4. Is PayPal an accumulation of payments?

PayPal acts as a payment aggregator.

5. What exactly is an aggregator?

Aggregators work as mediators for the banks with their customers.

6. Why Do You Need A Payment Aggregator?

You can improve sales for your business by utilizing a payment processing company to accept online payments like credit cards and other forms. This will take less time and effort.

7. Which payment gateways are available?

PayUbizs. Instamojos. PayTMs.

8. Can I start an online payment business in India using?

A payment gateway company must first register in India.

Comply with PCI DSS compliance requirements.

9. How Payment Gateway Works?
  • When customers check out, the payment gateway that you are using offers them a redirection choice.
  • Enter all necessary information before proceeding to the payment website.
  • If you paid the fee for the merchant’s account, a credit will appear on your invoice.
  • The payment gateway mechanically releases the payment in some business days, according to policies.


Kanakkupillai is your reliable partner for every step of your business journey in India. We offer reasonable and expert assistance to ensure legal compliance, covering business registration, tax compliance, accounting and bookkeeping, and intellectual property protection. Let us help you navigate the complex legal and regulatory requirements so you can focus on growing your business. Contact us today to learn more.