Paytm Payments Services has been granted “in-principle” authorisation from the Reserve Bank of India (RBI) to function as an online payment aggregator, according to a regulatory filing by its parent company, One 97 Communications. This approval lifts a previous restriction, which was imposed on November 25, 2022, preventing the company from onboarding new merchants.
One 97 Communications stated in its filing that its wholly-owned subsidiary, Paytm Payments Services Limited (PPSL), received the authorisation from the RBI via a letter dated August 12, 2025. According to news agency PTI, the filing further confirmed that this allows PPSL to “operate as an Online Payment Aggregator under the Payment and Settlement Systems Act, 2007”.
The company had initially applied for this licence in March 2020. However, the approval faced delays due to compliance issues related to Foreign Direct Investment (FDI). The clearance from the central bank comes less than two weeks after the Chinese firm, Alibaba Group, sold its entire stake in One97 Communications, exiting the company.
Compliance Mandates and Restrictions
According to the RBI’s communication, PPSL must strictly adhere to the guidelines for payment aggregators and gateways issued in March 2020, along with any later clarifications. The central bank has stressed that the approval applies exclusively to activities covered under its Guidelines on Regulation of Payment Aggregators and Payment Gateways.
Transactions beyond this scope—such as payout operations for merchants—cannot be routed through escrow accounts meant for payment aggregator activities, the RBI clarified.
Cybersecurity Audit Within Six Months
As a condition for the licence, PPSL must complete a comprehensive system audit, including a cybersecurity assessment, within six months of the RBI’s letter. This audit must be conducted by a professional empanelled with CERT-In, a Certified Information Systems Auditor (CISA) registered with ISACA, or one holding a DISA qualification from the Institute of Chartered Accountants of India.
The audit will check compliance with the Master Direction on Cyber Resilience and Digital Payment Security Controls for non-bank payment system operators issued on 30 July 2024, and the RBI’s 6 April 2018 circular on data storage for payment systems. Failure to submit the audit report on time will lead to the automatic lapse of the in-principle approval.
The RBI has also directed PPSL to follow its 4 July 2022 guidelines, which require prior clearance for any change in shareholding, acquisition of control, or transfer of payment system operations for non-bank payment system providers.
Previous Setbacks and Regulatory Scrutiny
PPSL had received the Finance Ministry’s nod on 27 August 2024 to increase its investment in the payments business, enabling it to reapply for the licence. Its first application was turned down in 2022 over non-compliance with foreign direct investment norms outlined in Press Note 3.
One 97 Communications has been facing heightened regulatory oversight in recent years. In January, the RBI barred Paytm Payments Bank from onboarding new customers over concerns regarding compliance with banking norms. The company has also drawn the attention of India’s financial crime investigators.
This regulatory development follows Paytm’s latest quarterly results, which showed a 28% year-on-year growth in revenue from operations—Rs 1,918 crore in Q1 FY26 compared to Rs 1,501 crore in the same period last year. The company posted a net profit of Rs 123 crore in Q1 FY26, marking a turnaround from a net loss of Rs 840 crore in Q1 FY25.
