Towards An RBI Ad Code? RBI Releases Draft Amendments On Advertising, Marketing And Sales Of Financial Products And Services

Introduction

On 11 February 2026, the Reserve Bank of India (RBI) released draft amendments (Draft Amendments) to the RBI (Undertaking of Financial Services) Directions, 2025 (Financial Services Directions) and the RBI (Responsible Business Conduct) Directions, 2025 (Business Conduct Directions) for various RBI-regulated entities (REs).

The Draft Amendments seek to ensure that third-party financial products and services (TPPS) marketed by REs are commensurate with the needs and risk appetite of customers. This move is widely seen as a direct regulatory response to rising instances of customer complaints regarding aggressive cross-selling and mis-selling of financial products, particularly the targeting of vulnerable customers with unsuitable insurance and investment schemes.

Agency / Referral Activities by Banks and NBFCs

At present, banks and NBFCs are permitted to market the sale of TPPS through the 'agency' model or the 'referral' model. 'Agency' has been defined as an arrangement where the RE "facilitates" the sale of TPPS (through not only marketing or sales but also by acting as the initial point of contact for grievance redressal and after-sale services). On the other hand, 'referral' refers to an arrangement where the RE merely 'makes available information' about the TPPS, without any involvement in the processes of the TPPS or integrating the TPPS with its own platform or premises (except for link-redirection).

1. Clarity on scope of agency business by banks. Banks are permitted to display only such TPPS on their digital banking channels as permitted under the Financial Services Directions. Under the Financial Services Directions, banks or their group entities may undertake agency business for the bank's customers, only for such 'regulated financial products or services' that banks are permitted to deal in under the Banking Regulation Act, 1949. The Draft Amendments clarify that this refers to products and services regulated by financial sector regulators such as the RBI, Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority of India (IRDAI), and Pension Fund Regulatory and Development Authority (PFRDA).
2. Proposed limitations on referral services by banks.
   1. Referral services restricted to regulated products. While the Financial Services Directions permit banks to undertake referral services for "financial products other than insurance", the Draft Amendments seek to limit this to "regulated financial products and services" in line with the permissible TPPS under agency business. Further, it has been clarified that banks cannot be involved in distribution or grievance redressal as a part of referral services.
   2. Compliances by banks in case of referral arrangements. Under the Draft Amendments, banks are required to undertake due diligence of TPPSPs prior to entering into referral arrangements, publish the list of TPPSs under referral arrangement on their digital banking channels and only collect a one-time fee from TPPSPs at the touchpoint of referral of customers (and no other fee / commission), regardless of actual conversion of such customers.

3. Agency / referral business by NBFCs. Unlike in the case of banks, the Financial Services Directions for NBFCs and the Draft Amendments thereto are silent on the scope and permissibility of agency / referral business that may be undertaken by NBFCs (apart from insurance agency / broking business, described below).
4. Insurance agency / broking. While banks are permitted to act as insurance agents / brokers under the extant Financial Services Directions, they are required to implement a Board-approved policy encompassing the model of distribution, suitability and grievance redressal (now proposed to be subsumed under the overall policy on advertising described in paragraph 3(a) below). Similarly, the Board-approved policy pertaining to mutual fund distribution in case of NBFCs has been proposed to be subsumed under the overall policy on advertising. Further, while NBFCs were required to obtain IRDAI permission and comply with IRDAI regulations applicable to 'composite corporate agents' in order to take up insurance agency business, it has now been clarified that NBFCs may take up insurance distribution business either under the corporate agency or the broking model with IRDAI permission and compliance with relevant IRDAI regulations.

Comments

1. As there is no specific proscription against the display of TPPS on NBFCs' channels (unlike in the case of banks) or limitation on the nature of TPPS (regulated / unregulated) for which NBFCs may act as agents or referrers, NBFCs may be permitted to continue providing agency and referral services for unregulated financial products and services as well.
2. Notably, the policy on advertising proposed under the Draft Amendments seek to subsume the present Board-approved policy requirement for distribution of insurance products and mutual funds. The Draft Amendments do not explicitly require the advertising policy to be board-approved. Hence, this creates ambiguity as to whether the proposed overarching advertisement policy should also be approved by the board and reviewed periodically.
3. Further, the Draft Amendments propose to permit NBFCs (other than Housing Finance Companies as well) to undertake insurance broking activities (apart from the already-permitted insurance agency activities). However, the extant IRDAI (Insurance Broker) Regulations 2018 mandates that the insurance broker should not be engaged in any other business activity apart from insurance broking. Presently, banks are permitted to undertake insurance broking business only through a separate subsidiary / joint venture / department. However, the Draft Amendments permitting NBFCs to undertake insurance broking business does not provide any stipulations on undertaking such business departmentally or through a separate group entity. Therefore, there appears to be a conflict between the proposed allowance by RBI for NBFCs to conduct insurance broking business, and the restriction on undertaking any other business by brokers as prescribed by IRDAI. Further clarity on this is expected from the RBI in the final amendments.

Instructions on Advertising, Marketing and Sales of Financial Products and Services

While earlier, some of the compliances for advertising, marketing and sale of TPPS (such as ensuring that customers avail of TPPS voluntarily and without any linkage to the RE's products) were already present in the Financial Services Directions with respect to insurance products offered, such compliances have been made more elaborate and applicable to all financial products and services.

1. Mandatory policy for advertising, marketing and sales of financial products / services. The Draft Amendments propose that REs must adopt a comprehensive policy for advertising, marketing and sales of financial products / services of their own as well as TPPS. This policy must cover aspects such as criteria for determining suitability of customers and customer compensation in case of mis-selling.
2. Prohibition on mis-selling. Under the Draft Amendments, REs have been prohibited from mis-selling of financial products / services, including ensuring that its internal policies / procedures do not incentivise mis-selling by its employees or DSAs / DMAs. Apart from selling products without the customer's explicit consent or by giving incomplete information, 'mis-selling' has been defined to include the sale of a product / service which is neither suitable nor appropriate for the customer (even with the customer's consent).
3. Obtention customers' prior consent for offering products. REs will need to ensure that products / services are offered or sold to customers only with their explicit consent, with individual consents taken for different products / services without clubbing. Likewise, commercial communications or alerts may only be sent with the customer's explicit consent. The process flow for obtaining consent must require the user to go through the entire terms and conditions prior to providing the consent. The list of services / communications subscribed to by a customer should be available under a specific link in the customer's page through the RE's digital channels. Further, the ease with which customers can unsubscribe from any kind of services or commercial communication must be comparable to the process of subscribing to those services / communications.
4. Seeking confirmation upon receipt of applications. REs will be required to use separate application forms for the sale of products / services and ensure that all documents (including the terms and conditions) are available in a regional language / language understood by the customer. Upon receipt of application from the customer for any TPPS, the RE must seek confirmation from the customer regarding the application through SMS, email or any other secure medium. Further, the REs must also securely provide the copy of terms and conditions / agreement signed by the customer and employee of the bank upon completion of a sale, either physically or through email as per the customer's preference.
5. Prohibition on bundling. REs will not be permitted to bundle any TPPS with its own products or compulsorily bundle the sale of a requested product / service with another. In case the sale of the RE's product is contingent upon purchase of a TPPS, they must provide the customer with an option to avail such contingent TPPS through other providers. REs shall also not fund the purchase of a product / service by a customer by way of a loan facility, without the explicit consent of the customer.
6. Compliances with regard to of DSAs / DMAs. With respect to DSAs / DMAs, REs are required to ensure certain compliances, including (i) maintaining and displaying an updated list of its DSAs / DMA on its website, (ii) incorporating eligibility criteria, evaluation, and penal action (in case of non-compliance) for DSAs / DMAs in its abovementioned policy, (iii) ensuring DSAs / DMAs possess qualifications prescribed by sectoral regulators, (iv) implementing codes of conduct and (v) ensuring distinguishability from the RE's own employees.
7. Obligations pertaining to advertising / promotional materials and communications. REs shall not advertise / market any TPPS as its own and shall clarify its role while marketing TPPS. All advertising materials shall be factual and disclose the interest rate and applicable fees / charges, with terms and conditions being available on the RE's digital channels. REs will also be required to comply with the Telecom Commercial Communications Customer Preference Regulations, 2018 and applicable regulations issued by the Telecom Regulatory Authority of India (TRAI).
8. Prohibition of dark patterns. In line with the 'Guidelines for Prevention and Regulation of Dark Patterns, 2023' issued by the Central Consumer Protection Authority (Dark Pattern Guidelines), REs will have to ensure their user interfaces do not deploy any dark patterns, like (a) false urgency (falsely implying a scarcity to induce immediate purchase); (b) basket sneaking (bundling of additional products / services at the time of checkout of a primary product / service without customer's consent); (c) forced action (requiring customer to buy additional products / services or share personal information in order to buy the product / service originally intended for purchase); (d) interface interference (manipulative design elements on the user interface); (e) nagging (repeated or persistent push for sale). etc
9. Customer feedback mechanism by banks. Banks will be required to establish a mechanism to avail customer feedback within a period of 30 days from the sale of the product / service to ensure that customers have understood the features and risks of such product. Such feedback may be collected from customers selected on a random basis. A report on the findings of the feedback must be prepared on a half-yearly basis.
10. Customer compensation mechanism by banks. Banks must provide a facility for customers to lodge complaints regarding mis-selling of products / services within the timeline specified by relevant financial sector regulators (or 30 days of customers receiving the signed copy of the terms and conditions, if no duration has been specified). Once mis-selling has been established, the bank must refund the entire purchase amount to the customer, along with compensating the customer for any loss arising due to mis-selling.

Comments

1. This Proposed Amendments aim to strip away the 'consent' defence for mis-selling of products or services to customers who may have not fully appreciated the terms of the consent request presented in complex jargons. RBI is proposing a negative obligation on the REs to not push to sell / distribute a financial product to a customer, unless in their assessment the customers are suitable for such product / service based on its features, time horizon, fee structure, and risk-return attributes and the customer's age, income, financial literacy, risk tolerance, etc.
2. Itisalso pertinent to note that the standard of 'explicit consent' under the Draft Amendments (beingspecific,informed,andunambiguous, and given by a clear affirmative action) is in close alignment with the consent framework under the Digital Personal Data Protection Act 2023 (DPDP Act). Similarly, the obligation to ensure comparable ease of unsubscribing to any services / communications as that of subscribing is also analogues to the obligation regarding providing the facility to withdraw consents under DPDP Act. These indicate a broader regulatory convergence, requiring REs to ensure that their consent gathering mechanisms are compliant across both financial and data privacy regulations. While the data fiduciary related obligations under DPDP Act is slated to come into effect only by May 2027, once the Draft Amendments are notified and brought into effect, REs will be required to conduct a thorough audit of their digital interfaces to redesign any user journeys that could be interpreted as manipulative / inadequate consent artefact. This would therefore require the REs to adopt a more proactive compliance posture, ahead of the implementation of the DPDP Act.
3. The review and revamping of user journeys on the website / mobile applications would also need to incorporate a thorough assessment of dark patterns on the platform. While such dark patterns were already prohibited under the Dark Pattern Guidelines, the inclusion of this prohibition through the Draft Amendments provides an additional recourse to the RBI for customers, in addition to the existing consumer protection authorities.
4. The prohibition on REs funding the purchase of a product / service distributed by them, without explicit consent of the customer, would have a significant impact on bundling models such as insurance premium financing for loan-linked insurance, embedded finance for bundled products / services, etc.
5. Under the extant Financial Services Directions, banks had already been required to implement a grievance redressal mechanism and Board-approved customer compensation policy in case of insurance products offered under agency / broking. This has now been expanded to all financial TPPS. While both banks and NBFCs are required to cover customer compensation for mis-selling in their policy, no mention has been made regarding an active obligation of NBFCs to provide avenue for customer complaints and providing customer compensation in case of mis-selling within a prescribed timeline (unlike the explicit obligation imposed upon banks). However, NBFCs may in future be required to adopt a similar timeline and mechanism as prescribed for banks through their internal policies.
6. REs must also reassess their commission models for outsourced agents (DSAs / DMAs) to ensure that such structures do not create financial incentives for such agents to mis-sell products / services to avail of higher commissions. The RBI has also specifically cautioned against practices such as organising high-pressure sales competitions or designating specific days for targeted product selling. Targeting of customers for loans or other financial products around festive seasons or month-ends may be viewed adversely as per this stipulation.
7. Notably, while REs are permitted to seek confirmation on the application for purchase of a TPPS through SMS / email or any other secure medium, the Draft Amendments specifically require the concluded signed agreement / terms to be delivered only either physically or through email. This suggests that the RBI expects the signed documents to flow directly to the customer, and REs must not merely send a link to the RE's website or provide an in-app notification for customers to access such documents.

Concluding Remarks

In recent years, several financial sector regulators have turned their attention to advertising / marketing of financial products, especially in the digital sphere. The distribution of TPPS by stockbrokers had been brought within the regulatory purview of the stock exchanges in June 2025, requiring such products to be regulated and compliant with data segregation and confidentiality obligations. The Draft Amendments constitute the RBI's attempt to similarly regulate the marketing of financial services / products by banks and NBFCs by building on extant regulations on marketing, including the Dark Pattern Guidelines.

The proposed amendments would inevitably increase certain compliance burdens on REs, including heightened maintenance of logs of consents and suitability assessment, DSA / DMA training records, and structuring compliant user flows on the app / website. Further, REs may need to revisit their existing contracts with TPPSPS and DSAs / DMAs to ensure that the permitted activities and related operating guidelines in the agreements align with the updated mandates.

While the Draft Amendments prescribe stringent consent requirements for applications for sale of TPPS and for commercial communications, they remain silent on retrospective applicability of such consent requirements. REs may need to obtain fresh consents in the newly prescribed manner and standard to continue provision of the relevant services / commercial communications.

The Draft Amendments (once notified) are proposed to come into effect from 1 July 2026. The RBI has sought public comments / feedback on the Draft Amendments, which can be submitted until 4 March 2026. Banks and NBFCs should consider the implementation of the aforementioned policies and procedures (and review / modification of their current policies and arrangements), to ensure compliance with the proposed Draft Amendments.

The content of this document does not necessarily reflect the views / position of Khaitan & Co but remain solely those of the author(s). For any further queries or follow up, please contact Khaitan & Co at editors@khaitanco.com.

The content of this document does not necessarily reflect the views / position of Khaitan & Co but remain solely those of the author(s). For any further queries or follow up, please contact Khaitan & Co at editors@khaitanco.com.