The RBI's new Digital Fraud Compensation Framework (effective January 2027) guarantees up to ₹25,000 reimbursement for victims of small-value online scams. Mandating a 5-day reporting window, the framework utilizes a unique RBI-bank cost-sharing model to foster accountability and secure India's digital economy.
Why In News?
The Reserve Bank of India (RBI) announced Amendment Directions creating a funded compensation system for small-value digital fraud victims.
What is the RBI Digital Fraud Compensation Framework?
The framework defines customer liability limits and activates an inter-bank funding mechanism to reimburse victims of unauthorized electronic transactions, including social engineering scams.
The new policy replaces the outdated 2017 circular, which previously failed to protect victims of modern deception-based attacks.
Objectives: The policy protects consumers from cyber deception, builds trust in the cashless economy, ensures prompt grievance redressal, and forces banks to upgrade fraud analytics.
Key Features
Zero Liability: Banks bear 100% liability if fraud results from bank negligence or third-party breaches reported within 5 calendar days.
Limited Liability: For losses up to ₹50,000 due to customer negligence, victims receive a one-time compensation of 85% of the net loss or ₹25,000, whichever is lower.
Reporting Mandate: Customers must report incidents to their bank and the National Cyber Crime Reporting Portal (1930) within 5 calendar days.
Expanded Scope: The rules apply to 7 Regulated Entity categories, including Local Area Banks and Payments Banks, and explicitly cover sole proprietors.
Resolution Timelines: Banks must resolve domestic complaints within 45 days and cross-border complaints within 60 days.
Cost-Sharing Model: The RBI funds 65% of the compensation via the Depositor Education and Awareness (DEA) Fund, while the victim’s bank and the beneficiary bank split the remainder.
Shadow Reversal: Banks must issue a provisional credit for credit card fraud within 5 days to prevent interest accumulation.
Burden of Proof: Banks carry the absolute burden of proving customer negligence through explicit evidence like SMS/OTP logs.
Significance
Consumer Confidence: Reassures users against OTP-sharing and social engineering scams.
Digital Growth: Reduces friction in the Unified Payments Interface (UPI) ecosystem.
Financial Inclusion: Protects vulnerable demographics and sole proprietors from catastrophic capital loss.
Systemic Accountability: Forces beneficiary banks to enforce strict KYC (Know Your Customer) norms to eliminate mule accounts.
Challenges
Cybercrime Evolution: Transnational syndicates utilize coercive cyber-trafficking and AI-enabled deepfakes to bypass security.
Digital Literacy Gaps: Only 21.9% of rural households possess computer literacy compared to 43.6% in urban areas, creating a high-risk target base.
Reporting Barriers: The 5-day window creates structural difficulties for elderly or digitally isolated victims.
Government Initiatives
Integrated Ombudsman Scheme (IOS) 2026: Expands adjudicatory powers and raises mental anguish compensation to ₹3 lakh.
MuleHunter.AI: Deploys AI/ML across 26 banks to eradicate suspicious money mule networks.
Indian Digital Payment Intelligence Corporation (IDPIC): Leverages Big Data and AI for real-time fraud mitigation.
Grassroots Awareness: Operates Centres for Financial Literacy (CFL) to scale digital safety education.
Way Forward
System Upgrades: Banks must transition to API-driven, real-time anomaly detection.
Mass Awareness: Scale initiatives like "RBI Kehta Hai" and "Saa₹thi".
AI Monitoring: Mandate AI network analytics to map and freeze interconnected fraudster ecosystems.
Policy Flexibility: Grant grace periods for the 5-day reporting mandate to senior citizens.
Global Cooperation: Enhance bilateral intelligence to recover funds lost to offshore cyber-slavery networks.
Conclusion
The RBI’s Digital Fraud Compensation Framework constructs a vital safety net for the public. By shifting systemic accountability to banks and leveraging AI-driven oversight, the policy ensures a more resilient, secure, and inclusive digital financial future.
Source: INDIANEXPRESS
|
PRACTICE QUESTION Q. With reference to the RBI's newly introduced framework on 'Fraudulent Electronic Banking Transactions', consider the following statements: 1. It guarantees a maximum compensation of ₹50,000 for small-value frauds caused by customer negligence. 2. The financial burden of the compensation is shared entirely between the customer's bank and the beneficiary bank. 3. Customers must report the fraud to their bank and the National Cyber Crime Reporting Portal within 5 calendar days to be eligible for compensation. Which of the statements given above is/are correct? A) 1 and 2 only B) 3 only C) 2 and 3 only D) 1, 2, and 3 Answer: B Explanation: Statement 1 is incorrect: The framework does not guarantee a maximum compensation of ₹50,000. For small-value digital frauds where the gross loss is up to ₹50,000, a bona fide victim is eligible for a maximum compensation of 85% of the net loss or ₹25,000, whichever is lower. It is a one-time benefit provided once during an account holder's lifetime. Statement 2 is incorrect: The financial burden is not shared entirely between the customer's bank and the beneficiary bank. Under the newly introduced multi-tier sharing mechanism, the RBI bears the largest share of the compensation amount (ranging between 65% and 76.5%), while the customer's bank and the beneficiary bank contribute the remaining smaller fractions (around 10% to 12% each for domestic frauds). Statement 3 is correct: To qualify for the compensation mechanism under this framework, the customer must mandatorily report the fraudulent transaction to both their respective bank and the National Cyber Crime Reporting Portal (or the Cyber Crime Helpline 1930) within 5 calendar days of its occurrence. Claims registered outside this 5-day window are ineligible for compensation. |
Yes, the Reserve Bank of India finalized its updated Master Directions on Customer Protection on June 23, 2026—taking effect on January 1, 2027—which legally recognise psychological duress or manipulation as valid fraud grounds and introduce a once-in-a-lifetime 85% reimbursement (up to ₹25,000) for small-value frauds up to ₹50,000.
Zero liability means a customer faces no financial loss whatsoever for unauthorized transactions when the fraud stems from a bank-attributable security lapse, or when a third-party system breach occurs and the customer reports it to the bank within five calendar days.
Customers must immediately report the fraud to their respective bank's official helpline or app, and simultaneously file a formal cybercrime complaint via the National Cyber Crime Helpline (1930) or the official national cybercrime portal within the mandatory five-day reporting window to preserve their compensation rights.
The RBI acts as the apex financial regulator that mandates strict Multi-Factor Authentication (MFA) across all payment channels, sets legally binding resolution timelines (like forcing a 45-day final settlement limit on banks), and shifts the complete burden of proving customer negligence entirely onto the banking institution.
© 2026 iasgyan. All right reserved