Copyright infringement not intended

Picture Courtesy: The Hindu

Context:

The Reserve Bank of India (RBI) has proposed a new customer protection framework to compensate individuals for small-value digital fraud losses up to ₹25,000. The draft guidelines will soon be released for public consultation as part of broader reforms to strengthen digital payment security and consumer protection.

RBI’s measures for safer and responsible banking services:

• Compensation framework for small-value digital fraud: The Reserve Bank of India has proposed a new framework under which customers will be compensated up to ₹25,000 for losses arising from small-value unauthorised or fraudulent digital transactions, with detailed draft guidelines to be released soon for public consultation.
• Revision of customer liability norms: In view of the rapid expansion of digital banking and payment systems since the issuance of the 2017 directions, the RBI has decided to review and update the existing framework on zero and limited customer liability in unauthorised electronic transactions to better address emerging fraud risks and technological changes.
• Measures to enhance digital payment security: To further strengthen the safety of the digital payments’ ecosystem, the central bank will issue a discussion paper proposing measures such as lagged credit mechanisms and additional authentication requirements, particularly for vulnerable user groups like senior citizens and high-risk customers.
• Guidelines to prevent mis-selling of financial products: Recognising the adverse impact of inappropriate sales practices, the RBI will introduce comprehensive instructions on advertising, marketing, and sale of financial products, ensuring that third-party products offered by regulated entities are suitable for customers’ financial needs and aligned with their risk appetite.
• Harmonisation of loan recovery practices: As different categories of regulated entities currently follow varied norms for engaging recovery agents, the RBI has decided to review and harmonise conduct-related guidelines to promote ethical recovery practices and protect borrowers from coercive or unfair methods.
• Mission SAKSHAM for Urban Cooperative Banks: To strengthen the operational resilience and professional capacity of the cooperative banking sector, the RBI will launch Mission SAKSHAM, a sector-wide capacity-building and certification initiative aimed at training nearly 1.4 lakh personnel through physical programmes and digital learning platforms in regional languages.

Importance of RBI’s proposed customer protection measures:

• Strengthening trust in digital payments: By proposing compensation of up to ₹25,000 for small-value frauds, the Reserve Bank of India aims to enhance customer confidence in digital transactions, which is crucial for sustaining the rapid growth of platforms such as UPI, mobile banking, and card-based payments.
• Promoting financial inclusion: Greater protection against fraud encourages first-time users, senior citizens, and rural customers to adopt digital financial services without fear of financial loss, thereby supporting the broader goal of inclusive digitalisation.
• Enhancing consumer protection framework: The updated liability norms, safeguards against mis-selling, and regulation of recovery practices collectively strengthen the rights and protection of financial consumers, making the banking system more customer-centric.
• Addressing emerging cyber and digital risks: With increasing cases of phishing, social engineering, and app-based scams, the proposed measures such as additional authentication and risk-based safeguards help the financial system adapt to evolving cyber threats.
• Improving institutional accountability: Compensation mechanisms and harmonised conduct guidelines will push banks and regulated entities to invest in stronger fraud detection, grievance redressal, and ethical business practices, thereby improving overall governance standards.

Concerns associated with RBI’s proposed fraud compensation framework:

• Fiscal burden on banks and payment operators: The proposed compensation of up to ₹25,000 per case by the Reserve Bank of India could create a recurring financial liability for banks, especially public sector banks and smaller cooperative banks that already face thin margins, rising fraud incidence, and high customer volumes in low-value UPI transactions.
• Incentive distortion in the UPI dominated ecosystem: Since a large share of digital fraud in India now occurs through instant, irrevocable UPI transfers, guaranteed compensation may shift behavioural incentives, leading customers to rely on post-fraud relief rather than exercising caution against social engineering scams and authorised push payment frauds.
• Difficulty in determining “Customer Negligence”: A major operational challenge lies in distinguishing between system failure, third-party breach, and customer-induced fraud (such as sharing OTPs or clicking phishing links), which could lead to disputes, delays in settlement, and increased litigation or complaints before the Banking Ombudsman.
• Risk of coordinated or synthetic fraud claims: Fraudsters may exploit the threshold by designing repeated small-value attacks (below ₹25,000) or collusive claims, thereby increasing the frequency of compensation payouts and placing pressure on fraud monitoring and forensic systems.
• Technology readiness gap across institutions: While large banks have AI-based fraud detection, many Urban Cooperative Banks and smaller regulated entities lack real-time monitoring infrastructure, creating uneven implementation capacity and exposing weaker institutions to disproportionate losses.
• Trade - off between security and user experience: Proposals such as lagged credits and additional authentication for specific users could undermine the core value proposition of India’s instant payment architecture, potentially affecting merchant liquidity and user adoption if transaction friction increases.

Institutional reforms for fraud detection and removal:

• The National Payments Corporation of India (NPCI) has built systemic protections within the UPI ecosystem, such as transaction limits, device binding, real-time risk monitoring, and cooling periods for new payees, to reduce the risk of instant fund diversion in fraud cases.
• To enable rapid intervention in financial cyber fraud, the government has operationalised the 1930 helpline and integrated it with the Indian Cyber Crime Coordination Centre (I4C) and the National Cyber Crime Reporting Portal, allowing timely reporting, inter-bank coordination, and immediate freezing of suspected fraudulent transactions.
• To curb fraud, coercion, and data misuse by unregulated platforms, the RBI’s Digital Lending Guidelines (2022) mandate that all loan disbursals and repayments occur directly between the borrower and regulated entities’ bank accounts, while ensuring transparency, consent-based data collection, and grievance redressal mechanisms.

Key measures for strengthening the future digital finance architecture:

• Strengthening real-time fraud prevention: As digital transactions grow rapidly, the Reserve Bank of India needs to shift the policy focus from post-fraud compensation to real-time prevention, which can be achieved through AI-based behavioural analytics, dynamic risk scoring, and system-generated alerts for unusual transaction patterns or sudden changes in customer activity.
• Introducing risk-based transaction friction: Given the instant and irreversible nature of UPI and other digital payments, a risk-based cooling period for first-time or high-risk beneficiary transfers, along with temporary reversibility windows in suspicious cases, would help prevent immediate fund diversion while preserving the efficiency of routine transactions.
• Creating a centralised mule account intelligence system: Since organised fraud networks depend on rapid rotation of mule accounts, establishing a national registry of suspected mule accounts, coordinated with the Indian Cyber Crime Coordination Centre, would enable system-wide blocking across banks and payment platforms, thereby reducing repeat fraud.
• Ensuring clear liability and time-bound resolution: To avoid operational delays and disputes, the revised framework should provide clear liability determination standards and fixed timelines for compensation and grievance redressal, supported by a simplified digital claims process to enhance customer trust.
• Adopting a differential customer protection model: As fraud vulnerability varies across user groups, banks should implement additional safeguards for high-risk segments such as senior citizens, first-time digital users, and customers in high-incidence regions, including transaction caps, voice confirmations, and assisted banking options.
• Strengthening telecom - financial sector coordination: Since a large proportion of fraud originates through spoofed calls, phishing links, and SIM swaps, closer coordination between financial regulators and telecom authorities is essential for real-time SIM swap alerts, fraud-number blacklisting, and stricter control over bulk messaging channels.

Conclusion:

The RBI’s proposal to compensate fraud losses up to ₹25,000 marks a major step toward strengthening trust in India’s digital financial ecosystem. Along with reforms on mis-selling, recovery practices, and capacity building, it reflects a broader push for a safer, inclusive, and customer-centric banking system.

Source: The Hindu