RBI draft proposes up to ₹25,000 compensation for small digital frauds

RBI's draft rules propose compensation of up to ₹25,000 for digital fraud losses of up to ₹50,000, even in cases of customer negligence, if reported within five days

Bank customers losing up to ₹50,000 in digital frauds may soon get relief, with the Reserve Bank of India (RBI) proposing compensation of up to ₹25,000 as a one-time measure, even if the loss occurred due to the customer’s negligence, provided the complaint is lodged within five days of being defrauded.

 

In draft norms issued on Friday, the regulator said only bona fide victims involving individuals would be compensated by banks within five days of receiving the complaint.

 

The compensation will be shared between the Reserve Bank of India (RBI) and banks, with the central bank bearing the bulk of the payout in the range of 65-76 per cent.

 

 

During the monetary policy press meet last month, RBI Governor Sanjay Malhotra had said the customer will be compensated up to ₹25,000 as a one-time measure, “no question asked”. 

 

The move comes against the backdrop of a rising number of digital fraud cases, with customers increasingly losing hard-earned savings to such incidents. More than two-thirds of fraud cases are of small value, though they account for about 15 per cent of the total fraud value.

 

The draft on limiting customer liability in fraudulent digital transactions proposes that the norms will come into effect from July 1, 2026. 

 

“The digital payments and banking landscape has evolved considerably since the issuance of the existing instructions on limiting customer liability in unauthorised electronic banking transactions in 2017,” the RBI said. The draft makes it mandatory for banks to send instant SMS alerts to customers for all electronic banking transactions of value more than ₹500.

 

Following a review, the central bank said it has decided to issue revised instructions to banks that expand the scope of the existing framework to cover additional categories of fraudulent electronic banking transactions, reduce the time taken by banks to process related complaints, and introduce a compensation mechanism for small-value fraudulent electronic transactions.

 

RBI has invited comments from stakeholders by April 6.

 

The draft said the compensation mechanism will be in force for one year from the effective date of these directions. “This will be reviewed on the basis of the experience gained with an objective of enhancing the share of the banks and reducing/eliminating the share of RBI in the compensation paid to the victims”, the central bank said.

 

The compensation is subject to the loss being established as bona fide, as per the internal processes covered in the bank’s policy, and the victim having reported the fraudulent electronic banking transaction on the National Cyber Crime Reporting Portal or the National Cyber Crime Helpline (1930), and to the bank within five calendar days of its occurrence.

 

According to the guidelines, in cases where the loss amount is less than ₹29,412 and compensation of 85 per cent of the net loss is paid, the RBI will bear 65 per cent of the payout, while the customer’s bank and the beneficiary bank will contribute 10 per cent each.

 

For fraud involving losses of ₹29,412 or more but up to ₹50,000, where the maximum compensation of ₹25,000 is paid, the RBI will contribute ₹19,118, while the customer’s bank and the beneficiary bank will contribute ₹2,941 each. “The bank shall seek reimbursement of the applicable amount from the Reserve Bank on a quarterly basis,” the draft said.

 

The draft directions also provide for adjustments in cases where funds are recovered after compensation has been paid. In such situations, the customer’s bank will be required to recalculate the compensation based on the revised net loss and make any additional payment due to the customer after adjusting for excess compensation already paid, if applicable.

 

The RBI, last month, had said that it may use the Deposit Education and Awareness (DEA) Fund for the compensation that is being proposed, as there is adequate surplus parked in the fund.

 

According to the proposed guidelines, banks will bear the burden of proving customer liability in complaints involving fraudulent electronic banking transactions. They will be required to examine and classify each complaint under the relevant categories of electronic banking transactions as defined in the directions.

 

Customers will be entitled to zero liability and reversal of the transaction in cases where the fraud occurs due to negligence or deficiency on the part of the bank, irrespective of whether the transaction was reported by the customer. Zero liability will also apply in cases of third-party breaches, provided the customer reports the unauthorised transaction to the bank within five calendar days of its occurrence.

 

Additionally, banks will be required to put in place a mechanism for periodic reporting of complaints related to fraudulent electronic banking transactions to their board or a designated committee. Such reports must include the number of cases, the total value involved, and a break-up across different transaction categories, including card-present transactions, card-not-present transactions, internet banking, mobile banking and ATM transactions.

 

The board or its committee will be required to periodically review these complaints, the action taken on them, and the functioning of grievance redressal and compensation mechanisms, and take necessary steps to strengthen systems and procedures, the RBI said.