Reserve Bank of India Proposes Regulations to Prevent Digital Banking Fraud Starting July 1

Reserve Bank of India Proposes Strengthened Safeguards for Digital Banking Transactions

The Reserve Bank of India (RBI) has released a draft Third Amendment Directions, 2026, under its Responsible Business Conduct framework, with the aim of enhancing customer protection in electronic banking transactions.

Key Provisions

• The draft directions will apply to commercial banks, excluding small finance banks, payments banks, regional rural banks, and local area banks, for transactions carried out on or after July 1, 2026.
• Electronic banking transactions include UPI payments, internet banking, mobile banking, debit/credit card transactions, and ATM transactions.
• The draft directions introduce clearer definitions for authorized and unauthorized transactions, with transactions carried out using authentication methods such as OTP, PIN, card details, or passwords considered authorized.

Read also: Treasury Yields Experience Largest Increase in Two Weeks Following Release of Labor Market Data

Compensation Mechanism for Digital Banking Fraud

The RBI has proposed a compensation mechanism for small digital banking frauds. If an individual customer loses up to Rs 50,000 in a genuine fraudulent electronic transaction, they may receive 85% of the net loss or up to Rs 25,000, whichever is lower, once in their lifetime. To qualify, the fraud must be reported to both the bank and the National Cyber Crime portal or helpline (1930) within five days.

Negligence and Third-Party Breaches

The draft directions also clarify what constitutes negligence on the part of banks and customers. Negligence by a bank may include failing to maintain secure systems, not sending transaction alerts, or failing to provide channels for reporting fraud. Customer negligence could include sharing passwords or OTPs, ignoring bank fraud warnings, or downloading malicious applications. The RBI has also defined third-party breaches, where the problem arises from intermediaries such as payment gateways, telecom service providers, or third-party application providers.

Read also: US-Iran Tensions Spark Uptick in Oil Prices Amid Global Market Decline

Reporting Requirements

A bank shall advise its customers that on occurrence of any fraudulent electronic banking transaction, they should notify the bank and also lodge a complaint through the National Cyber Crime Reporting Portal or National Cyber Crime Helpline (1930) at the earliest.