As digital payments continue to grow rapidly in India, incidents of online financial fraud are also increasing. To strengthen consumer protection and build greater trust in digital transactions, the Reserve Bank of India (RBI) has proposed new rules aimed at safeguarding bank customers from digital banking fraud.
According to the proposed framework, customers who lose money due to digital fraud of up to ₹50,000 may become eligible for partial compensation. The central bank has also outlined clear guidelines regarding when banks will be responsible, when the customer may be held accountable, and how victims should report fraud to claim compensation.
If approved, the new rules could come into effect from July 1, 2026, providing a structured mechanism to address digital payment fraud cases across the country.
RBI’s Proposed Rules for Digital Payment Fraud
Under the proposed guidelines, RBI aims to create a transparent and standardized system for handling fraud cases involving digital banking services. The rules are expected to apply to a wide range of digital payment channels used by customers today.
These include transactions conducted through:
-
UPI (Unified Payments Interface)
-
Internet banking
-
Mobile banking apps
-
Debit cards
-
Credit cards
-
ATM transactions
If an unauthorized transaction takes place through any of these methods, affected customers may receive compensation depending on the circumstances and reporting timeline.
However, RBI has clarified that these rules will initially apply only to commercial banks. Institutions such as small finance banks, payment banks, and regional rural banks may not be covered under the proposed framework at this stage.
How Much Compensation Can Customers Receive?
One of the most important aspects of the proposed rules is the compensation structure for victims of digital banking fraud.
If a customer suffers financial loss due to fraud and the total amount involved is up to ₹50,000, the compensation may be calculated as follows:
-
Customers may receive 85% of the total loss, or
-
A maximum compensation of ₹25,000, whichever is lower.
However, this compensation facility will be available only once in a customer’s lifetime. To qualify, customers must report the fraud within the prescribed time limit and follow the proper complaint procedure.
This rule is intended to encourage faster reporting of suspicious transactions and reduce the chances of further financial damage.
What Counts as an Authorized Transaction?
RBI has also clarified what constitutes an authorized transaction in digital banking.
If a customer personally enters details such as:
-
One-Time Password (OTP)
-
ATM PIN
-
Internet banking password
-
Card details
and completes a payment, the transaction will typically be considered authorized.
However, if fraudsters obtain these details through deception, phishing, social engineering, or other manipulative methods and trick the customer into transferring money, such cases may still be treated as fraudulent transactions under certain circumstances.
When Is the Bank Responsible?
The proposed draft rules also explain situations where the bank may be held responsible for digital fraud.
For example, banks could be liable if:
-
Their security systems are weak or outdated
-
Customers do not receive timely transaction alerts
-
The bank does not provide proper channels for reporting fraud
-
Fraud complaints are not handled effectively
In such cases, the bank’s negligence may contribute to the financial loss, increasing the likelihood of compensation for the customer.
When Is the Customer Responsible?
On the other hand, customers may also be held responsible if their actions lead to the fraud.
Customer negligence may include situations where a person:
-
Shares OTP, PIN, or passwords with someone else
-
Reveals debit or credit card details
-
Ignores security warnings issued by the bank
-
Downloads suspicious or unauthorized mobile applications
In such cases, the chances of receiving compensation could be reduced.
Third-Party Systems May Also Cause Fraud
RBI has acknowledged that digital payment fraud is not always caused by banks or customers. In some cases, the issue may arise due to technical failures or security breaches involving third-party systems.
Examples include:
-
Payment gateways
-
Third-party mobile payment apps
-
Telecom networks
-
Payment aggregators
Such incidents will be categorized as third-party breaches, and responsibility will be determined based on the specific circumstances of the fraud.
What to Do If You Become a Victim of Digital Fraud
RBI has strongly advised customers to act quickly if they notice any suspicious or unauthorized transaction in their bank account.
Victims should immediately:
-
Inform their bank about the fraudulent transaction.
-
File a complaint on the National Cyber Crime Portal.
-
Call the cyber crime helpline number 1930.
To be eligible for compensation under the proposed rules, customers must report the fraud within five days to both the bank and the cybercrime authorities.
Special System for Small Fraud Cases
The RBI proposal also suggests a structured mechanism for compensating smaller digital fraud cases. In such cases, the compensation amount may be shared among multiple entities.
The payment could come from:
-
RBI’s designated system
-
The customer’s bank
-
The bank that received the fraudulent payment
If the stolen funds are later recovered during investigation, the compensation amount may be adjusted accordingly.
Strengthening Trust in Digital Payments
India has become one of the world’s largest digital payment markets, largely due to the widespread adoption of UPI and mobile banking. However, rising cyber fraud cases have raised concerns among consumers.
By introducing clearer rules for compensation and accountability, the RBI aims to improve consumer confidence, strengthen cybersecurity practices, and promote safer digital transactions.
If implemented in July 2026, the new guidelines could significantly change how banks and customers deal with online payment fraud in India.
-
Liverpool get clear verdict from UEFA after PSG penalty decision overturned
-
Princess Beatrice went on 10 holidays in four months - and taxpayers funded £250k security
-
Understanding the Dynamics of Relationships: Girlfriend vs. Wife
-
Understanding the Risks of Self-Medicating: The Importance of Doctor Consultation
-
Dog owners told 'seek vet immediately' for 6 symptoms this week
