From July 1, Customers May Get Rs 25000 Compensation For Small Value Digital Frauds
Customers can avail of the compensation only once in their lifetime: Reports
MUMBAI: The Reserve Bank of India (RBI) on Friday proposed a compensation framework for victims of small-value digital banking frauds, under which individuals could receive up to 85 per cent of the lost amount or a maximum of Rs 25,000. Customers can avail of the compensation only once in their lifetime.
According to the draft directions, titled Commercial Banks - Responsible Business Conduct Third Amendment Directions, 2026, to be eligible for payment of compensation, the loss should be established as bona fide, as per the internal processes covered in the bank’s policy, and the victim have reported the fraudulent transaction both to the bank and on the National Cyber Crime Reporting Portal or the National Cyber Crime Helpline (1930) within five calendar days from its occurrence.
For losses below ₹29,412, where compensation is calculated at 85 per cent of the loss, the RBI will bear 65 per cent of the compensation amount, while the customer’s bank and the beneficiary bank will bear 10 per cent each. For losses between ₹29,412 and ₹50,000, compensation will be capped at ₹25,000. In such cases, the RBI will contribute ₹19,118, while the customer’s bank and the beneficiary bank will contribute ₹2,941 each.
Banks must credit the compensation to the customer within five calendar days of receiving the application. Lenders may subsequently seek reimbursement of the RBI’s share on a quarterly basis.
The norms will apply to electronic banking transactions undertaken on or after July 1, 2026.
A customer will be entitled to zero liability and reversal of the transaction in cases where the fraudulent electronic banking transaction occurs due to negligence/deficiency on the part of the bank (irrespective of whether the transaction is reported by the customer or not) and in cases of third-party breach where customer reports the unauthorised fraudulent electronic banking transaction to the bank within five calendar days from the date of its occurrence.
Banks must send alerts for electronic transactions above ₹500 and provide round-the-clock channels for reporting fraud or loss of payment instruments.
Electronic banking transactions will include payments made through internet banking, mobile banking, cards, or other digital channels that fall under the definition of electronic funds transfer in the Payment and Settlement Systems Act, 2007.
Customer negligence may include sharing credentials such as OTPs or PINs, ignoring scam warnings, failing to report fraud promptly or downloading malicious applications.
Negligence by a bank may include failing to maintain secure systems, not sending transaction alerts, or failing to provide channels for reporting fraud.
The draft directions also define third-party breaches, where the problem arises from intermediaries such as payment gateways, telecom service providers or third-party application providers rather than the bank or the customer.
