🔥 42 IAS Prelims 2026 Questions Themes Came Directly from Our Expected Topics. Click for the Proof. 🔥 Free IAS Guidance Programme. Click Now. 🔥 Free Mains Performance Enhancement Programme For IAS Mains 2026. Click Now. 🔥 Free Ethics & Essay Marks Improvement Programme For IAS Mains 2026. Click Now.
Admissions Open for 17th July GS Batch Register Now

RBI’s Updated Rules on Scam Compensation

  • Last Updated: June 30, 2026
RBI’s Updated Rules on Scam Compensation

Context

  • Recently, The Reserve Bank of India (RBI) has issued fresh amendments to its 2017 circular on “Limiting Liability of Customers in Unauthorised Electronic Banking Transactions”.
  • These new guidelines expand the safety net to protect bank customers from financial losses incurred due to sophisticated scam transactions and cyberattacks. Initially launched as a one-year pilot project, these rules will become effective on January 1, 2027.

Core Definition: Fraudulent Electronic Banking Transactions (EBTs)

The amendments introduce a precise classification of transactions eligible for liability protection:

  • Definition: Transactions executed by a third party using credentials obtained from the customer via fraudulent means, or executed by the customer under coercion/duress from a third party (e.g., “digital arrests”).
  • Inclusions: It covers unauthorized EBTs occurring due to negligence by the bank or a third-party security breach.
  • Exclusions from Compensation (Negligence Criteria):
    • Customers who ignore fraud signal warnings (such as warning screens on a UPI PIN interface) will not be eligible.
    • Failure to update/register the latest phone number or email address with the bank is legally deemed customer negligence, as it prevents the bank from delivering real-time fraud alerts.

Key Timelines for Reporting & Implementation

  • Reporting Window for Third-Party Hacks: The deadline for a customer to report a loss from a third-party breach has been extended to 5 calendar days (up from the previous rule of 3 working days). Timely reporting ensures the customer bears zero liability.
  • Implementation Deadline: Banks have been granted an extension to roll out the framework, moving the effective enforcement date to January 1, 2027 (shifted from the initial July 1 draft proposal).
  • Complaint Settlement Window: The timeline given to institutions to resolve and settle disputes has been increased to 45–60 days (with the upper 60-day limit strictly applying to international transactions).

Compensation Structure and Cost-Sharing Model

The guidelines establish a specific mathematical threshold and multi-party cost-sharing mechanism for reimbursement:

  • Cap on Scams Covered: The compensation framework applies only to scam losses up to ₹50,000. Scams exceeding ₹50,000 are currently excluded from this specific framework.
  • Reimbursement Limits: Eligible victims can claim 85% of the lost amount, capped at a lifetime maximum of ₹25,000 (applicable only once in a customer’s lifetime).
    • Note: Any loss between ₹29,412 and ₹50,000 yields a flat compensation of ₹25,000.
  • Mandatory Reporting: To qualify for this payout, the customer must report the fraud to the national cybercrime helpline (1930) within five days.

The Cost-Sharing Breakdown:

The total disbursed compensation amount is co-funded by three distinct entities:

Contributing EntityShare of Compensation
Reserve Bank of India (RBI)Roughly 3/4​ (75%) of the payout amount.
Customer’s BankHalf of the remaining 1/4​ balance (approx. 12.5%).
Beneficiary’s BankHalf of the remaining 1/4​ balance (approx. 12.5%).

Important Legal & Institutional Touchpoints

  • Indian Contract Act: Civil society think tanks (like Dvara Research) point out that under the Indian Contract Act, contracts signed under information asymmetry, fraudulent pretexts, or external influence are legally voidable.
  • Bank Discretion: Banks retain the autonomous authority to completely waive customer liability and reverse transactions even if customer negligence is proven.
The term Fraudulent Electronic Banking Transactions (EBTs) introduced by RBI includes:
1. Transactions executed by a third party using credentials obtained through fraud. 
2. Transactions executed by the customer under coercion or duress. 
3. Transactions arising due to bank negligence. 
4. Transactions voluntarily made by customers after ignoring fraud warnings. 
Select the correct answer using the code below:
(a) 1 and 2 only
(b) 1, 2 and 3 only
(c) 2, 3 and 4 only
(d) 1, 2, 3 and 4
Correct answer: B
Explanation:
•  Transactions executed by a third party using credentials obtained through fraud: Correct. The RBI explicitly defines EBTs as transactions "executed by a third-party using the credentials obtained from the customer through fraudulent means...".
•  Transactions executed by the customer under coercion or duress: Correct. The definition includes transactions executed by the customer "by granting approval under coercion or duress from the third-party".
•  Transactions arising due to bank negligence: Correct. The definition explicitly covers an EBT "occurring on account of negligence by a bank and/or a third-party breach".
•  Transactions voluntarily made by customers after ignoring fraud warnings: Incorrect. The text specifies that "customers who ignore fraud signal warnings... would not be eligible for any compensation", meaning these are excluded from the protective scope of the compensation framework due to customer negligence.

Latest Articles

Latest Articles

Deep Analysis for IAS Mains
Editorial Explained
UPSC Prelims Bytes
What to Read from Newspaper
×

FREE IAS GUIDANCE PROGRAMME

Enroll Now