RBI Strengthens Digital Fraud Protection

The Reserve Bank of India has announced new rules aimed at strengthening customer protection against digital banking and credit card fraud. Under the revised guidelines, banks will be required to credit the lost amount to a customer's account within five days if the customer falls victim to cyber fraud, subject to the conditions specified by the regulator.

According to the new framework, if the fraud occurs due to a lapse on the part of the bank, the customer will receive a full refund even if no formal complaint is lodged. In cases involving third-party hacking or unauthorized transactions, customers will not bear any financial liability, provided they report the incident within five days of the fraudulent transaction.

However, the RBI clarified that customers will remain responsible for losses if they voluntarily share confidential information such as one-time passwords (OTPs), passwords, or other authentication credentials with fraudsters.

The new rules are scheduled to come into effect from January 1, 2027. Additionally, the RBI has introduced a one-time relief measure for customers who suffer digital fraud losses of up to ₹50,000. This special benefit can be availed only once in a customer's lifetime, subject to the eligibility conditions laid down in the guidelines.

The initiative is expected to enhance consumer confidence in digital banking and encourage timely reporting of cyber fraud incidents.