Instances of banking fraud are becoming all too common in India. Seeing a rise in customer complaints regarding unauthorized electronic transactions the RBI in July released new rules which make it safer for customers to transact electronically.
The notification relates to- Customer protection – limited liability of customers in unauthorized electronic banking transactions. Now the onus is on the banks to prove that a fraud has taken place, but customers should inform the bank as soon as possible to avoid being penalized. According to the notification, “the systems and procedures in banks must be designed to make customers feel safe about carrying out electronic banking transactions”.
What do the banks have to do? Banks must ask their customers to mandatorily register for SMS alerts and wherever available register for e-mail alerts. Further, banks have been told to not to offer the facility of electronic transactions other than ATM cash withdrawals to customers who do not provide mobile numbers. Banks also have to inform customers that they should notify the bank as soon as possible of any unauthorized electronic transaction and that the longer they take to notify the bank, the higher will be price they have to pay.
What does the customer have to do? If the fraud happens due to negligence from the bank’s end, the customer obviously is not liable. For instance, if there is a glitch on the backend of the bank where customer details are compromised, then you will not be liable to pay. Or if bank employees are involved in fraudulent activities where they give away customer details. The RBI notification states that if a ‘third-party’ breach happens when neither the bank nor the customer is at fault and the customer informs the bank within three working days, here too the customer is not liable to pay.
So, to protect yourself and your money, the first step is make sure you apply for the SMS and email alerts service of your bank. The second step would be to intimate the bank as soon as you get the alert that money has been debited from your account. Do it within three days. If you do not, then depending on how long you take, your liability increases.
Now if the bank is at fault, you do not pay, but if the fraud or wrongful debit has happened because of your negligence, then you will have to bear the brunt. This could happen if you mentioned your PIN number or password in passing or left it lying around and someone used it without your knowledge. The good news is that even though this transaction has happened due to your negligence, if you report it to the bank before seven working days (and after three days) from receiving the debit message, the RBI notification says that the per transaction liability of the customer will be limited to the transaction value or an amount set by the central bank, whichever is lower.
Type of Account | Maximum Liability (Rs.) |
| Bank savings a/c | 5000 |
| Other savings bank a/c | 10000 |
| Pre-paid payment instrument / gift cards | 10000 |
| Current/Cash credit/ OD a/c of MSME | 10000 |
| Current/Cash credit/ OD a/c with limit upto Rs. 25 lakhs | 10000 |
| All other Current/Cash credit/ OD a/c | 25000 |
| Credit cards with limit upto Rs.5 lakhs | 10000 |
| Credit cards with limit above Rs.5 lakhs | 25000 |
The above will be applicable only if it is reported within seven working days. If you take more than seven days, “the customer liability shall be determined as per the bank’s Board approved policy,” says the RBI notification.
Banks have to credit or reverse the unauthorized electronic transaction to the customer’s account within 10 working days from the date of notification by the customer. And once reported, in case of debit card or bank account fraud, the bank should ensure that the customer does not suffer loss of interest. If the transaction has happened on a credit card, the customer should not have to additional burden of interest. Also, once reported, banks have to resolve the case within 90 days from the date of receipt of the complaint.
RBI’s circular says that banks must provide customers 24/7 access through multiple channels like SMS, email, IVR and so on for reporting unauthorized transactions. A new facility that banks have been asked to provide is that of allowing customers to “instantly respond by “Reply” to the SMS and e-mail alerts and the customers should not be required to search for a web page or an e-mail address to notify the objection”.
FRDI Bill: How safe is your bank deposits
Can your family members access your bank account during a crisis?
Sabyasachi Paul has been associated with equity research and advisory on equity markets in India for over 9 years & currently heads the equity research desk of Eastern Financiers Ltd, Kolkata.He also manages a portfolio on the online platform Kristal. Find link to the strategy named ‘The Tortoise’