In These Small Moments, Something Larger Is Changing | Limiting Liability of Customers in Unauthorised Electronic Banking Transactions

 06 April, 2026

The Reserve Bank of India’s draft on customer protection in digital transactions is open for public comments, with today being the last day.

The document sits there, formally—on https://www.rbi.org.in (Notifications), supported by systems like https://cybercrime.gov.in and helpline 1930.

My earlier reflections on this subject are at:
01) https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-fraud-reporting-instant-76g2.html
02) https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-5-day-rule-fraud-reporting-protection.html
03) https://prashantnepayments.blogspot.com/2026/04/rbi-draft-2026-zero-liability-digital-transactions-protection.html

What This Draft Fundamentally Introduces

At its core, the draft introduces three clear shifts:
• Defined timelines for reporting (like the 5-day window)
• Conditional zero or limited customer liability
• Greater responsibility on banks to enable and respond

Everything else builds around these.

---

It could be a late evening.
A message comes in.
“₹8,000 debited…”

For a second, it doesn’t register.
You look again.
You scroll.
You pause.

Maybe it was something you forgot.
Maybe it’s nothing.
Or maybe… it isn’t.

---

Over the past few days, I didn’t experience this draft as a document.
I experienced it through moments like this.

Small ones.
Almost easy to miss.

---

These Moments Are Not Rare

A small business owner, between customers, phone buzzing quietly in the pocket.
A notification seen—but not opened.
“Will check later.”

Later becomes night.
Night becomes the next day.
And somewhere in between,
time quietly moves ahead.

---

Or an elderly parent.
A call.
A voice that sounds convincing.
A request that feels urgent.

OTP shared—not out of carelessness,
but out of trust.

Minutes later,
a message arrives.
And with it,
a realization that comes just a little too late.

---

Nothing here looks dramatic.
No alarms.
No flashing warnings.
Just ordinary life.

And that is exactly where this draft begins to matter.

---

What Is Quietly Changing

In these same moments, something is different now.

• That message is no longer just information—it allows response
• That delay is no longer invisible—it has a boundary
• That responsibility is no longer one-sided—it begins to shift
• That loss is no longer absolute—it may be shared

---

Four Moments That Stayed With Me

When I step back, four moments emerge—
not as clauses, but as experiences:

---

The Moment of Action

A simple alert.
But now, with the ability to respond.

From:
• reading

To:
• acting

A small shift.
But one that brings response into the same moment as awareness.

---

The Moment of Time

A 5-day window.
Not too short.
Not too long.

Just enough to recognise, and respond.

A quiet reminder that:
Protection is not just about what happens
but when we respond to it

---

The Moment of Trust

Zero liability.
A phrase that feels reassuring.

But more than that, it answers a deeper question:
“Will I be left alone in this?”

And for the first time, it feels like:
“Not always.”

---

The Moment of Recovery

Recovery may not always be complete.
But the intent is clear:
Loss is no longer expected to rest entirely on the customer.

It reflects a shift towards shared responsibility,
where outcomes are not absolute,
but more balanced than before.

---

From Moments to Meaning

Individually, these appear as rules.
Together, they form a system:

Awareness → enables Action
Action → is shaped by Time
Time → builds Trust
Trust → influences Recovery

This is not just a checklist.

It is a designed flow of protection.

---

A Subtle Shift in Thinking

What stood out to me across this draft is a quiet shift.

From:
• defining liability

To:
• shaping behaviour

From:
• assigning blame

To:
• enabling response

And somewhere in between:

👉 A shared responsibility begins to emerge

Not imposed.
Not forced.
But designed.

---

A Personal Reflection

Digital transactions have become routine.
A tap.
A scan.
A transfer.

Things we don’t think twice about.
Until one day, something feels off.

And in that moment, what matters is not just technology.

It is:
• how quickly we can act
• how clearly the system responds
• and whether we feel supported

---

Final Thought

Protection in digital transactions is not created in one step.
It is built across moments.

Small ones.
Quiet ones.
Often unnoticed ones.

And perhaps,
if these small moments are becoming more responsive,
more time-bound,
and more shared,

then something larger is quietly improving:

Not just systems,
but the experience of being protected within them.

Yes, moments are important in a Digital Payment process.

In digital transactions, protection is built not in rules, but in the moments when we notice, act, and respond.

What next – By now, Reserve Bank of India must have received few inputs. Or as is the norm, the last-minute inputs will be bit more. Either way, the respective Reserve Bank of India team will go through the inputs and release the final notification.

Once the final notification is in public domain, the respective stakeholders will start working for the Go Live Date.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

The Joy of Digital Transactions

—
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed: April 11)

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

---

Author’s blogs

https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

85% Protection: A Safety Net for Digital Transactions: Limiting Liability of Customers in Unauthorised Electronic Banking Transactions

 05 April 2026

The Reserve Bank of India has released its draft “Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Third Amendment Directions, 2026” for public comments, strengthening customer protection in digital transactions.

The draft can be accessed via https://www.rbi.org.in (Notifications section), while fraud reporting continues through https://cybercrime.gov.in and helpline 1930.

In earlier reflections, I explored how reporting is becoming immediate, how timing shapes protection, and how responsibility begins to shift.

This time, I paused at something different—a number.

My earlier reflections on this subject are at

01)               https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-fraud-reporting-instant-76g2.html

02)              https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-5-day-rule-fraud-reporting-protection.html

03) https://prashantnepayments.blogspot.com/2026/04/rbi-draft-2026-zero-liability-digital-transactions-protection.html

A Personal Pause at 85%

Within the draft, there is a structured provision:

👉 Compensation of up to 85% of loss (or ₹25,000 cap) in certain small-value fraud cases

At first glance, it feels specific.

But on reflection, it feels carefully designed.

---

Not Zero, Not Full — Something In Between

This provision sits between two extremes:

• Not full reimbursement
• Not complete loss

Instead, it creates a middle path.

For fraud cases up to ₹50,000:

• A portion of the loss is absorbed
• The impact on the customer is reduced

It is not perfection.

But it is protection.

---

A Different Kind of Responsibility

What stood out to me is the shift in approach.

Instead of asking:

Who should bear the loss completely?

The framework suggests:

Let the loss be shared

Across:

• the system
• the banks
• and the broader ecosystem

This creates a structured safety net, rather than a binary outcome.

---

The Human Side of It

Most fraud cases are not large in value.

But they are:

• frequent
• unsettling
• personal

For someone facing such a situation,
even partial recovery matters.

It does not undo the event.

But it softens the impact.

---

A Simple Way to Understand This

In practice, this could mean:

• For smaller fraud cases (up to ₹50,000), partial compensation may apply
• Typically, up to 85% of the loss (subject to a cap)
• The compensation is shared across institutions within the system

At the same time:

• Timely reporting remains important
• Delays or certain forms of negligence may affect eligibility

---

Connecting the Series

If I step back and look at the journey:

• Alerts are becoming actionable
• Reporting is becoming immediate
• Timing is becoming decisive
• Responsibility is becoming shared
• And now, loss is being partially absorbed

This does not feel like isolated provisions.

It feels like layers of protection being built over time.

The dots need to be identified and connected.

---

Final Reflection

85% is not a perfect number. Well, it is difficult for any number to be perfect.

But it is a thoughtful one.

It acknowledges that:

• systems are not flawless
• users are not always at fault
• and losses should not fall entirely on one side

In digital transactions, protection is evolving—
not as a single guarantee, but as a combination of support mechanisms.

And this feels like one such step.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed) April 11

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

When Zero Liability Truly Means Zero: Limiting Liability of Customers in Unauthorised Electronic Banking Transactions

 04 April, 2026

 

The Reserve Bank of India has released its draft “Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Third Amendment Directions, 2026” for public comments, strengthening customer protection in digital transactions.

The draft can be accessed via https://www.rbi.org.in (Notifications section), while fraud reporting continues through https://cybercrime.gov.in and helpline 1930.

In the earlier reflections, I explored how reporting is becoming immediate, and how timing shapes protection. This time, I paused at something deeper.

The earlier reflections are available at

01)               https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-fraud-reporting-instant-76g2.html

https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-5-day-rule-fraud-reporting-protection.html

A Personal Pause at “Zero Liability”

Within the draft, there is a clear provision:

👉 Customers may have zero liability in certain fraud situations, especially where the fault lies with the bank or where timely reporting is made. (The Indian Express)

At first glance, it feels reassuring.

But on reflection, it feels transformative.

---

Beyond the Phrase

“Zero liability” is not a general promise.

It is structured.

It applies in cases such as:

• fraud arising from bank negligence
• certain third-party breaches (when reported within time)

And importantly:

👉 Once a fraud is reported, any further loss is borne by the bank (The Indian Express)

---

The Human Meaning

For a customer, this shifts something fundamental.

There has always been a silent concern:

“If something goes wrong, will I have to bear the loss?”

This provision begins to answer that.

It introduces:

• reassurance
• accountability
• a sense that the system stands with the customer

---

Where the Shift Happens

What stood out to me is not just the rule—
but the moment it activates.

The moment a customer:

• notices something unusual
• takes action
• reports it

From that point, the system responds differently.

👉 Before reporting → uncertainty
👉 After reporting → protection strengthens

---

Connecting the Flow

Looking across the draft:

• Alerts are becoming actionable
• Reporting is becoming immediate
• Timing is becoming decisive
• And now, responsibility begins to shift

This does not feel like isolated provisions.

It feels like a designed journey of protection.

---

Final Reflection

Zero liability is not just about removing loss.

It is about building confidence.

Confidence that:

• the system will step in when it fails
• the burden will not always fall on one side

In digital transactions, trust is built slowly.

And this feels like one such step.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

Closing Note

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed) April 11

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

---

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

 

5 Days That Decide Your Protection: Limiting Liability of Customers in Unauthorised Electronic Banking Transactions

 March 26,2026

The Reserve Bank of India has released its draft “Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Third Amendment Directions, 2026” for public comments, inviting feedback on updated customer protection norms in electronic banking transactions.

The draft builds on earlier directions and reflects evolving realities of digital payments and fraud risks.

Those interested can review the draft and share their inputs via the RBI website: https://www.rbi.org.in → Notifications section, or directly explore the draft document here: https://www.rbi.org.in/Scripts/NotificationUser.aspx (navigate to latest draft directions).

For broader context on cyber fraud reporting, the National Cyber Crime Portal (https://cybercrime.gov.in) and helpline 1930 also continue to play an important role alongside these proposed changes.

 

Last week, while going through the Reserve Bank of India’s draft on customer protection in digital banking, one idea stayed with me.

Not a definition.
Not a compensation rule.

But a simple window of time.

A Personal Pause at the 5-Day Rule (Para DA.4 - 76L.)

 

Within the draft, there is a clear reference:

👉 Reporting within 5 calendar days plays a key role in determining customer protection in fraud cases.

At first, it feels procedural.

But on reflection, it feels decisive.

---

From Awareness to Timing

In the earlier post, I reflected on how reporting is becoming immediate—
how action is now built into the transaction alert itself.

Link to my earlier post @ https://prashantnepayments.blogspot.com/2026/03/rbi-draft-2026-fraud-reporting-instant-76g2.html

 

But this takes it one step further.

It quietly tells us:

It is not just about reporting
It is about when you report

---

The Human Reality

In real life, fraud is rarely identified instantly.

Sometimes:

• the message is ignored
• the doubt comes later
• the realization happens after a few hours… or days

And that delay—very human, very natural—
now begins to shape the outcome.

---

What These 5 Days Mean

Within this window:

• customer protection is stronger
• outcomes are more favourable
• the system responds with greater support

Beyond this window:

• the nature of protection begins to change

It is a simple boundary.
But it carries weight.

5 Days means 5 Days – Nothing More, Nothing Less

---

A Subtle Shift in Responsibility

What stood out to me is this:

The system is evolving to support the customer—
but it is also asking the customer to act within time.

There is a balance emerging:

👉 System enables action
👉 Customer enables timing

---

Connecting the Dots

If I step back and look at the flow:

• Alerts are becoming actionable
• Reporting is becoming immediate
• And now, timing is becoming decisive

It feels like a sequence, not isolated rules.

---

Final Reflection

In digital transactions, protection is not only about preventing fraud.

It is also about:

• how quickly it is noticed
• how quickly it is reported

These 5 days are not just a timeline.

They are a window of protection.

And sometimes,
a small window is what makes the biggest difference.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness.

---

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed) April 11

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

---

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

A Small Line in RBI’s Draft That Could Make Fraud Reporting Instant - Limiting Liability of Customers in Unauthorized Electronic Banking Transactions

 March 22, 2026

The Reserve Bank of India has released its draft “Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Third Amendment Directions, 2026” for public comments, inviting feedback on updated customer protection norms in electronic banking transactions. 

The draft builds on earlier directions and reflects evolving realities of digital payments and fraud risks. 

Those interested can review the draft and share their inputs via the RBI website: https://www.rbi.org.in → Notifications section, or directly explore the draft document here: https://www.rbi.org.in/Scripts/NotificationUser.aspx (navigate to latest draft directions). For broader context on cyber fraud reporting, the National Cyber Crime Portal (https://cybercrime.gov.in) and helpline 1930 also continue to play an important role alongside these proposed changes.

Recently, the Reserve Bank of India invited public comments on its draft update to customer protection rules in digital banking.

At the heart of this draft is a familiar concern—
what happens when a customer loses money in an electronic transaction?

The draft revisits and strengthens the framework around limiting customer liability in unauthorised electronic banking transactions, building on earlier directions and adapting them to today’s realities.

While reading through the document, one section quietly stood out to me.

Not because it was long.
Not because it was complex.

But because it felt… practical.

Yes, practical, and once the Go Live Date is announced, there will be more learnings flyers from the stakeholders.

 A Personal Pause at DA.3

The section is:

👉 DA.3 – Reporting of fraudulent electronic banking transactions by customers to banks
👉 And within it, Para 76G(2)

At first glance, it looks like a routine instruction.

But when I paused and read it again, it felt different.

It was not just about reporting fraud.

It was about how quickly and easily a person can respond in that moment of doubt.

 

 

---

From “Inform the Bank” to “Act Immediately”

For a long time, the messaging around fraud has been simple:

Inform the bank.
Report the transaction.

But in reality, that moment is never so simple.

When a suspicious debit message comes:

• there is confusion
• there is hesitation
• there is often a few minutes lost just figuring out what to do

This draft seems to recognise that gap.

And instead of just advising faster reporting,
it quietly redesigns the experience.

The draft guidelines mention as to how the responses should flow to the financial institutions.

---

76G (2): Bringing Action into the Same Moment

Para 76G (2) requires that the transaction alert SMS itself should carry a number, allowing the customer to immediately respond via SMS if they notice something wrong.

This may look like a small addition.

But to me, it changes the flow completely.

Because now:

• the alert is not just information
• it becomes the starting point of action

There is no need to search.
No need to remember a helpline.
No need to navigate an app in panic.

The response is right there, in the same message.

---

Thinking About the Human Moment

Fraud is not just a system event.

It is a very human moment.

A message appears.
For a second, it doesn’t feel right.
There is a pause.

In that pause, the system either:

• supports the customer
  or
• leaves the customer to figure things out

What I felt while reading 76G (2) is that it tries to support that exact moment.

It reduces thinking.
It reduces delay.
It reduces friction.

---

A Quiet but Meaningful Alignment

Across the broader framework, one idea is clear:

👉 Faster reporting leads to better protection.

Seen in that light, this provision does something thoughtful.

It does not just say:

“Report quickly”

It makes it easier to actually do so.

That alignment—between expectation and enablement—
is what gives this clause its real value.

---

A Subtle Shift in Direction

Reading DA.3 along with 76G (2), I felt there is a shift happening.

From:

• alerts as passive messages

To:

• alerts as interactive safety points

From:

• customer responsibility

To:

• system-supported customer action

It is not a loud change.

But it is a meaningful one.

---

Final Reflection

In a document filled with definitions, timelines, and liability structures,
this one line stays with me.

Because it is simple.

And sometimes, in systems like banking,
simple changes make the biggest difference.

A transaction alert SMS,
which we usually just read and move on from,

now has the potential to become
the first step of protection.

---

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness and discussion.

---

Closing Note

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed)

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

---

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com