At last, feedback submitted
24 April, 2026
On April 23, 2026, I submitted my feedback to the Reserve Bank
of India on its discussion paper exploring safeguards in digital payments to
curb fraud.
This was not just a response to a consultation.
It was an opportunity to think through a deeper question:
How do we strengthen fraud controls without
weakening trust in the digital payment system?
Any plans to share your inputs or thoughts with Reserve
Bank of India?
The Context
India’s digital payments ecosystem has scaled rapidly over the
past decade.
With this scale has come a new kind of risk:
- Social
engineering frauds
- Mule
account networks
- Rapid
movement of funds across accounts
The challenge is no longer just preventing fraud.
It is about designing systems that can respond at speed without disrupting
genuine transactions.
My Approach
Rather than responding to each question in isolation, I
approached the discussion paper as a system design exercise.
Digital payment fraud is not a single point failure problem.
It operates across layers:
- Human
behaviour at the point of transaction initiation
- System
processing during fund movement
- Account
level controls at the point of credit
- Infrastructure
reliability across institutions
Each of these layers presents a different type of risk.
And more importantly, each requires a different type of control.
01)
Control Placement Matters
A key lens I used was:
Controls should be placed where they are most
effective not where they are easiest to implement
In large interconnected systems, convenience of implementation
can sometimes drive design decisions.
However fraud does not exploit convenience. It exploits weakness and delay.
This requires a deliberate evaluation of:
- Where
risk originates
- Where
it amplifies
- Where
it can be contained
02) Avoiding Single
Point Dependence
Another important consideration was system resilience.
India’s banking ecosystem includes:
- Large
private banks
- Public
sector banks
- Regional
rural banks
- Cooperative
institutions
- Payment
Banks
- Small
Finance Banks
- Foreign
Banks
A framework that depends on uniform real time performance
across all participants introduces a different kind of systemic risk.
Even a short disruption in one part of the system can:
- Create
temporary vulnerabilities
- Be
exploited at scale
Therefore, the approach needs to:
- Distribute
responsibility
- Reduce
single point dependencies
- Build
tolerance for operational variation
03)
Rule Based Systems Over Discretion
Wherever possible, I leaned towards:
Rule based predictable systems instead of
discretionary case by case decisions
The moment a framework becomes dependent on:
- Manual
validation
- Individual
interpretation
- Human
intervention at scale
It introduces:
- Inconsistency
- Delay
- Potential
bias
In a country of India’s scale, consistency is itself a form of
security.
04)
Balancing Friction and Flow
A recurring trade off in the discussion paper is:
- Increasing
controls
versus - Preserving
seamless transactions
The instinctive response to fraud is to add friction.
But excessive friction can:
- Impact
genuine users
- Reduce
system adoption
- Shift
behaviour outside formal channels
The objective therefore is not to eliminate friction, but to:
Apply friction selectively where risk is highest
05)
Clarity as a Design Principle
Another dimension that emerged strongly was clarity.
As systems evolve, new constructs are introduced:
- Conditional
processing
- Layered
balances
- Delayed
availability of funds
If these are not clearly defined and communicated:
- Customers
get confused
- Banks
interpret differently
- Disputes
increase
Clarity is not just a communication requirement.
It is a design requirement.
06) Infrastructure as
the Silent Backbone
Finally, I looked at the role of infrastructure reliability.
Controls are only as effective as the systems that support
them.
If critical safeguards:
- Are
unavailable intermittently
- Function
differently across institutions
- Depend
heavily on manual fallback
Then the overall framework becomes uneven.
At scale, consistency and uptime are themselves risk controls.
Closing Reflection
Approaching the paper through these lenses helped me move
beyond individual questions and think in terms of system behaviour at scale.
Because in digital payments:
It is not just the control that matters
It is where it sits, how it behaves, and how consistently it works across the
system
Final Note
This submission was prepared with the assistance of artificial
intelligence tools, with all views independently reviewed and articulated by
the author.
It is also aligned with the broader objective of promoting
safe digital payments, including the proposed observance of Digital
Transactions Day on April 11.
Digital Payments are a sub-set of Digital Transactions.
The Joy of Safe ePayments
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (April 11, Proposed)
Disclaimer: This is a general observation and not an official
interpretation.
The only Joy is in ‘Digital
Transactions Day’.
Author’s Blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com
No comments:
Post a Comment