adsense

Showing posts with label Cyber Fraud. Show all posts
Showing posts with label Cyber Fraud. Show all posts

Sunday, March 22, 2026

A Small Line in RBI’s Draft That Could Make Fraud Reporting Instant - Limiting Liability of Customers in Unauthorized Electronic Banking Transactions

 March 22, 2026


The Reserve Bank of India has released its draft “Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Third Amendment Directions, 2026” for public comments, inviting feedback on updated customer protection norms in electronic banking transactions. 

The draft builds on earlier directions and reflects evolving realities of digital payments and fraud risks

Those interested can review the draft and share their inputs via the RBI website: https://www.rbi.org.in Notifications section, or directly explore the draft document here: https://www.rbi.org.in/Scripts/NotificationUser.aspx (navigate to latest draft directions). For broader context on cyber fraud reporting, the National Cyber Crime Portal (https://cybercrime.gov.in) and helpline 1930 also continue to play an important role alongside these proposed changes.

Recently, the Reserve Bank of India invited public comments on its draft update to customer protection rules in digital banking.

At the heart of this draft is a familiar concern—
what happens when a customer loses money in an electronic transaction?

The draft revisits and strengthens the framework around limiting customer liability in unauthorised electronic banking transactions, building on earlier directions and adapting them to today’s realities.

While reading through the document, one section quietly stood out to me.

Not because it was long.
Not because it was complex.

But because it felt… practical.

Yes, practical, and once the Go Live Date is announced, there will be more learnings flyers from the stakeholders.



 A Personal Pause at DA.3

The section is:

👉 DA.3 – Reporting of fraudulent electronic banking transactions by customers to banks
👉 And within it, Para 76G(2)

At first glance, it looks like a routine instruction.

But when I paused and read it again, it felt different.

It was not just about reporting fraud.


It was about how quickly and easily a person can respond in that moment of doubt.

 

 

From “Inform the Bank” to “Act Immediately”

For a long time, the messaging around fraud has been simple:

Inform the bank.
Report the transaction.

But in reality, that moment is never so simple.

When a suspicious debit message comes:

  • there is confusion
  • there is hesitation
  • there is often a few minutes lost just figuring out what to do

This draft seems to recognise that gap.

And instead of just advising faster reporting,
it quietly redesigns the experience.

The draft guidelines mention as to how the responses should flow to the financial institutions.

76G (2): Bringing Action into the Same Moment

Para 76G (2) requires that the transaction alert SMS itself should carry a number, allowing the customer to immediately respond via SMS if they notice something wrong.

This may look like a small addition.

But to me, it changes the flow completely.

Because now:

  • the alert is not just information
  • it becomes the starting point of action

There is no need to search.
No need to remember a helpline.
No need to navigate an app in panic.

The response is right there, in the same message.

Thinking About the Human Moment

Fraud is not just a system event.

It is a very human moment.

A message appears.
For a second, it doesn’t feel right.
There is a pause.

In that pause, the system either:

  • supports the customer
    or
  • leaves the customer to figure things out

What I felt while reading 76G (2) is that it tries to support that exact moment.

It reduces thinking.
It reduces delay.
It reduces friction.

A Quiet but Meaningful Alignment

Across the broader framework, one idea is clear:

👉 Faster reporting leads to better protection.

Seen in that light, this provision does something thoughtful.

It does not just say:

“Report quickly”

It makes it easier to actually do so.

That alignment—between expectation and enablement—
is what gives this clause its real value.

A Subtle Shift in Direction

Reading DA.3 along with 76G (2), I felt there is a shift happening.

From:

  • alerts as passive messages

To:

  • alerts as interactive safety points

From:

  • customer responsibility

To:

  • system-supported customer action

It is not a loud change.

But it is a meaningful one.

Final Reflection

In a document filled with definitions, timelines, and liability structures,
this one line stays with me.

Because it is simple.

And sometimes, in systems like banking,
simple changes make the biggest difference.

A transaction alert SMS,
which we usually just read and move on from,

now has the potential to become
the first step of protection.

Disclaimer

This post is a personal reflection on a draft regulatory document released for public comments.
The observations are interpretative in nature and intended for general awareness and discussion.

Closing Note

The Joy of Digital Transactions
Nayakanti Prashant
Citizen Advocate – Digital Transactions Day (Proposed)

Series archive:
https://movethebarrier.blogspot.com/April11SafeePayDay

Author’s blogs
https://prashantrandomthoughts.blogspot.com
https://prashantnepayments.blogspot.com
https://innovationinbanking.blogspot.com

 


 

 


Posted by at No comments:
Labels: , , , , , , , , ,
Subscribe to: Comments (Atom)

LinkWithin

Related Posts with Thumbnails

Disclaimer

The thoughts in this BLOG are personal, and reflect only my view on the subject.
This are not the views of my Employers.
All images, logos rights rest with the Original TitleHolders

All efforts have been made to make this information as accurate as possible, N Prashant will not be responsible for any loss to any person caused by inaccuracy in the information available on this Website. Relevent Official Gazettes Communications may be consulted for an accurate information. Any discrepancy found may be brought to the notice of N Prashant