On March 6, 2026, the Reserve Bank of India (RBI) issued draft Amendment Directions to revamp the 2017 framework on customer liability, introducing a first-of-its-kind "compensation-sharing mechanism" to handle small-value digital frauds. The proposed rules target individual losses up to ₹50,000, allowing bona fide victims who report fraud within five days to receive up to 85% of their net loss or ₹25,000, whichever is lower.
Under the new sharing protocol, the financial burden of this compensation is distributed between the RBI and the banks involved in the transaction to ensure rapid relief for the customer.
The framework also expands the definition of "unauthorised transactions" to include cases of trickery or coercion, while placing the burden of proof on banks and mandating instant SMS alerts for all transactions over ₹500.
By placing the burden of proof on banks and requiring mandatory instant SMS alerts for all transactions over ₹500, the RBI aims to create a high-fidelity safety net that reflects the evolution of India's digital payments landscape since 2017.
Key Pillars of the Draft Liability Framework
Small-Value Fraud Compensation: Providing a one-time, lifetime reimbursement for genuine fraudulent losses up to ₹50,000 to provide rapid financial relief.
Zero Liability Mandate: Ensuring customers face no financial loss if fraud occurs due to bank negligence or third-party breaches reported within five days.
Expanded Fraud Definition: Covering "trickery or coercion" where users are manipulated into authorizing payments to scammers posing as legitimate recipients.
Mandatory Digital Alerts: Requiring banks to send instant SMS alerts for all transactions exceeding ₹500 and email alerts regardless of value if an address is registered.
Burden of Proof on Lenders: Explicitly stating that the responsibility to prove customer negligence in fraudulent transactions lies with the bank, not the victim.
Accelerated Grievance Redressal: Mandating that banks examine complaints and respond within 30 days to ensure faster complaint resolution.
What is the "compensation-sharing mechanism"? The compensation-sharing mechanism is a temporary operational arrangement where the cost of reimbursing a fraud victim is split between the RBI and the involved banks. For example, for a loss under ₹29,412 where 85% is paid as compensation, the RBI bears 65%, while the customer’s bank and the beneficiary bank contribute 10% each. This mechanism will remain in force for one year from the effective date (July 1, 2026), after which it will be reviewed with the objective of increasing the banks' share and eventually eliminating the central bank's contribution. This provides a functional incentive for banks to tighten their security protocols and fraud monitoring systems.
Policy Relevance: India’s Digital Payment Security
Operationalizing Consumer Trust: The draft act as a primary mechanic for the Ministry of Finance to sustain the massive growth of UPI by removing the "fear of loss" associated with small-value digital scams.
Internalizing Cyber Reporting: Mandatory reporting to the National Cyber Crime Helpline (1930) acts as a functional prerequisite for compensation, ensuring that all digital frauds are logged into the national database.
Bypassing Technical Negligence: The inclusion of "coerced" or "tricked" transactions provides a functional solution for protecting elderly and digitally-illiterate users who are often targeted by social engineering.
Link to Financial Literacy: Defining "Customer Negligence" (such as sharing OTPs or downloading malicious apps) serves as a prerequisite for the RBI’s awareness campaigns to encourage safer digital habits.
Follow the Full Release Here: Draft Amendment Directions for Review of Framework of Limiting Customer Liability in Digital Transactions
