A background note can be accessed here: RBI: Limiting Customer Liability in Digital Transactions
RBI’s draft introduces a shared compensation mechanism for small-value digital fraud losses reported within a defined time window. How should liability rules be designed so that stronger consumer protection does not weaken incentives for both customers and financial institutions to maintain prudent digital-security practices?
The draft introduces a shared compensation mechanism, wherein the RBI and banks jointly bear the burden of compensation. This is important as the RBI has recognised and articulated the implications of small-value frauds for customers. The reported average amount of small-value frauds is Rs 50,000, with nearly 65 percent of total frauds falling in this category. This can be staggering for households in a country where the per capita monthly income is below Rs. 20,000. While this addresses a key component of strengthening consumer trust in the system, it is important to consider the implications for banks.
The mechanism should incentivise banks to devise ways to limit small-value frauds for vulnerable customers; it should not make them complacent under the assumption that compensation can be paid. Regulatory literature shows that banks and financial institutions may treat penalties as a routine cost of doing business: monetary losses, especially when modest, are absorbed without significantly altering behaviour. Alongside the shared compensation structure, it is crucial to link fraud incidence to the reputation of banks, wherein it acts as a signal to stakeholders. The regulator must emphasise the reputational risk for banks, even for small value frauds, when they occur frequently or in large numbers. The number, frequency and quantum of frauds, as well as the steps taken by banks, cannot be limited to annual reports: they should form part of branch-level metrics, and the information available to consumers. Strong signals linking fraud number and frequency to reputational loss, along with incentives for preventive steps are required.
RBI’s framework expands the definition of fraudulent transactions and places the burden of proof on banks while mandating real-time alerts and faster complaint processing. What operational and supervisory challenges could arise for banks and payment intermediaries in implementing these standards at scale in India’s high-volume digital payments ecosystem?
The framework places the burden of proof on banks while mandating real-time alerts and faster complaint processing. The operational and supervisory challenges are considerable; nevertheless , it is a step in the right direction. What is required is linking frauds to the micro-level institutional nodes. While branches are best placed to address customer pain points, by rebuilding trust and supporting customers, branch-level officers may lack time and resources to handle such cases. The regulator must incentivise and encourage banks to ensure that branch-level redressal mechanisms function smoothly, and that this forms a key part of the supervisory framework. Again, a simple highlighting of branch-level redressal metrics, inclusion of fraud prevention in employee evaluation and bank-specific consumer meets highlighting the bank’s actions can be considered. Simple steps can help: highlighting branch-level redressal metrics, including fraud prevention in employee evaluations, and holding bank-specific consumer meets.
How should regulators balance stronger liability protections with innovation and financial inclusion objectives so that enhanced safeguards reinforce, rather than slow, the growth of digital transactions?
A pertinent question for the Indian banking sector, where the volume of frauds is significant, is whether banks are investing adequately in digital architecture to prevent frauds. Trust is central to the banking system, and digital fraud can erode it by exposing banks to reputational risk. With India leading in digital payments, and moving towards a cashless system, these regulations are timely. However, the regulator needs to be cautious in pushing for digital transactions. Even as banks build robust systems, the possibility of fraud or misuse cannot be fully ruled out. In such a scenario, it is important to recognise that fraud, including digital fraud, will occur and that a complete shift of, say, direct benefit transfers to a digital payment structure may be counterproductive. We must continue efforts to build resilience, and also allow consumer choice to dominate between cash and digital payments, without any top-down signalling discouraging cash.