The proposal was first announced during the February 6 monetary policy by Governor Sanjay Malhotra. The draft directions, titled Reserve Bank of India (Commercial Banks Responsible Business Conduct) Third Amendment Directions, 2026, will apply to electronic banking transactions undertaken on or after July 1, 2026. The central bank has invited comments from stakeholders on the draft until April 6, 2026.
Under the proposed framework, compensation will be available to individual customers who suffer losses of up to ₹50,000 due to fraudulent electronic banking transactions in specified cases. Eligible victims will receive 85% of the net loss amount or ₹25,000, whichever is lower.
The compensation can be claimed only once during a customer’s lifetime. To qualify, the victim must report the fraudulent transaction both to the bank and through the National Cyber Crime Reporting Portal or the National Cyber Crime Helpline within five calendar days.
For losses below ₹29,412, where compensation is calculated at 85% of the loss, the RBI will bear 65% of the compensation amount, while the customer’s bank and the beneficiary bank will bear 10% each.
| Particulars | Amount (₹) |
|---|---|
| Amount reported lost under the complaint | 40,000 |
| Recovery made and credited to customer before compensation | 15,000 |
| Net loss faced by the customer | 25,000 |
| Compensation payable to customer (85% of net loss) | 21,250 |
| Contribution by Reserve Bank | 16,250 |
| Contribution by customer’s bank | 2,500 |
| Contribution by beneficiary bank | 2,500 |
For losses between ₹29,412 and ₹50,000, compensation will be capped at ₹25,000. In such cases, the RBI will contribute ₹19,118, while the customer’s bank and the beneficiary bank will contribute ₹2,941 each.
| Particulars | Amount (₹) |
|---|---|
| Amount reported lost under the complaint | 40,000 |
| Compensation paid to the customer | 25,000 |
| Contribution by Reserve Bank | 19,118 |
| Contribution by customer’s bank | 2,941 |
| Contribution by beneficiary bank | 2,941 |
Banks must credit the compensation to the customer within five calendar days of receiving the application. Lenders may subsequently seek reimbursement of the RBI’s share on a quarterly basis.
Alongside the compensation framework, the RBI has proposed broader changes to customer protection rules in digital banking. The draft expands the definition of authorised electronic banking transactions to include payments approved through authentication methods such as OTPs, PINs, CVV, passwords or other electronic authentication mechanisms.
The framework also covers cases where customers are tricked into transferring money to scammers posing as legitimate recipients or approve transactions under coercion.
The RBI has introduced a new category called “fraudulent electronic banking transaction”, which includes both authorised scam payments and unauthorised transactions carried out without customer approval.
The draft also defines negligence by banks and customers in fraud cases. Bank negligence may include failure to implement mandated security systems, failure to send transaction alerts, absence of reporting channels or delays in acting on customer complaints.
Also Read: Middle East conflict poses near-term challenges to Indian economy: RBI MPC member
Customer negligence may include sharing credentials such as OTPs or PINs, ignoring scam warnings, failing to report fraud promptly or downloading malicious applications.
Under the proposed framework, customers will have zero liability where the fraud occurs due to bank negligence. Zero liability will also apply in cases of third-party breaches if the customer reports the unauthorised transaction within five days.
Banks will be required to send instant SMS alerts for all electronic banking transactions above ₹500 and provide round-the-clock channels for reporting fraud or loss of payment instruments.
They must also resolve complaints and establish liability within a period specified in their policy, but not exceeding 30 calendar days.