RBI’s digital scam compensation pilot

RBI’s digital scam compensation pilot | Explained

New rules by the central bank would allow victims to avail of a one-time compensation for when they have been tricked or coerced into a fraudulent scam payment

IndiaNews16 desk The Hindu Business June 26, 2026 4 min read

The Reserve Bank of India on Wednesday (June 24, 2026) issued fresh rules to protect customers from scam transactions where they lose money to fraudsters and cyberattacks.

These directions amend the RBI’s 2017 circular on “Limiting Liability of Customers in Unauthorised Electronic Banking Transactions”.

That previous framework only left banks liable to compensate scammed customers if transactions were not even authorised by customers, such as in a successful hacking incident.

These rules are only a pilot for now, but may be extended in the future.

They are effective on January 1, 2027, and last for the year.

RBI plans ₹25,000 compensation for cyberfraud victims In Wednesday’s amendments, a draft version of which was released for public comment in March, customers can get reimbursed when they fall prey to a portion of scams, like digital arrests (where they are “coerced” into paying money), or when one-time passcodes (OTPs) are “fraudulently” stolen from them.

Most financial frauds currently rely on “social engineering” attacks, which require hoodwinking customers in some way or the other; since banks’ core cyber security infrastructure is heavily regulated and subject to RBI audits, “zero click” hacks are vanishingly rare.

Included transactions The new key concept is “fraudulent electronic banking transactions (EBTs)”.

RBI defines these as transactions which are “executed by a third-party using the credentials obtained from the customer through fraudulent means or executed by the customer by granting approval under coercion or duress from the third-party” or “an EBT which is not authorised by a customer and inter alia includes an EBT occurring on account of negligence by a bank and / or a third-party breach.” This means that customers who ignore fraud signal warnings, such as that on a UPI PIN screen, that a given transaction could be a scam, would not be eligible for any compensation.

In cases of a third party hack, the timeline for a customer to report the loss has been increased to five calendar days from three working days.

As in the 2017 rules, if any amount is deducted after a customer reports a fraud, the customer bears no liability, and is entitled to a reversal of the transaction.

Banks can waive customers’ liability even if a transaction is negligent, but this is subject to their own discretion.

If a user does not have their latest phone number or email address registered with the bank, this counts as negligence, as the bank would not send fraud alerts to the right contact.

Compensation amount For losses up to ₹50,000, individual victims can claim 85% of the amount as compensation, only once in their lifetime, up to ₹25,000. (This means that for any amount from ₹29,412 till ₹50,000, customers will receive a flat ₹25,000 compensation.) Roughly three fourths of the amount will be paid by RBI itself, while the customer and beneficiary banks will pay half the remaining amount.

Financial institutions report over 10,000 cases of fraud involving ₹48,000 crore in FY26: RBI data To be eligible for this, however, a customer must report to the cybercrime helpline (1930) within five days.

It is worth noting that scams above ₹50,000 don’t seem to be covered in this framework at all.

Draft changes From the March draft, banks have been given more time to implement this new system; the draft rules had a July 1 effective date.

This is now January 1, 2027.

Complaint settlement timelines are also now increased to 45-60 days, with the latter applying for international transactions. ₹1.40 per ₹1 lakh lost to fraud as India’s digital payments surge, says RBI Dvara Research, a non-profit financial inclusion think tank, had suggested that the vulnerability of customers be taken into account.

“Research suggests that Indians encounter fraud attempts multiple times a week, that these attempts are growing more sophisticated, and therefore, it is not unlikely that customers may fall for them more than once,” the body wrote.

“Vulnerable customers may not be expected to meet high standards of attentiveness or defend themselves against frauds that are sophisticated even for the more evolved customers … Under the Indian Contract Act, contracts executed under information asymmetry, external influence or fraudulent pretext are voidable...

Bundling such different transactions under the common definition of ‘authorized transaction’ diminishes their fundamental difference and may even reduce the significance of a liability framework.”

More From India News 16

Commodity correction offers buying opportunity; defence, banking remain long-term bets: Dharmesh Kant

Structural tailwinds have edge over short term headwinds: Tata Motors MD

Why is market rising today? Sensex soars 800 pts, Nifty above 24,250. 3 key factors powering D-St bulls

Stock markets rally in early trade tracking drop in oil prices, positive trends in Asian equities

Nifty headed to 24,500 next week, says Dharmesh Shah; these 2 stocks are top buys right now

Sensex closes 109 points higher, Nifty above 24,050; IndiGo, M&M among top gainers

Rupee falls 10 paise to 94.86 against U.S. dollar in early trade

Global Markets | European shares hold flat on US-Iran talks; Rheinmetall slides

Stock markets rebound in early trade on softening crude oil prices

Why did market rise today? Sensex rallied 791 pts, Nifty closed above 24,000; 6 key factors drove D-St rebound

Markets rebound on softening crude oil prices; Sensex jumps 790 points

Global markets | Australian shares rise modestly as sticky core inflation keeps rate hike bets alive