The Reserve Bank of India has proposed new draft regulations aimed at limiting losses from digital banking fraud. Under the proposed framework, banks would compensate customers for up to 85 percent of losses arising from certain digital fraud incidents. The rule is expected to come into effect on July 1, 2026.
Digital banking transactions through Unified Payments Interface (UPI), internet banking, mobile applications, and payment cards have expanded rapidly, enabling transfers within seconds. At the same time, incidents of digital fraud have increased, including cases involving phishing links, fraudulent applications, and theft of one-time passwords (OTP), which allow unauthorized withdrawals from customer accounts. Customers often face extended processes to recover lost funds in such situations.
The Reserve Bank of India has proposed the new rules to enhance customer protection and define bank responsibilities in cases of digital fraud.
The proposed regulation is expected to apply to commercial banks beginning July 1, 2026. Small finance banks and payment banks are currently outside the scope of the draft framework. Under the earlier framework, customers bore a greater share of responsibility in fraud cases. The proposed rules increase the role of banks and the central bank in addressing fraud-related losses.
Under the proposed framework, banks will be required to act promptly once a complaint regarding digital fraud is received. The current complaint resolution process may take longer under existing rules, while the new framework aims to accelerate resolution timelines. The provisions would apply to transactions conducted through UPI payments, internet banking, transfers via mobile banking applications, debit and credit cards, and ATM transactions.
The Reserve Bank of India has proposed a compensation mechanism for fraud involving smaller transaction amounts. The draft scheme provides compensation of up to 85 percent in cases where the loss is less than ₹50,000. The maximum compensation under the proposal would be capped at ₹25,000.
Under the proposed structure, the Reserve Bank of India would cover up to 65 percent of the loss, while the customer’s bank and the beneficiary bank would jointly cover the remaining 20 percent. For example, if a customer loses ₹20,000 due to fraud, the compensation could amount to ₹17,000 under the proposed framework.
Customers would be required to report the fraud within five days in order to qualify for compensation. Complaints can be filed through the National Cyber Crime Reporting Portal or via the helpline number 1930. Customers must also notify their bank regarding the incident. Delays in reporting or cases where the customer is found responsible for the fraud may affect eligibility for compensation. The proposed rules would apply to transactions conducted from July 1, 2026 onward.
According to data cited by the Reserve Bank of India, approximately 65 percent of fraud incidents involve smaller transaction amounts. The draft rules also require banks to strengthen fraud detection systems in order to identify suspicious transactions at an earlier stage and prevent potential losses.
