RBI sets Rs 50,000 cap on small value digital fraud claims; how will that affect you

The Reserve Bank of India (RBI) has issued draft regulations capping compensation claims for small-value digital banking frauds at Rs 50,000 per incident, with new rules placing the responsibility on banks to prove customer liability. These directions, applicable from 1 July 2026, are aimed at providing clarity and protection for customers, particularly as digital transaction volumes continue to rise. Customers are now entitled to compensation if losses are established as genuine under the bank’s internal policy, provided the incident is reported to both the bank and the National Cyber Crime Helpline (1930) within five days.

A key shift in the draft framework is the explicit requirement that banks must establish customer liability in cases involving fraudulent electronic banking transactions. “The burden of proving customer liability in complaints involving fraudulent electronic banking transactions shall lie on the bank,” the RBI said in the draft regulations. This move is expected to provide stronger safeguards for banking customers.

RBI data indicates that nearly 65 per cent of all digital banking fraud cases involve amounts below Rs 50,000, underlining the need for a compensation mechanism tailored to small-value transactions. The regulator’s proposal introduces a compensation-sharing structure, particularly for lower-value frauds, to streamline reimbursement processes and encourage prompt reporting.

How much amount will you get back

Under the proposed scheme, for losses below Rs 29,412, customers will receive 85 per cent of the loss as compensation. Here, 65 per cent of the payout is to be covered by the RBI, while the customer’s bank and the beneficiary bank each contribute 10 per cent. For losses between Rs 29,412 and Rs 50,000, the RBI will pay Rs 19,118, and both banks will contribute Rs 2,941 each.

The framework also revises definitions of authorised electronic banking transactions, incorporating activities initiated via passwords, one-time passwords (OTPs), or card details. Fraudulent authorisations now include cases where customers are tricked or coerced into making payments to scammers. The update clarifies negligence, highlighting instances where banks fail to provide required security measures or transaction alerts, and where customers share sensitive credentials or delay reporting incidents.

Compensation and customers

Customers have zero liability and are entitled to a reversal of unauthorised transactions if fraud results from the bank’s negligence or from a third-party system breach. Compensation is contingent on customers reporting the fraud within the stipulated five-day window and the bank’s internal policy confirming the loss as genuine.

Banks are mandated to examine customer complaints, determine liability, and respond within 30 days of receiving a complaint. The new compensation mechanism is set to remain in force for one year from the effective date, with the RBI signalling its intention to gradually shift more of the compensation burden to banks and reduce the central bank’s contribution. “The RBI said the aim is to gradually increase the share borne by banks and reduce or eliminate the central bank’s contribution.”

The RBI has opened the draft regulations for stakeholder feedback until 6 April 2026, seeking industry and public input on the proposed approach. The regulator will review the compensation mechanism after its initial one-year implementation, evaluating its impact on consumer protection and digital transaction security.