RBI fixes customer liability for unauthorised transactions

The liability will be Rs 10,000 for current accounts/ cash credit/ overdraft accounts of individuals with annual average balance (during 365 days preceding the incidence of fraud)/ limit up to Rs 25 lakh and credit cards with limit up to Rs 5 lakh.

By: ENS Economic Bureau | Mumbai | Updated: July 7, 2017 7:34 am
RBI notification, RBI commercial banks, Bank Liability, Indian express, India news, Latest news, Indian economy, In a notification to commercial banks, the RBI said there will be zero liability in the case of third-party breach

The Reserve Bank of India (RBI) on Thursday said a customer will be entitled to zero liability when unauthorised transaction occurs as a result of contributory fraud, negligence or deficiency on the part of the bank irrespective of whether or not the transaction is reported by the customer.

In a notification to commercial banks, the RBI said there will be zero liability in the case of third-party breach where the deficiency lies neither with the bank nor with the customer but lies elsewhere in the system, and the customer notifies the bank within three working days of receiving the communication from the bank regarding the unauthorised transaction. For cases reported within four to seven days, the liability will be the transaction value or the amount stipulated for various accounts, whichever is lower and beyond seven working days, the liability will be as per bank’s board approved policy.

However, a customer will have limited liability for the loss in cases where the loss is due to negligence by a customer, such as where he has shared the payment credentials, the customer will bear the entire loss until he reports the unauthorised transaction to the bank. “Any loss occurring after the after the reporting of the unauthorised transaction will be borne by the bank,” the RBI said in the notification ‘Customer protection – limiting liability of customers in unauthorised electronic banking transactions’.

There will be a limited liability in cases where the responsibility for the unauthorised electronic banking transaction lies neither with the bank nor with the customer, but lies elsewhere in the system and when there is a delay — of four to seven working days after receiving the communication from the bank — on the part of the customer in notifying the bank of such a transaction. The per transaction liability of the customer will be limited to the transaction value or the amount mentioned by the RBI , whichever is lower. The liability will be Rs 5,000 for BSBD and SB accounts and pre-paid payment instruments and gift cards and for current/ cash credit/ overdraft accounts of MSMEs.

The liability will be Rs 10,000 for current accounts/ cash credit/ overdraft accounts of individuals with annual average balance (during 365 days preceding the incidence of fraud)/ limit up to Rs 25 lakh and credit cards with limit up to Rs 5 lakh. The liability will be Rs 25,000 for all other current/ cash credit/ overdraft accounts and credit cards with limit above Rs 5 lakh.

According to the RBI, banks must ask their customers to mandatorily register for SMS alerts and wherever available register for e-mail alerts for electronic banking transactions. “The SMS alerts shall mandatorily be sent to the customers, while email alerts may be sent, wherever registered. The customers must be advised to notify their bank of any unauthorised electronic banking transaction at the earliest after the occurrence of such transaction, and informed that the longer the time taken to notify the bank, the higher will be the risk of loss to the bank/ customer. To facilitate this, banks must provide customers with 24×7 access through multiple channels (at a minimum, via website, phone banking, SMS, e-mail, IVR, a dedicated toll-free helpline, reporting to home branch, etc.) for reporting unauthorised transactions that have taken place and/ or loss or theft of payment instrument such as card, etc,” the RBI said.

“Banks shall also enable customers to instantly respond by “Reply” to the SMS and e-mail alerts and the customers should not be required to search for a web page or an e-mail address to notify the objection, if any,” the RBI notification said. Further, a direct link for lodging the complaints, with specific option to report unauthorised electronic transactions shall be provided by banks on home page of their website, it said.

According to the RBI, the loss/ fraud reporting system should also ensure that immediate response (including auto response) is sent to the customers acknowledging the complaint along with the registered complaint number. “The communication systems used by banks to send alerts and receive their responses thereto must record the time and date of delivery of the message and receipt of customer’s response, if any, to them,” it said.

“The banks may not offer facility of electronic transactions, other than ATM cash withdrawals, to customers who do not provide mobile numbers to the bank,” the RBI said. The burden of proving customer liability in case of unauthorised electronic banking transactions will lie on the bank.

For all the latest Business News, download Indian Express App

  1. D
    Dhanasekaran Balasubramanian
    Jul 9, 2017 at 8:11 pm
    This is nothing but bys passing the consumer laws and is against the interest of customers.
    Reply
  2. R
    Ravi
    Jul 8, 2017 at 4:52 am
    The major problem envisaged is when the customer notices the fraud/lapse etc. Insisting on a time frame of 4 days is not the best course. As long as the fraud occurred due to negligence of the customer such losses have to be borne by the Banks regardless of the time.
    Reply
  3. I
    imti
    Jul 7, 2017 at 4:27 pm
    The Bank should not foul play with customer credentials till its proven that customer was liable. Otherwise these bank goons use every law and every sleeping lawyer they have to go after Rs 2000 and at end of the year show their bosses that they have achieved their target while they connive with bribes to cover their and bribe giving A es. They use CIBIL to threaten people for small amounts while enjoy bribes to protect their types. Eg: demonetization conversion where truckloads of new notes went to politicians from HQs of banks directly and from RBI. Can the finance ministry advise RBI to stop this?
    Reply
  4. A
    Amrita
    Jul 7, 2017 at 8:45 am
    On March 23, 2017, I received four alerts indicating unauthorised access to my State Bank of Bikaner and Jaipur, Vasant Kunj Savings account from two ATMs located in Gurugram. ( SBBJ Vasant Kunj. A/c no:51050375856). Within a few hours at 7:19 am with the help of my employer I lodged a complaint with the cmcomplaints (cmcomplaints sbbj.co ) as indicated on the SBBJ page. i received an email indicating expeditious action would be taken and also received an ATM log of the fraudulent access from two ATMs of the Axis Bank and the ICICI Bank. I am employed as a driver and the loss of forty thousand left me with Rs 11,000 in my account. I am considerably encouraged by the news of today. I would appreciate it very much if the authorities do the needful now that the RBI has issued clear guidelines with respect to third party breach. My name is Jayprakash and Im a resident of Islam Colony.
    Reply
  5. P
    Prem Raj
    Jul 7, 2017 at 7:41 am
    One more reason for people not trusting RBI bank after demonetisation.
    Reply
  6. Load More Comments