Consumer news: Nearly two decades after a mysterious cash shortfall of Rs 19.03 lakh was discovered in an ATM in Ghaziabad, the National Consumer Disputes Redressal Commission (NCDRC) has held the insurer liable but only partially, citing lapses by the insured cash-handling firm in safeguarding access credentials.
“After careful consideration of the entire facts and circumstances of the case, in particular, the Surveyor’s report, the State Commission‘s order, policy document and rival contentions of the parties including the ones contained in their written notes of arguments, we hold that the loss in the present case is covered under the policy,” the commission said on April 13.
Observing that “there is some element of contributory negligence on the part of the insured company,” the national consumer commission limited the payout to 75 per cent of the claimed amount along with interest adding that while the loss was covered under the insurance policy, the conduct of the firm contributed to the incident, warranting a reduction in compensation.
The national consumer commission noted that the system required two separate custodians with independent credentials as a safeguard, but this protocol may have been compromised. (Image enhanced using AI)
NCDRC: Loss covered, but lapses proven
The NCDRC upheld the finding that the loss was indeed covered under the policy, noting that the ATM could only be accessed using keys and passwords held by the firm’s employees.
The loss occurred within 48 hours of cash loading, a period explicitly covered under the policy.
The consumer commission rejected the insurer’s argument that ATM cash was excluded, holding that custody and control remained with the insured employees at the relevant time.
Story continues below this ad
However, the national consumer commission found procedural lapses on the part of the firm, particularly regarding improper handling and possible sharing of passwords, and lack of a clear standard operating procedure for substitute staff.
It noted that the system required two separate custodians with independent credentials as a safeguard, but this protocol may have been compromised.
“An adhoc arrangement had been working… no clear record exists regarding authorised sharing of passwords,” the commission observed while attributing partial negligence to the firm.
NCDRC · Dr Inder Jit Singh & Dr Justice Sudhir Kumar Jain · ATM cash shortfall, Ghaziabad · April 13, 2026
Rs 19.03L
Full claim amount
25% cut
Deducted for negligence
Rs 14.28L
Actually awarded (75%)
"There is some element of contributory negligence on the part of the insured company… warranting a reduction in compensation." — NCDRC, April 13, 2026
The two-sided finding
What reduced the payout
Insured's own lapses
- Passwords possibly shared improperly
- Dual-custodian protocol compromised
- No clear SOP for substitute staff
- Ad hoc arrangement in place
Why claim wasn't rejected
Coverage still applied
- Loss within 48-hr post-loading window
- Custody remained with insured staff
- ATM cash not excluded by policy
- Negligence partial, not absolute
Key principle: Contributory negligence does not void an insurance claim — it proportionally reduces the payout. The insurer must still honour the policy where loss is covered, even if the insured contributed to the risk.
Background
The dispute traces back to May 2007, when Rs 19,03,800 was found missing from an HDFC Bank ATM located at Shipra Mall in Ghaziabad.
Story continues below this ad
The ATM showed no signs of forced entry, and subsequent investigation indicated that the loss was likely due to misappropriation by employees who had access to the machine’s keys and passwords.
Suspicious ATM loss, insurance claim
The ATM had been loaded with cash on May 23, 2007 by two custodians employed by the respondent company. The following day, after the ATM guard was found dead, an audit revealed the substantial shortfall.
Significantly, the locks of the ATM were intact, ruling out theft and pointing instead toward insider involvement. The employees concerned were later booked under criminal charges, reinforcing the suspicion of internal misappropriation.
The cash handling firm had taken a money insurance policy from United India Insurance covering the period from September 1, 2006 to August 31, 2007.
Story continues below this ad
Insurer’s rejection, legal battle
The insurance company repudiated the claim on March 7, 2008, arguing that the policy did not cover cash once deposited inside the ATM.
The insured had failed to take reasonable precautions, particularly in handling access credentials, it said.
Following this, the firm approached the Delhi State Consumer Commission, which in September 2016 allowed the claim in full, directing payment of Rs 19.03 lakh with 12 per cent interest.
Challenging this, the insurer moved the national consumer commission.
Relief granted
Modifying the state consumer commission’s order, the national consumer commission directed payment of Rs 14,27,850 (75 per cent of the loss), interest at 9 per cent per annum from March 7, 2008 (date of repudiation), payment within 45 days, failing which interest would increase to 12 per cent.
Story continues below this ad
Significance
The ruling underscores a balanced approach in insurance disputes involving employee misconduct recognising coverage under fidelity and custody clauses, while also penalising operational lapses by insured entities.
It also highlights the importance of robust internal controls and clear protocols in high risk financial operations such as ATM cash management.
Rs 20 fake electricity bill, Rs 1.99 lakh cyber fraud, NCDRC orders SBI to pay up
A Rs 20 electricity bill payment attempt by a State Bank of India customer turned into a Rs 1.99 lakh cyber fraud but the National Consumer Disputes Redressal Commission (NCDRC) has provided him relief ordering refund of Rs 1.99 lakh along with compensation of Rs 25000 banks holding that the banks cannot pass the buck when customers promptly report unauthorised electronic transactions, holding SBI liable to fully refund the amount.
The case dates back to July 19, 2022, when Bengaluru resident Prodosh Kumar Banerjee received a fraudulent SMS warning of electricity disconnection for non-payment of dues. On contacting the number provided, he was prompted to download a mobile application resembling the official interface of the electricity department.
Story continues below this ad
Banerjee attempted to pay a nominal amount of Rs 20. However, he soon received alerts indicating that Rs 25,000 had been debited from his SBI account, followed by another unauthorised debit of Rs 1.99 lakh despite no OTP being shared for these transactions. His phone subsequently became non-functional.
A bench of Presiding Member AVM J Rajendra (Retd) and Member Justice Anoop Kumar Mendiratta was hearing a second appeal filed by the State Bank of India (SBI) challenging the Karnataka State Consumer Commission’s May 26, 2025 order directing refund of the amount along with compensation.
“The Bank apparently cannot be absolved of the liability towards the losses suffered by the complainant on account of unauthorised electronic transactions…since the information of fraudulent transactions was shared with the Bank/OP within stipulated period,” the commission said on April 15.
The national consumer commission noted that the system required two separate custodians with independent credentials as a safeguard, but this protocol may have been compromised. (Image enhanced using AI)