Widening the safety of bank customers against card or online frauds, the Reserve Bank of India (RBI) has now introduced the zero liability and limited liability concepts. As part of the initiative, the banks are told to add mobile numbers and e-mail ID, if available, to the bank accounts. Those who do not provide mobile numbers may not be provided online banking access. Only ATM cash withdrawal facility can be provided to such customers. The banking regulator has mandated the banks to register all the customers for text message alerts while permitting the users to report unauthorised transactions via a reply to the alert message. The fraud reporting can also be done through other channels like phone banking, e-mail, call centre, SMS, as well as an interactive voice response.
When Will be Zero Liability for a Customer?
If the unauthorised transaction happens in the following events, a customer would be entitled to a zero liability.
- Contributory fraud, deficiency or negligence on the bank’s part can lead to zero liability to a customer, even if the latter does not report.
- In the case of a third party breach wherein neither a bank nor the customer has a deficiency, but exists somewhere in the system. And if the customer notifies the same to the bank within 3 working days of receiving the bank communication with respect to the unauthorised transaction, there will be zero liability for a customer.
When Will Limited Liability Arise for a Customer?
The customers will have to bear few losses on account of unauthorised transactions in any of the following events.
- When the loss happens due to the negligence by a customer wherein he/she shares the user ID, password and other payment credentials, the entire loss will have to be borne by him/her. The liability here can be reduced to an extent if the individual reports the same to the bank. After reporting, if any unauthorised transaction takes place, the bank will be held liable for the loss resulting from the event.
- If the customer reports a fraudulent transaction which does not have a deficiency either on his/her part or the bank in 4-7 working days after receiving the bank communication for the same, the customer liability will be upto the transaction value. However, the RBI has put in place a maximum liability to be borne by a customer in such events. The lesser of the maximum liability as stipulated by the RBI and the transaction value will be the amount of liability for a customer.
Let’s find out the maximum liability for a customer in the table below.
Maximum Liability for a Customer
|Account Type||Maximum Liability|
|BSBD Accounts (Basic Savings Bank Deposit Accounts)||INR 5,000|
|All Other Saving Bank Accounts||INR 10,000|
|MSMEs Having Cash Credit, Overdraft or Current Accounts||INR 10,000|
|Cash Credit, Overdraft or Current Accounts of Individuals with average yearly balance (during 365 days preceding the incidence of fraud)/ limit up to ₹25 lakhs||INR 10,000|
|All Other Cash Credit, Overdraft or Current Accounts||INR 25,000|
|Credit Cards with a Limit of Upto ₹5 Lakhs||INR 10,000|
|Credit Cards with a Limit of More than ₹5 Lakhs||INR 25,000|
|Prepaid Payment Instruments & Gift Cards||INR 10,000|
Note- If the delay in reporting exceeds 7 working days, the extent of customer liability will be decided as per the approved policy of the bank’s board. The banks would provide the details regarding the same to the customers at the time of opening the accounts.
How Much Time Will it Take to Compensate the Customers?
The banks would credit the amount of unauthorised electronic transaction to the account of the customers within 10 working days from the date of notification made by the concerned individual.
How Can I Report Unauthorised transactions to a Bank?
Above, there were a couple of lines expressing ways to report an unauthorised transaction to a bank. Now, the same ways can be elaborated further in the points for you to understand it in the easiest way possible.
- The banks are required to advise customers to notify them at the earliest of any unauthorised online banking or card transactions. Also, the banks need to inform the customers that the longer time taken by them to report fraudulent transactions will lead to enormous risk for both the participants.
- The quick reporting can be facilitated via multiple channels like website, SMS, e-mail, phone banking, IVR, as well as a toll-free helpline number.
- Banks are required to create a mechanism wherein customers can immediately respond via a reply to the SMS and e-mail alerts.
- The customers should not search for a web page or an e-mail address to notify the objection to an unauthorised transaction.
- The banks must provide customers with a direct link to lodge the complaints with a specific option for the reporting of unauthorised transactions on the homepage of their website.
- The loss or fraud reporting system must ensure immediate response including automated response being sent to the customers. The response must acknowledge the complaint made by the customers and show a registered complaint number.
- The communication systems used by the banks to send alerts to the customers and receive their responses should record the date and time of message delivery as well as the receipt of response at the very instance of happening. This will determine the extent of the liability to be faced by a customer.
- As soon as the response to an unauthorised transaction is received, adequate steps would be taken by the banks to prevent the account holders from any such transaction further.
Point-to-Point Approach to Rein in Card & Online Frauds
Well, the proposal to lessen customer liability in the case of a fraudulent transaction came through a draft circular about a year back in August, 2016. Now, the final guidelines are out with RBI making stricter rules for banks to ensure enhanced consumer safety. So, why not give a complete look to a new set-up of the RBI to combat the menace of fraudulent transactions that have kept many away from cards and online banking?
- Banks are told to design their systems and procedures in such a way that the customers can feel safe while using electronic mode of transactions.
- Banks must put in place a strong and dynamic mechanism to detect and prevent frauds.
- A mechanism must be there to assess the risk caused due to unauthorised transactions as well as measure the liabilities to a customer owing to such malicious activities.
- The guidelines state that necessary measures have to be taken by banks to curtail the risks and prevent the customers against the liabilities that may arise.
- Advisories must be sent regularly to the customers suggesting them the ways to prevent against fraudulent transactions of online banking and card payments.
Last year in October 2016, an unauthorised transaction on around 32 lakhs of debit cards in India made headlines. Around 26 lakhs of VISA and MasterCard platforms and 6 lakhs of RUPAY platform were hit hard in a major security breach. Customers of major card-issuing banks like State Bank of India (SBI), HDFC Bank, ICICI Bank, Axis Bank and YES Bank had to take a toll of such a dreadful cyber security breach.
From the sources, it was learnt that a malware attack was developed in Hitachi Payment Services, which allowed the fraudsters to steal necessary customer information and siphon off the money from their bank accounts.
Will Digital India Mission Get a Boost from Such Safeguards?
The origination of zero liability and limited liability concepts could work wonders towards boosting the country’s flagship Digital India Mission. The use of both debit cards and credit cards along with Internet banking are on a rise. India is a home to more than 73 crore debit card subscribers and around 3 crores of credit card users. The internet banking is also witnessing massive adoption among the masses due to its convenience of availing many services such as stop cheque payment, bill payments, fund transfer, and much more.
But there’s still remains a lot of scope for the banking services to touch the Indian shores. India accounts for nearly 20% of the world’s unbanked population. When you see the Indian population, it is over 130 crores. But only 53% of them have bank accounts.
With the mechanism to prevent the customers against the card and online banking frauds being put in place, there can be many willing to join as bank account holders and more importantly adopt the modern style of banking to live life with comfort and freedom.