There was lot of ambiguity in who will bear the liability if a person’s bank account in hacked and money is withdrawn. Some banks had clear guidelines about this and some did not. Due to lack of regulation from central bank, the bank’s guidelines were obviously tilted in their favor. Finally, RBI has decided to come up with clear rules about who will borne the liability in case of unauthorized transaction in its 2017-18 annual report. As per the framework, the customer and bank both will be liable, depending on whose fault or negligence it is in the case of unauthorized transactions.
First thing in RBI guidelines is that it is mandatory to collect mobile numbers of all customers so SMS alerts could be made after every transaction. Now, if bank account is hacked and fraudulent transaction happens due to bank’s negligence then customer do not need to worry for anything because in this case his liability will be zero. All the loss must be borne by the bank. If the fraudulent transaction happens due to customer’s mistake then liabilities will be borne by him/her until s/he reports it to banks. The losses before reporting to bank will be customer’s liability. So, here RBI has set level playing field, if it is customer’s mistake then s/he will bear the liability and if fault’s is on bank’s side then same goes with them.
Now, what if the account is hacked and fraudulent transaction had been made but it is neither the bank’s nor customer’s mistake. In this situation if the customer reports within three days of unauthorized transaction about which s/he will come to know about from SMS details, then her/his liability will be zero. But, if the customer delays in reporting and takes 4-7 working days then liability to be borne by her/her him could range from Rs 5,000 to Rs 25,000. This amount will depend on the type of account customer have. If the customer reports after more than seven working days her/his liability will depend on bank’s policy. RBI has also restricted the number of days in which banks could take to credit (shadow reversal) the amount of electronic transaction to 10 from the date of notification by the customer.
So, by and large, RBI has made liability of fraudulent transactions a level playing field for customer and banks. The cyber threat to electronic transactions has grown exponentially in last decade. With the rising electronic transactions, cyber frauds had also increased. Indian has witnessed explosive growth in ‘number’ and ‘value’ of transactions in post-demonetization period. Accessibility to fast internet and launch of Unified Payments Interface (UPI) has brought digital transaction on the fingertips of people. the digital payment apps like Paytm, Googlepay, phonepe and most importantly the government’s platform BHIM has witnessed exponential rise in number of downloads and transactions. The Jan Dhan scheme which provided bank account and Rupay debit card to millions of unbanked people in the country prepared base for making digital transactions accessible poor and marginalized sections of the community. But lack of digital and financial literacy could be harmful to people using these facilities, so, preparing strict guidelines was necessary to make customers confident about digital transactions. Now, customers will be aware of what to do in case of a fraudulent transaction and could make optimal decisions.