The Reserve Bank of India (RBI) has issued draft Third Amendment Directions, 2026 under its Responsible Business Conduct framework, proposing enhanced safeguards for customers affected by fraud in electronic banking transactions. The draft rules are aimed at strengthening consumer protection as digital banking continues to expand across the country.
The proposed framework mainly focuses on protecting customers from fraud in digital banking channels such as UPI payments, internet banking, mobile banking, debit and credit card transactions, and ATM withdrawals.
According to the RBI, the new directions will apply to transactions conducted on or after July 1, 2026. The rules will cover commercial banks but exclude small finance banks, payments banks, regional rural banks, and local area banks.
The draft amendment revises the earlier guidelines governing customer liability in cases of unauthorised electronic banking transactions.
As per the draft issued on March 6, 2026, electronic banking transactions include payments carried out through internet banking, mobile banking, cards, or other digital channels that qualify as electronic funds transfers under the Payment and Settlement Systems Act, 2007.
The central bank has also introduced clearer definitions to distinguish between authorised and fraudulent transactions.
Transactions carried out by customers using authentication methods such as OTP, PIN, passwords, or card details will generally be treated as authorised transactions. This also includes payments made by previously authorised third parties through standing instructions or mandates registered with the bank.
The draft states that certain situations would still qualify as fraudulent electronic transactions. These include cases where:
The RBI has also outlined what may constitute negligence by banks and customers. Bank negligence may include failing to maintain secure systems, not sending timely transaction alerts, or not providing adequate channels for reporting fraud.
Customer negligence, on the other hand, may involve actions such as sharing passwords or OTPs, ignoring fraud alerts issued by banks, or downloading malicious applications that compromise account security.
The draft directions also address fraud caused by failures within the broader digital payment ecosystem.
A third-party breach refers to situations where the fault lies with intermediaries rather than the bank or the customer. This may include lapses by entities such as third-party application providers, payment aggregators, payment gateways, or telecom service providers.
The RBI has advised banks to encourage customers to report fraudulent electronic transactions immediately. Customers should notify their bank and also file a complaint through the National Cyber Crime Reporting Portal or contact the National Cyber Crime Helpline (1930) at the earliest.
Also Read: RBI Licence Cancellation of Shimsha Sahakara Bank Reinstated After Petition Withdrawal
The draft directions also propose a compensation mechanism for small-value digital frauds.
If an individual customer suffers a genuine fraudulent transaction loss of up to ₹50,000, they may be eligible to receive 85% of the net loss or up to ₹25,000, whichever is lower, once in their lifetime. To qualify, the incident must be reported to both the bank and the cyber crime portal or helpline within five days.
For smaller fraud cases, the RBI indicated that most of the compensation would be funded by the central bank, with smaller contributions from the customer’s bank and the beneficiary bank. If funds are later recovered, the compensation amount will be recalculated accordingly.
Disclaimer: This blog has been written exclusively for educational purposes. The securities mentioned are only examples and not recommendations. This does not constitute a personal recommendation/investment advice. It does not aim to influence any individual or entity to make investment decisions. Recipients should conduct their own research and assessments to form an independent opinion about investment decisions.
Investments in the securities market are subject to market risks, read all the related documents carefully before investing.
Published on: Mar 9, 2026, 9:48 AM IST
Sachin Gupta
Sachin Gupta is a Content Writer with 6+ years of experience in the stock market, including global markets like the US, Canada, and Australia. At Angel One, Sachin specialises in creating financial content that simplifies complex market trends. Sachin holds a Master's in Commerce, specialising in Economics.
Know MoreWe're Live on WhatsApp! Join our channel for market insights & updates
Get the link to download the App
