July 14, 2017
BOOST TO E-PAYMENTS - CUSTOMERS GIVEN PROTECTION FOR FRAUDULENT TRANSACTIONS
India’s central bank, i.e. the Reserve Bank of India (“RBI”) had issued a circular1 last week pertaining to customer protection and limiting the liability of customers in unauthorised electronic banking transactions (“Circular”). The Circular was issued pursuant to a recent surge in customer grievances relating to fraud and unauthorized transactions.
The objective of the Circular appears to be two fold - a clearer mechanism to determine and mitigate the liability of customers in the event of unauthorized transactions; and to ensure that banks devise policies, systems and procedures in promoting customer awareness on electronic transactions, resolving customer complaints and crediting amounts due to customers on occurrence of unauthorized transactions.
Salient Features of the Circular
Key highlights from the Circular are summarized below:
I. Reporting of unauthorized transactions
II. Liability of the customer
The Circular provides that the liability of a customer pursuant to the occurrence of unauthorized transactions should be determined based on the following events:
It is pertinent to note that the Circular provides that banks may also at their discretion waive off any customer liability in case of unauthorized electronic banking transactions even in cases of customer negligence.
III. Reversal of amounts by banks to customers’ accounts
In the event the customer’s liability is zero / limited to certain amounts as per the table above, banks should credit (shadow reverse) the amount involved in the unauthorized transaction to the customer’s account within 10 (ten) working days from the date of such notification by the customer (without waiting for settlement of an insurance claim, if any).
However, if the customer is found to be liable to a limited extent, such amount payable by the customer to the bank may be debited by the bank from the customer’s account.
IV. Strengthening of policies, systems and procedures by banks
Banks should put in place:
V. Resolution of complaints
Banks should ensure that a complaint is resolved and the liability of a customer (if any) is established in accordance with the bank’s policy, but no later than 90 (ninety) days from the date of receipt of the complaint. If such complaint is not resolved or customer’s liability is not determined within 90 (ninety) days, the amount due to the customer as per the customer’s liability should be paid to the customer.
The Circular provides that the burden of proving customer liability in case of unauthorized electronic banking transactions should lie on the bank.
India has seen a rapid increase in the use of digital payments post the demonetization era, with the value of transactions via debit and credit cards being INR 41,062 Crores (approx. USD 6 billion), mobile banking being INR 149,923 Crores (approx. USD 21 billion) and pre-paid instruments being INR 2,148 Crores (approx. USD 300 million), for the month of March this year alone.3
However, the Indian financial services sector has also coincidentally been prone to fraudulent / unauthorised transactions in the recent past. Approximately 3.2 million debit cards were compromised last year as several customers reported unauthorized usage of such instruments from locations outside India4.
The Circular issued by the RBI would aid in securing the trust of banking customers engaged in electronic transactions along with facilitating further use of electronic and digital modes of payments as opposed to traditional cash payments.
However, the Circular does not specify the recourse that a customer may have if the customer is aggrieved with the determination of his/her liability by the bank and if amounts are subsequently debited from his/her account owing to such liability. In such an event, the aggrieved customer may need to follow the general procedure prescribed under the RBI regulations, i.e. filing a complaint with the ‘banking ombudsman5 for resolution of his/her grievance or undertake the filing of a civil suit.
Nevertheless, the introduction of this Circular is a welcome step reflecting a progressive approach by the Indian government to encourage electronic / online payments in India.
1Circular on Customer Protection – Limiting Liability of Customers in Unauthorized Electronic Banking Transactions, dated July 6, 2017. Available at: https://rbi.org.in/Scripts/BS_CircularIndexDisplay.aspx?Id=11040. Last accessed: July 11, 2017.
2To be displayed on the bank’s website along with details of a grievance handling / escalation procedure.
3Card and mobile banking volumes see decline, steep rise in UPI transactions, dated April 6, 2017. Available at: http://www.business-standard.com/article/economy-policy/card-and-mobile-banking-volumes-see-decline-steep-rise-in-upi-transactions-117040501530_1.html. Last accessed: July 11, 2017.
43.2 million debit cards compromised; SBI, HDFC Bank, ICICI, YES Bank and Axis worst hit, dated October 20, 2016. Available at: http://economictimes.indiatimes.com/industry/banking/finance/banking/3-2-million-debit-cards-compromised-sbi-hdfc-bank-icici-yes-bank-and-axis-worst-hit/articleshow/54945561.cms. Last accessed: July 11, 2017.
5As appointed under The Banking Ombudsman Scheme 2006.