In a move that brings welcome relief for customers having to deal with apprehensions regarding fraudulent or unauthorized electronic transactions sweeping away their hard-earned money for no fault of theirs, the Reserve Bank of India has introduced the concept of ‘zero’ or ‘limited liability’ of customers in card and online frauds. Fresh directives issued by the RBI seek to protect customers from fraudulent transactions carried pout without their knowledge in a number of ways.
The idea of limiting customer liability in cases of fraudulent transactions was first mooted in a draft circular in August last year. However, the final guidelines issued by the central bank make the liability of banks much more stringent than envisioned earlier. As per the RBI’s final guidelines released Thursday, a customer will bear ‘zero’ liability in case of a fraudulent transaction if there is contributory fraud or negligence on the part of the bank. The case is similar even if there is no involvement of the bank. So, in case of a third party breach, where there is no involvement of the bank, the customer will bear zero liability if the fraud is reported to the bank within three working days of receiving communication regarding the transaction.
The RBI has also sought to protect the customer when there is loss due to his/her own negligence, like sharing one's password. The RBI has said that the customer will bear the entire loss only if the unauthorized transaction is not reported to the bank. The customer’s liability ends as soon as the transaction is reported to the bank. Similarly, where the loss is caused by a third party, the customer will be liable for the transaction value only if he fails to report the fraudulent transaction within four to seven days of receiving the alert from the bank.
The RBI directive also puts in place a cap on the liability amount. For example, the maximum liability of the customer – in case of his/her own negligence or where the loss is caused by a third party – will be Rs 5,000 for basic savings bank account and Rs 10,000 for other accounts. For credit cards with limits above Rs 5 lakh and for current, cash credit and overdraft accounts of limits above Rs 25 lakh, the maximum liability will be Rs 25,000.
The RBI’s circular covers both online and face-to-face transactions using debit or credit cards.
Apart from fixing customer liability in terms of fraud, the RBI has also mandated other measures for banks to follow. While making it mandatory for banks to register all customers for text message alerts, the RBI has also directed banks to permit customers to report unauthorized transactions through a reply to the transaction alert message. Also, the onus of linking mobile numbers with accounts rests with the banks and not on customers.
"With the increased thrust of financial inclusion and customer protection and considering the recent surge in customer grievances relating to unauthorized transactions, the customer liability in these circumstances has been reviewed," said the RBI.
The new measures introduced by the RBI also include reporting of unauthorized transactions on the home page of the banks’ websites besides allowing it through other channels including phone banking, sms, email, call centre and interactive voice response.