Customers will not suffer any loss if unauthorised electronic banking transactions are reported within three days, and the amount involved will be credited in the concerned bank account within 10 days, the Reserve Bank has said.
In case the third party fraud is reported after a delay of four to seven working days, the customer will face liability of up to Rs 25,000.
However, in cases where the loss is due to negligence by the account holder (such as sharing of payment credentials), the customer will bear the entire loss until the unauthorised transaction is reported to the bank.
Any loss occurring after reporting of the unauthorised transaction will be borne by the bank, RBI said while issuing revised directions on ‘Customer Protection -- Limiting Liability of Customers in Unauthorised Electronic Banking Transactions’.
RBI said the revised directions are being issued amidst recent surge in customer grievances relating to unauthorised transactions resulting in debits to their accounts/cards.
There will be "zero liability of a customer" in case of third party breach where the deficiency lies "neither with the bank nor with the customer but lies elsewhere in the system".
However, the customer will have to notify the bank within three working days of receiving the communication from the bank regarding the unauthorised transaction.
A customer's entitlement to zero liability will also arise where the unauthorised transaction occurs due to "contributory fraud/negligence/deficiency on the part of the bank (irrespective of whether or not the transaction is reported by the customer)", RBI said.
The maximum liability of a customer will be Rs 25,000 in cases where the responsibility for the unauthorised electronic banking transaction lies neither with the bank nor with the customer, but lies elsewhere in the system and when there is a delay of four to seven working days.
If the fraud is reported after seven days, the customer’s liability will be determined as per the bank’s board approved policy.
The maximum liability of a savings bank account customer will be Rs 10,000 in such cases.
Referring to the reversal timeline for zero liability/limited liability of the customer, RBI said the bank should credit (shadow reversal) the amount involved in the unauthorised electronic transaction to the customer’s account within 10 working days of reporting of the fraud.
This has to be done without waiting for the settlement of insurance claims, if any, RBI added.
RBI further said that banks must ask their customers to mandatorily register for SMS alerts and wherever available register for e-mail alerts, for electronic banking transactions.
"The SMS alerts shall mandatorily be sent to the customers, while email alerts may be sent, wherever registered," it added.
Illustration: Uttam Ghosh/Rediff.com.