In view of the recent surge in customers’ complaints relating to unauthorized transactions, the Reserve Bank of India on Thursday came out with the concept of Zero liability and Limited Liability for bank customers for any card or online frauds. In its directions to all commercial banks, RRBs, Small Finance banks, Payment banks the Central Banker set out below guidelines.
Banks must mandatorily register customers for SMS alerts and wherever available register for e-mail alerts, for electronic banking transactions. The SMS alerts shall mandatorily be sent to the customers, while email alerts may be sent, wherever registered. Such alerts must have a reply option for customer response.
Zero Liability of a Customer
In the event of contributory fraud/ negligence/ deficiency on the part of the bank, in an unauthorised transaction, the customer is not liable for the loss irrespective of irrespective of whether or not the transaction is reported by the customer.
When the third party breach occurred, where the deficiency lies neither with the bank nor with the customer but lies elsewhere in the system, if the customer notifies the bank within three working days of receiving the communication from the bank regarding the unauthorized transaction, the customer is not liable to such losses.
Full liability of customers
In the following cases the customer shall be liable to the bank for the unauthorized transactions.
Where the loss is due to negligence by a customer viz. he has shared the payment credential he is liable for the entire loss in transactions. The customer is required to report the unauthorized transactions to the bank. Any loss occurring after the reporting of the unauthorised transaction shall be borne by the bank.
Limited Liability of the customers
The customers are not liable for third party breaches reported within 3 working days. However, when there is a delay in notifying on the part of the customer of four to seven working days after receiving the communication from the bank, the per transaction liability of the customer shall be limited to the transaction value or the amount mentioned below whichever is lower.
|Type of account||Maximum Liability|
|All other SB accounts
|Pre-paid Payment Instruments and Gift Cards
|Current/ Cash Credit/ Overdraft Accounts of MSMEs
|Current Accounts/ Cash Credit/ Overdraft Accounts of Individuals with annual average balance (during 365 days preceding the incidence of fraud)/ limit up to Rs.25 lakh.||Rs.10000/-|
|Credit cards with limit up to Rs.5 lakh||Rs.10000/-|
|All other Current/ Cash Credit/ Overdraft Accounts Credit cards with limit above Rs.5 lakh||Rs.25000/-|
If the delay in reporting is beyond seven working days, the customer liability shall be determined as per the bank’s Board approved policy. The number of working days shall be counted as per the working schedule of the home branch of the customer excluding the date of receiving the communication. On being notified by the customer, the bank shall credit (shadow reversal) the amount involved in the unauthorised electronic transaction to the customer’s account within 10 working days from the date of such notification by the customer (without waiting for settlement of insurance claim, if any). The credit shall be value dated to be as of the date of the unauthorised transaction. The liability of the customer shall be established within the specified period in the bank policy (within 90 days from the date of receipt of the compliant) failing which the customer shall be compensated in terms of above regulations.