CURRENT AFFAIRS | 25 JUNE 2026
What Happened
On 24 June 2026, the Reserve Bank of India (RBI) unveiled a revised compensation mechanism for victims of digital payment fraud through the Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Directions, 2026. The reform widens the existing limited-liability framework so that a bona-fide victim of an unauthorised electronic banking transaction (EBT) is not left to bear the entire loss. The new directions take effect from 1 January 2027 and, for the first time, build in a structured loss-sharing formula in which the regulator itself absorbs a defined share of the loss.
Under the headline rule, where a customer reports a fraudulent electronic transaction causing a loss of up to Rs 50,000 within 5 calendar days, the victim is compensated 85% of the net loss or Rs 25,000, whichever is lower, with the customer’s own bank bearing 10% and the customer a small residual share. The framework also extends to cross-border fraudulent EBTs, where the loss is apportioned between the RBI (65%), the originating bank (20%) and the beneficiary bank or customer.
Background: The Limited-Liability Doctrine
The RBI has long operated a ‘zero-liability / limited-liability’ regime for unauthorised electronic transactions: if the fraud arises from a bank’s own deficiency, or if the customer reports promptly, the customer bears little or no loss. Speed of reporting is the hinge — the faster the complaint, the lower the liability. The 2026 Directions tighten and formalise this by fixing exact percentages and inserting the regulator as a co-bearer of loss, a notable shift in responsible-business-conduct philosophy. Victims are routed to the National Cyber Crime Reporting Portal and the helpline 1930 for first-response grievance redress.
Why It Matters
With UPI and card-not-present transactions dominating Indian payments, digital fraud has become a mass-consumer-protection issue. By codifying compensation, the RBI signals that the cost of weak cyber-hygiene cannot be dumped entirely on the customer — aligning regulation with the constitutional and statutory thrust toward consumer protection.
The RBI derives its rule-making authority as the banking regulator from the Reserve Bank of India Act, 1934 and the Banking Regulation Act, 1949. Digital-payment supervision flows from the Payment and Settlement Systems Act, 2007, which makes the RBI the designated authority over payment systems. The compensation regime advances the broader consumer-protection and ‘responsible business conduct’ mandate. These directions are delegated legislation — binding subordinate rules issued under statutory power.
| Particular | Detail |
|---|---|
| Issued by | Reserve Bank of India (24 June 2026) |
| Instrument | RBI (Commercial Banks – Responsible Business Conduct) Directions, 2026 |
| Effective from | 1 January 2027 |
| Reporting window | Within 5 calendar days |
| Loss cap covered | Up to Rs 50,000 |
| Compensation | 85% of net loss or Rs 25,000 (whichever is lower) |
| Bank’s share | 10% of the loss |
| Cross-border split | RBI 65% / bank 20% / beneficiary share rest |
| Cyber helpline | 1930 · National Cyber Crime Reporting Portal |
This sits at the intersection of current affairs and legal reasoning. Expect questions on the RBI’s statutory rule-making power (RBI Act 1934, BR Act 1949, PSS Act 2007), the limited-liability doctrine, and consumer rights in digital fraud. Legal-reasoning passages often pair a principle (‘customer bears loss only on delayed reporting’) with a fact-set — master the 5-day window and the 85%/Rs 25,000 cap as ready application points.
“5 days, 85, Rs 25k” — report in 5 days, recover 85% capped at Rs 25,000. And ‘1930’ is the cyber-fraud SOS number — think of it as the ‘police of payments’.
Practice Quiz — 10 CLAT-Style Questions
Click an option to reveal the answer and explanation.
