Introduction: RBI’s Proposal to Curb Digital Payment Frauds

In June 2024, the Reserve Bank of India (RBI) released a discussion paper proposing a set of regulatory measures aimed at reducing digital payment frauds. These include a mandatory 1-hour time lag for transactions above ₹10,000, additional authentication layers for vulnerable users, and customer-controlled transaction limits. The measures seek to mitigate fraud risks while preserving user convenience in India’s rapidly expanding digital payments ecosystem.

India’s digital payments volume crossed 50 billion transactions in FY2023, valued at approximately $1.4 trillion (NPCI Annual Report 2023). Despite this growth, digital fraud losses amounted to ₹1,200 crore in FY2023 (RBI Financial Stability Report, June 2023), necessitating stronger regulatory interventions.

Legal and Regulatory Framework Governing RBI’s Measures

The proposed safety measures derive authority from the Payment and Settlement Systems Act, 2007 (PSS Act), especially Sections 10 and 18, which empower RBI to regulate payment systems and ensure their security. The Information Technology Act, 2000 (IT Act), particularly Sections 43A (data protection) and 66C (identity theft), complements this framework by addressing cybercrime aspects related to digital payments.

Additionally, the RBI Master Direction on Digital Payment Security Controls (2023) provides operational guidelines for implementing authentication and transaction controls. Together, these legal instruments enable RBI to enforce measures like time-lagged payments, enhanced authentication, and transaction limits.

Key Features of RBI’s Proposed Safety Measures

• One-hour Time Lag for Transactions Above ₹10,000: Transactions exceeding ₹10,000 will be provisionally debited but settled only after one hour, during which customers can cancel the transaction. This aims to reduce unauthorized push payment fraud.
• Additional Authentication for Senior Citizens and Divyang Individuals: High-value transactions by these groups require authentication by a trusted person, adding a protective layer against exploitation.
• Customer-Controlled Payment Switches and Limits: Customers can enable or disable digital payment modes and set transaction limits at the account level, enhancing control over debit transactions.
• Annual Credit Cap of ₹25 Lakh for Accounts Without Enhanced Due Diligence: To deter use of mule accounts for laundering fraud proceeds, credits beyond this threshold are treated as “shadow credits” and released only after verification.
• Kill Switch Facility: Customers can disable all digital payments on their accounts instantly. Reactivation requires stringent authentication or physical bank visits, preventing unauthorized digital transactions.

Economic Rationale and Impact Assessment

India’s digital payments market is one of the fastest-growing globally, with over 50 billion transactions in FY2023 (NPCI Annual Report 2023). However, the ₹1,200 crore fraud loss reported by RBI (Financial Stability Report, June 2023) erodes consumer trust and financial stability.

Implementing a 1-hour time lag for transactions above ₹10,000 is projected to reduce fraud losses by 15-20%, by providing a window to detect and reverse unauthorized payments. The annual credit cap on accounts without enhanced due diligence targets mule accounts, a common vehicle for laundering fraud proceeds.

Institutional Roles in Digital Payment Security

• Reserve Bank of India (RBI): Central regulator responsible for licensing, regulating, and supervising payment systems.
• National Payments Corporation of India (NPCI): Operates retail payment systems like UPI and IMPS, implements technical solutions for fraud prevention.
• Ministry of Electronics and Information Technology (MeitY): Formulates policies on cybersecurity and digital infrastructure.
• Cyber Crime Cells: Enforcement agencies investigating and prosecuting digital fraud cases.

Comparative Analysis: RBI vs UK Financial Conduct Authority (FCA)

Critical Gaps and Challenges

• The RBI’s time lag primarily targets high-value transactions but may not address fraud in low-value, high-frequency payments, which constitute a significant share of digital fraud cases.
• Real-time fraud detection requires AI-driven anomaly detection systems, which are not explicitly covered in the current proposals.
• Customer awareness and digital literacy remain weak, limiting the effectiveness of authentication and transaction controls.
• Enforcement challenges persist due to the scale of digital payments and cross-jurisdictional cybercrime complexities.

Significance and Way Forward

• The RBI’s measures represent a calibrated regulatory innovation balancing fraud prevention with user convenience, crucial for sustaining trust in digital payment systems.
• Integration of AI-based real-time monitoring and anomaly detection should complement time-lag and authentication measures.
• Strengthening customer awareness programs and digital literacy is essential for effective implementation.
• Coordination between RBI, NPCI, MeitY, and enforcement agencies must be enhanced for timely fraud detection and prosecution.
• Periodic review and calibration of transaction limits and authentication protocols based on evolving fraud patterns are necessary.

Jharkhand & JPSC Relevance

• JPSC Paper: Paper 2 (Governance and Cybersecurity), Paper 3 (Economic Development and Financial Inclusion)
• Jharkhand Angle: Increasing digital payment adoption in Jharkhand’s urban and rural areas raises vulnerability to digital fraud; local banks and cooperative societies must align with RBI’s new safety measures.
• Mains Pointer: Frame answers highlighting the impact of digital fraud on financial inclusion in Jharkhand, and the role of state-level enforcement agencies in fraud prevention.