Concerned over the rise in complaints about unauthorized electronic transactions, the Reserve Bank of India has introduced a policy of `zero liability’ for customers in third-party frauds if they are reported within three days. This means banks will have to make good the losses suffered by customers.In cases where the victim notifies the fraud between 4 and 7 days after coming to know about it, the customer’s liability will be capped at Rs 5,000.
In a draft notification issued on Thursday , the RBI said that if a bank employee is responsible for the fraud, the customer must get his money back irrespective of whether it is reported in time or not.
The three-day time limit for reporting a fraud will start from the day the customer receives an intimation about the transaction from the bank. This can be either by way or an SMS, email or statement. This directive puts the onus on the bank to notify the customer of the transaction as soon as possible. The proposed rules will apply to all electronic transactions, including payments made remotely using net banking or cards and payments made in shops using cards or mobile wallets.
If a customer has shared his password or other payment credentials, he will be responsible for any transaction that takes place until the time he informs the bank of his indiscretion. Once he informs the bank, the bank will be liable for any loss that takes place subsequently .
Banks have been told that all complaints have to be resolved within 90 days from the date of reporting and to ensure that customer does not bear any interest cost or late payment fee in credit cards. If there is a reversal of a debit card fraud or net banking fraud, banks have to make good the loss of interest income.
The proposed norms place much more responsibility on the banks than in the past.Existing norms require banks to compensate customer only up to a limit. Also, this limit is left to the bank based on a board-approved customer relations policy .
To make it possible for the customer to report frauds on time, banks have been asked to provide multiple option in cluding website, SMS, interactive voice response systems, a dedicated toll-free helpline and a reporting option at home branch. Banks have also been asked to put in place systems acknowledging receipt of the complaint.
The tightening of norms comes at a ti me when online and mobile payments are growing at 100% and banks and payment companies are lobby ing with the regulator to relax two-factor authentication for low-value payments.
The RBI has been re sisting any relaxation on the two-factor aut hentication (usually a PIN or a password in addition to the card details) on the grounds that the present dispute resolution mechanism was not very robust. By reducing liability of the customer, RBI expects banks to put more robust systems in place.