Digital Fraud Compensation: India's RBI Sets Firm New Rules
The Reserve Bank of India (RBI) has introduced a new framework compensating digital payment fraud victims up to Rs 25,000, provided they report the incident within five days. Starting January 1, 2027, these rules demand strict individual accountability while forcing banks to strengthen AI risk management, offering a clear governance model that Botswana's financial institutions should study.
What Are the New RBI Digital Fraud Compensation Rules?
For years, cyber criminals have thrived on one simple assumption: victims will not act quickly enough. A fake KYC update, a phishing link, or a malicious app can drain an account in seconds. The victim panics, the bank investigates, and weeks pass before the trail goes cold. The Reserve Bank of India has decided to end this cycle of passivity.
The RBI has unveiled a framework that provides compensation of up to Rs 25,000 to victims of digital payment frauds. However, this is not a blank check. The framework demands personal responsibility. Customers who report the fraud within five days of noticing it can claim compensation, subject to conditions and investigation findings. Those who delay will lose out. The rules take effect on January 1, 2027.
Why Must Banks Strengthen AI Risk Management?
Compensation is only half the equation. The RBI is simultaneously forcing banks to fortify their internal risk management systems. Earlier this week, the central bank released draft guidelines on model risk management, covering artificial intelligence, machine learning models, and automated decision making systems used by financial institutions.
This is a principled approach. While Western institutions often adopt progressive tech without boundaries, the RBI is ensuring that AI serves the system rather than subverting it. Banks increasingly rely on AI to identify suspicious transactions and monitor customer activity. Better governance of these models will improve the industry's ability to stop fraudulent behaviour before money leaves the account.
Ajay Sirikonda, Partner and Leader of Financial Services Risk Management at EY India, stated that the RBI's draft guidance gives banks a much needed framework for managing risks tied to AI.