In an excellent but long awaited move, RBI has directed Banks that the liability of customers on “Phishing” loss should be limited to Rs 10000/-
The new Banking Service code of ( Banking Codes and Standard Board of India -BCSBI) says that for any unauthorised internet banking transactions, the customer’s liability is limited to Rs 10000, irrespective of the funds moved out of the account. An unauthorised transaction is one that doesn’t have the express and implied approval of the account holder.
According to the code, “If a third party manages to get hold of the user ID or password in an unauthorised manner and any debit takes place and which he notifies the bank, the maximum loss will be Rs 10,000.” Also, the code says that customers will not be liable for any losss due to unauthorised fund transfers taking before they receive the password for internet banking transactions.
Further, the onus will be on the banks to establish that customers have compromised the secrecy of their password.
In some instances, the liability could be lower than Rs 10,000. The new code says that in the event of any unauthorised transactions, this would be the lower of the following options: the actual loss at the time of notifying the bank; the limit set for such transactions; the balance available for withdrawal; a maximum of Rs 10,000.
For instance, if a customer has a balance of Rs 5,000 but the fraudster transfers Rs 25,000 by taking a temporary overdraft, the loss would be limited to the minimum balance of Rs 5,000 in the account.
It may be recalled that many such cases of frauds have been reported earlier at Naavi.org. The undersigned has been relentlessly following legal action against many Banks in this regard. Damodaran Committee report had also spoken about such cases.
The current guidelines come as a great relief to the Bank’s customers.
Naavi.org congratulates RBI for taking these steps.