RBI’s Dual-Pronged Strategy: Redefining Customer Protection In The Digital Age

India’s cyberspace is busier than ever, carrying crores of transactions and interactions every day. The expanding digital landscape has enabled citizens to access digital services at their fingertips. At the same time, it has also widened the attack surface for cyber fraud, making cybersecurity a national priority. 

The statistics illustrate a troubling trend. In FY 2024-25, the total amount involved in banking frauds almost tripled to about Rs 36,014 crore, up sharply from around Rs 12,230 crore the previous year, even though the number of reported fraud cases fell from 36,060 in FY24 to 23,953 in FY25. The surge in cybersecurity reflects the growing scale and complexity of digital threats in India. While the numbers point to increasing challenges, they also highlight remarkable progress in the nation’s detection and reporting mechanisms.

Keeping this in mind, the Reserve Bank of India (RBI) recently issued draft amendment directions to strengthen the framework governing customer liability in digital transactions, as it seeks to widen protection for users and speed up the resolution of complaints related to fraudulent electronic banking transactions.

According to the framework, compensation will follow a three-way split that varies with the size of the loss. For losses below Rs 29,412, the victim will receive 85% of the lost amount (Rs 25,000). RBI will bear 65% of the total loss, while the customer's bank and the beneficiary bank will each bear 10%. For losses between Rs 29,412 and Rs 50,000, compensation will reach the maximum cap of Rs 25,000. In such cases, RBI will contribute Rs 19,118, while the customer's bank and the beneficiary bank will each pay Rs 2,941.

The central bank has also imposed strict eligibility conditions to ensure the scheme functions as a limited safety net rather than a recurring insurance cover. The draft suggests that for frauds totalling up to Rs 50,000, customers might be eligible to receive either 85 percent of the stolen amount or Rs 25,000, depending on which value is lower. This specific provision targets small-value transactions, ensuring that everyday users are not left entirely empty-handed after a security breach. However, the speed of reporting the incident remains a vital factor in determining eligibility for this payout.

The central bank has asked stakeholders and members of the public to submit feedback or suggestions on the draft guidelines by April 6, 2026. The draft amendment directions have been issued with respect to the announcement made in the February monetary policy by the central bank.

While the compensation framework addresses the aftermath of fraud, the RBI is simultaneously attacking the problem at its source with technological innovation. The exponential growth in financial inclusion and social security schemes, while transformative, has unfortunately been accompanied by a parallel rise in a critical vulnerability, mule accounts. These accounts are the silent pillars of modern financial crime.

Mule accounts are bank accounts that criminals exploit to transfer stolen or illegal money. These accounts may be opened with fake documents, or criminals may trick real people into allowing them to use their accounts. 

Recognizing the limitations of traditional systems, the RBI developed MuleHunter.AI through the Reserve Bank Innovation Hub. This AI and machine learning-based model is designed to detect mule accounts more effectively. Rather than relying on binary rules, the system analyzes behavior patterns, transaction flows, and account relationships across millions of data points.

The launch of MuleHunter.AI comes at a time when regulators and law enforcement call for a zero-fraud future. The RBI and government agencies have initiated awareness campaigns, improved cybercrime reporting systems, and urged banks to enhance onboarding and monitoring processes. Together with advanced tools like MuleHunter.AI, these efforts aim to significantly cut the number and value of fraud cases.

Traditional methods, while necessary, are no longer adequate to stop sophisticated fraud networks using mule accounts and layered scams. By implementing a system like MuleHunter.AI, capable of learning, adapting, and recognising patterns that humans may struggle to see, the RBI is enhancing the banking system’s defences. Given the rise in fraud numbers and increasing financial losses, this AI-driven tool is quickly becoming essential in India’s efforts to build a safer, more secure digital economy.

In conclusion, the RBI's dual-pronged strategy combining a pioneering victim compensation framework with the formidable detection capabilities of MuleHunter.AI represents a watershed moment in the nation's fight against digital financial crime. 

By establishing a clear, shared-liability safety net for victims, the RBI is not only restoring individual trust but also compelling all stakeholders in the banking ecosystem to elevate their security posture. Simultaneously, the deployment of advanced artificial intelligence to dismantle the mule account networks that underpin modern fraud demonstrates a proactive, forward-looking commitment to cybersecurity. 

( Written by Lokanath Panda, COO, BLS E-Services Ltd )

Also Read | Oil Retreats From $100 Peak: Markets Weigh Potential Peace Talks Against Hormuz Blockade