Liability of mobile wallet users to be zero, limited in case of fraud, on par with credit card users
As per existing rules, the onus is on the banks to prove that a fraud has taken place, but customers should inform the bank as soon as possible to avoid being penalised.
In its 'Statement on Developmental and Regulatory Policies' issued today, the RBI said, "The Reserve Bank has issued instructions on limiting customer liability in respect of unauthorised electronic transactions involving banks and credit card issuing non-banking financial companies (NBFCs). As a measure of consumer protection, it has been decided to bring all customers up to the same level with regard to electronic transactions made by them and extend the benefit of limiting customer liability for unauthorised electronic transactions involving Prepaid Payment Instruments (PPIs) issued by other entities not covered by the extant guidelines on the subject. The guidelines will be issued by the end of December 2018.
In its Annual Report 2017-18 released today, the RBI had explained the framework on limiting liability of customers in unauthorised electronic banking transactions. There were several limits on liability depending on several conditions.
A customer need not bear any loss if the deficiency is on the part of the bank and in cases where the fault lies neither with the bank nor with the customer but lies elsewhere in the system and the customer notifies the bank within three working days of receiving the communication from the bank about the unauthorised transaction.
Where the loss is due to customer’s negligence, the customer has to bear the entire loss until the unauthorised transaction is reported to the bank. In cases where the fault lies neither with the customer nor with the bank but lies elsewhere in the system and the customer reports the unauthorised transaction with a delay of four to seven working days after receiving the communication about the transaction, the maximum liability of the customer ranges from Rs 5,000 to Rs 25,000, depending on the type of account/instrument.
If the unauthorised transaction is reported beyond seven working days, the customer liability shall be determined as per the bank’s Board-approved policy. The bank is required to credit (shadow reversal) the amount involved in the unauthorised electronic transaction to the customer’s account within 10 working days from the date of notification by the customer. The bank has to resolve the complaint and establish the liability of the customer, if any, within 90 days of the receipt of the complaint. Further, banks have been mandated to require the customers to register their mobile numbers for SMS alerts and for electronic transactions.
Now this safety net for bank customers will be extended to unauthorised electronic transactions involving prepaid payment instruments.