RBI moots safeguards to curb digital payment fraud: How will they protect bank customers?

On 9 April 2026, the Reserve Bank of India released a discussion paper titled ‘Exploring safeguards in digital payments to curb frauds’. The paper has been released to address the growing threat of digital fraud. Here, we will explore the measures the RBI has suggested to check digital fraud and how they will protect bank customers.

Why is the RBI proposing these measures?

According to data from the National Cybercrime Reporting Portal (NCRP), the menace of fraud related to digital payments has increased exponentially over the last 5 years. Here is a brief look at the numbers.

The above data shows how, in just the last five years, the number of frauds related to digital payments has increased more than 10-fold from 2.6 lakh (2021) to 28 lakh (2025). During the same period, the volume of fraud related to digital payments has increased by more than 41 times from Rs. 551 crore (2021) to ₹22,931 crore (2025). As fraud related to digital payments is increasing in number and value, the RBI has proposed measures to curb it.

What are the measures proposed by the RBI?

In the discussion paper, the RBI has proposed the following measures.

Lagged credit for payments

For individual (person-to-person) fund transfers, there is no chargeback mechanism, unlike for payments to merchants. Hence, the RBI is proposing to introduce a time lag for certain APP fund transfers between individual bank accounts as an effective fraud-mitigation measure. The same measure is proposed for fund transfers to the account of a sole proprietorship or partnership firm.

The RBI has proposed a time lag (e.g., 1 hour) at the payer’s end to provide them the opportunity to reconsider the transaction. The time lag is proposed for transactions exceeding ₹10,000. According to the NCRP data, transactions above ₹10,000 account for approximately 45% of reported fraud cases by volume, but about 98.5% by value.

During the time lag period, the payer would retain the option to cancel the transaction for any reason. The one-hour window is consistent with the ‘golden-hour’ principle in fraud risk management. During this period, if the payer’s bank identifies the transaction as unusual, it can contact the payer, share relevant information on the nature of suspicion, and caution the payer. The bank can take a reconfirmation from the payer, after which it can execute the transaction.

The payer will have the option to whitelist payees — payments to whom will not be subjected to the time lag.

Fraudsters typically create a sense of urgency and maintain continuous psychological pressure on the payer to prevent deliberation. However, the time lag will act as a preventive control by disrupting the fraudster’s psychological pressure on the payer and provide him/her an opportunity to reconsider the transaction.

All merchant transactions, recurring payments, and cheque payments are proposed to be exempt from the time lag mechanism.

Vulnerable sections get extra protection

Individuals above a certain age and differently-abled persons are more vulnerable to financial fraud than others. To protect them from digital fraud, the RBI has proposed an enhanced safeguard mechanism for citizens aged 70 years and above and persons with disabilities. They must designate a ‘trusted person’ to authenticate high-value transactions (e.g., Rs. 50,000 or more).

For all other individuals, the enhanced safeguard mechanism will remain optional. An individual can change the trusted person after a mandatory 24-hour cooling period. The vulnerable customer can withdraw from the enhanced safeguard mechanism after a 24-hour waiting period following their request. Banks must clearly explain the associated risks to the customer before processing such requests. The customer has the option to re-enrol in the enhanced safeguard mechanism at any time in future.

Steps to curb ‘mule accounts’

The RBI wants to prevent the use of any bank account as a ‘mule account’ to route money proceeds of digital frauds. To do that, the RBI will prescribe a ceiling, say ₹25 lakh, on the annual aggregate credits into a bank account. The bank may set a limit, not exceeding the prescribed limit, for such low-credit turnover accounts, based on its own internal risk management.

For all such low-credit turnover accounts, the bank shall have a flag that will be on. The bank may turn off the flag on an account if it detects any unusual activity with an individual or his/her parents, based on income, revenue, turnover, wealth, assets, etc. The bank shall take additional documentation for verification.

A bank account with the flag turned on can receive annual aggregate credit up to the bank’s set limit. Beyond the limit, the bank shall permit only shadow credit into the account. The bank shall seek additional information and/or documents from the accountholder. Based on this, if the bank is satisfied that the transaction(s) is/are genuine, it shall allow the accountholder to use the funds. If the accountholder is not able to satisfy the bank within 30 days, the transaction(s) will be reversed and the amount returned to the source. The bank shall turn off the flag for such accounts.

The provision shall apply to individual accounts (including joint accounts), sole proprietorship accounts, and partnership accounts (including LLPs).

Customer-induced controls

Banks shall provide customers with controls to switch on/off any digital payment mode and to set limits for different transaction types at the account level. The facility will allow customers to control debit transactions at the account level across any or all digital payment channels.

Customers may also be provided with a ‘kill switch’ that allows them to disable all digital payment transactions from the account at one stroke. Transactions such as payment mandates, standing instructions, etc., may be exempted from the controls and kill switch.

How will the RBI-suggested steps protect bank customers?

The RBI has cited NCRP data showing that fraud related to digital payments has increased exponentially over the last 5 years. In that context, the RBI has suggested measures to curb fraud related to digital payments. The suggested measures will definitely go a long way toward safeguarding banking customers, specifically vulnerable segments, from fraud. The RBI had invited public comments on the suggested measures.

Gopal Gidwani is a freelance personal finance content writer with 15+ years of experience. He can be reached at LinkedIn.