Banks knock RBI door with plan to curb online frauds

One fraudulent transaction occurred for every 55,653 digital transactions in the last quarter of FY22-23 (iStockphoto)
One fraudulent transaction occurred for every 55,653 digital transactions in the last quarter of FY22-23 (iStockphoto)

Summary

According to the Reserve Bank, in January, 10 billion retail digital payment transactions worth 51 trillion were processed.

New Delhi: A threshold for transactions in new accounts, a Central ‘negative registry’ of the accounts of known fraudsters and a standard operating procedure to stop the downstream flow of funds once a fraud is reported—these are some of the measures suggested by Indian banks to stop online frauds, which are on the rise, according to data from the Reserve Bank of India.

According to a note by RBI, which has been reviewed by Hindustan Times, one fraudulent transaction occurred for every 55,653 digital transactions in the last quarter of FY22-23, up from one in 59,000 transactions in Q3 of 21-22.

“During the quarter ended March-2023… for every 1 lakh of digital payment value processed during the said quarter, 1.45 was fraudulent," the note said.

The volume and value of digital transactions highlights the magnitude of the problem—according to the Reserve Bank, in January, 10 billion retail digital payment transactions worth 51 trillion were processed.

The central bank said it has launched a web-based workflow system called DAKSH on 6 October 2022 to share threat intelligence obtained from the cyber incident reporting mechanism.

The portal, according to RBI, “apart from the incident details, (also) captures impact assessment, stakeholder communication, root cause analysis, Indicators of Compromise (IP addresses, signatures, etc), recovery mechanism and the RBI’s assessment of the incident."

The central bank added that based on market intelligence and incidents reported by REs (regulated entities), “confidential advisories are issued to them for sensitising them about the threat and to enable them to take prompt preventive/corrective action."

Both RBI and the Indian Banks Association (IBA)—a council of 229 banks and financial organizations—have argued that a number of measures have already been put in place.

But the Indian Banks Association, in a note (also reviewed by Hindustan Times) pushed for more safeguards as online frauds are evolving with the advent of newer technologies.

The banks have suggested a negative registry of fraudsters’ accounts to allow all banks access to the data base.

“Reserve Bank of India has an exhaustive data base for the Fraud/ attempted fraud in the form of CFR/CPFIR. Further, this RBI database can be enriched by MHA (Cyber Police) who have the end-to-end data of the complaints," said the note .

It further suggested that “in the case of newly opened CASA (current and savings) accounts, banks could fix threshold limit of transaction “ on the basis of the “financial soundness" of account holders and also monisot “frequent transactions to high-risk merchants Paytm, Phone pe, Airtel money etc. "

Another measure proposed was creation of a “robust SOP to stop the downstream flow of funds once a fraud is reported."

And if a bank comes to know that “any customer has received proceeds of any fraudulent /theft amount in their account," it should block the account immediately and take “further steps" according to law, the note from IBA added.

It also suggested a more effective interface with law enforcement.

“A state-wise centralized contact centre can be establish to send and receive information and update about cyber fraud between banks and law enforcement agencies for faster and uniform resolution."

Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint. Download The Mint News App to get Daily Market Updates.
more

MINT SPECIALS

Switch to the Mint app for fast and personalized news - Get App