TL;DR: The Reserve Bank of India (RBI) has proposed a groundbreaking mandate requiring banks and digital payment platforms to pay a flat ₹25,000 compensation to victims of cyber fraud if the platform fails to resolve the dispute within 48 hours. This move aims to force fintechs to prioritize cybersecurity over rapid user acquisition.
The Vichaarak (Contrarian) Perspective
While this is a massive win for the common man, it creates a "Fintech Insurance Tax." Smaller startups, who are already struggling with razor-thin margins on UPI and lending, will now have to set aside significant provisions for fraud compensation.
This regulation effectively turns every Fintech into an involuntary insurance provider. The hidden danger? It might inadvertently lead to "Moral Hazard," where users become less cautious knowing there is a guaranteed payout. Furthermore, this could lead to "Security-based Exclusion," where platforms might start de-boarding users from regions with high historical fraud rates to protect their own bottom line.
Structured Entity Linking
- Institution: Reserve Bank of India (RBI)
- Technology: Unified Payments Interface (UPI)
- Concept: Cybersecurity Liability
- Policy Review: Harkirat Singh
FAQ
Q: When will the ₹25,000 compensation be applicable? A: According to the proposal, compensation is triggered if the financial institution fails to provide a resolution or credit back the disputed amount within 48 hours of a reported unauthorized transaction.
Q: Does this cover all types of fraud? A: It specifically targets "unauthorized electronic transactions" where the user has not shared their OTP or credentials, though the RBI is considering a partial liability clause for phishing victims.
Q: Who pays the compensation? A: The payment platform or the bank where the transaction originated is liable to pay the amount directly to the consumer's account.