This authored article is written by Lokanath Panda, COO, BLS E-Services Ltd.
India’s cyberspace is busier than ever, carrying crores of transactions and interactions every day. The expanding digital landscape has enabled citizens to access services at their fingertips. At the same time, it has widened the attack surface for cyber fraud, making cybersecurity a national priority.
The statistics illustrate a troubling trend. In FY 2024–25, the total amount involved in banking frauds almost tripled to about Rs 36,014 crore, up sharply from around Rs 12,230 crore the previous year, even as the number of reported cases declined from 36,060 in FY24 to 23,953 in FY25. This divergence reflects the growing scale and sophistication of digital threats. While the numbers point to rising challenges, they also indicate progress in detection and reporting mechanisms.
Against this backdrop, the Reserve Bank of India (RBI) has issued draft amendment directions to strengthen the framework governing customer liability in digital transactions. The move aims to widen user protection and accelerate resolution of complaints related to fraudulent electronic banking transactions.
Under the proposed framework, compensation follows a three-way split based on the size of the loss. For losses below Rs 29,412, the victim will receive 85% of the lost amount (up to Rs 25,000). The RBI will bear 65% of the loss, while the customer’s bank and the beneficiary bank will each bear 10%. For losses between Rs 29,412 and Rs 50,000, compensation will be capped at Rs 25,000. In such cases, the RBI will contribute Rs 19,118, while the customer’s bank and beneficiary bank will each pay Rs 2,941.
The central bank has also introduced strict eligibility conditions to ensure the scheme remains a limited safety net rather than a recurring insurance cover. For frauds up to Rs 50,000, customers may receive either 85% of the stolen amount or Rs 25,000, whichever is lower. This provision is designed to protect small-value transactions, ensuring that everyday users are not left entirely unprotected after a breach. However, timely reporting remains critical in determining eligibility.
The RBI has invited feedback from stakeholders and the public on the draft guidelines, with submissions open until April 6, 2026. These directions follow the announcement made during the February monetary policy.
While the compensation framework addresses the aftermath of fraud, the RBI is simultaneously targeting the root cause through technological innovation. The rapid expansion of financial inclusion and digital services has also led to the rise of mule accounts—an increasingly critical vulnerability in the system.
Mule accounts are bank accounts used by criminals to transfer illicit funds. These may be opened using fraudulent documents or through unsuspecting individuals who are manipulated into allowing their accounts to be used.
To tackle this, the RBI, through its innovation ecosystem, has developed MuleHunter.AI—an artificial intelligence and machine learning-based system designed to detect mule accounts more effectively. Unlike traditional rule-based systems, it analyses behavioural patterns, transaction flows, and account linkages across vast datasets.
The deployment of MuleHunter.AI comes amid a broader push by regulators and law enforcement agencies toward a zero-fraud environment. Awareness campaigns, improved cybercrime reporting systems, and stricter onboarding and monitoring processes by banks are all part of this coordinated effort.
Traditional methods alone are no longer sufficient to counter increasingly sophisticated fraud networks. By leveraging AI-driven tools that can learn and adapt, the RBI is strengthening the financial system’s defences. Given the rising value of frauds, such technologies are becoming essential to safeguarding India’s digital economy.
In conclusion, the RBI’s dual-pronged strategy—combining a structured victim compensation framework with advanced detection capabilities like MuleHunter.AI—marks a significant step in combating digital financial crime.
By establishing a shared-liability safety net, the RBI is reinforcing trust among users while encouraging greater accountability across the banking ecosystem. At the same time, its focus on proactive detection reflects a forward-looking approach to cybersecurity, aimed at building a more secure and resilient digital financial landscape in India.