Cyber crimes have significantly increased in India and many of them pertain to banking frauds and financial crimes. The cyber law developments in India 2015 by Perry4Law Organisation (P4LO) have also reiterated this position. Even Reserve Bank of India (RBI) is aware of these developments and it has released a document titled Payment and Settlement Systems in India: Vision-2018 in this regard. One of the main objectives of the vision document is to ensure a responsive regulatory framework for online payment industry of India. Perry4Law Organisation (P4LO) has already shared its suggestions and viewpoint in this regard though this post.
The vision document has also outlined the commitment of RBI to ensure a framework to limit customer liability for unauthorised electronic transactions. In this regard, RBI would encourage payment system providers to adopt best practices for protecting customer interest by putting in place robust fraud and risk monitoring systems. In addition, a regulatory framework to limit customer liability in case of unauthorised transactions would be put in place by RBI. This is in addition to the cyber security framework for Indian banks that has been recently mandated by RBI.
The increasing growth of electronic payments, especially online payments, riding the growth of e-commerce and m-commerce transactions, has brought to the fore the increasing role and importance of entities that facilitate such online payments such as payment gateway providers and payment aggregators. However, a dominant majority of payment gateway and POS terminal service providers are not complying with cyber law due diligence (pdf) requirements of Information Technology Act, 2000. Now these non compliances would be things of the past and punishable in the near future.
Although there are provisions that come to the rescue of a bank’s customer in case of a cyber fraud yet banks in India are not complying with the same. The Code of Bank’s Commitment to Customers by Banking Codes and Standards Board of India (BCSBI) (pdf) is one such framework that has been formulated for protecting the interests of bank’s customers in cases of cyber frauds. The real problem seems to be non implementation of various laws and provisions by RBI against the defaulting banks in India. Implementation of existing and new provisions must be the priority of RBI from now onwards to shed its image of a non regulator.
Perry4Law Organisation (P4LO) wishes RBI all the best and commits its techno legal expertise to make Indian banks more secure and responsive to the regulatory requirements.