India's ₹25,000 Promise: The RBI's Fraud Compensation Proposal and What It Means for You

A new regulatory draft could rewrite who bears the cost when digital payment fraud strikes — and it arrives at a critical moment for India's financial system.

The Numbers Behind the Problem

India processed over 131 billion UPI transactions in FY 2024–25. That velocity — funds moving irreversibly within seconds — creates what researchers are calling a 'high-velocity of loss' problem: by the time a fraud victim realises money is missing, it has already passed through multiple accounts and been withdrawn. Traditional dispute resolution, built for slower payment rails, simply has not kept pace.

Against this backdrop, the Reserve Bank of India issued draft amendment directions in March 2026 proposing a structured compensation mechanism for victims of small-value fraudulent electronic banking transactions. The document, circulated for public comment, signals a major shift in how India thinks about digital payment risk and who should bear it.

"For some loss bands, the RBI itself would bear the largest share of compensation — a quasi-insurance arrangement without precedent in Indian banking regulation."

What the Draft Proposes

The headline parameters of the draft are striking in their specificity. Eligible customers who suffer fraud losses of up to ₹50,000 may receive compensation amounting to 85% of their net loss, capped at ₹25,000. Crucially, this is a once-in-a-lifetime benefit — a design choice that immediately signals the regulator's awareness of moral hazard.

Eligibility is conditional on timely reporting: the fraud must be reported to both the customer's bank and the National Cyber Crime Reporting Portal (helpline: 1930) within five calendar days. The draft also shifts procedural burden significantly toward banks — requiring clearer policies, mandatory transaction alerts above defined thresholds, and placing the evidentiary burden on the bank to prove customer liability in disputed cases.

A Quasi-Insurance by Any Other Name

What is most intellectually interesting about the proposal is its implicit cost-sharing architecture. For certain loss bands, early reporting of the draft suggests that the RBI, the customer's bank, and the beneficiary bank would each contribute to compensation. This is, in effect, a public-private insurance pool — except that it has not been designed or priced as one.

Insurance economists will recognise this structure immediately. When a third party (here, the regulator) absorbs a significant portion of loss, the private incentive to invest in fraud prevention can weaken. If your bank knows the RBI will pick up 60% of the tab, will it invest as aggressively in real-time fraud analytics? The draft's architects appear to have anticipated this risk — hence the caps, the lifetime limit, and the tight reporting deadlines. Whether these friction elements are calibrated correctly is an empirical question that India's researchers are now uniquely positioned to study.

What This Means for Consumers

For the ordinary UPI user, the proposal offers something that has been absent from India's digital payments narrative: a defined safety net. The message — report quickly, and you will likely recover most of a small-value loss — is simple, communicable, and could meaningfully improve consumer confidence in digital channels.

But the ₹25,000 cap also signals the scheme's limits. For middle-class consumers who keep larger balances in linked accounts, or for small merchants who receive large UPI transfers, the scheme offers partial comfort at best. The conversation about higher-value fraud compensation remains open.

The Road Ahead

The draft is not yet law. Banks, insurers, fintech companies, and consumer groups have all been invited to respond. The final mechanism — with its precise cost-sharing ratios, operational timelines, and eligibility definitions — will emerge from that consultation. Whatever the outcome, the RBI has placed a clear marker: the era of 'buyer beware' in digital payments is ending. The question is how the cost of protection will be shared — and by whom.