RBI proposes four-pillar defence against digital frauds
The Reserve Bank of India’s move toward these stringent controls is a response to the “unprecedented pace” of India’s digital transformation. Over the last decade, digital transaction volumes have surged 38-fold, supported by a diverse ecosystem of UPI, IMPS, and credit cards. However, this rapid growth has been shadowed by a significant rise in “Authorised Push-Payment” (APP) digital frauds.
The evolution of the threat
According to the RBI discussion paper, the nature of digital crime has shifted. Technical system compromises are now rare; instead, fraudsters use “social engineering”—manipulating victims through impersonation, deepfakes, or coercion into authenticating transactions themselves. The instantaneous nature of modern payment systems means that once a victim realizes they have been duped, the money has often already been moved through a network of “mule accounts,” making recovery nearly impossible.
Rising financial stakes
The sheer scale of financial loss has reached a critical point. Data from the National Cyber Crime Reporting Portal (NCRP) highlights a dramatic escalation in reported fraud:
| Year | Number of Frauds Reported | Value of Frauds (in Crore) |
| 2021 | 2.6 lakh | ₹551 |
| 2023 | 13.1 lakh | ₹7,465 |
| 2025 | 28 lakh | ₹22,931 |
The Four Pillar Defense Strategy
1. The “Golden Hour” Delay The RBI proposes a one-hour mandatory lag for account-to-account transfers exceeding ₹10,000. This is based on the “golden hour” principle, where the initial period after a transaction is vital for stopping the dissipation of funds. While such transactions make up 45% of fraud volume, they represent 98.5% of the total value lost.
2. Guarding the Vulnerable Recognizing that senior citizens (70+ years) and persons with disabilities are frequently targeted by fabricated legal or medical emergencies, the RBI suggests a “trusted person” authentication. For transactions over ₹50,000, an independent individual would act as a second layer of verification.
3. Monitoring “Mule” Accounts To prevent fraudsters from using temporary bank accounts to hide stolen loot, the RBI proposes a ₹25 lakh annual credit threshold for individual and small business accounts. If an account exceeds this without prior documentation of genuine business turnover, incoming funds will be held as “shadow credit” and reversed if not verified within 30 days.
4. The Universal Kill-Switch Finally, the central bank aims to standardize customer-induced controls. This includes a facility to “switch off” specific digital channels or activate a single “kill-switch” to disable all digital access instantly during a suspected breach.
Stakeholders have until May 8, 2026, to provide feedback on these proposals before the RBI issues final guidelines.
Also see: SC rules no personal hearing required before banks classify loan accounts as fraud
Discover more from Insolvency Tracker
Subscribe to get the latest posts sent to your email.
