As per the RBI's FY23 annual report, while the overall value of frauds reported by Indian banks decreased by half, from Rs 59,819 crore in FY22 to Rs 30,252 crore in FY23, there was a significant increase in the value and volume of digital frauds involving cards and internet-based payment methods, nearly doubling their occurrence.
During the ongoing annual FY23 inspection of books and internal processes, the Reserve Bank of India (RBI) has intensified its focus on the growing digital frauds in the banking system. Three sources familiar with the matter informed FE that the RBI is particularly interested in assessing the online fraud prevention mechanisms implemented by the banks.
"A higher level of attention is now being given by the RBI in this area. The magnitude of digital frauds may be less, but their occurrence is rising, especially with the widespread use of UPI (Unified Payments Interface)," stated a senior public sector banker.
The banker mentioned that significant progress has been made on the advances side, with extensive cleanup efforts and the implementation of various risk management processes. However, banks still face operational risks due to smaller quantum digital frauds.
According to the RBI's FY23 annual report, despite a 50% reduction in the overall value of frauds reported by Indian banks (from Rs 59,819 crore in FY22 to Rs 30,252 crore in FY23), there was a substantial increase in both the value and volume of digital frauds involving cards and internet-based payment methods.
In FY22, lenders reported 3,596 frauds totaling Rs 155 crore related to cards and internet banking services. However, these numbers nearly doubled in FY23, with 6,659 digital frauds reported, amounting to Rs 276 crore.
As per the bankers, the RBI is inquiring about the measures employed by lenders to prevent transaction payment frauds. They are also scrutinizing the customer service provided by lenders to their users and checking the effectiveness of grievance redressal cells established by banks.
"The RBI is particularly examining the fraud prevention systems. For instance, in cases of transaction frauds where scammers gain access to a customer's credentials, repeated transactions may occur since there are maximum amount limits per transaction. In such cases, the bank's system should be capable of recognizing and flagging suspicious activities. The backend systems must be capable of detecting these patterns," explained the banker.
Furthermore, another senior banker from a private sector bank mentioned that not all customers exercise high vigilance while conducting online payments. Therefore, the RBI has directed lenders to conduct customer awareness campaigns regarding cyber frauds.
The banker emphasized that a significant number of customers use online tools, but unfortunately, many of them fall victim to giving away their OTP or having their SIM compromised, leading to various issues. As a result, the RBI has been placing high focus on this matter for some time and is urging banks to enhance their vigilance. Banks have been instructed to implement processes that facilitate real-time tracking of online payment issues, flag certain fraud websites, identify fraudulent merchant QR codes, and address other related concerns.
In an unusual exchange filing, Kotak Mahindra Bank, a private sector lender, disclosed in August 2022 that it had twice written to the RBI, requesting the enforcement of standardized fraud reporting requirements for all banks.
In response to a media report, Kotak Mahindra Bank clarified that it had noticed significant variations in the fraud reporting practices of other banks to the regulator. Consequently, the bank had written to the regulator on two occasions, March 17, 2022, and August 30, 2022, urging them to enforce standardized reporting requirements. The media report highlighted that during Q1FY23, Kotak Bank recorded 5,278 fraud cases, with 97% of them related to digital and card frauds. In contrast, the largest lender in the country, State Bank of India (SBI), reported only nine fraud cases during the same period.
The PSU banker, as mentioned above, acknowledged the disparities in the way banks reported frauds to the regulator. In response to this concern, the RBI has now directed lenders to report all sizes of digital frauds and not just those involving amounts exceeding Rs 1 lakh. This measure aims to provide a more comprehensive picture of the overall digital fraud scenario, as explained by the bankers.
.jpg)
