Source: TH
Context:
The Reserve Bank of India (RBI) has issued its final instructions for banks on digital banking channels, emphasizing customer consent, risk management, and operational compliance.
The guidelines clarify that digital banking cannot be made mandatory for accessing other services, such as debit cards.
Key Provisions
Explicit Customer Consent
- Banks must obtain clear and documented consent from customers before activating any digital banking channel.
- Customers’ choice to opt for digital banking is voluntary.
Mobile Number Collection
- Banks can collect and record customers’ mobile numbers for:
- Transaction alerts
- KYC compliance at account opening
Risk Mitigation Measures
- Banks may implement internal risk controls such as:
- Transaction limits (per transaction, daily, weekly, monthly)
- Transaction velocity limits
- Fraud checks
- These measures must align with the bank’s Fraud Risk Management Policy.
Risk-Based Monitoring
- Banks must have transaction surveillance mechanisms:
- Study customer transaction patterns
- Flag unusual transactions
- Seek prior confirmation for outlier transactions
Network-Independent Mobile Banking
- Mobile banking services must be accessible across all mobile network operators.
Restrictions on Third-Party Products
- Banks cannot display third-party or group-company products on digital channels unless explicitly permitted by RBI.
Policy and Oversight
- Banks must have a comprehensive digital banking policy covering:
- Liquidity management
- Operational risk management
- Senior management remains responsible for overseeing risks.
Launch of Transaction Banking Facilities
- Banks require RBI approval before launching fund-based or non-fund-based transaction banking services.
