RBI Guidelines on Digital Banking Channels

The Reserve Bank of India (RBI) has issued comprehensive instructions concerning digital banking services, emphasizing customer consent and risk management. These guidelines aim to regulate how banks offer digital services while ensuring customer rights and security.

Key Guidelines

• Explicit Consent: Banks must obtain clear consent from customers before activating any digital banking services.
• Non-Mandatory Adoption: Customers are not obligated to use digital banking channels to access other services like debit cards. The choice remains with the customer.
• Mobile Number Collection: Banks can collect customers' mobile numbers for sending transaction alerts and for Know Your Customer (KYC) compliance.
• Risk Mitigation Measures:
  • Implement transaction limits and velocity limits.
  • Conduct fraud checks based on internal risk perceptions.
• Transaction Monitoring: Banks must employ risk-based transaction surveillance to monitor unusual behavior and require prior confirmation for outlier transactions.
• Network-Independent Access: Mobile banking services should be accessible across all mobile network operators.
• Restriction on Third-Party Products: Banks cannot display third-party or group-company products on digital channels unless specifically permitted by the RBI.

Additional Instructions

• Comprehensive Policy Requirement: Banks need a policy for digital banking channels that incorporates statutory and regulatory requirements, managing liquidity, and operational risks.
• Senior Management Responsibility: The senior management of banks is responsible for overseeing risk management related to digital banking services.
• Prior RBI Approval: Banks must obtain approval from the RBI before launching transaction banking facilities, provided they meet the required criteria.

These guidelines are designed to ensure that digital banking is customer-centric, secure, and seamlessly integrated with existing banking services while complying with regulatory standards.