Join with us -for Quick Banking updatesMumbai, July 21, 2025:
In a significant move to enhance security, transparency, and governance in the digital banking ecosystem, the Reserve Bank of India (RBI) has released a draft of the Digital Banking Channels Authorisation Directions, 2025. The proposed regulations aim to standardize and streamline the operations of internet and mobile banking platforms across all categories of banks operating in India.
These directions, issued under Section 35A of the Banking Regulation Act, 1949, are applicable to all commercial banks and cooperative banks and will take effect upon final notification.
🔍 Key Highlights of the Draft Guidelines:
1. Customer Consent & Transparency:
Banks must obtain explicit consent from customers for digital banking services and must provide clear, multilingual disclosures regarding terms, charges, grievance redress mechanisms, and security practices. Importantly, customers cannot be forced to opt for digital banking channels to access essential services like debit cards.
2. Dual Authorisation Framework:
Banks with only view-only services (like balance inquiry, statement download) must notify RBI with a Gap Assessment and Internal Controls Adequacy (GAICA) report within 30 days of launch.
Banks wishing to offer transactional services (like fund transfers or loan applications) must seek prior RBI approval via the PRAVAAH portal, demonstrating regulatory compliance, cyber audit clearances, and ₹50 crore minimum net worth.
3. Risk-Based Access and Monitoring:
Banks must define transaction limits, perform behavioral monitoring, and integrate fraud detection. Risk mitigation techniques like alert notifications, daily/monthly limits, and surveillance for unusual transactions have been made mandatory.
4. Technology Governance:
Only banks with Core Banking Systems (CBS) and IPv6-compatible public-facing IT infrastructure will be eligible. Third-party services may be used, provided banks demonstrate adequate oversight and internal technical capacity.
5. Strict Customer Protection Rules:
The draft reiterates RBI’s earlier circulars on limiting customer liability in unauthorized electronic transactions and mandates sending SMS/email alerts for all account activities.
6. Display of Third-Party Services Prohibited:
Banks are barred from displaying products or services from group entities (like insurance subsidiaries) on digital platforms unless specifically permitted by RBI. This aims to reduce mis-selling and protect customer autonomy.
🔁 Old Guidelines to be Repealed
The new directions will repeal and consolidate over 15 circulars and guidelines issued between 2001 and 2022, including those related to mobile banking, internet banking for cooperative and rural banks, and earlier risk-control norms.
📌 RBI’s Stated Goal:
To promote safe, inclusive, and technologically resilient digital banking services across all licensed banks in India. The draft also empowers RBI to interpret and exempt provisions case by case to avoid hardship to regulated entities.
🗓️ What’s Next?
Stakeholders have been invited to submit comments and suggestions before the final version is notified. The central bank’s move is seen as part of its broader agenda to enhance trust, security, and scalability in India’s rapidly evolving digital banking landscape.
