By Abhay Ray 
Introduction
Third-party products and services should not be displayed on banks’ digital banking channels, according to RBI’s draft norms issued on Monday. The ‘Reserve Bank of India (Digital Banking Channels Authorisation) Directions, 2025’ said banks should put in place a risk-based transaction monitoring and surveillance mechanism.
Study of customer transaction behaviour pattern and monitoring unusual transactions or obtaining prior confirmation from customers for outlier transactions may be incorporated in the systems in accordance with the Fraud Risk Management Policy of the bank, said the draft. Stakeholders’ comments have been sought on the draft till August 11.
Clear Choices for Customer
Under the new rules, banks must give customers clear choices, they can pick just to ‘view only’ their accounts or use full transaction services. Banks cannot force people to use digital banking if they just want a simple service like a debit card.
Consent and Transparency
The RBI also wants banks to get clear permission from customers before signing them up for any digital service. Every customer must be told exactly what fees apply, how to get help if there’s a problem, and must get alerts about transactions by SMS or email.
Another important point is that banks cannot push third-party products, like insurance or investment schemes, on their apps or websites without the RBI’s green light.
Stronger Fraud Checks
To keep online fraud in check, all banks must use proper fraud detection tools and keep an eye on unusual transactions. They should also study how customers usually spend money so that any odd activity can be spotted quickly.
These draft rules were shared by the RBI on Monday. The central bank has asked banks, experts, and the public to share their suggestions by August 11, 2025.
Here are key takeaways from RBI’s new draft
- Net worth: In the new draft, the RBI directed that a person with more than ₹50 crore net worth must ask for the bank’s prior approval to access the digital transactional banking facility due to the ‘minimum regulatory requirement’.
“Net worth as per minimum regulatory requirement or ₹50 crore, whichever is higher, as on 31 March of the immediately preceding financial year,” said the RBI in the draft.
- Customer consent: The new directive also mandates that banks explicitly ask for customer consent before providing any digital banking service, the data for which will be recorded.
“Banks shall obtain explicit consent from the customer for providing digital banking services, which may be duly recorded / documented. It shall also be clearly indicated that SMS/email alerts will be sent to the mobile number/email of the customer registered with the bank for operations, both financial and non-financial, in their account(s),” said the RBI.
- Clear terms & conditions: The central bank also directed that the banks will have to clearly outline the terms and conditions in a “clear and simple” language in English, Hindi, and the local language for customers to understand easily.
- Limit Risk: The RBI also directed that banks impose ‘risk mitigation measures’ according to the transaction limit and transaction velocity, among other things, depending on the risk perception.
“Banks shall put in place appropriate risk mitigation measures in accordance with their policies like transaction limit (per transaction, daily, weekly, monthly), transaction velocity limit, fraud checks, etc. depending on their risk perception,” the central bank said.
- Surveillance mechanism: The central bank also said that it wants the banks to impose transaction monitoring and surveillance mechanisms, which will study the customer transaction behaviour pattern and monitor unusual transactions in the system.
“Banks shall put in place risk-based transaction monitoring and surveillance mechanism. Study of customer transaction behaviour pattern and monitoring unusual transactions or obtaining prior confirmation from customers for outlier transactions may be incorporated in the systems in accordance with the Fraud Risk Management Policy of the bank,” said RBI in its draft.
Conclusion
The RBI’s draft framework signals a decisive shift towards protecting digital banking users from coercive practices and ensuring that customer consent remains central. With the August 11 deadline for public comments looming, the banking industry may need to prepare for fundamental operational changes all aimed at making digital banking more transparent, accountable, and consumer-friendly.
GetMyIndia.com RaysVeda.com LawCanal.com Angeltors.com GMICapitals.com