ALLAHABAD: The Allahabad High Court has held that under the Reserve Bank of India (RBI) Circular dated June 6, 2017, titled “Customer Protection – Limiting Liability of Customers in Unauthorised Electronic Banking Transactions”, the responsibility to prove a customer’s liability in cases of unauthorised digital transactions lies with the bank, not the customer.
The Division Bench, comprising Justice Shekhar B. Saraf and Justice Praveen Kumar Giri, emphasised this while hearing a writ petition filed by a father-son duo from Uttar Pradesh, alleging that funds were fraudulently siphoned from their bank accounts. The petitioners, proprietors of separate business firms, had transferred ₹37.85 lakh from the father’s account to the son’s account, which was subsequently moved to a third-party account. They claimed the transaction was unauthorised and filed an FIR. With no police action, they approached the court seeking a direction to the Bank of Baroda and the RBI for the restoration of the disputed amount with penal interest.
RBI Circular Meant to Shield, Not Weaponise
The Court undertook a detailed examination of Clause 12 of the 2017 RBI Circular, which provides that customers will have “zero liability” if they notify the bank within three working days of an unauthorised transaction. Importantly, it clarifies that banks must prove customer liability in such cases.
Despite this framework favouring customer protection, the High Court observed that the petitioners had failed to establish their case. The bank, in its counter affidavit, submitted key pieces of evidence, account passbook, IP logs, time-stamped transaction records, proof of password modification, and records showing the addition of the third-party beneficiary by petitioner No. 2.
These facts, according to the Court, demonstrated that the petitioners were aware of the transactions and did not fall victim to cyber fraud. The Bench remarked that the RBI circular is intended to protect genuine victims, not to contest personal financial transfers.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
No Cyber Fraud, Just Negligence
“The purpose of the circular is to act as a shield for customers from fraudulent transactions, not as a sword in the garb of personal transactions,” the Bench said, rejecting allegations of hacking and negligence.
Concluding that no cybercrime or embezzlement occurred, the Court dismissed the writ petition, holding that the petitioners’ claims lacked substance.