In response to a surge in cyber fraud cases involving dormant bank accounts, the Reserve Bank of India (RBI) has issued a draft framework proposing mandatory annual reviews, customer outreach, and close transaction monitoring. The aim: reduce risk, ensure transparency, and hold banks more accountable for inactive accounts.
Dormant Accounts, Active Risk: Why RBI Is Redrawing the Rules
Over the past two years, several cases have emerged where cybercriminals used dormant bank accounts as conduits for transferring stolen funds from unsuspecting customers. These silent accounts inactive for years have become fertile ground for digital fraud.
Taking serious note of the trend, the Reserve Bank of India recently released a draft set of guidelines seeking public feedback before final implementation. The core proposal? Strengthen how banks manage, monitor, and respond to inactivity in customer accounts.
According to data from November 2024, over 11.3 crore dormant accounts exist under the Pradhan Mantri Jan Dhan Yojana (PMJDY) alone — meaning one in every five or six such accounts remains unused. RBI now considers this a systemic risk that demands regulatory action.
ALSO READ: FCRF Launches Campus Ambassador Program to Empower India’s Next-Gen Cyber Defenders
What the New Rules Propose: Annual Review, Customer Outreach, and No Hidden Charges
Under the new guidelines, any savings or current account with no customer-initiated transaction for two years will be classified as dormant. However, the proposed framework doesn’t stop at classification. It compels banks to:
- Review all accounts annually with no activity for 12 months
- Attempt contact with customers or nominees via all available channels — letter, email, SMS
- Maintain separate surveillance on reactivated accounts for at least 6 months
- Audit the balance in dormant accounts separately to detect any anomalies
- Continue interest payment on dormant balances
- Avoid any minimum balance charges or reactivation fees
If the bank’s outreach fails, and no contact is established, the institution will be required to initiate an investigation to verify if the customer is deceased or unreachable, and identify the nominee, if any.
The RBI has emphasized that the bank must not declare an account dormant if a customer proactively informs the bank of inactivity for a legitimate reason. However, if there’s no activity even after such intimation for one year, the account will still be marked dormant.
Safeguards Against Fraud: Monitoring, Accountability, and Institutional Vigilance
A key motivation behind the new rules is to block the window of opportunity exploited by online fraud syndicates. These groups often hijack unused accounts — sometimes with internal collusion — to launder or route stolen funds.
To counter this, the RBI wants dormant accounts to be flagged separately in internal systems. Even after reactivation, transaction behavior must be closely watched for at least six months. If fraud-like patterns emerge, banks are expected to take preventive action swiftly.
Banks have also been instructed to launch special campaigns to reach dormant account holders. Some banks have begun uploading dormant account details on their websites, but the RBI notes that these efforts remain inconsistent and largely ineffective.
The central bank now aims to shift from passive compliance to active responsibility, holding banks accountable for ensuring that dormant accounts do not become weak links in the country’s financial safety chain.
Conclusion: RBI’s Balancing Act Between Consumer Rights and Risk Mitigation
The new draft rules reflect a nuanced approach by the RBI one that seeks to protect depositors without burdening them, while also pushing banks to adopt a more proactive and secure posture.
As digital banking grows and cyber threats evolve, the integrity of dormant accounts is no longer a peripheral issue. They are now central to the conversation on financial hygiene and trust.