RBI Guidelines for UPI Frauds in Banks

byRahul TadiparthiLast Updated: March 18, 2024
RBI Guidelines for UPI Frauds in Banks

According to the Ministry of Finance of the Government of India, in FY 2022-23, there were 95,000 cases of UPI fraud, which is an increase from 84,000 noted in FY 2021-22. This data, thus, underlines the importance of protective measures against such incidents to lower the financial damage to the users and the overall economy of the country.

The introduction of UPI may have simplified transactions, but addressing the fraudulent activities associated with it is the need of the hour. Hence, RBI, the apex bank of India, has stepped in and formed guidelines to curb such issues

RBI Guidelines for UPI Frauds in Banks

Here are the RBI’s guidelines regarding UPI fraud –

  • The banks must have a dedicated framework for their customers to report cases of such fraud. This ensures quick actions can be taken.
  • Banks need to be prompt and accurate in reporting all the fraudulent activities associated with UPI transactions to the RBI. 
  • Banks should also focus on ‘Fraud Prevention and Management Function’ to launch investigations into such matters. They must also engage with law enforcement agencies to start the process of catching the apprehenders.
  • The CEO, audit committee, and a special committee of the bank must oversee all such fraud protection and risk management investigations.
  • Additionally, after approval from their board, each bank must frame its internal fraud detection and investigation policies.
  • Banks are mandated to send all Fraud Monitoring Returns (FMR) using the XBRL system. Furthermore, banks must nominate General Manager Designation personnel to manage this process.
  • Also, banks must engage in educating customers regarding the latest frauds and safe digital payment practices.

Besides these guidelines, RBI has a clear framework regarding the refund against such fraudulent activities. Here are the details –

  • Within 3 days: According to the apex bank of India, if you, as a customer, report any incident of a fraudulent transaction within 3 days of the incident, then you will bear zero liability for it. As a result, the total amount will be refunded to your respective bank account.
  • Within 4-7 days: If you register your complaint after 3 days and between 7 days of the fraudulent transaction, then you will have to bear the limited liability of INR 5,000 to INR 25,000, whichever is lower. After deducting the lowest amount, the rest of it will be returned to you.
  • After 7 days: If you fail to report such unauthorised transactions within 7 days, the bank will not be liable to refund any amount to you.

With all the RBI guidelines for UPI frauds in banks out of the way, let’s move on to the crux of the matter, how all these scams are happening.

Read moreIntroducing UPI Plugin: A Game-Changer in Secure Online Transactions.

What are the Different Ways in which UPI Scams Take Place? 

Here are some prominent ways in which UPI frauds are taking place –

  • Phishing scams

Phishing is one of the primary ways of conducting a UPI scam. In this process, the perpetrators will send you a payment link that looks identical to the one sent by a bank or a merchant.

Now, if you do not pay attention to it and click on it in a hurry, it will redirect you to the UPI app. After that, once you enter the credentials and give the auto-debit permission, the funds will be deducted from your account, resulting in an unauthorised transaction and your financial losses.

  • Using the screen monitoring tools

There are two ways in which this scam takes place. Firstly, you are working remotely and need to install a screen monitoring app for office work. However, instead of a verified one, you have downloaded an unverified one. These apps then allow scammers to extract data from your device or, at times, get control of it. Hence, the financial losses.

Secondly, to fool the ‘regular Joe’, fraudsters often list their contact number as the helpline number of different financial institutions on the internet. So, once you start searching for the helpline number of a particular financial institution and contact their number, they will ask you to install a screen monitoring tool. The purpose is to help resolve your crisis, but the reality is quite the opposite; they put you in further difficulties by conducting unauthorised transactions from your device.

  • Using a fake QR code

This is another leading reason for UPI fraud in recent times. In this case, the fraudsters send fake QR codes and ask you to scan them to complete any transaction or access any privileged information. But instead of that, what it does is that it discloses your UPI details to those criminals resulting in your financial losses.

The biggest example of this is that, recently, the YouTube account of a famous celebrity was hacked, and it was streaming some event of another automobile company. During this event, there was a QR code on the screen asking you to scan it, which, if you do, can result in unfortunate events of financial losses.

  • Using fake UPI handles

This is another new-age UPI scam using social media. You may have recently posted a query on the social media account of NPCI, and you see someone reaching out to you from a handle with a similar name. They will ask you to explain your grievances and then share your banking details, allowing them to help you. However, all these are just a pretext to con you into sharing your banking information to steal your money.

  • Collection request

This is one of the classic ways of conducting financial fraud, and currently, it is being used for UPI scams as well. Under this method, the perpetrators will call you and ask you to click on their collection link against the pretext of a refund or claiming a lottery

by paying a small fee, etc. Once you click on this link and enter the banking credentials, the funds will be debited from your account.

Apart from these, there are a few other ways to conduct such frauds, and they are –

  • Impersonating as a seller
  • Malware
  • Money mule
  • Web skimming

Now that you are aware of all the possible UPI frauds, the next logical step is how to save yourself from it. Well, let’s find out.

How to Avoid UPI Frauds?

Here are some tips on how you can avoid falling for such UPI scams –

  • Opting for a two-factor authentication
  • Changing passwords periodically
  • Opting for real-time transaction alerts
  • Refrain from sharing personal and banking details with anyone
  • Always remember bank representatives will not call you and ask you to pay for any service
  • Always shop from authorised websites and be cautious with payment requests
  • Always take the helpline numbers from the official websites
  • Always use verified apps and websites for transactions

Read more: India’s UPI Set to Revolutionise Payments for Indian Tourists in France


The emergence of UPI has changed the financial landscape of India, but it has also brought its own challenges. The RBI’s guidelines regarding UPI frauds are an attempt to help customers and underline the significance of security in digital transactions. Therefore, being vigilant and aware of all the latest threats and their protective measures can help you harness the unprecedented convenience of UPI and maximise its potential.


How to register UPI fraud complaints to RBI?

A To register your UPI fraud complaint to RBI, you can dial the toll-free number 114448 or go to https://cms.rbi.org.in to raise your complaint. You can also email your complaint to [email protected].

What is the punishment for UPI fraud?

A If found guilty, you will be imprisoned for 3 years and a fine of up to INR 5 lakhs.

Is it possible to use my personal UPI ID for scams?

A Even though the UPI system is safe, upon having access to your details, scammers can use your ID to trick your family and friends into sending money and exploiting them.

You May Also Like