The Reserve Bank of India released draft Third Amendment Directions, 2026 for responsible business conduct by commercial banks. The draft directions strengthen customer protection in electronic banking transactions and state that the framework would apply from July 1, 2026. Their core focus is limiting customer liability in unauthorised and fraudulent digital transactions, so that customers do not bear unfair loss when the fault lies with a bank, the banking system, or a third-party breach.

The draft directions require banks to frame a customer-protection policy. This policy must cover transaction alerts, customer rights and obligations, complaint-resolution timelines, risk awareness, and grievance-escalation details. Banks must send instant SMS alerts for electronic banking transactions above ₹500, and email alerts wherever the customer has provided an email address. When a fraudulent transaction occurs, the customer should report it to the bank and also to the National Cyber Crime Reporting Portal or helpline 1930 at the earliest. Banks must provide 24x7 reporting channels, a number in transaction alert SMS messages for immediate objection, and a direct complaint link on their websites.

A key liability rule is that the burden of proving customer liability lies on the bank. In cases of bank negligence, irrespective of whether the customer reports the transaction, or a third-party breach reported within 5 calendar days, a customer gets zero liability and transaction reversal. Banks must establish liability and respond under their policy, but within a maximum of 30 calendar days. For small-value frauds, an eligible individual victim with gross loss up to ₹50,000 may receive compensation equal to 85% of net loss or ₹25,000, whichever is lower, once in a lifetime. For exams, this topic connects RBI regulation, consumer protection, digital payment security, and financial inclusion. Prelims may ask the effective date, scope, and liability provisions, while mains may use it for questions on trust in the digital economy, bank accountability, and grievance redressal.