Customer Protection Policy

Introduction

Airtel Payments Bank is committed to provide superior and safe customer service experience to all its customers. In order to enable the above, the Bank has robust security systems and fraud detection and preventions mechanisms in place to ensure safe and secure banking experience to its customers. Bank already has in place policies such as Comprehensive Deposit Policy, Customer Service Policy and Customer Compensation policy.

Keeping in mind the increasing thrust on financial inclusion & customer protection, the Reserve Bank of India had issued a circular on Customer Protection – Limiting Liability of Customers in Unauthorized Electronic Banking Transactions. (RBI/2017-18/15 DBR.No.Leg.BC.78/09.07.005/2017-18 dated July 6, 2017) which inter-alia requires Banks to formulate a Board approved policy in regard to customer protection and compensation in case of unauthorized electronic banking transactions.

Objective

The systems and procedures in bank are designed to make customers feel safe about carrying out electronic banking transactions. This policy seeks to communicate in a fair and transparent manner the Bank’s policy on:

a) Customer protection (including mechanism of creating customer awareness on the risks and responsibilities involved in electronic banking transactions),

b) Appropriate systems and procedures are in place to ensure safety and security of electronic banking transactions carried out by customers,

c) Customer liability in cases of unauthorized electronic banking transactions

d) Customer compensation due to unauthorized electronic banking transactions (within defined timelines)

e) Robust and dynamic fraud detection and prevention mechanism, mechanisms to assess the risks, measure the liabilities arising out of such events and appropriate measures to mitigate the risks.

Scope

Electronic banking transactions usually cover transactions through the below modes:

• a)    Remote/ online payment transactions (transactions that do not require physical payment instruments to be presented at the point of transactions e.g. internet banking, mobile banking, card not present (CNP) transactions, Pre-paid Payment Instruments (PPI), etc.)
• b)    Any other electronic modes of credit effected from one entity to another currently being used or adopted from time to time
• c)    This policy covers transactions only through the above modes. The policy excludes electronic banking transactions effected on account of error by a customer (e.g. NEFT carried out to an incorrect payee or for an incorrect amount), transactions done under duress, claims due to opportunity loss, reputation loss, other incidental costs or collateral damage

Applicability

a)  This policy is applicable to entities that hold relationship with the bank viz.:

i.         Individual and non-individual customers who hold current or savings account.

ii.         Individual / non-individual entities that hold prepaid card.

iii.         Individual / non-individual entities that use other electronic platforms of the Bank like internet banking, net banking and wallet.

b)     This policy is not applicable to:

i.         Entities that are part of the ecosystem such as interchange organizations, Franchises, Intermediaries, Agencies, Service partners, Vendors, Merchants etc.

Definitions & Explanations (for the purpose of this policy)

• a)    Real loss is defined as financial outgo from customer’s account e.g. debit to customer’s account or card.
• b)    Payment transactions are defined as transactions that involve transfer of funds from one account/ wallet to another electronically and do not require card information e.g. NEFT/IMPS
• c)    Unauthorized transaction is defined as debit to customer’s account without customer’s consent
• d)    Consent includes authorization of a transaction debit either through standing instructions, as per accepted banking practice and regulation, based on account opening process and related matters, account access through mobile banking or wallet application, or based on additional authentication required by the bank such as use of security passwords, input of dynamic password (OTP) or use of Card details (CVV/ Expiry date) or any other electronic authentication option provided by the Bank.  
• e)    Date & time of reporting is defined as date & time on which customer has submitted a unique complaint. Date of receiving communication from the Bank, is excluded for purpose of computing number of working days for all action specified in this policy. Time of reporting will be as per Indian Standard Time.  
• f)     Notification means an act of the customer reporting unauthorized electronic banking transaction to the bank  
• g)    Number of days will be computed based on working days  
• h)    Mode of reporting will be the channel through which customer complaint is received first time by the Bank, independent of multiple reporting of the same unauthorized transaction.

Points Covered Under the Policy

Customer shall be compensated in line with this policy in case of loss occurring due to unauthorized transaction as follows:

a) Zero Liability of a Customer

A customer’s entitlement to zero liability shall arise where the unauthorized transaction occurs in the following events:  

i. Customer shall be entitled to full compensation of real loss in the event of Contributory fraud/ negligence/ deficiency on the part of the bank (irrespective of whether or not the transaction is reported by the customer).

ii. Third party breach where the deficiency lies neither with the bank nor with the customer but lies elsewhere in the system, and the customer notifies the bank within three working days of receiving the communication from the bank regarding the unauthorized transaction.

Third party breaches would cover following unauthorized transactions without customer knowledge.

• SIM duplication – Cloning of original SIM to create duplicate SIM.

• Application related frauds – Stolen customer identity which is used to avail banks product & services.

• Account takeover – Theft of account information to obtain banks products and services including extracting funds from the customers bank account.

• Skimming/Cloning – Collect data from the magnetic strip of the card and copying the information onto another plastic.

b) Limited/Full Liability of a Customer

Customer shall be liable for the loss occurring due to unauthorized transactions in the following cases:

i.          In cases where the loss is due to negligence by a customer, such as where he/she has shared the payment credentials, the customer will bear the entire loss until he/she reports the unauthorized transaction to the bank. Any loss occurring after the reporting of the unauthorized transaction shall be borne by the bank.

ii.          In cases where the responsibility for the unauthorized electronic banking transaction lies neither with the bank nor with the customer, but lies elsewhere in the system and when there is a delay (of four to seven working days after receiving the communication from the bank) on the part of the customer in notifying the bank of such a transaction, the per transaction liability of the customer shall be limited to the transaction value or the amount mentioned in Table 1 below, whichever is lower.

 The liability of the customer per  transaction  shall  be  limited  to  transaction  value  or  amounts mentioned in [Table -1] whichever is lower

Any unauthorized electronic banking transaction reported after 7 working days will be treated as 100% customer liability.  

Overall liability of the customer in third party breaches, as detailed in paragraph 6(b)(II) and paragraph 6(b)(III) above, where the deficiency lies neither with the bank nor with the customer but lies elsewhere in the system, is summarized in the Table 3 below:

The number of working days mentioned in [Table 2] shall be counted as per the working schedule of the bank excluding the date of receiving the communication.

Reversal Timeline for Zero Liability/Limited Liability of Customer

a)    On being notified by the customer, the bank shall afford shadow credit the amount involved in the unauthorized electronic transaction to the customer's account within 10 working days from the date of such notification by the customer (without waiting for settlement of insurance claim, if any). Banks may also at their discretion decide to waive off any customer liability in case of unauthorized electronic banking transactions even in cases of customer negligence. The credit shall be value dated to be as of the date of the unauthorized transaction.

b)    Further, bank shall ensure that :

• i.         a complaint is resolved and liability of the customer, if any, established within such time, as may be specified in the bank's Board approved policy, but not exceeding 90 days from the date of receipt of the complaint, and the customer is compensated as per this policy;
• ii.         where it is unable to resolve the complaint, or determine the customer liability, if any, within 90 days, the compensation as prescribed in this policy; and
• iii.         In case of debit card / bank account, the customer does not suffer loss of interest.

Burden of Proof

The burden of proving customer liability in case of unauthorized electronic banking transactions shall lie on the bank.

Reporting and Monitoring Requirements

The banks shall put in place a suitable mechanism and structure for the reporting of the customer liability cases to the Board or one of its Committees. The reporting shall, inter alia, include volume/ number of cases and the aggregate value involved and distribution across various categories of cases viz., card present transactions, card not present transactions, internet banking, mobile banking, ATM transactions, etc. The Standing Committee on Customer Service shall periodically review the unauthorized electronic banking transactions reported by customers or otherwise, as also the action taken thereon, the functioning of the grievance redress mechanism and take appropriate measures to improve the systems and procedures. All such transactions shall be reviewed by the bank’s internal auditors.

Reporting of unauthorized transactions by customers to Bank

The Bank will ensure that customers are mandatorily registered for SMS alerts and wherever available for email alerts, for electronic banking transactions. Bank will mandatorily send SMS alerts to the customers, while the email alerts may be sent wherever registered. Further, the bank will not be able to offer facility of electronic transactions, other than ATM cash withdrawals, to customers who do not provide mobile numbers to the bank. These facilities will be withdrawn for customers after due notice is provided to them.

The Bank requires customers to notify the Bank about any unauthorized electronic banking transaction at the earliest after the occurrence of such transaction as longer the time taken to notify the bank, the higher will be the risk of loss to the bank/customer. To enable this to be done in a smooth and efficient manner, the Bank will provide customers with 24x7 access through multiple channels (via website, SMS, e-mail, a dedicated tollfree helpline, reporting to home branch, etc.) for reporting unauthorized transactions that have taken place and/ or loss or theft of payment instrument such as card, etc.

Further, the Bank will provide a direct link for lodging the complaints, with specific option to report unauthorised electronic transactions in the home page of the Bank’s website. Immediate response (including auto response) will be sent to the customers acknowledging the complaint along with the registered complaint number. The communication systems used by the Bank to send alerts and receive their responses thereto will record the time and date of delivery of the message and receipt of customer’s response, if any, to the Bank. On receipt of report of an unauthorised transaction from the customer, the Bank will take immediate steps to prevent further unauthorised transactions in the account. On being notified by the customer, the Bank will undertake a preliminary investigation to establish the reason for the dispute. Where the transaction does not involve a third party, the Bank will endeavor to complete the investigation within 10 working days of notification.

Rights & Obligations of the Customer

a)  Customer is entitled to

i.         SMS alerts on valid registered mobile number for all financial electronic debit transactions

ii.         Register complaint through multiple modes as mentioned on our website (www.airtel.in/bank)

iii.         Intimation at valid registered mobile number with complaint number and date & time of complaint

iv.         Receive compensation in line with this policy document where applicable. This would include getting shadow credit within 10 working days from reporting date and final credit within 90 days of reporting date subject to customer fulfilling obligations detailed herein and with customer liability being limited as specified in Table 1

b)  Customer is bound by following obligations with respect to banking activities:

i.  Customer shall mandatorily register valid mobile number with the Bank.

ii.     Customer shall regularly update his /her registered contact details as soon as such details are changed. Bank will only reach out to customer at the last known email/ mobile number. Any failure of customer to update the Bank with changes shall be considered as customer negligence. Any unauthorized transaction arising out of this delay shall be treated as customer liability.

iii.         Customer should provide all necessary information – proof of transaction success/ failure and should also file a police complaint and provide copy of the same to the Bank.

iv.         Customer should co-operate with the Bank’s investigating authorities and provide all assistance.

v.         Customer must not share sensitive information (such as Debit card & PIN, CVV, Net Banking Id & password, OTP, transaction PIN) with any entity, including bank staff.

vi.         Customer shall go through various instructions and awareness communication sent by the bank on secured banking

vii.         Customer must verify transaction details from time to time in his/her bank statement and raise query with the bank as soon as possible in case of any mismatch.

Disclaimer Clause

Notwithstanding anything contained here above, the Bank shall not pay any compensation in the following cases

a)    Delays on account of non-functioning of business due to factors beyond the control of the bank the period covered by such events shall be omitted for calculation of delay etc.

b) Where the issues are sub-judice and pending before Courts, Ombudsman, arbitrator, Government and matter put on hold due to stay.

Force Majeure

The bank shall not be liable to compensate customers for delayed credit if some unforeseen event (including but not limited to civil commotion, sabotage, lockout, strike or other labour disturbances, accident, fires, natural disasters or other “Acts of God”, war, damage to the bank’s facilities or of its correspondent bank(s), absence of the usual means of communication or all types of transportation, etc beyond the control of the bank prevents it from performing its obligations within the specified service delivery parameters.

Timelines for Payment of Compensation Amount

In case the Bank is liable to pay any compensation in accordance with the Policy, the same would be paid to the complainant in line with paragraph 6 above.

Amendment/Modification of the Policy

The Bank reserves the right to amend/modify this policy, as and when deemed fit and proper at its sole discretion.

a) Internal factors such as changes in organizational structure or products and services offered

b) External factors such as changes in legislation, regulatory guidelines or technological innovation.

c) The results of audit, if any conducted during the year by internal / external auditors

However, the Bank shall endeavor to review the Policy at annual intervals.

Linkage to other Customer Service Policies of the Bank

This Policy shall be read in conjunction with the Customer Compensation policy and Customer Grievance Redressal policy

General

Acceptance of the compensation by the customers under this policy shall be deemed to be final settlement of all issues arising out of grievances for which compensation is claimed.