The Ernakulam District Commission, presided by Shri. D.B. Binu, Shri. V. Ramachandran, and Smt. Sreevidhia T.N., recently made a decision regarding a complaint against the State Bank of India (SBI). The commission held that a customer is responsible for losses caused by their negligence, such as sharing payment credentials, until they report the unauthorized transaction to the bank. After reporting the unauthorized transaction, the bank becomes responsible for subsequent losses.
Background of the Complaint
The complainant in this case had an SBI account at the Cochin Shipyard Branch in Ernakulam, Kerala. He received a message asking him to update his PAN via a link. Unfortunately, he followed the link, resulting in Rs. 40,000 being fraudulently debited from his account through SBI’s YONO facility. The unauthorized transactions occurred at the Jaipur Branch of SBI. Despite taking various actions such as blocking his account, lodging a complaint with the bank, contacting cyber police, and issuing a lawyer’s notice, the bank did not take any action. The complainant alleged that no OTP was requested, and there was no verification call for the transaction.
Arguments of the Parties
The complainant argued that SBI’s inaction caused him significant mental distress and financial loss. He claimed that the bank failed to provide proper service, did not address the fraud, and did not apprehend the fraudster. The complainant sought a refund of Rs. 40,000 with interest @6% and compensation of Rs. 15,000 for the inconvenience caused, along with the cost of litigation.
On the other hand, the bank contended that the loss occurred due to the complainant’s negligence in clicking an unverified link and sharing OTPs with fraudsters. The bank emphasized that it promptly blocked the account upon receiving the complaint to prevent further losses. They argued that the complainant voluntarily followed instructions from an unknown sender without verifying the link’s authenticity. The bank also highlighted that they continuously educate customers about online fraud risks and advise against sharing personal information. According to the Reserve Bank of India’s guidelines, the customer is liable for losses due to such negligence.
Decision of the District Commission
After considering the arguments presented by both parties, the Ernakulam District Commission made the following observations and decision:
- The commission observed that a customer is liable for losses due to negligence, such as sharing payment credentials, until the unauthorized transaction is reported to the bank.
- It was highlighted that after the complainant reported the issue, no additional money was lost, and the initial loss was due to the complainant’s negligence.
- The commission referred to the RBI notification on “Customer Liability in Unauthorized Electronic Banking Transactions” and a relevant case (2024) CPJ 310 (NC), which support the principle that customers bear losses from their negligence until reporting, after which the bank is responsible for subsequent losses.
- The commission found that the bank acted appropriately and was not at fault, as it provided necessary warnings and educational materials about online fraud.
Based on these observations, the Ernakulam District Commission dismissed the complaint and held the bank not liable.
Conclusion
In conclusion, the Ernakulam District Commission held that a customer is responsible for losses caused by their negligence until they report the unauthorized transaction to the bank. After reporting, the bank becomes responsible for subsequent losses. In this specific case, the commission found that the bank acted appropriately and was not at fault. Therefore, the complaint against the State Bank of India was dismissed.