Banks should not make it mandatory for customers to opt for any digital banking channel to avail themselves of other facilities, such as debit cards, the Reserve Bank of India (RBI) said in the draft norms on Digital Banking Channels Authorisation, released on Monday.
“While it may be more convenient for the customer to opt for some services together (for example, virtual access to card controls), the choice to apply for digital banking facilities shall lie solely with the customer,” the draft norms said, clarifying that banks can continue to obtain and record mobile numbers of customers to send transaction alerts and other notifications in line with KYC (Know Your Customer) requirements at the time of opening accounts.
Further, the norms stated that banks should obtain consent from customers for providing digital banking services. “Banks shall obtain explicit consent from the customer for providing digital banking services, which may be duly recorded and documented. It shall also be clearly indicated that SMS/email alerts will be sent to the mobile number/email of the customer registered with the bank for operations, both financial and non-financial, in their account(s).”
Digital Banking Channels refer to modes provided by banks over websites (i.e., internet banking), mobile phones (i.e., mobile banking), or other digital channels through electronic devices/equipment for the execution of financial transactions.
The draft norms also proposed that third-party products and services, including those of promoter groups or bank group entities (subsidiaries/joint ventures/associates), should not be displayed on banks’ digital banking channels except as specifically permitted by the RBI.
In addition, the RBI said that banks shall put in place risk-based transaction monitoring and surveillance mechanisms.
“Study of customer transaction behaviour patterns and monitoring unusual transactions or obtaining prior confirmation from customers for outlier transactions may be incorporated in the systems in accordance with the Fraud Risk Management Policy of the bank,” it said.
Comments on the draft norms are invited from stakeholders until August 11, 2025.
