RBI To Set Up A Central Fraud Registry For Payments Systems

India’s central bank plans to introduce a framework for online payments service providers to report frauds by merchants and customers amid rising instances of such transactions on their platforms.

With digital payments system making substantial progress in terms of growth of payment infrastructure as well as volume and value of digital payment transactions, fraud risk monitoring has become important, the Reserve Bank of India said its ‘Statement on Developmental and Regulatory Policies’ on Aug. 7.

The Central Payments Fraud Information Registry will help to reduce the incidence of frauds in the payments ecosystem, it said.

At present, banks report all frauds to the Central Fraud Monitoring Cell of the RBI through the Central Repository of Information on Large Credits system.

But the RBI found that banks delayed reporting these frauds due to non-uniformity in fraud reporting standards and in identification of red-flagged accounts.

Countering Merchant Frauds

A central fraud registry for the payments system was also recommended by the Nandan Nilekani-led committee in May.

While the RBI will provide a detailed framework for the Central Payments Fraud Information Registry in October, the central bank in its ‘Payment & Settlement Systems in India: Vision-2021’ report in May had said the registry will use analytics to identify instances of fraud, and along with payment service providers it will implement recovery actions such as blocking irregular transactions.

The Payments Council of India is working on a registry for merchant frauds which will collate data, said Naveen Surya, chairman at Fintech Convergence Council and chairman emeritus, Payments Council of India. The registry, he said, is still a work-in-progress with discussions centred around the business and operational-risk framework.

“It will also be open to non-PCI members,” Surya said, adding the council is awaiting the RBI’s guidelines as to how the industry-led registry can be integrated. The RBI’s support will accelerate the process for creating a registry of merchants that would have legal hurdles otherwise, he told BloombergQuint.

Vishwas Patel, executive director of Infibeam Avenues Ltd., said a few members of the PCI will run pilots on the registry once it is designed and implemented. After this, it will be scaled up through application programme interfaces with other payment service providers, Patel, who’s also the chairman of PCI, said.

He added that the PCI is building a common negative database of customers who have defrauded many merchants, which is unique as it is the first registry which will list customers across all types of payments including credit or debit cards, net banking, Unified Payments Interface, e-wallets and even cash on delivery.

It will also include drop shipment locations and high-risk addresses, among other datapoints.

“With the RBI mandating second-factor authentication and strong security standards, frauds in the payments system are lower than in other emerging countries. But customer education is the biggest problem today,” Patel said, adding that PCI will work with banks for more customer education programs, so that they are aware of the newest fraudulent methodology used by fraudsters.

Abhishek Gandhi, co-founder and chief financial officer at RupeeCircle, said with periodic risk reports being published for individual payment operators, customers would be aware of the potential risks and it will make the processes more transparent. “This will encourage customers to use these services smartly.”