Will the Minister of Electronics & Information Technology be pleased to state:-
(a) whether with the rising trend of cashless payments, the possibility of financial frauds, embezzlement and scams in this sector has increased;
(b) if so, the details thereof;
(c) whether the Government has developed any concrete system to compensate the financial losses suffered by common man due to these scams and embezzlement;
(d) if so, the outline of the scheme;and
(e) if not, the reasons therefor?
(a) and (b) : With the proliferation of Information Technology and related services there is a rise in number of cyber security incidents in the country like elsewhere in the world. As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), a total no. of 44679, 49455 and 50362 cyber security incidents were observed during the year 2014, 2015 and 2016 respectively. The types of cyber security incidents include phishing, scanning/probing, website intrusions and defacements, virus/malicious code, Denial of Service attacks, etc. Over a period of time, the nature and pattern of incidents are becoming more sophisticated and complex.
As per information available from Reserve Bank of India (RBI), details of cybercrimes reported (i.e. fraud reported in Credit Cards/ATM/Debit Cards and Internet Banking Categories) during the last two years and the percentage increase in such crimes during the said period is given below:
Details of fraud reported in Credit Cards/ATM/Debit Cards and Internet Banking Categories
Years 2015 2016 % increase/ decrease
Area of operation No. of frauds Amount involved (in Rs. mn) No. of frauds Amount involved (in Rs. mn) No. of frauds Amount involved (in Rs. mn)
Credit Cards 10134 484.88 7751 339.76 -23.51 -29.93
ATM/Debit Cards 5546 264.76 6996 416.42 26.14 57.28
Internet Banking 53 55.21 77 21.78 45.28 -60.55
Grand Total 15733 804.85 14824 777.95 -5.78 -3.34
In terms of RBI Circular no. DBS.CO/CSITE/BC.11/33.01.001/2015-16 dated June 2, 2016 on Cyber Security Framework in Banks, banks have been advised to report all unusual cyber security incidents to RBI within 2 - 6 hours of detection.
(c), (d) and (e): The matter pertaining to compensation to customers has been addressed in para 17.2 (Compensating the customer) of RBI circular DBOD No.Leg.BC.21/09.07.006/2014-15 July 1, 2014 which reads as under:
(i) In case of any fraud, if the branch is convinced that an irregularity / fraud has been committed by its staff towards any constituent, the branch should at once acknowledge its liability and pay the just claim,
(ii) in cases where banks are at fault, the banks should compensate customers without demur, and
(iii) in cases where neither the bank is at fault nor the customer is at fault but the fault lies elsewhere in the system, then also the banks should compensate the customers (up to a limit) as part of a Board approved customer relations policy.
*******