In a significant ruling highlighting the growing issue of cyber fraud, the Bombay High Court directed the Bank of Baroda (BoB) to refund Rs 76 lakh to a company that had fallen victim to online fraud. This decision, based on a July 2017 Reserve Bank of India (RBI) circular, emphasizes that customers reporting fraudulent transactions within three working days bear zero liability.
According to a TOI report, the court, comprising Justices Girish Kulkarni and F P Pooniwalla, referred to both the RBI circular and BoB’s own consumer protection policy. The guidelines clearly state that if a customer reports a fraudulent online transaction within three working days, the customer is not liable for any loss. This applies when unauthorized transactions result from a third-party breach, with no fault attributed to the bank or the customer, and the customer promptly notifies the bank.
The petitioners, Jaiprakash Kulkarni and Pharma Search Ayurveda Pvt Ltd, presented three cyber cell reports indicating no fault on their part or on BoB. As a result, the court ruled the petitioners’ liability to be zero and confirmed their entitlement to a refund.
The court noted that BoB’s policy mandates zero liability for customers reporting fraud within three days, but imposes 100% liability if reported after seven days. The petitioners, who have held an account with BoB’s Worli branch for nearly two decades, reported the unauthorized debits to the police cyber cell within an hour on October 2, 2022, despite the transactions occurring on a public holiday.
The petitioners argued that the fraudulent transactions, totaling Rs 76 lakh, were executed without any intimation to their registered email or phone number. The company’s lawyer, Siddhesh Bhole, pointed out that BoB had ignored the 2017 RBI circular requiring reimbursement to customers under the zero fault policy.
The High Court criticized the banking ombudsman for rejecting the petitioners’ complaint in January, citing no service deficiency by the bank. The court ruled that the ombudsman had failed to properly investigate whether the debits were authorized by the petitioners.