Prevention of Financial frauds perpetrated using voice calls and SMS – Regulatory prescriptions and Institutional Safeguards

Introduction

With the increase in the use of technology in each sector including the use of mobile phones for banking and financial services as well as financial transactions, fraudsters and scammers are finding new ways to deceive individuals through voice calls and SMS in order to extract valuable and sensitive financial information. Although digital banking provides unparalleled convenience, it has also created opportunities for fraudsters. Since mobile numbers serve as crucial identifiers in the banking system, they are increasingly susceptible to exploitation. These scams often involve but are not limited to fraudsters impersonating as bank officials, government representatives, customer service agents, loan providers, etc. In order to safeguard ourselves and our finances, it is of utmost importance to be aware of and to stay informed about Regulatory measures and Institutional safeguards that are in place to combat these kinds of frauds.

The Reserve Bank of India (RBI) has released an important directive (Circular No. RBI/2024-25/105, dated January 17, 2025, titled “Prevention of Financial Frauds Perpetrated Using Voice Calls and SMS – Regulatory Prescriptions and Institutional Safeguards”) to tackle the rising threat of financial frauds via voice calls and SMS.

Objective

As digital transactions become increasingly integral to banking, this circular outlines regulatory measures and safeguards designed to enhance consumer protection. The primary objective of this circular is to reduce the risk of financial fraud stemming from the misuse of mobile numbers, which play a crucial role in authentication for digital transactions. ^[1]

Key Highlights

The circular directs Regulated Entities (REs) to implement a few specific measures and advises them to ensure compliance with the same. These measures are as follows:

• Monitoring and Cleaning Customer Database Using Mobile Number Revocation List (MNRL).
• Submission of Verified Customer Care Numbers to Digital Intelligence Platform (DIP).
• Compliance with TRAI Guidelines for Communication.
• Registration on DLT Platform.
• Use of Digital Consent Acquisition (DCA) service for acquiring Digital Consents of customers for sending Commercial Communication.
• Action on part of Principal Entities (PEs) to maintain Confidentiality and Security of Data related to Commercial Communication and Prevention of Misuse/Leakage thereof.
• Measures to curb misuse of Headers and Content Templates.
• Stringent Provision in the Regulation for its violation.
• Creating Awareness amongst its customers.

This Notification not only supplements the existing Telecom Regulatory Authority of India (TRAI) regulations on commercial communications, including the Telecom Commercial Communications Customer Preference Regulations, 2018, but also mandates adherence to the “Important Guidelines for Sending Commercial Communication Using Telecom Resources Through Voice Calls or SMS.”

Conclusion

The RBI’s forward-thinking initiatives emphasize the need for a secure digital ecosystem, particularly as mobile-based transactions become increasingly prevalent. By requiring the implementation of advanced fraud detection tools, standardized communication protocols, and comprehensive customer awareness programs, these circular aims to enhance financial security for all stakeholders. The prompt adoption of these measures by Regulated Entities (REs) will be crucial in reducing fraud risks and strengthening trust in digital banking services.

Lastly, it is important to note that while regulatory authorities and institutions continue to strengthen safeguards against financial frauds, individual vigilance remains the first line of defence. By staying informed and cautious, we can protect ourselves from falling victim to fraudulent schemes.

^[1] https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=12770&Mode=0