ORDER : For convenience of exposition, this order is divided in the following parts: - INDEX (1) Prelude (2) Factual matrix of the case (3) Submissions on behalf of the petitioner (4) Submissions on behalf of the respondent (5) Analysis, Discussions and Judgments referred (6) Conclusion (6) Directions Prelude:- 1. Over the past few years, there has been a noticeable rise in cyber crimes and frauds globally, with India witnessing thousands of innocent people falling victim to these scams. Many have lost substantial amounts of their hard-earned money to frauds carried out via internet. The surge in digital scam cases underscores a troubling trend, with individuals from all walks of life increasingly being targeted. In the age of rapid digital evolution, digital scams have emerged as one of the most insidious forms of cyber crimes. 2. As online banking services have grown in popularity, the incidents of online banking fraud have also increased. Among the most widespread cyber crimes are phishing scams targeting bank customers. Cyber criminals steal login credentials to access bank accounts and harvest credit and debit card information for financial gain, leading to significant losses for the victims. 3. Online bank fraud occurs when a cyber criminal steals an individual's or company’s digital banking credentials and gains access to their associated bank accounts and credit cards. Online banking fraud encompasses a range of criminal activities carried out through a bank’s app or website. This includes illegally accessing someone else’s account to manage or transfer funds in other phishy and fraudulent accounts. 4. The highly digitized nature of modern banking provides attackers with numerous opportunities to commit these crimes. Although banks continue to implement advanced measures to secure and protect their digital services and protect customer accounts, the increasing sophistication of these attacks makes it more difficult to detect when fraud is occurring. Factual matrix of the case:- 5. In the instant case, the petitioner is holding a Dropline OD in account No. 0298675100010645 linked with current account No. 0013102000083988 which is maintained by the respondent No. 5 i.e IDBI Bank with the OD limit of Rs. 1,39,00,000/-. The petitioner states that on 11.02.2022, unauthorized electronic transactions amounting to Rs 58,93,000/- were transferred to unknown third parties between 6:39 PM on 11.02.2022, and 1:30 AM on 12.02.2022. 1,39,00,000/-. The petitioner states that on 11.02.2022, unauthorized electronic transactions amounting to Rs 58,93,000/- were transferred to unknown third parties between 6:39 PM on 11.02.2022, and 1:30 AM on 12.02.2022. The aforesaid incident was reported by the petitioner to the respondent-bank via E-mail on 13.02.2022 and an FIR No. 10/2022 was also lodged by him on 14.02.2022 with the Special Offences and Cyber Crime Police Station, Jaipur. The petitioner also lodged an application-cum-complaint with the RBI Banking Ombudsman, seeking return of the stolen amount. The said application was partly allowed vide order dated 13.12.2022 whereby the respondent-bank i.e. IDBI has been directed to pay Rs. 15,60,000/- to the petitioner, but the balance amount of total of Rs. 58.93 lakhs has not been granted to the petitioner. Hence, feeling aggrieved by the order dated 13.12.2022, the petitioner has knocked the doors of this Court by way of filing this writ petition. 6. The instant writ petition has been filed by the petitioner with the following prayer:- “i. The impugned order dated 13.12.2022 may kindly be quashed and set aside to extent it is prejudicial to the interest of the Petitioner. ii. That the balance amount of Rs. 43,33,000/- (Rs.58,93,000/- withdrawn fraudulently minus Rs. 15,60,000/- refunded till date) be refunded back along with the interest debited / charged on the amount of Rs. 58,93,000/- from 11.02.2022 till 09.12.2022 and on amount of Rs. 43,33,000/- from 10.12.2022 till it is refunded be credited to the loan account of the Petitioner; iii. Any other writ or direction which the Hon’ble court deem fit and proper in the interest of justice may be passed in favor of the Petitioner.” 7. By way of filing this writ petition, a challenge has been led to the impugned order dated 13.12.2022 passed by the Banking Ombudsman of Reserve Bank of India (for short, ‘the RBI’) by which the complaint submitted by the petitioner for getting the complete amount of Rs. 58,93,000/- has been partly allowed and a direction has been issued to the respondent-Bank to pay a sum of Rs. 15,60,000/- to the petitioner and the rest of the claim of the petitioner has been denied. Submissions on behalf of the petitioner:- 8. 58,93,000/- has been partly allowed and a direction has been issued to the respondent-Bank to pay a sum of Rs. 15,60,000/- to the petitioner and the rest of the claim of the petitioner has been denied. Submissions on behalf of the petitioner:- 8. Counsel for the petitioner submits that the petitioner is holding a Dropline OD in account No.0298675100010645 linked with current account No. 0013102000083988 with the respondent No. 5 wherein a fault was occurred on 11.02.2022 from 6:39 P.M. onwards and a sum of Rs. 58,93,000 was siphoned off from his account against which a complaint was submitted on 13.02.2022. Counsel submits that the aforesaid fraud took place in the bank account of the petitioner on the weekend i.e. on Friday and the next two days were holidays on account of Second Saturday and Sunday but in any case, the complaint was made within two days of the aforesaid fraud, in terms of the circular issued by the RBI. Counsel submits that as per the circular dated 06.07.2017, there would be ‘zero liability’ of the customer where unauthorised transaction occurs, in case, a complaint with regard to the fraud or deficiency has been made within a period of three working days. Counsel submits that in the instant case, the complaint was submitted by the petitioner within the aforesaid stipulated period. Counsel submits that the aforesaid amount of the petitioner was allegedly transferred in different accounts by way of 16 transactions which took place between 6.39 PM on 11.02.2022 till 1:03 AM on 12.02.2022. Counsel submits that once a complaint was submitted within the above stipulated period, the respondent- Bank was duty bound to stop the payment of the amount, which has been siphoned in different accounts during the aforesaid intervening period. Counsel submits that the petitioner did not receive any alert messages from the bank because the SIM card was skipped i.e it was missing and not inserted. Therefore, the petitioner should not be held at fault for this issue. Counsel submits that the petitioner is liable for zero liability and he is entitled to get the aforesaid amount in toto. In support of his contentions, he has placed reliance upon the following judgments:- 1. Jaiprakash Kulkarni and Ors. Vs. The Banking Ombudsman and Ors. reported in 2024 SCC Online Bom. 1666 2. Tony Enterprises Vs. Reserve Bank of India , reported in 2019 SCC Online Ker 5366 3. In support of his contentions, he has placed reliance upon the following judgments:- 1. Jaiprakash Kulkarni and Ors. Vs. The Banking Ombudsman and Ors. reported in 2024 SCC Online Bom. 1666 2. Tony Enterprises Vs. Reserve Bank of India , reported in 2019 SCC Online Ker 5366 3. Smt. Jyoti Bezbarua Goswami Vs. The State of Assam and Ors. reported in 2023 SCC Online Gau 3475 4. Division Bench judgment in the case of State Bank of India Vs. Pallabh Bhowmick and Ors. (WA No. 364/2022 decided by Gauhati High Court on 13.09.2024) 5. Hare Ram Singh Vs. Reserve Bank of India and Ors. ,reported in 2024 SCC Online Del 8039. 9. Counsel submits that the Gauhati High Court has dealt with the similar identical issue in the case of Smt. Jyoti Bezbarua Goswami (Supra) and Pallabh Bhowmick (Supra), and directed the Banking authorities concerned to make the payment of the full amount which was siphoned off from the account of the holder. Counsel submits that an appeal was filed before the Division Bench against the order dated 30.09.2022 passed by the Single Bench of the Gauhati High Court in the case of Pallabh Bhowmick (Supra) , was subsequently rejected and thereafter, a Special Leave Petition (C) No. 30677/2024 (SBI Vs. Pallabh Bhowmick) was submitted to the Hon'ble Supreme Court, but the same was also rejected by order dated 03.01.2025. Counsel further submits that the petitioner's case is squarely covered by the judgments passed by various High Courts, as well as by the Hon'ble Supreme Court, hence, under these circumstances, interference of this Court is warranted. Submissions on behalf of the respondent:- 10. Per contra, counsel for the respondents opposes the prayer made by counsel for the petitioner and submits that the Banking Ombudsman as well as the service provider have not been impleaded as party respondents in the array of cause title, hence, under these circumstances, the instant writ petition is not maintainable and the same is liable to be rejected on this count. 11. On merits, counsel for the respondent opposed the prayer and submitted that several alert messages regarding transactions in question were sent to the petitioner on his registered mobile number i.e. 90018xxxxx , but he failed to respond the same and accordingly, money was transferred from the account of the petitioner for which the respondent Bank cannot be held liable. 11. On merits, counsel for the respondent opposed the prayer and submitted that several alert messages regarding transactions in question were sent to the petitioner on his registered mobile number i.e. 90018xxxxx , but he failed to respond the same and accordingly, money was transferred from the account of the petitioner for which the respondent Bank cannot be held liable. Counsel submits that the petitioner did not provide any registered email address in his credentials to the respondent bank, and as a result, the messages of those transactions could not be sent to the registered email ID of the petitioner. Counsel submits that all these facts have been appreciated by the Banking Ombudsman in detail, while passing the order dated 13.12.2022, which requires no interference of this Court and the writ petition is liable to be rejected. 12. In rebuttal, counsel for the petitioner submits that the Banking Ombudsman is a persona designata who has simply passed an order upon the complaint submitted by the petitioner, hence, he is neither necessary nor appropriate party to be impleaded as respondent in the array of the cause title. 13. In support of this contention, he has placed reliance upon the judgment passed by the UPSC Vs. Shiv Shambu and Ors. reported in ILR 2009 (1) Delhi 704. 14. Lastly, he argued that the petitioner's account is an overdraft (OD) account, and to maintain it, the petitioner is required to pay a significant amount of interest. Analysis, Discussions and Judgments referred :- 15. Heard and considered the submissions made at Bar and perused the material available on record. 16. This fact is not in dispute that on 11.02.2022, certain unauthorized electronic transactions total amounting to Rs. 58.93 lakhs took place and this amount was transferred into the account of the following persons, as provided in Annexure-13 of the writ petition:- DETAIL OF UNAUTHORISED TRANSACTIONS DEBITED FROM C/A No. 00131020000839 Date Time Amount Narration NAME OF ACCOUNT HOLDER Branch Location IFSC Code 1. 11.02.2022 18:39:40 7,50,000/- IPAY/ INST/ RTGS/ 027292374741/066101001989/JAY/ICIC/ Jay Prakash Balia Uttar Pradesh ICIC0000661 2. 11.02.2022 18:41:21 8,00,000/- IPAY/ INST/ RTGS/ 027292378481/066101001989/ JAY/ICIC/ Jay Prakash Balia Uttar Pradesh ICIC0000661 3. 11.02.2022 18:42:45 7,91,000/- IPAY/ INST/ RTGS/ 027292381721/066101001989/ JAY/ICIC/ Jay Prakash Balia Uttar Pradesh ICIC0000661 4. 11.02.2022 18:52:26 8,00,000/- IPAY/ INST/ RTGS/027292402121/094801004473/SUNILIC/ Sunil Kumar Rava Madhya Pradesh ICIC0000948 5. 11.02.2022 18:39:40 7,50,000/- IPAY/ INST/ RTGS/ 027292374741/066101001989/JAY/ICIC/ Jay Prakash Balia Uttar Pradesh ICIC0000661 2. 11.02.2022 18:41:21 8,00,000/- IPAY/ INST/ RTGS/ 027292378481/066101001989/ JAY/ICIC/ Jay Prakash Balia Uttar Pradesh ICIC0000661 3. 11.02.2022 18:42:45 7,91,000/- IPAY/ INST/ RTGS/ 027292381721/066101001989/ JAY/ICIC/ Jay Prakash Balia Uttar Pradesh ICIC0000661 4. 11.02.2022 18:52:26 8,00,000/- IPAY/ INST/ RTGS/027292402121/094801004473/SUNILIC/ Sunil Kumar Rava Madhya Pradesh ICIC0000948 5. 11.02.2022 18:54:05 7,00,000/- IPAY/ INST/ RTGS/ 027292405501/094801004473/ SUNILIC/ Sunil Kumar Rava Madhya Pradesh ICIC0000948 6. 11.02.2022 18:55:27 92,000/- IPAY/ INST/ NEFT/ 027292408481/066101001989/ JAYICIC/ Jay Prakash Balia Uttar Pradesh ICIC0000661 7. 11.02.2022 20:17:34 2,00,000/- IPAY/ INST/ NEFT/ 027292553661/066101001989/ JAYICIC/ Jay Prakash Balia Uttar Pradesh ICIC0000661 8. 11.02.2022 20:19:16 2,00,000/- IMPS/ 204220195163/JAY/ ICIC/ XX1989 Jay Prakash Balia Uttar Pradesh ICIC0000661 9. 11.02.2022 20:27:07 2,00,000/- IMPS/ 204220195227/sunil kuma/ICIC/XX4473 Sunil Kumar Reva Madhya Pradesh ICIC0000948 10. 11.02.2022 20:28:59 2,00,000/- IMPS/ 204220195245/sunil kuma/ICIC/XX4473 Sunil Kumar Balia Uttar Pradesh ICIC0000948 11. 11.02.2022 20:31:18 2,00,000/- IMPS/ 204220195266/jay Prakas/ICIC/XX1989 Jay Prakash Balia Uttar Pradesh ICIC0000661 12. 12.02.2022 00:12:18 2,00,000/- IMPS/ 204300196402/rajendra s/ICIC/XX2217 Rajendra S Jalpaiguri West Bengal ICIC0001056 13. 12.02.2022 00:15:37 2,00,000/- IMPS/ 204300196409/rajendra s/ICIC/XX2217 Rajendra S Jalpaiguri West Bengal ICIC0001056 14. 12.02.2022 00:27:47 1,60,000/- IMPS/ 204300196420/sunil kuma/ICIC/XX4473 Sunil Kumar Reva Madhya Pradesh ICIC0000948 15. 12.02.2022 01:01:04 2,00,000/- IMPS/ 204301196466/sunil kuma/ICIC/XX4473 Sunil Kumar Reva Madhya Pradesh ICIC0000948 16. 12.02.2022 01:03:40 2,00,000/- IMPS/ 2043011964 68/sunil kuma/ICIC/XX4473 Sunil Kumar Reva Madhya Pradesh ICIC0000948 Total 5893000/- 17. This fact is also not in dispute that a complaint via email was lodged by the petitioner on 13.02.2022 to the Department of Respondent-Bank, dealing with such fraudulent transactions. The contents of the aforesaid complaint is reproduced as under:- “Sun, Feb 13, 2022 at 11:38 AM Fraud department of IDBI Bank Account Holder - Rakesh Totuka Account no.0013102000083988 IFSC Code IBKL0000013 Prithviraj Road C-Scheme Jaipur This is to intimate you that unauthorised transactions have taken place in our account on 11.02.2022 and 12.02.2022 without any authorisation from my end which has come to our notice today when we tried login to such an account and we could not do so. Soon after we called the customer care to know why we could not login and asked them the balance in the said account we came to know that there is hardly any balance in the account. Immediately I had requested customer care to block such an account. Soon after we called the customer care to know why we could not login and asked them the balance in the said account we came to know that there is hardly any balance in the account. Immediately I had requested customer care to block such an account. I hereby confirm that I have not authorised any transaction which had taken place in the said account on 11.02.2022 and 12.02.2022. We further submit that my registered mobile number 9001896611 was not working since 11.02.2022 afternoon. I further confirm that I have not shared any information. Regards Rakesh Totuka 9001896611” 18. The aforesaid complaint of the petitioner was decided by the Ombudsman RBI on 13.02.2022 with the following order:- “Your complaint pertained to the unauthorized electronic transactions that took place in your current account on 11-02-2022 & 12-02-2022. Basis the bank's submission and documentary evidences, the disputed transactions were OTP based and as per the logs, the OTP and debit SMS alerts have been successfully delivered to your registered mobile number. Your email was not registered with the bank and you are a frequent user of internet banking. This is a case of fraud that needs to be investigated by appropriate authority. The bank's risk monitoring system had raised alerts on the 9th and 15th transactions and these transactions were declined, however, the bank's system could not prevent further transactions despite the alerts and thereby limit the financial loss. Therefore, we had instructed the bank to make good to you the transactions that were carried out subsequent to the first alert generated after the 9th transaction, that is the last 7 transactions amounting Rs.15,60,000. The demand draft has already been handed over to you on December 09, 2022. The case is partially resolved in your favor.” 19. The petitioner is claiming entire amount of Rs. 58,93,000 but the Banking Ombudsman has awarded Rs. 15,60,000 only in favour of the petitioner. It was held that the mobile number of the petitioner was registered with the bank wherein SMS alerts were received and his email ID was not registered. The Bank’s Risk Monitoring System raised alerts on the 9 th and 15 th transactions but they were declined, however, the bank’s system could not prevent further transaction despite generating the alerts. It was held that the mobile number of the petitioner was registered with the bank wherein SMS alerts were received and his email ID was not registered. The Bank’s Risk Monitoring System raised alerts on the 9 th and 15 th transactions but they were declined, however, the bank’s system could not prevent further transaction despite generating the alerts. On the contrary, the case of the petitioner is that his mobile SIM was skipped/removed from phone due to which he did not receive any alerts but he sent the complaint to the respondent Bank immediately on 13.02.2022 at 11:38 A.M. 20. The RBI has issued a circular on 06.07.2017 regarding consumer protection, in response to the recent increase in customer grievances related to unauthorized transactions. The said circular outlines the criteria for determining liability in such cases. Clause 6 of the said circular deals with the provisions of ‘zero liability’ of a customer where the unauthorized transaction occurs. The relevant provision is reproduced as under:- “Limited Liability of a Customer (a) Zero Liability of a Customer 6. A customer's entitlement to zero liability shall arise where the unauthorised transaction occurs in the following events: (i) Contributory fraud/ negligence/ deficiency on the part of the bank (irrespective of whether or not the transaction is reported by the customer). (ii) Third party breach where the deficiency lies neither with the bank nor with the customer but lies elsewhere in the system, and the customer notifies the bank within three working days of receiving the communication from the bank regarding the unauthorised transaction. Clause 6(ii) clearly indicates that there would be zero liability of the customer if he notifies the complaint with the Bank within three working days of any unauthorized transaction. In the instant case also, the unauthorized transactions occurred in the bank account of the petitioner between 06:39 PM on 11.02.2022 till 1:30 AM on 12.02.2022 and the matter was reported to the Respondent-Bank on 13.02.2022 on 11:38 A.M. The mobile SIM of the petitioner was skipped/removed from phone, hence, he did not receive any alerts with regard to the aforesaid unauthorized and illegal transactions from his account. Hence, as per the provisions mentioned in Clause 6 of the RBI circular there would be zero liability of the petitioner as the complaint was made by him well within time i.e. within one day. Hence, as per the provisions mentioned in Clause 6 of the RBI circular there would be zero liability of the petitioner as the complaint was made by him well within time i.e. within one day. It is worthy to mention here that the above unauthorized activities occurred in the bank account of the petitioner on the weekend in the evening of Friday from 06:39 PM on 11.02.2022 which continued till the intervening night of 12.02.2022 till 1:30 AM. The Bank remained closed during these hours, hence he lodged a complaint with the respondent via E-mail on 13.02.2022 at 11:38 A.M.. The petitioner's mobile SIM was not working or compromised which prompted him to contact the service provider and that is why the petitioner had no knowledge of the unauthorized transactions prior to that time. 21. The identical situation has been dealt with by the Bombay High Court in the case of Jaiprakash Kulkarni (Supra) wherein it has been held in para 37, 39 and 40 that:- “37. Both as per the said RBI Circular and the said Policy of Respondent No. 2, a customer has zero liability when the unauthorized transactions occur due to a third party breach where the deficiency lies neither with the bank nor with the customer but elsewhere in the system and the customer notifies the bank regarding the unauthorized transactions within a certain time frame. Therefore, both as per the RBI Circular and the said Policy of Respondent No. 2, the liability of the Petitioners in respect of the said unauthorized transactions would be zero as the unauthorized transactions have taken place due to a third party breach where the deficiency lies neither with Respondent No. 2 nor with the Petitioners, as already held hereinabove on the basis of the said three Cyber Cell reports. In these circumstances, as per the RBI Circular and as per the Policy of Respondent No. 2, the Petitioner is entitled to refund of the said amount from Respondent No. 2. In this context, it is also important to note that, as per paragraph 12 of the RBI Circular, the burden of proving customer liability in case of unauthorized electronic bank transactions lies on the bank. In the present case, Respondent No. 2 has no acceptable material to fasten any such liability on the part of the Petitioners. In this context, it is also important to note that, as per paragraph 12 of the RBI Circular, the burden of proving customer liability in case of unauthorized electronic bank transactions lies on the bank. In the present case, Respondent No. 2 has no acceptable material to fasten any such liability on the part of the Petitioners. On the contrary, the three Cyber Cell Reports clearly show that the unauthorized transactions have taken place without any intimation to the Petitioners either on their mobile number registered with Respondent No. 2 or on their email ID registered with Respondent No. 2. For all the aforesaid reasons, Respondent No. 2 will have to be directed to refund the amount illegally and unauthorizedly debited from the bank account of the Petitioners, to the Petitioners. 39. A perusal of the said findings shows that, while Respondent No. 1 came to the conclusion that there was no deficiency/lapse on the part of Respondent No. 2, Respondent No. 1 did not make any proper inquiry as to whether the debit transactions had taken place with the authorisation of the Petitioners. Respondent No. 1 has merely stated that it was established that the transactions were completed post addition of beneficiaries and input of valid credentials/2FA known only to the account holder. Respondent No. 1 failed to appreciate that the adding of the beneficiaries and the debit transactions from the bank account of the Petitioners took place without any intimation to the Petitioner either on their mobile number registered with Respondent No. 2 or on their email ID registered with Respondent No. 2, as is demonstrated by the 3 Cyber Cell Reports. In these circumstances, the Order dated 10th January 2023 would be required to be quashed and set aside. 40. In the light of the aforesaid discussion we pass the following Orders: (a) Order dated 10th January 2023 passed by Respondent No. 1 is hereby quashed and set aside. (b) Respondent No. 2 is directed to refund to the Petitioner an amount of Rs. 76,90,017/- within a period of six weeks from the date of pronouncement of this Order with interest at the rate of 6% per annum from 2nd October 2022 till date of payment.” 22. Similarly in the case of Tony Enterprises (Supra) the Kerla High Court has held in para 23 to 25 as under:- “23. 76,90,017/- within a period of six weeks from the date of pronouncement of this Order with interest at the rate of 6% per annum from 2nd October 2022 till date of payment.” 22. Similarly in the case of Tony Enterprises (Supra) the Kerla High Court has held in para 23 to 25 as under:- “23. Thus, it is clear that the bank cannot claim any amount from the customer when a transaction is shown to be a ‘disputed transaction’. The bank can recover from the customers only when it can unequivocally prove that the customer was responsible for such transaction, independently through the civil court. The RBI guidelines is a clear mandate to exonerate a customer in such ‘disputed transaction’. RBI circular presumes the innocence of the customer in such given circumstances. However, this innocence can be controverted. The onus falls on the bank to prove otherwise. 24. In the present case, the police investigation prima facie established that fraud has been committed. The beneficiaries hail from West Bengal. There is nothing on record to establish any connivance on the part of the petitioners. The police investigation also would reveal that the accused obtained duplicate SIM cards by using fake identity cards. It was also brought out that the beneficiaries immediately withdrew the money from their bank accounts at West Bengal. In such circumstances, the transactions can be treated as ‘disputed transactions’. These transactions would fall within the sweep of zero liability as referred to in RBI Circular. The remedy of the bank in such circumstances is to approach the civil court and recover the amount from the persons who were responsible for such transactions. 25. As have come out of the pleadings, amounts have been debited from the loan account of the petitioners. The petitioners cannot be held responsible for such debit without establishing through the civil court that they are responsible for such withdrawal from the loan account. If any amount deposited by the petitioners also have been transferred, in the same manner, that shall be restored to the petitioners without any delay at any rate within two weeks from the date of receipt of a copy of this judgment. These directions are issued without prejudice to the bank to proceed against the persons who are responsible for these transactions through civil court. These writ petitions are disposed of accordingly...” 23. These directions are issued without prejudice to the bank to proceed against the persons who are responsible for these transactions through civil court. These writ petitions are disposed of accordingly...” 23. Likewise the Single Bench of Gauhati High Court, in the case of Smt. Jyoti Bezbarua Goswami (supra) , has held in para 20 as under:- “20. In light of the discussion made above, the Court is of the considered opinion that transactions that had taken place from the account of the petitioner vide 19 digit ATM Card No. 6220180537700030332 between 08.05.2012 and 17.05.2012 to the extent of Rs. 4,44,699.17 were unauthorized and fraudulent in nature because as per the investigation carried out by the State CID, they could find that 12 of the IP addresses through which transactions were made were located in Thane district in the State of Maharashtra. Therefore, the petitioner is not found to have any liability in respect of the said transactions to the extent of Rs. 4,44,699.17. These transactions are reflected in the statement of bank account of the petitioner, which is annexed to the affidavit filed by the respondent nos. 4 and 5. Therefore, the respondent nos. 4 and 5 are required to reverse the said amount in the savings bank account of the petitioner. However, with liberty to recover the said from the persons to whose account said money or part thereof were siphoned off. Consequently, the respondent nos. 4 and 5 are directed to deposit a sum of Rs. 4,44,699.17 in the bank account of the petitioner within an outer limit of 60 (sixty) days from the date of service of a certified copy of this order to the State Bank of India, Panjabari Branch (respondent no. 5).” 24. The Division Bench of Gauhati High Court while deciding W.A. No. 364/2022 in the case of State Bank of India Vs. Pallabh Bhowmick and Ors. vide order dated 13.09.2024 has held as under:- “42. Having heard and considered the submissions of the learned counsel for the parties and after going though the materials available on record, we are in full agreement with the learned Single Judge that the online transactions that took place on 18.10.2021 from the respondent No. 1/petitioner's Bank account were unauthorized and fraudulent in nature. No negligence on the part of respondent No. 1/petitioner could be established by the Appellant. No negligence on the part of respondent No. 1/petitioner could be established by the Appellant. Clauses 8, 9 and of the RBI Circular dated 06.07.2017 would apply. The respondent No. 1/petitioner will not have any liability.” 25. The aforesaid order passed by the Division Bench of Gauhati High Court was challenged by SBI before the Hon’ble Apex Court by way of filing Special Leave to Appeal (C) No. 30677/2024 and the same was also rejected on 03.01.2025 with the following observations in para 2 to 7 which reads as under:- “2. We are in complete agreement with the observations as contained in Para 42 of the impugned judgment referred to above. 3. All that the High Court has said is that the original petitioner who suffered the loss was not negligent in any manner. All transactions relating to the account of the respondent No.1 herein maintained with the petitioner - Bank were found to be unauthorized and fraudulent. It is the responsibility of the bank so far as such unauthorized and fraudulent transactions are concerned. The Bank should remain vigilant. The Bank has the best of the technology available today to detect and prevent such unauthorized and fraudulent transaction. Further, clauses 8 and 9 respectively of the RBI’s Circular dated 6-7-2017 make the position further clear. 4. We also take notice of the fact that within 24 hours of the fraudulent transaction, the customer, i.e., the respondent No.1 herein brought it to the notice of the Bank. 5. We expect the customers, i.e., the account holders also to remain extremely vigilant and see to it that the O.T.Ps. Generated are not shared with any third party. In a given situation and in the facts and circumstances of some case, it is the customer also who could be held responsible for being negligent in some way or the other. 6. In view of the aforesaid, we see no good reason to disturb the impugned order passed by the High Court. 7. The Special Leave Petition is, accordingly, dismissed.” 26. Even, the Delhi High Court in the case of Hare Ram Singh (Supra) has held in para 27, 33, 35 as under:- “27. Reverting back to the instant matter, it is undeniable that customer care services play a crucial role in supporting bank customers with various concerns, including suspicious account activity, compromised debit/credit card security, and issues concerning online banking services. Reverting back to the instant matter, it is undeniable that customer care services play a crucial role in supporting bank customers with various concerns, including suspicious account activity, compromised debit/credit card security, and issues concerning online banking services. The term ‘deficiency’ in service in terms of the meaning assigned vide Clause (6)(a) of the aforesaid RBI instructions, in plain dictionary meaning would imply insufficiency, shortage, dearth, deficit, shortfall and so on. Incidentally, the term ‘deficiency’ is defined under Section 2(11) of the Consumer Protection Act, 2019 to mean “any fault, imperfection or shortcoming or inadequacy in the quality, nature and manner of performance which is required to be maintained by or under any law for the time being in force or has been undertaken to be performed by a person in pursuance of a contract or otherwise in relation to any service and includes (i) any act of negligence or omission or commission by such person which causes loss or injury to the consumer or (ii) deliberate withholding of relevant information by such person to the consumer. 28 to 32. xx xx xx xx xx 33. Lastly, it is well established under the Common Law, that funds in a bank account belong to the bank, but the bank acts as an agent for the principal (the customer). Consequently, the bank cannot refuse to process an online transfer if it appears to be authorized by the customer, however, upon detecting fraud, the bank has an implied duty to exercise reasonable care and take prompt action. Unhesitatingly, there was patent deficiency in services on the part of the bank, inasmuch as the response of the bank was lukewarm, defective, and not prompt. The respondent No. 2 i.e., SBI failed to take immediate measures to take up the issue with the other REs to whom the online payment had been remitted. 34. xx xx xx xx xx 35. In view of the aforesaid discussion the present writ petition is allowed and the impugned order dated 20.10.2021 passed by the ‘BO’ is hereby set aside. A writ of mandamus is issued against the respondents No. 2 and 3/State Bank of India, to make payment of Rs. 2,60,000/- to the petitioner with interest @ 9% per annum from the date the fraud was reported i.e. 18.04.2021 within four weeks from today along with costs for legal proceedings, which is quantified as Rs. 25,000/-. A writ of mandamus is issued against the respondents No. 2 and 3/State Bank of India, to make payment of Rs. 2,60,000/- to the petitioner with interest @ 9% per annum from the date the fraud was reported i.e. 18.04.2021 within four weeks from today along with costs for legal proceedings, which is quantified as Rs. 25,000/-. The amount, if any, paid to the credit of the bank account of the petitioner, shall be adjusted towards the outstanding interest.” Conclusion:- 27. This Court finds no fault or negligence on the part of the petitioner in not responding to the alert messages sent by the respondent bank to his registered mobile number. Since the petitioner's mobile SIM was inactive or compromised, he had no means of receiving information about the fraudulent transactions made from his current account. Upon discovering that his SIM was not functioning, the petitioner promptly contacted the service provider to resolve the issue. Thus, he acted without any delay by reporting the matter to the respondent bank on 13.02.2022 at11:38 A.M. and subsequently, lodged an FIR on 14.02.2022. On 06.07.2017, the RBI has issued a circular to the banks across the country regarding unauthorized electronic banking transactions. This circular was the result of a review of criteria for determining the customers liability in the cases of unauthorized transactions and considering the increased thrust on financial inclusion and consumer protection and the surge in grievances pertaining to unauthorized debits from customers account. The object of the circular is to put the banks in a place fraud detection and prevention mechanism, a mechanism to access and mitigate risks, as well as a system of continuously advising customers on how to safeguard themselves against banking and payments related frauds. 28. As per the RBI circular dated 06.07.2017 in such like matters, the complaint is required to be made within three working days, while in the instant case, the complaint was made on the next day of fraud which is prior to the stipulated period. 29. In the present case, there was glaring service deficiency on the part of the respondent- Bank. Despite the petitioner’s prompt intimation regarding the fraudulent transaction, the respondent- Bank failed to demonstrate any sense of urgency or exercise due diligence. This reflects a clear negligence on their part, in discharge of their duty to act swiftly upon receiving notice of the fraud. Despite the petitioner’s prompt intimation regarding the fraudulent transaction, the respondent- Bank failed to demonstrate any sense of urgency or exercise due diligence. This reflects a clear negligence on their part, in discharge of their duty to act swiftly upon receiving notice of the fraud. No immediate steps were taken by the respondent to initiate a chargeback, retrieve the funds, or freeze the suspicious accounts, thereby failing to prevent the petitioner’s money from being illegal and unauthorizedly transferred to unknown accounts. 30. The SMS alerts of all the transactions were not sent to the petitioner. Alerts of some of the transactions were sent but the same were not received by the petitioner due to skipping off of his mobile SIM. The respondent-IDBI bank cannot shy/walk away from its responsibility to safeguard the petitioner or other customers from unauthorized transaction reported from their account. If the account is maintained by the bank, the bank itself is liable for its safety and security. Any systematic failure, whether by malfeasance on the part of its functionaries or by any other person (except the customers/account-holder), is its responsibility and not of the customers. 31. Hence, this Court finds that the Banking Ombudsman has failed to consider the entire gamut of the controversy and has overlooked the aforesaid material aspects of the matter and also failed to appreciate the mandate contained under Clause 6 of the RBI circular dated 06.07.2017. Consequently, the impugned order dated 13.12.2022 is liable to the quashed and set aside, as the same is not sustainable in the eyes of law. The transactions in question would resultantly fall within the sweep of “zero liability” of the petitioner, as referred in the above RBI Circular dated 06.07.2017. Therefore, the respondent-Bank is liable to refund the entire amount to the petitioner with interest. 32. The Court finds no substance in the arguments of the respondents that the Banking Ombudsman and service provider Jio were not implemented as party in this petition. The Banking Ombudsman, being merely a persona designata, has passed the impugned order but does not have the authority to support or defend that order before this Court. Similarly, the mobile service provider, is neither a proper nor necessary party to this writ petition, as no relief has been sought against it. 33. The Banking Ombudsman, being merely a persona designata, has passed the impugned order but does not have the authority to support or defend that order before this Court. Similarly, the mobile service provider, is neither a proper nor necessary party to this writ petition, as no relief has been sought against it. 33. In view of the aforesaid discussion, the present writ petition is allowed and the impugned order dated 13.12.2022 passed by the Banking Ombudsman stands modified. The respondent IDBI Bank is directed to pay Rs. 58,93,000/- to the petitioner after adjusting the amount of Rs. 15,60,000/- (if already disbursed to the petitioner) and pay interest @ 6% per annum on the balance amount w.e.f. 13.12.2022 till the date of actual payment. 34. It goes without saying that this order would be complied by the respondent Bank within a period of three months from the date of receipt of the certified copy of this order. Directions:- 35. Before parting with this order, this Court feels pain to observe that in the age of rapid change of digital evolution, digital scams have emerged as one of the most insidious form of cyber crime. Digital scams pose a significant threat to our interconnected world, hence, there is a necessity for a multi-faceted approach to combat them effectively. Different countries have adopted legislation, public awareness, campaign, technological innovations and collaborative initiatives to mitigate the risk associated with these scams. While challenges remain, ongoing efforts and commitments at local, national and international levels signify a promising trajectory toward reducing the prevalence and impact of digital arrest scams. The shared experiences and strategies from various nations serve as crucial learning points in this ongoing battle against cybercrime. Ultimately, empowering individuals with the knowledge and tools to resist such scams will be paramount in this fight. 36. Though several steps have been taken at the various levels of the Government but in order to curb out the current and dangerous situation further more serious steps are required to be taken by all the stakeholders. 37. Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (for short 'Rules of 2021') have been enacted by the Government to control the activities of social media platforms, over the top platform and digital news portals. These Rules track out the source of damaging information. 37. Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (for short 'Rules of 2021') have been enacted by the Government to control the activities of social media platforms, over the top platform and digital news portals. These Rules track out the source of damaging information. It has been found that data is being sold by some of the social media companies and the same are misused by the accused involved in committing such cyber crimes with the innocent public at large. Our country's growing technical progress and increased penetration are reflected in the rise of cyber crime in the nation. Let strict action be taken against all those delinquents including Companies, who are selling the data of each individuals, which is misused by the accused persons by way of different means and committing cyber crimes. Let strong mechanism be prepared to save the innocent persons from losing their hard earned money. 38. It is right and high time to launch a public campaign through print, electronic, social media, television, and FM radio, ensuring that awareness is spread every hour, every day, to reach the general public. 39. In terms of the RBI circular dated 06.07.2017 all banks are required to provide its customers with 24x7 access through multiple channel via website, phone banking, SMS, e-mail, IVR a dedicated toll-free helpline, reporting to home branch, etc. for reporting unauthorized transactions. The fraud reporting system of banks is also established to ensure that customers' complaint is immediately responded to, with a registered complaint number. In case a report is made regarding unauthorized transaction in an account, it is for the banks to ensure that no further unauthorized transaction takes place in the account. 40. Office is directed to send a copy of this order to the respondent Nos. 1 to 3 i.e. Department of Finance and Reserve Bank of India for making necessary compliance and to take more suitable measures to protect customers and their hard-earned money.