New Delhi (India), 13th May 2023: Madras High Court has ordered the Reserve Bank of India (RBI) to order Paytm, a digital payment company, to reimburse a post-graduate medical student who lost Rs 3 lakh due to fraudulent transactions and hackers.
On February 9, 2023, the petitioner received an SMS alert that her bank account had been hacked. Two days later, she requested that her account be blocked after receiving two more such alerts.
However, on February 13, 2023, she was alerted to another identical effort, which was followed by another on February 15. Following each alarm, the petitioner contacted her bank and requested that her account be blocked.
However, on February 15, 2023, Rs 3 lakh was unintentionally taken from her account within a few minutes.
The petitioner immediately filed a written complaint with both the bank and the police. When she discovered that certain transactions had been made from her bank account to the Paytm accounts of six unknown individuals, she filed a complaint with Paytm as well.
However, City Union Bank and Paytm blamed each other and refused to compensate the petitioner.
The City Union Bank claimed in court that the fraud was not committed through the bank and that the entire issue was with the UPI service provider, i.e., Paytm, and so it could not be held accountable.
Paytm, on the other hand, stated that transactions conducted through it are entirely safe and secure, and that per RBI standards, if a loss occurs to the consumer due to his/her own stupidity in revealing payment credentials, etc., the user is solely accountable.
The court stated that it was evident from the facts of the case that it was not the petitioner who had knowingly or unknowingly provided her PIN or other credentials to the fraudsters.
The bench of Justice RN Manjula rejected Paytm’s argument that it could not be held accountable because it is merely a facilitator and online conduit provider for payments, with no technical or otherwise controlling control over the secured transactions. Paytm further claimed that because it is not a bank or other authority under Article 12, it is not subject to writ jurisdiction.
Despite agreeing with the contention that Paytm could not be handed a directive under writ jurisdiction because it is a private body, the court stated that the relief might be framed in such a way that instructions are issued to the RBI to take action against Paytm for violating its own norms.
The court stated, “A complaint had been made by the customer to her banker, and the banker had kept in touch with Paytm, therefore, Paytm can not disown its liability.”
The court further noted that the fraudsters had utilised the Paytm application to steal money from the petitioner’s account, and that the City Union Bank had notified Paytm within the required time frame.
As a result, while noting that, according to RBI guidelines, if a non-bank Prepaid Payment Instrument (PPI) issuer, such as Paytm, is unable to resolve the complaint and determine the customer’s liability within 90 days, it is obligated to pay the customer compensation, regardless of whether the negligence is on the part of the customer or otherwise.