Can RBI fix flaws in NEFT?

In spite of the myriad of options for digital transactions like Bhim UPI, e-wallets, NEFT or National Electronic fund transfer is popular among many Indians. NEFT transactions increased from Rs 172.22 lakh crore in FY18 to Rs 229.45 lakh crore in FY20. Thanks to digital banking in general and NEFT in particular, footfall in banks has steadily declined by over 50% over the past 3 years.

Before we understand the flaws in the present NEFT system and the possible solutions, let us understand NEFT a bit. NEFT was started in November 2005 by India’s banking regulator Reserve Bank of India (RBI). NEFT allows bank customers to transfer funds between two NEFT-enabled bank accounts through electronic messages and uses an hourly batch processing system.

RBI has taken proactive actions to ensure safe transactions for the general public. A case is the recent swift actions from the regulator in curbing unauthorised ‘lightning speed’ loan disbursal apps. However, fund transfer using NEFT can be very stressful due to flaws in the existing system. RBI would do well to address the flaws and help in strengthening the system.

When someone plans to transfer money using NEFT from one bank to another bank, the first step is to register the payee or recipient. As part of the registration process, some banks require the payee account number to be entered twice to avoid errors, while other banks register the payee with a one-time entry of the account details. Where is the flaw? The current system does not check if the payee details - account number, IFSC code, and name entered are accurate. What prevents the current system to validate the information as done in the case of UPI for fund transfer?

The process gets tricky during the actual transfer. If the payee account number is wrong and there is no other account with this account number within the payee’s bank, the amount will be returned to the sender’s account. If the account number is a valid account held by another individual within the payee bank, the amount will be credited into his/her account without any check for name or branch code.

To avoid erroneous transfer, wise people suggest that first a token amount be transferred before the full amount. In this digital age, there is no need for such two steps process, if the system validates the payee details during registration. Also, NEFT transfer should not be done without matching the name and IFSC code. If these two steps are mandated by RBI, erroneous money transfer cases can be completely eliminated.

What happens in the event of an erroneous transfer? Anecdotal data indicates that over 70-80% of the unintended recipients promptly alert their banks and the money is returned to the sender. Banking experts indicate that the prompt action from the unintended recipients can be attributed to genuine good intent or fear of potential implications considering that the money has been credited from an unknown sender. The present system provides a great opportunity for the rest of 20-30% of the cases, allowing them to make quick money and abscond. While banks would try to recover the money on a “best-effort” basis, there is no legal protection for the fund transferor.

Of course, the transferor’s fault is that he or she entered the wrong account number. Just imagine a situation where an erroneous transfer resulted in the amount credited into a fraud’s account outside the state. Essentially, Digital banking infrastructure has simply failed in providing a timely alert and allowing preventive or corrective action. It is concerning that the flaws with the NEFT system is well known among banking staff, yet no action is taken in the guise of system limitation.

RBI’s move to allow 24x7 availability of NEFT and RTGS is welcome. However, the support system and infrastructure for this are completely missing. Attempts to contact the phone help or Website/ email etc is futile. Meaningless automated response stating that the issue will be taken up within 48 hours is not helping. Urgent need for RBI to mandate the Banks to provide a resolution within an SLA (Service Level Agreement) 30 minutes or 60 minutes is needed.

With rapid advancements in technologies like AI/ML, the banking infrastructure must provide the alerts to the Bank managers to prevent fraudulent transactions.

Is the RBI listening?

(The writer is an ICT professional and columnist based in Bengaluru)