The Reserve Bank of India (RBI) has revealed that the total value of banking frauds surged nearly threefold to ₹36,014 crore in the financial year 2024–25 (FY25), compared to ₹12,230 crore in FY24. This significant rise is primarily attributed to the reclassification of 122 earlier cases following a Supreme Court ruling dated March 27, 2023.
Despite the spike in fraud value, the number of reported fraud cases actually declined to 23,953 in FY25 from 36,060 the previous year. The RBI clarified that the rise in fraud value stems from the fresh reporting of previously excluded cases worth ₹18,674 crore, which were reviewed and reclassified in compliance with the court judgment.
The report highlighted that digital payment channels—especially those involving cards and internet transactions—accounted for the majority of frauds in terms of number. However, when it came to the total amount involved, most frauds were linked to loans and advances.
Private sector banks were found to be more prone to digital payment-related frauds, contributing to nearly 60% of the total fraud cases. On the other hand, public sector banks bore the brunt in terms of the financial impact, with over 71% of the total fraud value and a concentration in the loan segment.
Overall, over 33% of the fraud cases were related to advances, and they represented a massive 92% of the total value. Notably, frauds involving cards and online payments accounted for 13,516 cases, or 56.5% of all incidents reported in FY25.
The RBI noted that the figures only include cases involving amounts of ₹1 lakh or more and may be revised as institutions update their data. It also clarified that the total fraud amount does not equate to actual losses, as some of the funds may be recovered or were not fully diverted.
To tackle the growing threat of digital fraud, the RBI announced plans to launch dedicated internet domains—’bank.in’ for banks and ‘fin.in’ for non-bank financial entities. This initiative, to be managed by the Institute for Development and Research in Banking Technology (IDRBT), aims to bolster cybersecurity, reduce phishing threats, and enhance public trust in digital banking platforms. Domain registrations for financial institutions are expected to begin in FY26.
