Bengaluru woman wins refund after cyberfraud, consumer panel holds bank liable

BENGALURU: A 57-year-old Uttarahalli resident, who lost a significant sum from her savings account after falling victim to a cyberfraud, has secured relief from the Bengaluru Urban I Additional District Consumer Commission. The commission has directed Canara Bank to refund the defrauded amount along with interest, holding the bank responsible for failing to detect and prevent the unauthorised transactions.

Fraud unfolds despite customer having no digital banking

The case dates back to May 4, 2024, when miscreants hacked into the savings account of BC Gayatri and siphoned off ₹1.75 lakh through four fraudulent transactions. Gayatri, a salaried employee, maintained her account at Canara Bank’s Chamarajpet branch and stated that she had never used internet banking, mobile banking, or any UPI service. She relied solely on her debit card for transactions.

Upon noticing the unauthorised transfers, Gayatri immediately alerted the bank and filed a police complaint. An FIR was registered on May 6, 2024. However, the bank did not reimburse the amount, forcing her to approach the banking ombudsman. With no resolution in sight, she served the bank a legal notice on July 15, 2024. Receiving no response, she filed a complaint before the consumer commission on September 4, 2024, alleging deficiency in service.

Bank denies liability, claims transactions were authenticated

After the complaint was admitted, Canara Bank responded through its counsel, arguing that Gayatri had not approached the forum with clean hands and was therefore not entitled to relief. The bank acknowledged that the complainant had reported fraudulent online transactions on May 4, 2024, but alleged that the transfers were made using the mobile device registered with the bank.

It further stated that mobile banking and UPI activation required validation via debit card credentials, OTP and activation codes—information known only to the customer. The bank contended that the transactions were authenticated using MPIN/UPIN and login credentials, with SMS alerts sent to the registered mobile number. Based on this, the bank insisted the transactions were authorised and requested dismissal of the complaint.

Commission evaluates burden of proof

The consumer commission reviewed the evidence submitted by both sides and observed that the burden of proof lies heavily on the complainant when alleging deficiency in service. Gayatri consistently maintained that she did not possess any digital banking facilities and did not have applications such as Google Pay, PhonePe or Paytm on her phone.

Significantly, the bank did not explicitly dispute these claims. It also did not contest the fact that Gayatri promptly informed the branch about the fraudulent withdrawals and filed a police complaint without delay.

The commission held that Gayatri had suffered financial loss without any negligence on her part. It noted:
“All transactions from her account were unauthorised and fraudulent. Therefore, the responsibility for such transactions rests with the bank, which has access to modern technology to detect and prevent such fraud.”

Bank found to have failed in vigilance

According to the forum, Canara Bank failed to exercise the level of vigilance expected from a financial institution equipped with advanced fraud-detection systems. Despite having access to real-time monitoring tools, the bank did not flag or prevent the suspicious transactions carried out in quick succession.

The commission concluded that the bank’s inability to detect and stop the unauthorised transfers constituted a clear deficiency in service. It held the bank accountable for failing to protect the customer’s funds from cybercriminals.

Compensation awarded

On August 11, 2025, the Bengaluru Urban I Additional District Consumer Commission directed Canara Bank to refund the defrauded amount of ₹1.75 lakh to Gayatri. The bank has also been ordered to pay 6.5% interest on the amount from the date of filing of the complaint until realisation, along with ₹2,000 towards legal costs.

The ruling offers hope to victims of cyberfraud who struggle to seek accountability from financial institutions. It also reiterates that banks must exercise greater diligence to ensure customer protection in the digital age.