.png)
Kembai Srinivasa Rao is a former banker who teaches and usually writes on Macroeconomy, Monetary policy developments, Risk Management, Corporate Governance, and the BFSI sector.
November 11, 2025 at 3:42 AM IST
The Half-Year Payments Systems Report (PSR) - June 2025, released by the RBI, highlights the growth of the digital banking system. Its transformation has a widespread impact on the banking and finance ecosystem. The game-changing Unified Payments Interface has completely revolutionised digital payments, driving significant improvements across payment methods and promoting a more diverse and inclusive payments ecosystem. The RBI's Digital Payment Index increased fivefold from a baseline of 100 in March 2018 to 493.22 in March 2025, further reflecting the broad adoption of digital payments.
A significant challenge to the growth of digital banking is the increasing level of cyber risks. More importantly, over the past five years, the rise in digital banking fraud has highlighted growing vulnerabilities due to the increasing sophistication of cyber attackers.
During 2021-22, reported card and internet banking cyber frauds increased by 34%, totalling 3,596 cases. The amount involved in cyber frauds increased by 20% over two years, reaching ₹ 1.55 billion. Although the total monetary value of digital payment frauds remains small relative to the transaction base, the number of customers affected by cyber threats continues to grow steadily.
During 2024-25, there were 13,516 digital payment fraud cases, making up approximately 56.5% of all banking fraud cases. Of the total 900,000 complaints received by the RBI – Banking Ombudsman, 42% to 45% were related to digital payments and online banking issues, respectively, highlighting challenges in cybersecurity, fraud, failed transactions, and errors on digital platforms.
Therefore, among other issues, cyber risks pose the most significant challenge to the banking system's full utilisation of digital technology. In Industry 5.0, where new AI/ML/LLM-driven technologies rapidly evolve and integrate with existing systems to enhance efficiency, finding innovative ways to manage cyber risks more effectively will be vital for providing sustainable digital banking services and instilling trust among users.
Cyber risk, a vital part of operational risk, can lead to unauthorised access to data, data breaches, financial theft, operational disruptions, and the loss of sensitive financial information through cyberattacks on digital banking systems and infrastructure.
Rising cybercrime, phishing, and fraud are undermining user trust, leading banks to invest heavily in security systems to safeguard stakeholder interests.
Cyber Risks for Banks
Cyber risks could disrupt hundreds of thousands to millions of transactions, turn off ATMs, or even shut down a bank's online services for hours or days. Data breaches can result in the theft of millions of records, regulatory penalties, loss of public trust, reputational harm, and significant direct financial losses via high-value heists or extortion. The interconnectedness of banks increases systemic risk—an attack on one institution can spread to others in payment, clearing, or financial market systems.
Similarly, cyberattacks can target individual account holders, typically on a smaller scale, but they tend to occur more frequently, affecting a large number of customers. Common types include phishing, vishing, smishing or fraudulent SMS, social engineering, fake digital banking apps, SIM swap fraud, card skimming, and credential theft. Attackers attempt to steal login details or personal information to conduct unauthorised transactions or commit identity theft through impersonation.
Mule accounts are another type of primary channel used to launder funds from cybertheft, phishing, ransomware payments, and online scams. They undermine Anti Money Laundering and KYC safeguards. An increasing number of mule accounts could facilitate a wide range of cyber-enabled crimes—such as phishing, identity theft, fake job scams, e-commerce, and investment fraud—by swiftly routing and concealing the proceeds.
The impact of cyber risks on individual accounts may be highly disruptive for victims, including the loss of funds, a temporary fund freeze, identity theft, blackmail, or reputational harm. Typically, these incidents involve smaller amounts, but the total number is substantial due to widespread targeting. Most individual attacks rely on exploiting human errors, such as sharing passwords or OTPs, or installing malicious apps on personal devices, due to a lack of adequate digital and financial literacy.
In the wake of a surge in new online bank accounts, banks must safeguard and enhance the rigour of their internal systemic controls to detect mule accounts, secure third-party services, keep software up to date, and train employees to respond effectively to evolving any such cyber threats. Cybersecurity in digital banking protects the integrity, confidentiality, and availability of sensitive financial data, builds customer trust, and ensures the security of digital transactions. Sensitising employees to the nuances of cyber risks should be integrated into day-to-day digital banking operations.
Mitigating Cyber Risks
In the evolving digital banking ecosystem, banks must adopt a multi-pronged approach to investing in technology upgrades to mitigate cyber risks. Among others, the collaborative risk mitigation strategies should include
(i) Advanced Threat Detection & Automated Response through deploying AI- and machine learning-driven platforms for real-time threat detection, anomaly monitoring, and automated incident response. Use deception technologies such as decoys and honeytokens) to trap intruders and analyse attack methods.
(ii) Build Zero Trust Architecture & Access Control to Implement a "never trust, always verify" framework—minimise network privileges, enforce strong authentication, and segment critical data/systems from the internet and from each other. Ensure strict control and detailed logging of all privileged user activity, with regular review.
(iii) Regular Employee Training & Cyber Hygiene need to be maintained by launching cyber awareness and social engineering resistance training for all staff, focusing on phishing, vishing, deepfakes, and evolving fraud techniques. Mandate strong password policies, multi-factor authentication, and device hygiene practices such as prompt software updates and restricting USB access.
(iv) Institutionalise faster incident response, recovery, and business continuity by integrating appropriate disaster recovery plans to ensure rapid containment, forensics, and restoration after breaches.
(v) Banks must enhance monitoring and secure cloud-based assets through continuous vulnerability assessments, ensuring that the cloud configurations are proper and thoroughly audited.
(vi) The growing interconnectedness among institutions increases vendor and third-party risks, which are part of operational risks, and any malicious disruption to digital systems could result in cyber risks. Therefore, it is vital to enforce strict cybersecurity standards for fintech partners, vendors, and service providers, including regular due diligence, contractual clauses, and incident notification protocols.
(vii) Banks should continuously share information on the modus operandi of cyber risks and embrace comprehensive cyber-risk assessment and governance standards. Periodically audit and test all systems (including penetration testing and red teaming), updating policies and controls as threats evolve.
To effectively tackle cyber risks, it is essential to establish board-level oversight and implement cross-functional governance for cyber risk, ensuring prompt regulatory compliance and transparent incident reporting. Financial intermediaries should participate in sectoral and inter-bank intelligence forums and cyber drills to stay updated on emerging threats and best practices.
The task of building digital capabilities for business growth should be reinforced with increased rigour in cyber risk management to safeguard both institutional and customer safety from cyber threats. The cyber intelligence network must be capable of blocking any attempts to compromise the digital security of banks and customer accounts. Technology investments should strike a balance between capacity development and protection against cyber risks. In addition to strengthening technology infrastructure, upgrading employees' skills is vital in fighting cyber threats.
More From BasisPoint
