Bengaluru | November 28, 2025 – The Additional District Consumer Commission in Bengaluru has mandated Canara Bank to reimburse ₹1,75,000 to BC Gayatri, a 57-year-old resident of Uttarahalli, who fell victim to cyber fraud. The commission found the bank accountable for its inability to detect and stop unauthorized transactions, identifying this as a significant shortfall in their service.
Unauthorized Transactions Spark Legal Action
This case traces back to May 4, 2024, when Gayatri noticed four unauthorized withdrawals from her Canara Bank savings account, amounting to ₹1,75,000. Relying exclusively on her debit card for transactions, she did not have access to internet banking, mobile banking, or UPI services. Her salary was directly deposited into this account, which she primarily used for cash withdrawals.
Upon discovering the suspicious activity, Gayatri immediately contacted her bank and also filed a complaint with the police. An FIR was lodged on May 6, 2024. However, after the bank failed to refund the stolen amount, she escalated the matter to the banking ombudsman, which unfortunately did not yield any resolution. Subsequently, on July 15, 2024, she issued a legal notice to the bank and, on September 4, 2024, filed a consumer complaint citing inadequate service.
Bank’s Defense: Transactions Authenticated
In its defense, Canara Bank claimed that the transactions in question were authenticated using Gayatri’s registered mobile device. They emphasized that mobile banking and UPI registration requires verification through debit card details, one-time passwords (OTPs), and activation codes. According to the bank, these transactions were correctly validated using MPIN/UPIN and proper login credentials, asserting that SMS alerts had been sent to her registered number. Therefore, the bank sought to dismiss the complaint, alleging that Gayatri had not approached the consumer forum with honest intentions.
Burden of Proof on the Bank
The Consumer Commission, while noting that the responsibility typically lies with the complainant in cases of alleged deficiency, acknowledged that Gayatri’s account of events was both consistent and supported by evidence showing the absence of mobile banking, internet banking, or UPI apps on her device. The bank did not contest these details nor did it deny that Gayatri promptly informed them about the fraudulent withdrawals and the subsequent filing of a police complaint.
The commission concluded: “The complainant suffered a loss without any negligence on her part. All transactions from her account were unauthorized and fraudulent. Consequently, the liability for these transactions resides with the bank, which possesses the necessary technology to detect and prevent fraud.”
Commission Finds Bank Negligent
Highlighting the bank’s failure to leverage available technology to avert unauthorized transactions, the commission ruled in Gayatri’s favor. On August 11, 2025, Canara Bank was ordered to refund the sum of ₹1,75,000, including interest at 6.5% from the date of her initial complaint until it is cleared, along with an additional ₹2,000 to cover legal expenses.
This case emphasizes the pressing need for vigilance and accountability from financial institutions as the threat of cyber fraud continues to rise. It sets an important precedent for consumer protection in cases where banks neglect to prevent unauthorized digital transactions.
