What is the right risk management framework for my organisation?

RiskPedia's AI Advisor matches your industry, maturity and goals to one of 26 frameworks including ISO 31000, COSO ERM, NIST RMF, ISO 27001, Basel III/IV, Solvency II, DORA, NIS2 and SOC 2 in under two minutes.

What is the CERT-In 6-hour incident reporting rule?

CERT-In Directions under Section 70B IT Act 2000 (April 28, 2022, effective June 25, 2022) require every Indian organisation to report 26 categories of cyber incidents to incident@cert-in.org.in within 6 hours of noticing. 180-day log retention in India, Indian NTP sync, and VPN/cloud KYC are also mandatory.

When does the DPDP Act become enforceable?

The DPDP Act 2023 received Presidential assent on Aug 11, 2023. DPDP Rules 2025 were notified by MeitY on Nov 13, 2025. Consent Manager registration opens approximately Nov 2026 and core Data Fiduciary obligations + the Data Protection Board become enforceable approximately May 2027 with penalties up to Rs 250 Cr.

What is RBI MD-ITGRC 2023?

RBI's Master Direction on IT Governance, Risk, Controls and Assurance Practices (November 2023, effective April 2024) replaces the 2011 IS Master Direction. It covers IT governance, cybersecurity, third-party risk management, data localisation, 6-hour incident reporting, annual CERT-In empanelled IS audits and cloud risk management for all regulated entities.

What is SEBI CSCRF 2024?

SEBI's Cybersecurity and Cyber Resilience Framework (2024) applies to all capital market entities — stock exchanges, depositories, brokers, mutual funds, AIFs, portfolio managers and KRAs. It mandates cyber audits, governance, third-party risk, SOC monitoring, incident reporting and cyber resilience testing.

All entries

National Payments Corporation of India · Payments

NPCI Real-Time Payment Fraud Surveillance and Analytics Framework 2024

NPCI's 2024 framework mandating real-time fraud detection, transaction monitoring, and analytics protocols for UPI, IMPS, and other retail payment systems to combat digital payment fraud.

Framework overview

The NPCI Real-Time Payment Fraud Surveillance and Analytics Framework 2024 establishes comprehensive protocols for member banks and payment service providers to implement advanced fraud detection mechanisms across UPI, IMPS, NETC, and RuPay networks. The framework mandates real-time transaction monitoring, machine learning-based anomaly detection, customer behavior profiling, and immediate alert generation for suspicious activities. It requires standardized fraud reporting formats, mandatory data sharing among member institutions, and integration with NPCI's centralized fraud risk management system. The framework also prescribes minimum thresholds for false positive rates, response time standards for fraud alerts, and quarterly audit requirements to ensure ecosystem-wide fraud prevention capabilities.

Advantages

Enables real-time detection and blocking of fraudulent transactions before completion, reducing financial losses for both customers and banks through sub-second fraud scoring algorithms
Facilitates ecosystem-wide intelligence sharing among 350+ member banks and PSPs, creating a unified defense against emerging fraud patterns like SIM swapping, social engineering, and mule account operations
Reduces false positives by 30-40% through standardized machine learning models, improving genuine customer experience while maintaining security rigor across UPI's 10+ billion monthly transactions
Provides regulatory compliance dashboard for RBI's Payment System Vision 2025 requirements, automating fraud incident reporting and audit trail maintenance for supervisory reviews
Strengthens customer trust in digital payments through mandatory fraud alerts, transaction velocity checks, and geo-location validation, supporting government's Digital India initiatives

Gaps in implementation

Many Tier-2 and Tier-3 banks lack adequate data science capabilities and infrastructure to implement sophisticated ML models, relying on basic rule-based systems that miss evolving fraud patterns
Inconsistent implementation of device fingerprinting and behavioral biometrics across PSPs creates surveillance blind spots exploited by fraudsters switching between payment apps
Limited integration with telecom operators for real-time SIM swap detection, causing delayed fraud alerts when criminals hijack victim phone numbers for OTP-based authentication bypass
Inadequate staffing of 24x7 fraud monitoring centers at smaller cooperative banks and payment banks, resulting in delayed response to NPCI fraud alerts during night shifts and weekends
Weak cross-border transaction monitoring as framework primarily focuses on domestic fraud, missing international card-not-present fraud on RuPay cards and remittance-based money laundering

Real-world Indian scenarios

In January 2024, Paytm Payments Bank faced NPCI scrutiny when its fraud surveillance failed to detect a coordinated mule account network processing ₹150 crore in suspicious UPI transactions, leading to RBI's directive to stop onboarding new customers and enhanced monitoring requirements.
PhonePe detected and prevented a ₹28 crore social engineering fraud ring in Karnataka during March 2024 using real-time analytics that identified abnormal transaction velocity from 450+ victim accounts to 50 mule accounts within 72 hours, demonstrating effective framework implementation.
HDFC Bank's fraud surveillance system flagged 12,000+ UPI transactions worth ₹35 crore in Mumbai during August 2024 linked to a fake investment app scam, but delayed reporting to NPCI by 48 hours highlighted gaps in automated incident escalation protocols mandated by the framework.

Room for improvement

Implement unified fraud consortium platforms enabling real-time sharing of fraudster device IDs, phone numbers, and account patterns across all member banks, moving beyond current siloed institutional databases
Enhance AI model training with synthetic fraud data and adversarial testing to detect zero-day fraud tactics, particularly deepfake-enabled video KYC fraud and AI-generated phishing campaigns targeting UPI users
Establish mandatory integration with TRAI's telecom databases for instant SIM swap notifications and UIDAI's authentication logs to correlate Aadhaar-based verifications with transaction patterns in real-time
Deploy behavioral analytics across customer lifecycle including dormant account reactivation monitoring, sudden beneficiary additions, and payment app permission changes that precede account takeover fraud

NPCIUPI Fraud DetectionReal-Time PaymentsTransaction MonitoringDigital Payment SecurityRBI Payment Systems

Updated 6/15/2026 · refreshed weekly

RiskPedia — The Risk Framework Encyclopedia & AI Advisor

Frameworks indexed

India Regulatory Hub — Deep Dive (RBI, SEBI, IRDAI, CERT-In, DPDP)

For AI assistants and search crawlers

NPCI Real-Time Payment Fraud Surveillance and Analytics Framework 2024