UPI frauds peak in FY24, show signs of decline: Parliament data
Domestic UPI payment frauds peaked in the financial year ended March 2024, both in terms of volume and value, before declining in the following year and showing further moderation so far in the current fiscal, provisional government data shows.
In FY24, India recorded 13.42 lakh UPI fraud incidents involving Rs 1,087 crore, the highest level since the real-time payments system became mainstream. That represented nearly a five-fold jump in value from FY22, and nearly double the number of cases reported just a year earlier.
The numbers since then suggest a pullback.
In FY25, reported incidents fell to 12.64 lakh, while the total amount involved declined to Rs 981 crore. For the ongoing FY26, data available till November shows 10.64 lakh incidents amounting to Rs 805 crore, indicating that while fraud remains elevated, the growth curve has flattened and begun to turn.
On grievance redressal, the government told Parliament that 22% of reported fraud cases were acted upon within seven days and 92% within 30 days during April–September 2025, either through recovery or rejection. However, only about 6% of fraud chargebacks were successfully recovered, underlining the limits of post-facto remedies once funds have been siphoned off.
.thumbnailWrapper{
width:6.62rem !important;
}
.alsoReadTitleImage{
min-width: 81px !important;
min-height: 81px !important;
}
.alsoReadMainTitleText{
font-size: 14px !important;
line-height: 20px !important;
}
.alsoReadHeadText{
font-size: 24px !important;
line-height: 20px !important;
}
}
The figures were disclosed by Minister of State for Finance Pankaj Chaudhary in response to a question on the rise in cybercrime and UPI-linked frauds. The government acknowledged that fraud cases rose alongside the rapid expansion of digital payments, but pointed to a series of regulatory and technical interventions aimed at containing the damage.
Regulators and the payments ecosystem have since moved to tighten controls. The Reserve Bank of India proposed setting up a digital payments intelligence platform in FY25 to enable real-time, network-level sharing of suspicious transaction data across banks and fintechs. A committee has been formed to define what data entities will share and how fraud alerts will be routed into the central fraud reporting system.
NPCI, which operates UPI, has rolled out multiple rules and technology changes over the past two years. These include stricter device binding, mandatory two-factor authentication via UPI PINs, daily transaction caps, and tighter limits on specific use cases prone to abuse. NPCI also runs AI and machine-learning-based real-time monitoring systems that flag abnormal transaction patterns and allow banks to block or decline suspicious transfers.
More recently, NPCI tightened UPI API usage to curb both fraud and system abuse. High-frequency APIs such as balance enquiries, account list retrieval and transaction status checks are now capped, with enforced cooldown periods between repeated requests. A mandatory display of the recipient’s registered name and transaction ID before authorisation has also been introduced to reduce spoofed and misdirected payments.
Edited by Jyoti Narayan
Discover more from News Link360
Subscribe to get the latest posts sent to your email.
