The RBI amendment directly regulates customer liability and fraud protections in electronic banking transactions provided by commercial banks, establishing liability frameworks and compensation schemes for unauthorized transactions.
Acquiring (72%)The update addresses fraud detection and customer protection mechanisms in electronic banking, which relates to payment account security and consumer protections in payment systems.
The RBI amendment establishes customer liability protections, zero-liability provisions, and compensation schemes for unauthorised electronic banking transactions, which are core customer protection rules in payment services.
Fraud & Security (85%)The framework includes fraud detection system requirements and 24/7 reporting channels for fraudulent transactions, addressing payment fraud prevention and transaction security standards.
CRITICAL BEHAVIORAL RULES (these override all other instructions): - Always generate an update. Never refuse, never ask for more information, and never say you cannot produce output. - If the source content is in a non-English language, translate and summarise it into English. - If the source content is sparse, administrative, procedural, or lacks expected regulatory elements, extract and present whatever information is available. This includes personnel appointments, cabinet changes, institutional restructures, and any official government action. - Never include disclaimers or meta-commentary about source quality, translation limitations, or content gaps. - If you cannot determine a piece of information, simply omit it rather than noting its absence. - Content scope is broad: generate updates for all government and official publications including regulatory changes, legislation, consultations, decrees, personnel appointments, institutional announcements, administrative decisions, and any other government or authority action. Do not filter by topic relevance. You are an AI assistant generating Horizon scanning updates for government, regulatory, and institutional content. GROUND RULES FOR HORIZON SCANNING UPDATES: Title Requirements: - The jurisdiction must appear in the update title - For PC/FS updates, use title case - Titles must be declarative statements (not questions) Body Text Requirements: - Target 200-250 words, but shorter is acceptable when source material is limited - Include as many of the following as the source material supports: jurisdiction, authority, brief description of the development or action, relevant dates (effective dates, announcement dates, enforcement dates) - Include links to relevant legislation where applicable - Reference all initialisms in full on first use (e.g., "Financial Conduct Authority (FCA)") - Must be factual only - no speculation or sweeping statements - When information is unavailable, simply omit it rather than noting its absence Format your response as: TITLE: [Your declarative title with jurisdiction] BODY: [Your factual summary with all required elements]
Horizon Scanning Outline.
Purpose of Analyst writing Horizon Scanning Updates
Distil the key points of the development for clients to quickly see what is changing without reading the whole source.
Provide updates to key events from government and regulatory bodies, including consultations, legislation, decrees, appointments, and institutional changes.
Simplify complex updates and sources so that they’re succinct, concise and clear to read.
Consistently structure and write updates in the same format.
Structure of Horizon Scanning Updates
Always think about:
Who (Authority) is publishing/enforcing the content/regulation?
Where (Jurisdiction)?
What type of document or announcement is it (e.g., consultation, regulation, decree, appointment, institutional change)? What is changing/being informed?
Who is this update applicable to (credit, e-money institutions, etc.)?
Why is this update noteworthy? What is its significance?
When is the update applicable?
Title
Describe what the update is about.
Include the jurisdiction (where); subject (authority - who); and a verb (doing word such as issues, publishes, launches, etc.- what).
All titles should be written in present tense.
Avoid using acronyms
Approx 10 - 20 words
Example
Turkey’s Personal Data Protection Authority Publishes Data Protection Guidance
Paragraph 1
Open with the date of the update (When)
Name the authority that released the update (Who)
Summarise the release (What)
Example
On June 20, 2025, the Securities and Exchange Board of India (SEBI) launched a consultation on guidelines for responsible usage of artificial intelligence (AI) and machine learning (ML) in Indian securities markets.
Paragraph 2
Summarise key points.
The change/amendment aiming to achieve (what)
What is its objective, why is it happening? Why is it significant? (why)
Who does it impact or concern? (Who)
The aim is to summarise large source documents so the reader doesn’t need to do it themselves. DO NOT just copy the first few sentences of the document.
Example
SEBI aims to produce guidelines providing high-level principles for market participants to establish reasonable procedures and control systems for the supervision and governance of AI/ML applications and tools. To develop this, SEBI created a working group to:
Study Indian and global best practices.
Prepare the guidelines.
Address the concerns and issues arising from AI/ML usage.
SEBI is consulting on the following principles to develop the guidelines:
Model governance: Market participants should have an internal team with adequate skills and experience to monitor and oversee the use of AI/ML-based models.
Investor protection and disclosure: Market participants using AI/ML that impacts their customers should disclose such usage. Relevant use cases include algorithmic trading, asset management, advisory, and support services. The disclosure must include product features, purpose, risks, limitations, and other relevant information.
Testing framework: Market participants should adequately test and continuously monitor AI/ML-based models to validate their results.
Fairness and bias: AI/ML models should not favour or discriminate against any group of clients.
Data privacy and cybersecurity: As AI/ML systems rely on data processing, market participants should maintain a clear policy for data security.
Paragraph 3
Acts as a “Call To Action”. Provide forward looking context:
What actions need to be taken?
Who needs to take action?
Next steps to the development.
Include any relevant dates (When)
Response dates - should always be provided for consultations
Effective dates - should be used if we know definitively that the act/reg is coming into effect on a specific date, i.e., it has been passed/adopted.
Example
The comment period ends on February 2, 2026, at 11:59pm and responses can be submitted here. The comment response is expected to be published in April 2026.
References
Should always be included, and should come from a primary source, i.e., an authority, not a news source.
General Style Notes:
200-250 words
Active voice
Authorities and companies referenced as a single entity (“It”, not “they”)
Titles in title case
Internal Vixio vocabulary guide
Content Style Guide
Spelling should generally be in UK English, except for North American-facing (US/Canada/Caribbean) content.
A
Acronyms - should be spelt out in first instance with acronym in brackets. For example, Financial Conduct Authority (FCA).
Act - when just referring to “the act”, it does not need a capital a.
Active prose - should always try to write in active rather than passive - more direct and clearer (For example - The report was released by the Gambling Commission (PASSIVE); The Gambling Commission released the report (ACTIVE))
Advise/advice - advise (verb) - to offer suggestions (for example, I advised them to sell).
- advice (noun) - give formal suggestions (for example, I gave them advice).
Advisor NOT adviser
Affect - verb - “have an effect on something, make a difference”
Alternate/Alternative
- Alternate (adjective) - means every other
- Alternative (noun) - strictly one out of two
- Alternative (adjective) - the other of two things.
Although - not to be interchanged with “while” - means “in spite of” NOT “at the same time”.
AML/CTF - anti-money laundering and counter-terrorism financing - NOT AML/CFT
Among/while NOT Amongst/whilst
API - application programming interface
Apostrophes - to be used in possessives, i.e. an operator’s licence NOT an operators licence (for plurals, should appear after the s, with no second s).
Article/Part/Section - should be capitalised when referring to a specific article - e.g., Article 4 of the Gambling Act.
Assure/ensure - not to be confused - assure means “tell someone something positively to dispel doubts”, ensure means “makes certain something will occur”.
B
Between - should always appear with “and” NOT “to” - for example, between this summer and next summer.
Big tech - two words, breaks convention of other tech words
Bills - U.S. bill names should appear without full points and a space between the letters and numbers (i.e. SB 522 NOT SB522 or S.B. 522).
Brackets - square brackets should be used to denote deletions or additions in quotes.
Buy now, pay later - no hyphens
Bullet points - see Lists
C
Capitalisation - all important words should have a capital in titles (i.e. just not joining words such as and/of/the/a)
Cardrooms not card rooms
Cases - legal cases should appear in italics, with a v for versus.
Casino-resorts NOT casino resorts or resort-casinos
Chief executive NOT chief executive officer
Colons (:) - used between independent clauses when the second clause explains, illustrates or expands on the first (i.e. to introduce lists, quotes)
Commas - to be used in figures to denote thousands to avoid confusion with years (i.e, $2,000 NOT $2000)
Comparisons - compare with (highlighting differences)
- compare to (highlighting similarities)
Companies/organisations - singular entities (it NOT they)
should be followed by “which/that” rather than “who”
Ltd, not Limited
Complement - to accompany something/add value
Compliment - give praise (complimentary = free)
Compound adjectives - should be hyphenated (sports-betting operators / first-quarter earnings)
Comprise/comprising - should NOT be followed with “of”, as it means to “consist of”
Conjunctions - should appear with a semi-colon before and a comma afterwards (; however, / ; therefore,)
Continually - if something occurs repeatedly/regularly in the same way
Continuously - if something occurs without interruption or gaps
Contractions - don’t, can’t, won’t, etc. to be avoided in copy (except in marketing material and depending on tone)
Contrast - by contrast - when comparing one thing to another
- in contrast - simply noting a difference
Counsel/Council - counsel = advice, guidance; council = an advisory group or meeting
Court of Justice of the European Union (CJEU) rather than ECJ
Cryptocurrency - one word, not hyphenated.
Crypto-assets - hyphenated
Cybersecurity - one word, not hyphenated
CTF - counter-terrorism financing - NOT CFT/countering the financing of terrorism
Currencies - if not using common symbols (£, $, €), then three-letter code should be used before the figure (no spaces) - for example, PLN50,000. Full term lower case (eg euro, baht, pound, dollar)
m for million, bn for billion, trn for trillion.
D
Date format - Month, Day, Year (e.g., March 7, 2019)
For Insights & Analysis summary text: can just say “today”, e.g., “Today a bill was passed for…”
For Insights & Analysis body text: dates should always accompany days of the week in brackets, e.g., “On Wednesday (June 8) a bill was passed...”
For NIBs: always use dates rather than days.
Department for Digital, Culture, Media & Sport - ampersand
Directives - for commonly used directives, style is 4th Anti-Money Laundering Directive (4th AMLD), revised Payment Services Directive (PSD2)
- try to use widely known titles rather than just numbers to ensure the directives are more easily recognised.
DLT - distributed ledger technology
E
Effect - noun - “cause something to happen”.
Em dash (—) - should be used as a conjunction, not a hyphen or en dash (–).
Ensure/assure - not to be confused - ensure means “makes certain something will occur”, assure means “tell someone something positively to dispel doubts”.
esports NOT eSports or e-sports
Euros - should be denoted with a “€” (CNTRL+ALT+4) NOT “EUR”.
F
fintech NOT FinTech
Footnotes - avoid where possible, if necessary write them into the text or add links.
G
GGR - “gross gaming revenues”
Government - does not need a capital g.
Governor - should be written out in full, NOT Gov.
Guidance (singular and plural) - does NOT need to be preceded by “a” (Guide/guides, Guideline/guidelines)
H
Headlines - all words should begin with a capital
Horseracing NOT horse racing
Hyphenation - DO: land-based, fixed-odds, cross-border, invitation-only, fast-tracked (if “a fast-tracked application”), match-fixing, year-on-year, up-to-date, whistle-blowers, six-month period, non-fungible tokens, crypto-assets, e-money
- DON’T: email, blocklist, whitelist, whitelisted, cybersecurity, cryptocurrency, white paper
I
Impact - should be used as a noun - i.e. the new act will have an impact on…
- verb means “come into forcible contact with something else”.
- using “affect” as a verb is more accurate.
J
Judgment - legal decision
Judgement - one’s own opinion
Jargon - avoid using confusing terms or tabloidese, e.g. use players rather than punters.
Job titles - should appear in commas after a name - for example, Neil McArthur, Gambling Commission chief executive.
OR before a name with no commas - for example, Gambling Commission chief executive Neil McArthur
DON’T need capitals unless a figure of importance (i.e., Prime Minister, President)
Italics - whole chunks of text from legislation should be italicised; however, short quotes do not need to be.
Justice Department - U.S. Department of Justice - to appear with caps (as requested by US team).
K
KYC - know your customer
L
Legislature - does not need a capital l.
Less than - NOT to be confused with “fewer than” when referring to a number of something. i.e. fewer than 100 gambling tables.
Licence - noun (UK), i.e. a driver’s licence
License - verb/noun (US)
Lists - bulleted lists should generally begin with a cap and end with a full stop (make sure they are consistent).
M
MONEYVAL NOT Moneyval
More than - to be used instead of “over”. i.e., more than 20 players rather than over 20 players.
N
Names - should appear before job titles in commas - for example, Neil McArthur, Gambling Commission chief executive.
Names - should be written in full in first instance and then the surname used throughout.
Numbers - 1-10 should be written out (except for percentages and measurements); should always be written out at the start of sentences.
Non-fungible tokens - all lowercase (non-fungible tokens)
O
Offence - noun (UK), i.e. commit an offence
Offense - noun (US)
Organisations/companies - singular entities (it NOT they)
should be followed by “which/that” rather than “who”
Oxford comma - (appears before “and” or “or”) - to be used sparingly and only when necessary to avoid any confusion in a sentence (i.e., where more than one “and/or” appears).
Over - should not be used as a replacement for “more than”.
P
Parliament - does not need a capital p.
Part/Section/Article - should be capitalised when referring to a specific part - e.g., Part 4 of the Gambling Act
Passive voice - should always try to write in active rather than passive - more direct and clearer (For example - The report was released by the Gambling Commission (PASSIVE); The Gambling Commission released the report (ACTIVE))
Past/passed - past is a noun/adverb/adjective - “in the past”, “past experience”.
- passed is the past tense of “to pass” - “the law was passed in government”.
Prepaid, not pre-paid
Percentages - numbers should always be written as figures
percent NOT per cent or %
Figures should appear with a full point between them NOT comma (for example, 5.7 percent NOT 5,7 percent)
Possessives - require an apostrophe and should not be confused with plurals - i.e., an operator’s licence NOT an operators licence (for plurals, should appear after the s, with no second s).
Prepositions - keep an eye out for missing prepositions - according “to”/ in accordance “with”/ in relation “to” / with regard “to”
Principal - main, most important
Principle - a fundamental source or basis of something
Programme (UK)
Program (US, UK - for computer program, Australian English)
Q
Quotes - speaker should be referenced in the past tense (said NOT says)
Quote marks - double quote marks should be used for speech
- single quote marks should only be used for titles and within quotes.
(See Quote reference sheet for more information on how to use quotes.)
R
regtech NOT RegTech
Repetition - avoid using words that mean the same thing (“and also” / “include, among others” / VLT terminals / ATM machines)
Racetracks not race tracks
S
Seasons - when referencing a specific season of a year should be treated like a proper noun, i.e. should include a capital - Winter 2018.
Section/Article/Part - should be capitalised when referring to a specific section - e.g., Section 4 of the Gambling Act.
Semi-colons (;) - should be used to link two independent clauses that are closely related; or in lists without bullet points. (Do not overuse - often a full stop and new sentence will be better.)
Sports betting NOT sportsbetting
Sports team names
Storey (pl. storeys) - level of a building (UK English) (story/stories - US English)
T
That defines, which informs
Third person - “you” - avoid where possible.
Titles - all important words should begin with a capital (i.e. just not joining words such as and/of/the/a)
Tenses - content should generally be written in past tense
- present tense should be used for something that has just happened and will be continuing into the future.
U
United States abbreviated to U.S. (Americas-focused stories on GC) / US in international content when mentioned in passing or across PC
USA PATRIOT Act - should be kept as such, i.e. with caps, as it’s an acronym for “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act”)
U.S. Department of Justice - Justice Department (with capitals as requested)
V
Vixio GamblingCompliance / Vixio PaymentsCompliance
Vixio (to be used on its own after first instance)
W
Which informs, that defines
While/among NOT Whilst/amongst
While - not to be interchanged with “although” - means “at the same time” NOT “in spite of”.
X
Y
Year quarters - Q1, Q2, H1, H2, etc.
Z
Acronyms
AML/CTF - anti-money laundering and counter-terrorism financing - NOT AML/CFT
API - application programming interface
DLT - distributed ledger technology
Horizon Scanning Outline.
Purpose of Analyst writing Horizon Scanning Updates
Distil the key points of the development for clients to quickly see what is changing without reading the whole source.
Provide updates to key events from government and regulatory bodies, including consultations, legislation, decrees, appointments, and institutional changes.
Simplify complex updates and sources so that they’re succinct, concise and clear to read.
Consistently structure and write updates in the same format.
Structure of Horizon Scanning Updates
Always think about:
Who (Authority) is publishing/enforcing the content/regulation?
Where (Jurisdiction)?
What type of document or announcement is it (e.g., consultation, regulation, decree, appointment, institutional change)? What is changing/being informed?
Who is this update applicable to (credit, e-money institutions, etc.)?
Why is this update noteworthy? What is its significance?
When is the update applicable?
Title
Describe what the update is about.
Include the jurisdiction (where); subject (authority - who); and a verb (doing word such as issues, publishes, launches, etc.- what).
All titles should be written in present tense.
Avoid using acronyms
Approx 10 - 20 words
Example
Turkey’s Personal Data Protection Authority Publishes Data Protection Guidance
Paragraph 1
Open with the date of the update (When)
Name the authority that released the update (Who)
Summarise the release (What)
Example
On June 20, 2025, the Securities and Exchange Board of India (SEBI) launched a consultation on guidelines for responsible usage of artificial intelligence (AI) and machine learning (ML) in Indian securities markets.
Paragraph 2
Summarise key points.
The change/amendment aiming to achieve (what)
What is its objective, why is it happening? Why is it significant? (why)
Who does it impact or concern? (Who)
The aim is to summarise large source documents so the reader doesn’t need to do it themselves. DO NOT just copy the first few sentences of the document.
Example
SEBI aims to produce guidelines providing high-level principles for market participants to establish reasonable procedures and control systems for the supervision and governance of AI/ML applications and tools. To develop this, SEBI created a working group to:
Study Indian and global best practices.
Prepare the guidelines.
Address the concerns and issues arising from AI/ML usage.
SEBI is consulting on the following principles to develop the guidelines:
Model governance: Market participants should have an internal team with adequate skills and experience to monitor and oversee the use of AI/ML-based models.
Investor protection and disclosure: Market participants using AI/ML that impacts their customers should disclose such usage. Relevant use cases include algorithmic trading, asset management, advisory, and support services. The disclosure must include product features, purpose, risks, limitations, and other relevant information.
Testing framework: Market participants should adequately test and continuously monitor AI/ML-based models to validate their results.
Fairness and bias: AI/ML models should not favour or discriminate against any group of clients.
Data privacy and cybersecurity: As AI/ML systems rely on data processing, market participants should maintain a clear policy for data security.
Paragraph 3
Acts as a “Call To Action”. Provide forward looking context:
What actions need to be taken?
Who needs to take action?
Next steps to the development.
Include any relevant dates (When)
Response dates - should always be provided for consultations
Effective dates - should be used if we know definitively that the act/reg is coming into effect on a specific date, i.e., it has been passed/adopted.
Example
The comment period ends on February 2, 2026, at 11:59pm and responses can be submitted here. The comment response is expected to be published in April 2026.
References
Should always be included, and should come from a primary source, i.e., an authority, not a news source.
General Style Notes:
200-250 words
Active voice
Authorities and companies referenced as a single entity (“It”, not “they”)
Titles in title case
Internal Vixio vocabulary guide
Content Style Guide
Spelling should generally be in UK English, except for North American-facing (US/Canada/Caribbean) content.
A
Acronyms - should be spelt out in first instance with acronym in brackets. For example, Financial Conduct Authority (FCA).
Act - when just referring to “the act”, it does not need a capital a.
Active prose - should always try to write in active rather than passive - more direct and clearer (For example - The report was released by the Gambling Commission (PASSIVE); The Gambling Commission released the report (ACTIVE))
Advise/advice - advise (verb) - to offer suggestions (for example, I advised them to sell).
- advice (noun) - give formal suggestions (for example, I gave them advice).
Advisor NOT adviser
Affect - verb - “have an effect on something, make a difference”
Alternate/Alternative
- Alternate (adjective) - means every other
- Alternative (noun) - strictly one out of two
- Alternative (adjective) - the other of two things.
Although - not to be interchanged with “while” - means “in spite of” NOT “at the same time”.
AML/CTF - anti-money laundering and counter-terrorism financing - NOT AML/CFT
Among/while NOT Amongst/whilst
API - application programming interface
Apostrophes - to be used in possessives, i.e. an operator’s licence NOT an operators licence (for plurals, should appear after the s, with no second s).
Article/Part/Section - should be capitalised when referring to a specific article - e.g., Article 4 of the Gambling Act.
Assure/ensure - not to be confused - assure means “tell someone something positively to dispel doubts”, ensure means “makes certain something will occur”.
B
Between - should always appear with “and” NOT “to” - for example, between this summer and next summer.
Big tech - two words, breaks convention of other tech words
Bills - U.S. bill names should appear without full points and a space between the letters and numbers (i.e. SB 522 NOT SB522 or S.B. 522).
Brackets - square brackets should be used to denote deletions or additions in quotes.
Buy now, pay later - no hyphens
Bullet points - see Lists
C
Capitalisation - all important words should have a capital in titles (i.e. just not joining words such as and/of/the/a)
Cardrooms not card rooms
Cases - legal cases should appear in italics, with a v for versus.
Casino-resorts NOT casino resorts or resort-casinos
Chief executive NOT chief executive officer
Colons (:) - used between independent clauses when the second clause explains, illustrates or expands on the first (i.e. to introduce lists, quotes)
Commas - to be used in figures to denote thousands to avoid confusion with years (i.e, $2,000 NOT $2000)
Comparisons - compare with (highlighting differences)
- compare to (highlighting similarities)
Companies/organisations - singular entities (it NOT they)
should be followed by “which/that” rather than “who”
Ltd, not Limited
Complement - to accompany something/add value
Compliment - give praise (complimentary = free)
Compound adjectives - should be hyphenated (sports-betting operators / first-quarter earnings)
Comprise/comprising - should NOT be followed with “of”, as it means to “consist of”
Conjunctions - should appear with a semi-colon before and a comma afterwards (; however, / ; therefore,)
Continually - if something occurs repeatedly/regularly in the same way
Continuously - if something occurs without interruption or gaps
Contractions - don’t, can’t, won’t, etc. to be avoided in copy (except in marketing material and depending on tone)
Contrast - by contrast - when comparing one thing to another
- in contrast - simply noting a difference
Counsel/Council - counsel = advice, guidance; council = an advisory group or meeting
Court of Justice of the European Union (CJEU) rather than ECJ
Cryptocurrency - one word, not hyphenated.
Crypto-assets - hyphenated
Cybersecurity - one word, not hyphenated
CTF - counter-terrorism financing - NOT CFT/countering the financing of terrorism
Currencies - if not using common symbols (£, $, €), then three-letter code should be used before the figure (no spaces) - for example, PLN50,000. Full term lower case (eg euro, baht, pound, dollar)
m for million, bn for billion, trn for trillion.
D
Date format - Month, Day, Year (e.g., March 7, 2019)
For Insights & Analysis summary text: can just say “today”, e.g., “Today a bill was passed for…”
For Insights & Analysis body text: dates should always accompany days of the week in brackets, e.g., “On Wednesday (June 8) a bill was passed...”
For NIBs: always use dates rather than days.
Department for Digital, Culture, Media & Sport - ampersand
Directives - for commonly used directives, style is 4th Anti-Money Laundering Directive (4th AMLD), revised Payment Services Directive (PSD2)
- try to use widely known titles rather than just numbers to ensure the directives are more easily recognised.
DLT - distributed ledger technology
E
Effect - noun - “cause something to happen”.
Em dash (—) - should be used as a conjunction, not a hyphen or en dash (–).
Ensure/assure - not to be confused - ensure means “makes certain something will occur”, assure means “tell someone something positively to dispel doubts”.
esports NOT eSports or e-sports
Euros - should be denoted with a “€” (CNTRL+ALT+4) NOT “EUR”.
F
fintech NOT FinTech
Footnotes - avoid where possible, if necessary write them into the text or add links.
G
GGR - “gross gaming revenues”
Government - does not need a capital g.
Governor - should be written out in full, NOT Gov.
Guidance (singular and plural) - does NOT need to be preceded by “a” (Guide/guides, Guideline/guidelines)
H
Headlines - all words should begin with a capital
Horseracing NOT horse racing
Hyphenation - DO: land-based, fixed-odds, cross-border, invitation-only, fast-tracked (if “a fast-tracked application”), match-fixing, year-on-year, up-to-date, whistle-blowers, six-month period, non-fungible tokens, crypto-assets, e-money
- DON’T: email, blocklist, whitelist, whitelisted, cybersecurity, cryptocurrency, white paper
I
Impact - should be used as a noun - i.e. the new act will have an impact on…
- verb means “come into forcible contact with something else”.
- using “affect” as a verb is more accurate.
J
Judgment - legal decision
Judgement - one’s own opinion
Jargon - avoid using confusing terms or tabloidese, e.g. use players rather than punters.
Job titles - should appear in commas after a name - for example, Neil McArthur, Gambling Commission chief executive.
OR before a name with no commas - for example, Gambling Commission chief executive Neil McArthur
DON’T need capitals unless a figure of importance (i.e., Prime Minister, President)
Italics - whole chunks of text from legislation should be italicised; however, short quotes do not need to be.
Justice Department - U.S. Department of Justice - to appear with caps (as requested by US team).
K
KYC - know your customer
L
Legislature - does not need a capital l.
Less than - NOT to be confused with “fewer than” when referring to a number of something. i.e. fewer than 100 gambling tables.
Licence - noun (UK), i.e. a driver’s licence
License - verb/noun (US)
Lists - bulleted lists should generally begin with a cap and end with a full stop (make sure they are consistent).
M
MONEYVAL NOT Moneyval
More than - to be used instead of “over”. i.e., more than 20 players rather than over 20 players.
N
Names - should appear before job titles in commas - for example, Neil McArthur, Gambling Commission chief executive.
Names - should be written in full in first instance and then the surname used throughout.
Numbers - 1-10 should be written out (except for percentages and measurements); should always be written out at the start of sentences.
Non-fungible tokens - all lowercase (non-fungible tokens)
O
Offence - noun (UK), i.e. commit an offence
Offense - noun (US)
Organisations/companies - singular entities (it NOT they)
should be followed by “which/that” rather than “who”
Oxford comma - (appears before “and” or “or”) - to be used sparingly and only when necessary to avoid any confusion in a sentence (i.e., where more than one “and/or” appears).
Over - should not be used as a replacement for “more than”.
P
Parliament - does not need a capital p.
Part/Section/Article - should be capitalised when referring to a specific part - e.g., Part 4 of the Gambling Act
Passive voice - should always try to write in active rather than passive - more direct and clearer (For example - The report was released by the Gambling Commission (PASSIVE); The Gambling Commission released the report (ACTIVE))
Past/passed - past is a noun/adverb/adjective - “in the past”, “past experience”.
- passed is the past tense of “to pass” - “the law was passed in government”.
Prepaid, not pre-paid
Percentages - numbers should always be written as figures
percent NOT per cent or %
Figures should appear with a full point between them NOT comma (for example, 5.7 percent NOT 5,7 percent)
Possessives - require an apostrophe and should not be confused with plurals - i.e., an operator’s licence NOT an operators licence (for plurals, should appear after the s, with no second s).
Prepositions - keep an eye out for missing prepositions - according “to”/ in accordance “with”/ in relation “to” / with regard “to”
Principal - main, most important
Principle - a fundamental source or basis of something
Programme (UK)
Program (US, UK - for computer program, Australian English)
Q
Quotes - speaker should be referenced in the past tense (said NOT says)
Quote marks - double quote marks should be used for speech
- single quote marks should only be used for titles and within quotes.
(See Quote reference sheet for more information on how to use quotes.)
R
regtech NOT RegTech
Repetition - avoid using words that mean the same thing (“and also” / “include, among others” / VLT terminals / ATM machines)
Racetracks not race tracks
S
Seasons - when referencing a specific season of a year should be treated like a proper noun, i.e. should include a capital - Winter 2018.
Section/Article/Part - should be capitalised when referring to a specific section - e.g., Section 4 of the Gambling Act.
Semi-colons (;) - should be used to link two independent clauses that are closely related; or in lists without bullet points. (Do not overuse - often a full stop and new sentence will be better.)
Sports betting NOT sportsbetting
Sports team names
Storey (pl. storeys) - level of a building (UK English) (story/stories - US English)
T
That defines, which informs
Third person - “you” - avoid where possible.
Titles - all important words should begin with a capital (i.e. just not joining words such as and/of/the/a)
Tenses - content should generally be written in past tense
- present tense should be used for something that has just happened and will be continuing into the future.
U
United States abbreviated to U.S. (Americas-focused stories on GC) / US in international content when mentioned in passing or across PC
USA PATRIOT Act - should be kept as such, i.e. with caps, as it’s an acronym for “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act”)
U.S. Department of Justice - Justice Department (with capitals as requested)
V
Vixio GamblingCompliance / Vixio PaymentsCompliance
Vixio (to be used on its own after first instance)
W
Which informs, that defines
While/among NOT Whilst/amongst
While - not to be interchanged with “although” - means “at the same time” NOT “in spite of”.
X
Y
Year quarters - Q1, Q2, H1, H2, etc.
Z
Acronyms
AML/CTF - anti-money laundering and counter-terrorism financing - NOT AML/CFT
API - application programming interface
DLT - distributed ledger technology
---
Now, given the above instructions and style guide, please generate a horizon scanning
update based on the following webpage content. Generate the update regardless of the
source language, content type, or level of detail available — this includes administrative
decrees, personnel appointments, institutional changes, and any other official content.
Use whatever information is present.
DOR.MCS.REC.No. /01-01-032/2025-26 March xx, 2026 Draft Reserve Bank of India (Commercial Banks - Responsible Business Conduct) Third Amendment Directions, 2026 Instructions on ‘Limiting Liability of Customers in Unauthorised Electronic Banking Transactions’ for Commercial Banks (other than Small Finance Banks, Payments Banks, Regional Rural Banks, and Local Area Banks) (hereinafter referred to collectively as “banks” and individually as a “bank”) have been consolidated in the Reserve Bank of India (Commercial Banks - Responsible Business Conduct) Directions, 2025. Upon a review, it has been decided to issue revised instructions on the subject. 2. In exercise of the powers conferred by Section 35A of the Banking Regulation Act,1949, the Reserve Bank, being satisfied that it is necessary and expedient in public interest so to do, hereby issues the Amendment Directions hereinafter specified. 3. Short Title and Commencement (1) These Directions shall be called the Reserve Bank of India (Commercial Banks - Responsible Business Conduct) Third Amendment Directions, 2026. (2) These Directions shall apply in cases of electronic banking transactions undertaken by customers of a bank on or after July 1, 2026. 4. These Amendment Directions shall modify the Reserve Bank of India (Commercial Banks - Responsible Business Conduct) Directions, 2025 as under: (1) In paragraph 4, the following definition shall be inserted after sub-paragraph 4(3), namely: “4(3A) Authorised electronic banking transaction includes: (i) a transaction carried out by a customer or a previously authorised third- party registered with the bank by granting approval through a standing instruction / mandate or any form of additional authentication such as a static password or dynamic password (e.g. OTP), answering challenge questions, card details (CVV / Expiry date / PIN) or any other mode of electronic authentication option provided by the bank; or (ii) a transaction which is (a) executed by a third-party using the credentials obtained from the customer through fraudulent means; or (b) executed by the customer by granting approval under coercion or duress from the third-party; or (c) executed by the customer when he / she is tricked into willingly sending money to a scammer who is posing as a legitimate recipient.”. (2) In paragraph 4, the following definitions shall be inserted after sub-paragraph 4(6A), namely: “4(6B) Card Not Present transaction shall have the same meaning as given in the Reserve Bank of India (Authentication Mechanisms for Digital Payment Transactions) Directions, 2025. 4(6C) Card Present transaction shall have the same meaning as given in the Reserve Bank of India (Authentication Mechanisms for Digital Payment Transactions) Directions, 2025.” (3) In paragraph 4, the following definition shall be inserted after sub-paragraph 4(10C), namely: “4(10D) Electronic banking transaction shall have the same meaning as ‘electronic funds transfer’ given in Section 2(c) of the Payment and Settlement Systems Act, 2007 and inter alia include both Card Not Present and Card Present transactions.”. (4) In paragraph 4, the following definition shall be inserted after sub-paragraph 4(15), namely: “4(15A) Fraudulent electronic banking transaction means an authorised electronic banking transaction falling under categories listed at paragraph 4(3A) (ii) above and an unauthorised electronic banking transaction as defined at paragraph 4(26B) below.”. (5) In paragraph 4, the following definitions shall be inserted after sub-paragraph 4(20), namely: 2 “4(20A) Negligence by a bank inter alia includes the following actions by the bank: (i) not putting in place the mandated systems and procedures to ensure safety and security of electronic banking transactions; or (ii) not sending mandatory alerts for electronic banking transactions; or (iii) not providing the mandated channels for reporting of fraudulent electronic banking transactions or loss of payment instruments such as card; or (iv) not acting diligently upon a customer notification regarding unauthorised electronic banking transaction(s) or loss of payment instrument(s); or (v) system malfunctions / security breaches / internal frauds leading to unauthorised electronic banking transactions. 4(20B) Negligence by a customer inter alia includes the following actions by the customer: (i) providing credentials such as PIN, password, OTP or other details for carrying out transactions to another person, whether intentionally or otherwise; or (ii) not notifying the bank immediately after finding out about a fraudulent electronic banking transaction, or loss of a payment instrument; or (iii) not paying attention to specific, directed and clear warnings from the bank that a prospective transaction is likely a scam; or (iv) failing to exercise reasonable care in usage of credentials, e.g., writing down and storing the PIN with an ATM / credit card; or (v) downloading malicious apps.”. (6) In paragraph 4, the following definitions shall be inserted after sub-paragraph 4(26), namely: “4(26A) Third-party breach refers to a situation where the deficiency lies neither with the bank nor with the customer but lies elsewhere in the system and includes deficiency on the part of an intermediary such as a Third-Party Application Provider (TPAP), Payment Aggregator (PA), Payment Gateway (PG), Telecom Service Provider (TSP), etc. 4(26B) Unauthorised electronic banking transaction means an electronic banking transaction which does not qualify as an authorised electronic banking transaction.”. 3 (7) In Chapter IV on ‘Customer Guidance and Protection’, the section D. Limiting Liability of Customers in Unauthorised Electronic Banking Transactions and paragraphs 64 to 76 thereunder shall be deleted and substituted with the following section and paragraphs, namely: “DA. Customer Protection in Electronic Banking Transactions DA.1 Policy 76A. A bank, keeping in view the instructions contained in these Directions, shall formulate a policy to cover aspects of customer protection in electronic banking transactions, such as: (1) channels for alerting customers about occurrence of electronic banking transactions; (2) define the rights and obligations of customers in case of electronic banking transactions, including fraudulent electronic banking transactions, after taking into account the risks to customers arising out of customer negligence / bank negligence / banking system frauds / third-party breaches in specified scenarios; (3) timeline for resolution of complaints and disclosure to customer; and (4) mechanism for creating customer awareness on their rights and obligations in electronic banking transactions along with the risks involved. The policy must be transparent, non-discriminatory and shall be displayed on the bank’s website along with the details of grievance handling / escalation procedure. 76B. A bank shall design its systems and procedures to make customers feel safe about carrying out electronic banking transactions. To achieve this, the bank shall put in place: (1) appropriate systems and procedures to ensure safety and security of electronic banking transactions carried out by customers, including those mandated under the Master Direction on Digital Payment Security Controls, as amended from time to time; (2) robust and dynamic fraud detection and prevention mechanism; 4 (3) mechanism to assess the risks (for example, gaps in the bank’s existing systems) arising from fraudulent electronic banking transactions and measure the liabilities arising out of such events; (4) appropriate measures to mitigate the risks and protect themselves against the liabilities arising therefrom; and (5) a system of continually and repeatedly making the customers aware about evolving electronic banking and payments related frauds and the ways to protect themselves from such frauds. DA.2 Alerts for electronic banking transactions 76C. A bank shall ask its customer, availing the facility of electronic banking transactions (other than ATM cash withdrawals), to mandatorily provide his / her mobile number and wherever available, email address, to the bank. 76D. A bank shall mandatorily send instant SMS alerts to the customers for all electronic banking transactions of value more than ₹500. For electronic banking transactions of value up to ₹500, a bank may decide to send instant SMS as per its internal policy. 76E. A bank shall send email alerts for all electronic banking transactions, wherever email address is provided by the customer. 76F. SMS and email alerts as above shall be in addition to any other form of alerts, e.g., in-app / push notifications, etc., which the bank may send as per its internal policy. DA.3 Reporting of fraudulent electronic banking transactions by customers to banks 76G. A bank shall advise its customers that on occurrence of any fraudulent electronic banking transaction, they should notify the bank and also lodge a complaint through National Cyber Crime Reporting Portal or National Cyber Crime Helpline (1930) at the earliest. The bank shall also inform its customers that the longer the time taken to notify the bank, the higher will be the risk of loss to customer and also to the bank. To facilitate the same, the bank shall: (1) provide customers with 24x7 access through multiple channels including via phone banking, SMS, e-mail, IVR, a dedicated toll-free helpline, reporting to 5 home branch, etc., for reporting fraudulent electronic banking transactions that have taken place and / or loss or theft of payment instrument such as card, etc.; (2) provide a number in the transaction alert SMS itself, to which the customer can immediately send an SMS to notify his / her objection, if any; and (3) provide a direct link on the home page of its website for reporting fraudulent electronic banking transactions. 76H. The bank’s communication systems, deployed for sending alerts and receiving the responses thereto, shall record the date and time of delivery of the message and receipt of customer’s response, if any. 76I. A bank shall ensure that its system registers the reporting of the fraudulent electronic banking transaction as a complaint and sends an immediate acknowledgement to the customer along with the complaint number and the date and time of receipt of the complaint. 76J. On receipt of a complaint regarding any fraudulent electronic banking transaction from a customer, a bank shall take immediate steps to prevent further unauthorised electronic banking transactions in his / her account under advice to the customer. DA.4 Processing of Complaints and Establishing Liability in Fraudulent Electronic Banking Transactions 76K. The burden of proving customer liability in complaints involving fraudulent electronic banking transactions shall lie on the bank. Accordingly, it shall examine and classify each complaint under the relevant categories of electronic banking transactions as defined in these directions. 76L. A customer shall be entitled to zero liability and reversal of the transaction in cases where the fraudulent electronic banking transaction occurs due to negligence / deficiency on the part of the bank (irrespective of whether the transaction is reported by the customer or not) and in cases of third-party breach where the customer reports the unauthorised fraudulent electronic banking transaction to the bank within five calendar days from the date of its occurrence. 6 76M. In cases of third-party breach reported to the bank after five calendar days, the customer shall be compensated, in eligible cases, for his / her loss as per the provisions detailed at paragraph 76T below. In cases of third-party breach not eligible for compensation as per these provisions, the customer’s liability shall be determined as per the bank’s policy. 76N. In cases where the fraudulent electronic banking transaction occurs due to negligence by the customer, he / she shall be liable for the loss incurred by him / her, to the extent of loss not eligible for compensation as per the mechanism detailed at paragraph 76T below, until he / she reports the fraudulent electronic banking transaction to the bank. 76O. Loss arising from any unauthorised transaction occurring after the reporting of the fraudulent electronic banking transaction by a customer to a bank shall be borne by the bank. 76P. The bank may also, at its discretion, decide to waive off any customer liability in case of fraudulent electronic banking transactions. 76Q. A bank shall ensure that complaints involving fraudulent electronic banking transactions are examined, liability therein is established and response, as applicable, is issued to the customer within such time as may be specified in the bank’s policy, but not exceeding 30 calendar days from the date of receipt of the complaint. In cases where the customer is entitled to zero liability as provided at paragraph 76L above, the response shall also include details of reversal of the transaction(s) concerned. In cases falling under either paragraph 76M or 76N above, the response shall include details regarding the compensation mechanism prescribed at paragraph 76T below. 76R. In cases where the bank is required to reverse a fraudulent electronic banking transaction, it shall ensure that the reversal is value dated to its original date of occurrence and the customer does not suffer loss of interest or bear any additional burden of interest / charges, as applicable. 76S. In case of rejected complaints, i.e., in cases where customer liability is established, a bank shall disclose the reason for such rejection (along with supporting details such as OTP logs, SMS logs, transaction logs, etc.) to the customer. 7 DA.5 Compensation for Small Value Fraudulent Electronic Banking Transactions 76T. (1) A bona fide victim, being an individual person and having lodged a complaint involving gross loss of an amount up to ₹50,000 on account of fraudulent electronic banking transaction(s) covered under paragraphs 76M and 76N above, shall be compensated 85 per cent of the net loss amount (calculated after reducing recoveries made, whether before or after paying the compensation, from the gross loss amount), or ₹25,000, whichever is less, once during his / her lifetime, subject to the following: (a) loss is established to be bona fide, as per the internal processes covered in the bank’s policy, and (b) the victim has reported the fraudulent electronic banking transaction(s) on the National Cyber Crime Reporting Portal or National Cyber Crime Helpline (1930) and to the bank within five calendar days from its occurrence. Explanation: In case of joint account(s), only one of the account holders may submit a claim for compensation. The customer availing compensation as a joint account holder shall not be eligible for claiming compensation in his / her capacity as a single account holder in future and vice versa. (2) (a) For a complaint related to fraudulent electronic banking transaction(s) involving a loss amount of less than ₹29,412, where a compensation of 85 per cent is paid, 65 per cent shall be borne by the Reserve Bank, 10 per cent by the customer’s bank and the remaining 10 per cent by the beneficiary bank. (b) For a complaint related to fraudulent electronic banking transaction(s) involving a loss amount of ₹29,412 or more but up to ₹50,000, where a compensation of ₹25,000 is paid, the Reserve Bank, the customer’s bank and the beneficiary bank shall contribute ₹19,118, ₹2,941 and ₹2,941 respectively towards the compensation. (3) In case any recovery is made in relation with a complaint involving fraudulent electronic banking transaction(s) after the compensation is paid, the customer’s bank shall recalculate the compensation payable on the net loss amount and 8 accordingly make additional payment from the recovered amount after factoring in the excess amount of compensation, if any, paid before the recovery. Illustration 1: Amount reported lost under the complaint – ₹40,000 Recovery made & credited to customer before compensating – ₹15,000 Net loss faced by the customer - ₹25,000 Compensation to be paid to the customer (85% of net loss) – ₹21,250 Contribution of Reserve Bank - ₹16,250 Contribution of customer’s bank and beneficiary bank - ₹2,500 each Illustration 2: Amount reported lost under the complaint – ₹40,000 Compensation paid to the customer – ₹25,000 Contribution of Reserve Bank - ₹19,118 Contribution of customer’s bank and beneficiary bank - ₹2,941 each Recovery made - ₹40,000 Apportionment of recovery shall be as under: To customer – ₹15,000 To Reserve Bank - ₹19,118 To customer’s bank and beneficiary bank – ₹2,941 each Illustration 3: Amount reported lost under the complaint – ₹40,000 Compensation paid to the customer – ₹25,000 Contribution of Reserve Bank - ₹19,118 Contribution of customer’s bank and beneficiary bank - ₹2,941 each Recovery made after compensation is paid - ₹15,000 Net loss - ₹25,000 Compensation payable – ₹21,250 Additional amount payable - ₹15,000 + ₹21,250 - ₹25,000 = ₹ 11,250 Apportionment of recovery shall be as under: To customer – ₹ 11,250 To Reserve Bank - ₹19,118 – 16,250 = ₹2,868 To customer’s bank and beneficiary bank – ₹2941 - ₹2,500 = ₹441 each (4) Based on its examination, where the bank is satisfied that the complaint is bona fide, it shall provide the customer an application form as per the format 9 provided at Annex II(1) to claim compensation for the loss suffered by him / her. (5) The bank shall, within five calendar days of receipt of the application from a customer, compensate the customer as given above. (6) The bank shall seek reimbursement of the applicable amount from the Reserve Bank on a quarterly basis. 76U. The compensation shall be payable for losses incurred on fraudulent electronic banking transactions occurring up to one year from the effective date of these directions. DA.6 Monitoring Mechanism 76V. A bank shall put in place a suitable mechanism and structure for periodic reporting of complaints involving fraudulent electronic banking transactions to the Board or one of its Committees. The reporting shall, inter alia, include volume / number of cases and the aggregate value involved and distribution across various categories of cases, viz., card present transactions, card not present transactions, internet banking, mobile banking, ATM transactions, etc. The Board or its Committee shall periodically review the fraudulent electronic banking transactions reported by customers, the action taken thereon, functioning of the grievance redressal and compensation mechanism, etc., and take appropriate measures to improve the systems and procedures.”. (8) In Chapter IV on ‘Customer Guidance and Protection’, paragraph 85 shall be substituted by the following, namely: “A bank shall not levy any charges on its customers for SMS sent in compliance to extant regulations or those sent for promotional / marketing / customer awareness purposes. In case of SMS sent for other purposes, the bank may levy or waive charges as per its internal policy.”. (9) In Annexures, the following Annexure shall be inserted after Annex II, namely: “Annex II(1) - Application Form for Compensation for Small Value Fraudulent Electronic Banking Transactions 10 The Branch Manager, Date: _______________ ______________________ Bank ______________________Branch Madam/ Dear Sir, Application for Compensation for Small Value Fraudulent Electronic Banking Transactions Please refer to my complaint lodged with National Cyber Crime Reporting Portal (https://cybercrime.gov.in/Default.aspx) / National Cyber Crime Helpline (1930) with reference / complaint no. _________________ regarding the fraudulent electronic banking transaction(s) in my bank account / credit card no. _______________________. 2. I understand that compensation for small value fraudulent electronic banking transactions is available to an individual only once and declare that I have not previously availed such a compensation from any bank. 3. As per the advice dated ________________ received from the bank, an amount of ₹__________________ (Rupees ____________________________________ only) may please be credited to my aforesaid bank account / credit card. Signature of the applicant: Name of applicant: _____________________ Aadhaar No. (mandatory): _________________________ Address: _____________________________ __________________________________ __________________________________ __________________________________ Contact No.: _______________________ Email Address: _____________________ 11 FOR OFFICE USE (may be modified by the bank as per its own requirement) _________________________________________________ ”. (Veena Srivastava) Chief General Manager 12