RBI takes strict action against mis-selling, bans forced insurance sales by banks

The Reserve Bank of India (RBI) has introduced strict new rules to protect customers from misleading sales practices, forced insurance purchases and manipulative digital tactics used by banks. The guidelines, issued under the ‘Reserve Bank of India (Commercial Banks-Responsible Business Conduct) Second Amendment Directions, 2026’ on June 15, 2026, will come into effect from January 1, 2027. The rules will apply to all commercial banks, while separate guidelines will be issued for Small Finance Banks, Payments Banks, Regional Rural Banks (RRBs) and Local Area Banks.

For the first time, the RBI has legally defined ‘mis-selling.’ It includes selling products that do not suit a customer’s profile, providing false or incomplete information, selling products without explicit consent, forcing customers to buy one product to obtain another, or engaging in practices considered mis-selling by regulators such as SEBI, IRDAI and PFRDA.

If mis-selling is proven, banks will have to refund the entire amount collected from the customer and compensate them for any losses. Customers can file complaints within 30 days of receiving a signed copy of their agreement.

A major change is the ban on compulsory bundling, where banks often pushed customers to buy insurance from partner companies while approving home or personal loans. Customers are now free to purchase insurance from any company of their choice, and banks cannot make one product a condition for obtaining another. However, voluntary combo packages and free additional products will still be allowed.

Banks must also obtain separate and recorded consent for every product. Pre-ticked boxes, fine print and blanket consent clauses will no longer be valid. Digital consent screens on mobile and internet banking platforms must be set to “No” by default, requiring customers to actively opt in.

Banks must clearly display interest rates, processing fees, hidden charges, lock-in periods and exit penalties. They must also maintain customer consent records for at least one year after a contract ends and provide loan documents in regional languages where required.

The RBI has also banned 11 digital ‘dark patterns’ used by banks to influence customers:

False Urgency – Creating pressure through countdowns or limited-time offers.

 Basket Sneaking – Adding insurance or other products without the customer’s knowledge.

 Confirm Shaming – Using guilt-inducing language to push customers into accepting a product.

 Forced Action – Redirecting users to loan offers even after they try to close advertisements.

 Subscription Trap – Making products easy to sign up for but difficult to cancel.

Interface Interference – Highlighting options that benefit the bank while hiding other choices.

 Bait and Switch – Advertising attractive terms but offering different conditions later.

Drip Pricing – Revealing additional charges only at the final stage of a transaction.

 Hidden Ads – Disguising promotional messages as important banking alerts.

 Nagging – Repeatedly asking customers for permissions after they have declined.

 Tricky Wording – Using confusing language that may lead customers to unintentionally agree.

Loan agents can now contact customers only between 9 a.m. and 7 p.m., cannot visit homes or offices without permission, and must clearly identify themselves. Banks will be held directly responsible for any misconduct by their agents. Banks must also maintain and publish a list of approved agents on their websites and update it within seven days of any change.

The move follows concerns raised by Finance Minister Nirmala Sitharaman, who had earlier warned that forced insurance sales increase the financial burden on borrowers and urged banks to focus on their core banking responsibilities.