RBI’s New Anti-Mis-selling Framework 2026: Compliance Obligations for Banks

Introduction

Starting with its recent establishment of an extensive anti-misuse framework aimed at improving consumer protections and encouraging accountable financial services across all financial services providers (banks, Non-Banking Financial Companies [NBFCs], fintechs and digital platforms) and as a part of its broader initiative to develop high-quality digital financial services for consumers through this anti-misuse framework, the Reserve Bank of India (RBI) has demonstrated its strong commitment to creating a culture of transparency, treating consumers fairly, ensuring that consumers are making informed decisions about purchasing financial products and services by obtaining their informed consent and distributing financial products responsibly across all channels both traditional and digital, as well as to protecting consumers from aggressive selling tactics, false advertising, hidden fees, and unauthorized cross-selling associated with the rapidly growing digital financial service sector. As a result the RBI has implemented all new rules that require all of the regulated entities and their agents to strictly comply with increased compliance obligations in order to provide, to each consumer, all information necessary to enable them to make informed purchasing decisions with respect to financial product(s) and/or service(s).

Understanding Mis-selling in Financial Services

Mis-selling happens when an individual is sold a financial product or service based on false promises, manipulation or misrepresentation of the product or service, or inappropriate recommendations based upon the customer’s needs. Some of the examples of mis-selling can include:

• Products that fail to meet the customers’ needs or risk tolerance;
• Not disclosing key details about fees, commissions or risks;
• Obtaining permission in ways that are manipulative;
• Making false or misleading statements about returns and benefits;
• Coercing a client to purchase a secondary product.

Why the RBI Introduced the New Framework

Digital Banking, Embedded Finance, BNPL (Buy now pay later) services, Online lending, and Fintech driven Distribution models have shown unprecedented growth in the Indian Financial Sector. However, these growing areas have brought about many New Risks, in addition to positive developments within Financial Inclusion.

The Reserve Bank of India (RBI) has seen an increase in the following types of issues:

• Misleading digital advertisements
• Bundling products without the consent of the customer
• Using manipulative user interfaces called “dark patterns” or “deceptive” designs
• Aggressive sales and telemarketing
• Lack of transparency in the distribution of Digital Lending Products and Insurance Products

Key Features of RBI’s Anti-Mis-selling Framework

1. Dark Patterns Are Forbidden

One of the key points in this Framework is the prohibition on using “dark patterns” in digital interfaces.

Dark patterns are interface designs that trick customers into deciding to do something that they probably wouldn’t have decided to do otherwise. The following are examples of dark patterns:

• Pre Tick Consent Boxes
• Hidden Cancellation Option
• Misleading Countdown Timers
• Forced Product Bundling
• Difficult-to-Cancel Mechanisms

Financial institutions are to provide their customers with options that are clear, transparent, and free of bias through their digital platforms (website, mobile). This requirement will be most applicable to fintechs and digital lenders whose business models rely heavily on obtaining customers via the internet.

2. Mandatory Informed Customer Consent

The Reserve Bank of India (RBI) now requires regulated entities to obtain explicit and informed consent from customers prior to selling or cross-selling financial products.

The requirement for obtaining consent is that:

• Consent must be given freely.
• Consent must be specific and informed.
• Consent must be clear and unambiguous.
• Consent may be withdrawn at any time.

The customer must receive adequate information on:

• The features of the product.
• The risks associated with the product.
• Any fees or charges associated with the product.
• The lock-in periods of the product.
• The eligibility criteria for purchasing the product.
• How to cancel the product.

As such, businesses are no longer able to rely on vague disclosures or bundled consent from clients.

3. Enhanced Transparency Requirements

At every stage of the customer experience, the framework stresses importance of providing clear and open ways to communicate with customers. To meet this obligation (i.e. providing true & accurate disclosure of information about their products), financial institutions need to ensure:

• That promotional (marketing) material accurately discloses the features of the product being represented
• That Terms/Conditions are presented in plain/understandable language
• That Risk is clearly identifiable and highly visible (i.e. important for customers to know)
• That your pricing for fees/ commissions are disclosed as clearly as possible

By failing to include or misstate a material fact could result in a regulatory violation.

The ultimate goal is to assist customers with making sound, informed financial choices without the influence of deceptive representation.

4. Accountability for Third-Party Agents and Intermediaries

Banks and NBFCs frequently distribute products through:

• Direct Sales Agents (DSAs)
• Fintech partners
• Business correspondents
• Digital marketplaces
• Referral agents
• Influencers and marketing affiliates

Under the new framework, regulated entities remain responsible for the conduct of these intermediaries.

This means that banks and NBFCs must:

• Conduct due diligence before onboarding partners.
• Monitor sales practices regularly.
• Establish grievance redressal mechanisms.
• Maintain oversight over outsourced functions.

Organizations can no longer avoid liability by attributing misconduct to third-party service providers.

5. Restrictions on Incentive Structures

The RBI is concerned that aggressive incentives will incentivize employees and agents to concentrate on sales volumes rather than customers’ needs. Financial institutions must also review their compensation programs so that they do not, at a minimum, promote the sale of unsuitable products, encourage coercive methods, or reward excessive cross-selling. Financial institutions must also increasingly build customer satisfaction, suitability assessments, and compliance metrics into their performance metrics.

6. Stronger Grievance Redressal Obligations

The framework further improves the ability of regulated entities to handle customer complaints.

Regulated entities must

• Provide customers with a means to make complaints that is easy to access.
• Investigate complaints of mis-selling quickly and thoroughly.
• Maintain accurate records of all complaints they receive and how they resolved each complaint.
• Take appropriate steps to escalate systemic issues caused by a particular business’s actions.

Regulated entities are expected to take a proactive approach to find recurring misconduct and make corrections to rectify the issue.

7. Refund and Remediation Measures

Institutions must provide suitable redress where there is evidence of mis-selling. This may include:

• Cancelling the product.
• Refunding any fees.
• Compensating customers for their loss.
• Providing corrective disclosures.

The focus of remediation is to put the customer back in the position they would have been if there had been no misconduct.

Impact on Banks, NBFCs and Fintech Companies

Banks

Banks will need to strengthen governance frameworks, review product distribution practices, and ensure that branch personnel and relationship managers follow suitability-based selling principles.

Internal audits and compliance reviews will become increasingly important.

NBFCs

NBFCs, particularly those involved in consumer lending and digital credit products, will need to reassess customer acquisition strategies and partner relationships.

Greater documentation of customer consent and disclosures will be Banking Institutions:

All banking institutions must further strengthen established governance frameworks, implement and review respective practices for product distribution and ensure that personnel at each of their branches and/or all of their Relationship Managers conduct suitability-based selling. Furthermore, internal audit and compliance review and oversight of branch, department and/or organizational level operations will be of utmost importance.

Non-Bank Financial Institutions (NBFCs):

NBFCs, especially regarding consumer lending and digital credit products, must conduct a comprehensive re-evaluation of customer acquisition approaches in addition to relationships with partners and/or vendors.

NBFCs will also be expected to increase the level of documentation so as to properly evidence consent from the customer and other required disclosures.

.

Fintech Companies

Compliance changes are the greatest challenges for companies in the FinTech industry. The following areas require quick attention from Fintechs:

• Design of a user interface.
• Consent Management systems.
• Product recommendation algorithms.
• Affiliate Marketing agreement.
• Customer communications.

If you are a FinTech business working with regulated entities you must ensure you comply with the expectations of the Reserve Bank of India.

E-commerce and Aggregation Platforms

Companies that provide the means by which consumers purchase financial services such as insurance and loans must ensure that their process for ranking and presenting financial service products is fair to consumers.

Any characteristic of a financial service product that can impact consumer purchases must be fully disclosed to the consumer in an honest manner.

• A Compliance Plan for Financial Institutions

Applying the Reserve Bank of India’s Anti-Mis-selling Guidelines will generally require organisations to do the following:

• Audit your employed compliance gap assessment

Examine your current sales practices, online website and user interface, your communications with customers and any arrangements with third-party suppliers to identify any compliance risk areas.

• Audit your customer consent process

Ensure that all consent given by your customers is fully explained in detail before being obtained.

• Audit your online user interface

Ensure that no so-called “dark patterns” or manipulative design features are used on any online interface you maintain.

• Strengthen third party governance

Implement formal due diligence procedures on your third-party suppliers, and monitor the performance of your third-party suppliers, have regular training sessions for your staff on responsible sales methods, consumer protection and acceptable regulatory expectations.

• Revise your internal policies

Ensure that your internal company policies governing the sale of and advertising of products clearly describe how to advertise financial services, how you deal with customer complaints and how staff can use incentives to increase sales.

• Establish a Policy for Monitoring Compliance

Create a monitoring and auditing process to proactively identify any potential mis-selling of your services.

The Anti-Mis-selling Framework 2026 of the Reserve Bank of India is the first step towards creating a consumer-centric financial regulation in India. The framework seeks to create trust and integrity throughout the financial services industry by banning dark patterns; creating mandatory informed consent; enhancing transparency requirements; and increasing accountability of service providers and their partners. The requirement that banks, NBFCs, FinTechs and Digital Platforms comply with regulatory disclosures is no longer adequate. Organizations must now present evidence that customer interests are the focus of their activities, including product design, marketing, distribution and service.

Organizations proactively adapting to these rules will be in a better position to mitigate regulatory risk and will also be able to enhance the level of trust customers have in them, thus providing they establish a foundation for long-term growth within the financial ecosystem as it evolves in India.

We LEGALLANDS LLP, a Legal500 ISO certified law firm provide services related to drafting Data Processing Agreements, Service-Level Agreements, Share-Purchase Agreements, Service Level Agreements, Terms and Conditions, Website Policies, Company Incorporation, Joint Ventures, Merger and Acquisitions, Intellectual Property Rights (Trademark, Copyright, Patents), Technology Transfer, Contract Conveyancing and Corporate Services, International Disputes (DGFT), Internation Trade (CEPA/FTA), Sports Law, Gaming Law, and Immigration Matters.