The new RBI mis-selling rules mark a major shift for India’s banks: the Reserve Bank of India (RBI) has issued the Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Second Amendment Directions, establishing a strict legal framework to curb the rampant mis-selling of third-party products like insurance policies and mutual funds.

The final guidelines take effect on January 1, 2027, giving financial institutions a clear window to overhaul their distribution, marketing, and digital architectures.

The move is aimed directly at transforming the popular bancassurance business model—where banks use their branches to aggressively cross-sell high-commission insurance products and investment plans to unsuspecting retail customers.

1. Defining “Mis-Selling” for the First Time

Previously, mis-selling was a vague consumer grievance. The RBI has now codified it into five specific, legally defined offenses:

  • Profile Mismatch: Selling a financial product that does not align with a customer’s age, income, financial literacy, or risk appetite—even if the customer technically signed the paperwork.
  • Asymmetric Information: Selling a product by withholding critical terms, fees, or providing misleading/incomplete information.
  • Lack of Explicit Consent: Sneaking products into a portfolio without the user’s conscious authorization.
  • Compulsory Bundling: Forcing a customer to purchase a third-party product as a rigid prerequisite for a primary banking service (e.g., tying a home loan approval to a specific insurance policy).
  • Cross-Regulator Breaches: Any sales practice that SEBI, IRDAI, or PFRDA explicitly defines as mis-selling.

2. The End of Forced Product Bundling

The practice of forcing borrowers to buy expensive insurance policies from a bank’s tied-up insurance partner alongside a home or personal loan is now illegal.

The Nuance: If a bank requires credit-life insurance or a home protection plan to mitigate its loan risk, it can still request one. However, the customer must be completely free to buy that insurance policy from any provider of their choice. The bank cannot force its own preferred partner’s product.

3. Strict Digital Guardrails: Banning “Dark Patterns”

The guidelines take a heavy hammer to digital banking apps and websites, heavily restricting deceptive UI designs (dark patterns) and pre-checked boxes:

  • No Pre-Checked Consent: Opt-in checkmarks for insurance, personal loans, or mutual funds cannot be ticked by default.
  • Separation of Products: If a digital form contains multiple offerings, each product must be displayed individually. A customer must be able to select only what they want.
  • The Equivalence Rule: The option to decline marketing or cross-selling must be just as visible and simple as the option to accept. Furthermore, core services cannot be blocked if a user declines a promotional product.
  • Recorded Accountability: Implicit consent—such as silence, inactivity, or a user simply continuing to scroll an app—is invalid. Banks must securely store verifiable audit trails of explicit consent (via standalone physical/digital signatures, OTP validations, or recorded telephonic call transcripts shared back with the client).

4. Financial Blowback: Full Refunds and Compensation

To ensure banks take the rules seriously, the RBI has introduced a mandatory financial penalty structure:

  • If a customer proves a product was mis-sold, the bank is legally required to refund the entire amount collected and cancel the sale.
  • The bank must also financially compensate the customer for any losses caused by the mis-sold product, strictly following a board-approved compensation policy.
  • Customers have a standard window of 30 days from receiving their signed terms/agreement to lodge a formal mis-selling complaint.

5. Influencers, Affiliates, and the Incentive Ban

The framework completely alters the underlying economic incentives that drive aggressive sales targets:

  • Incentive Caps: Third-party product manufacturers (like insurance companies) are strictly banned from directly incentivising bank employees to push high-commission products.
  • Influencer Accountability: FinTech partners, lending service providers (LSPs), social media influencers, and digital marketing affiliates hired by banks are now legally classified as “Direct Selling Agents.” The bank bears 100% of the structural and legal responsibility for any misleading claims these entities make on their behalf.
  • The Post-Sale Health Check: Banks must establish an independent compliance vertical—completely separated from the sales team—to conduct random call-backs and surveys within 30 days of a sale to verify that the customer fully understood the risks, lock-in periods, and fees.

Impact on Bank Revenues: For investors, this regulation shifts bank fee incomes from being volume-led to quality-led. Private sector banks that rely heavily on cross-selling high-margin third-party products to boost non-interest fee income are expected to face near-term compliance headwinds and slower fee-income growth as they clean up their distribution networks before the January 2027 deadline.

The crackdown on bank-led cross-selling sits alongside other recent moves to tighten how financial firms charge retail users—for example, our report on PhonePe charging a ₹100 quarterly fee on inactive wallets shows how consumer-facing fee practices are under fresh scrutiny.

Frequently Asked Questions

What are the RBI mis-selling rules?

The RBI mis-selling rules are part of the Reserve Bank of India (Commercial Banks – Responsible Business Conduct) Second Amendment Directions. They legally define mis-selling for the first time, ban forced product bundling and digital dark patterns, and require banks to refund and compensate customers who are mis-sold insurance or mutual fund products.

When do the new RBI rules come into effect?

The final guidelines take effect on January 1, 2027. This gives banks a window to overhaul their distribution, marketing and digital systems before the deadline.

Can a bank still force me to buy insurance with a loan?

No. Forcing borrowers to buy insurance from a bank’s tied-up partner is now treated as compulsory bundling and is illegal. A bank may still require credit-life or home-protection cover to manage its loan risk, but you must be free to buy that policy from any provider of your choice.