The conversation around digital payment fraud in India just got a new voice, and it is coming from the crypto industry.
On Monday, Sumit Gupta, co-founder and CEO of CoinDCX, posted a detailed response on X to the Reserve Bank of India’s latest discussion paper, “Exploring Safeguards in Digital Payments to Curb Frauds.” The paper, released on April 9, proposes four structural changes to how digital transactions are processed in India, from forced delays on high-value transfers to a universal kill switch for banking accounts.
Gupta’s response is one of the first detailed public reactions from an Indian crypto exchange leader on the paper, and it carries weight for a simple reason. Weeks before the RBI paper dropped, CoinDCX had already committed ₹100 crore to build the Digital Suraksha Network (DSN), a private-sector effort aimed at exactly the kind of fraud RBI is now trying to regulate against.
The ₹10,000 threshold problem
The first of RBI’s four proposals is a one-hour lag credit on person-to-person digital transfers above ₹10,000. The idea is to create a cooling-off window where victims can cancel a transfer before it lands with a fraudster.
Gupta agrees with the intent, but not the number.
According to him, ₹10,000 is a low bar for a country where UPI handles everything from rent to grocery runs. He has suggested raising the threshold to at least ₹25,000, and has proposed a smarter design: apply the one-hour delay only to first-time transactions with a new recipient. Once a payee is whitelisted, transfers should remain instant.
This is a particularly relevant point for crypto users in India, who frequently move money between their bank accounts and FIU-registered exchanges. A blanket one-hour hold on every transfer above ₹10,000 would introduce friction at the onboarding stage, and potentially push more users toward offshore platforms that already operate outside India’s regulatory net.
Senior citizen safeguards and the ₹25 lakh credit cap
Gupta called the second proposal, a mandatory trusted-person approval for senior citizens and persons with disabilities on transactions above ₹50,000, a thoughtful safeguard. His only concern was execution, not intent.
The third proposal is where his pushback got sharper. RBI has suggested capping annual aggregate credits into individual and small business accounts at ₹25 lakh, with anything above the limit held as “shadow credits” pending additional verification. The measure is designed to disrupt mule account networks, which are central to most digital fraud operations in India.
Gupta argued that blanket credit caps are the wrong tool for the job. The real answer, in his view, is smarter onboarding combined with cross-institutional pattern detection. That happens to be exactly what DSN is building. One of its four pillars is an open fraud intelligence API designed to let exchanges, banks, fintechs, and digital lenders share scam data in real time, without freezing legitimate funds in the process.
The kill switch, and a Bharat precedent
The fourth proposal is the one Gupta rated the strongest. A customer-controlled kill switch would let any Indian disable all digital payment channels from their account in a single tap. No one, including the customer, can transact until reactivation, which would require full re-verification and possibly a branch visit.
Gupta called the idea simple and empowering, and even floated a more radical question: should new bank accounts come with digital payments turned off by default, and enabled only on request?
He drew a direct parallel to something India already has. UIDAI’s Biometric Lock feature on the mAadhaar app keeps Aadhaar biometric authentication switched off by default, and users unlock it temporarily for a 10-minute window when they actually need it. A similar architecture for digital payments, he argued, could give Indians a meaningful layer of self-defence against scams.
The kill switch model is not new globally. Similar features are already operational in Singapore and are being rolled out by several banks in Australia.
Why this matters for crypto
For India’s crypto sector, RBI’s proposals are not just a payments story. They strike at the exact pipeline that keeps Indian crypto running.
Every INR deposit into an exchange, every withdrawal back to a bank account, every P2P settlement involves the same UPI, IMPS, and net banking rails that RBI now wants to slow down, cap, or gate. If a one-hour lag applies to transfers above ₹10,000, a first-time user buying Bitcoin on CoinDCX could see their deposit sit idle for 60 minutes before the order can be placed.
In a market that moves in seconds, that delay is the difference between a filled trade and a missed one. The ₹25 lakh annual credit cap is even more consequential for active traders and Web3 founders who route business inflows through individual or proprietorship accounts, and who could suddenly find legitimate funds held in “shadow credit” mode.
This is also why Gupta’s whitelisting suggestion lands differently when read through a crypto lens. Indian exchanges are FIU-registered, KYC-compliant, and already visible to regulators. A framework that lets users pre-approve trusted recipients, including their own exchange accounts, would preserve the compliance trail RBI wants while keeping the speed that actual users need.
The alternative is the scenario the industry has been warning about for years: more friction on Indian platforms pushes users toward offshore exchanges, where RBI sees nothing at all.
The fraud angle hits even closer to home. Crypto exchanges are among the most heavily impersonated brands in India’s scam economy. Fake domains, cloned Telegram groups, and fraudulent “support” handles routinely trick users into sending money to accounts that have no connection to the real platform.
CoinDCX learned this at cost in March, when co-founders Sumit Gupta and Neeraj Khandelwal were detained by Thane Police in a ₹71.6 lakh fraud case tied to a fake website called coindcx.pro.
A Thane court granted bail in three days after finding no prima facie evidence, but the episode exposed how little infrastructure exists to separate real exchanges from the scams using their name. Between April 2024 and January 2026, CoinDCX alone flagged more than 1,200 fraudulent websites impersonating its domain.
That is the gap DSN is trying to close, and the reason Gupta’s response to RBI reads less like a critique and more like a playbook. The open fraud intelligence API, the WhatsApp helpline, and the law enforcement training programme on blockchain forensics are all designed to do what blanket caps and forced delays cannot: stop the fraud before the money ever moves.
If RBI’s final guidelines adopt the whitelisting and kill switch ideas while leaving room for industry-led intelligence sharing, Indian crypto gets a rare win, a regulatory environment that tightens on scams without choking the on-ramps that keep the ecosystem alive.
Where this is headed
RBI has invited public comments on the discussion paper through its Connect 2 Regulate portal until May 8, 2026. Draft guidelines will follow only after the feedback window closes.
For context, India’s fraud numbers are the reason the RBI is moving at all. Reported digital payment fraud cases jumped from 2.6 lakh in 2021 to 28 lakh in 2025, while the value of reported frauds rose from ₹551 crore to ₹22,931 crore over the same period.
Gupta’s closing line captures where the industry seems to be landing on this. India does not need to choose between speed and safety. It needs systems that deliver both. Whether the final version of RBI’s guidelines reflects that balance will shape not just UPI, but the entire rails that Indian crypto runs on.
Also Read: WEF YGL Nod for Sumit Gupta Puts India’s Crypto Reform Agenda in Spotlight
