Sector Risks

Digital Rupee: A Risk Perspective

The Reserve Bank of India (RBI) recently announced limited pilots of its Central Bank Digital currency (CBDC) in form of Digital Rupee (e Rupee Symbol) for specific user groups. The first pilot is intended for use by select financial institutions for the settlement of secondary market transactions i.e interbank settlements and related wholesale transactions in government securities and is classified as (CBDC- W). This pilot commenced on Nov 1, 2022, with 9 participating banks i.e SBI, HDFC Bank ICICI Bank, Bank of Baroda, Union Bank of India, Kotak Mahindra Bank, Yes Bank, IDFC First Bank, and HSBC.

The second pilot, which commenced on Dec 1, 2022, focuses on retail participants and is referred to as (CBDC- R). This is available for all private sector, non-financial consumers, and businesses for a closed user group comprising retail customers and merchants. 5 participating Banks i.e SBI, ICICI Bank, IDFC First bank, and HDFC Bank are part of the (CBDC-R) pilot project and this phase is being launched in the cities of Mumbai, Delhi, Bengaluru, and Bhubaneshwar.

With these two pilots, India joins a group of countries, that are planning to or have already issued CBDC including Bahamas, Nigeria, Dominica, Russia, China, and Japan to name a few.

What is CBDC?

As per RBI, CBDC is a legal tender issued by a central bank in digital form. CBDC is the same as a sovereign currency (except that it is not in physical form but digital form) and is exchangeable one-to-one at par with the fiat currency. CBDC is also different from existing digital money available in India because a CBDC would be on the books of a central bank and not listed as a liability in the books of commercial banks. It is a fungible legal tender for which holders need not have a bank account and must be accepted as a medium of payment, legal tender, and a safe store of value by all citizens, enterprise, and government agencies.


As per RBI, CBDC is aimed to complement, rather than replace, the current form of money and is envisioned as an additional payment option for users. The central bank also believes that the digital rupee system will “bolster India’s digital economy, enhance financial inclusion and make the monetary and payment systems more efficient” In the concept note published on CBDC, RBI mentions that key motivating factors for the issuance of CBDC in various countries are specific and unique to that country’s requirement.

In the Indian context, RBI has mentioned multiple reasons including a reduction in cost associated with physical cash management, promoting efficiency and innovation in the payment ecosystem, supporting financial inclusion, and further striving towards digitation and achieving a ‘less cash economy. RBI’s concept paper also points to improving the cross -border transactions and restoring the public’s trust in digital currency as the motivation for the issuance of CBDC

Potential Risks: While CBDCs have immense potential to achieve some of the stated objectives as mentioned in the RBI concept note, CBDCs are also prone to potential operational risks which are outlined below

Privacy Risk: One of the biggest potential risk voiced by many is the lack of anonymity or privacy while using CDBC, unlike cash, which provides some amount of anonymity. CBDC being a digital currency will have a clear audit trail and leave a digital footprint. The concern is that it could lead to an invasion of privacy and misuse by government agencies. RBI has tried to address this concern by stating that they are working on solutions to make CBDC at par with physical currency when it comes to anonymity. This concern was also recently addressed by RBI Governor Mr. Shaktikanta Das, who mentioned that “there is no need to create a fear psychosis in the minds of people over privacy concern”. He further added that the rules that apply currently for physical cash transactions will apply in the case of CBDC as well.

Cyber Attack: As CBDC is a digital currency, CBDC ecosystem also carries the risk of cyber attacks from various state and non-state players, these attacks are becoming more prevalent in today’s world. RBI clearly states in its concept paper that CBDCs will be using cryptography to make the CBDC system safer as compared to the existing payment infrastructure. Strong cybersecurity practices and control protocols would need to be established to ensure that potential cyber-attacks can be prevented.

Business Continuity and Resiliency: Related to Cyber-attack is also the issue of the resiliency of the system to get back and recover as soon as possible post the cyber-attack. Being a digital currency platform, any downtime will erode the trust and confidence of the public in CBDCs. RBI concept paper clearly states that the “Business Continuity Planning” of CBDC would need to be of a higher standard as compared to existing payment infrastructure or another banking system. It further adds that the continuity aspects would need to be implemented across the whole CBDC ecosystem i.e Central Bank, Intermediary and Third -Party service providers

Online Fraud and Data Breaches: One of the critical drivers for the widespread adoption of CBDCs will be to proactively address the consumer’s concerns relating to the potential risk for online fraud and data breaches and ensure consumer protection is at the forefront of these pilots. This will help in building the confidence and trust of consumers to use CBDC.

A concerted effort to make consumers aware of their choices and proactively address concerns related to the privacy, and security of the CBDC ecosystem will go long way in addressing these concerns.

Limited Infrastructure in rural areas: One of the challenges faced to drive higher levels of financial inclusion is the lack of infrastructure and internet connectivity in rural areas, especially in remote areas. While the consumers will not need to have a bank account to use of CBDC, the suboptimal internet connectivity could act as a deterrent for the wider adoption of CBDC and may defeat the objective of financial inclusion


The two pilots being run by RBI will provide valuable insights into not only how the above-stated objectives outlined by RBI, can be achieved through the launch of CBDC, but also how CBDCs can be made more secure through enhanced risk management framework, avoiding any single point of failure, implementing strong cyber defense, building a resilient CBDC ecosystem and addressing privacy concerns of the customers. These steps will go a long way in building the trust and confidence of consumers in CBDC and the mass adaption of digital currency.

Blog Author: Jitender Arora, Certified Fellow of IRM, Deputy Chair – South Region, India – RIG


You may also like

Leave a reply

Your email address will not be published. Required fields are marked *

More in Sector Risks