No more spam calls for loans, credit cards: TRAI, RBI launch digital consent system for banks

The Telecom Regulatory Authority of India (TRAI), in partnership with the Reserve Bank of India (RBI), has launched a pilot project to tackle the issue of spam calls related to loans and credit cards. 

Announced on June 13, 2025, the initiative aims to implement a digital consent management system, requiring telecom service providers (TSPs) to collaborate with banks to ensure that commercial communication only reaches consumers who have given their consent. This effort is a part of a broader move to offer relief to customers from the frequent nuisance of unsolicited calls.

Historically, TRAI has introduced various measures to combat spam calls, such as allowing consumers to file complaints against unregistered telemarketers and disconnecting telecom resources that have been misused for spam communication. 

Nevertheless, verifying consumer consent, especially for offline communications, remains a challenge. To mitigate this, the RBI has directed banks to utilise specific numbering series to distinguish between transactional and promotional calls, thereby reducing the risk of financial fraud via voice calls and SMS. This strategic move is expected to streamline the process and enhance consumer trust.

The new regulations mandate companies to obtain and register consent digitally within a secure system managed by TSPs. This system will facilitate easy verification of consent before any commercial communication is sent.

TRAI has highlighted that “however, for successful operation of this consent registration framework, onboarding of entities sending commercial communications is a necessary requirement.” This underscores the importance of integrating commercial entities into the new system to ensure its efficiency and effectiveness.

> What does this mean for consumers?

Digital consent is mandatory: Banks must now digitally register and verify customer consent before sending any promotional SMS or calls.

Full control to users: Consumers can view, manage, or revoke consents anytime via SMS, websites, or mobile apps.

Instant notifications: Every recorded consent will trigger a confirmation message with opt-out options, ensuring transparency.

> How will the new system work?

Three-month pilot: The rollout will happen in a controlled regulatory sandbox to assess real-world performance.

DLT-based tracking: Access providers will use Distributed Ledger Technology (DLT) to record, update, and store consent data.

Bank responsibility: Banks must upload both existing and new consents onto this secure digital framework.

> Modified SMS updates

Users will receive SMS updates from code ‘127xxx’ with details like:

Names of entities that hold their consent

Clear instructions on how to revoke it

Links or directions to view all active consents

The Ministry of Communications has emphasised the banking sector’s priority in the initial phase due to the sensitivity of financial transactions and the potential for fraud through spam calls. As stated by the ministry, “Given the sensitivity of banking transactions and cases of financial fraud through spam calls, the banking sector has been prioritised for the first phase of implementation. This pilot, running under a regulatory sandbox framework, will validate the operational, technical, and regulatory aspects of the enhanced consent registration function (CRF) and lay the foundation for sector-wise scaling of the digital consent ecosystem.”

Measures in the past

In January, the Reserve Bank of India (RBI) mandated banks to utilize the ‘1600xx’ phone numbering series exclusively for contacting customers for transactional purposes in order to combat financial fraud. Additionally, for promotional activities, banks and other regulated entities (REs) are instructed to utilize only the ‘140xx’ numbering series to prevent financial fraud through voice calls and SMS.

State Bank of India (SBI), the largest lender in the country, released a public advisory in June regarding the credibility of calls originating from numbers starting with +91-1600. This move was aimed at enhancing consumer safety within the digital banking landscape. The bank assured consumers that interactions with these numbers are secure and free from fraud risk, as they are solely used for transactional and service-related purposes.