.svg)
India’s regulators are continuing to tackle fraud issues in the country with a new consent tool to crack down on spam going to consumers' phones.
The Telecom Regulatory Authority of India (TRAI) has launched a pilot project to test a new digital consent management system aimed at tackling the growing problem of spam calls and messages.
The initiative, developed in partnership with the Reserve Bank of India (RBI) and selected banks, follows a formal directive issued to telecom service providers on June 13, 2025.
The move by TRAI builds on a broader regulatory drive to tackle fraud and misuse of digital communications channels.
In January 2025, the RBI introduced a set of mandatory safeguards for banks, non-bank financial companies (NBFCs), and payment firms to protect customers from financial scams perpetrated via calls and SMS.
These safeguards include mandatory use of the Mobile Number Revocation List (MNRL), publication of verified customer service contact details on the government’s Sanchar Saathi platform, and adherence to TRAI’s commercial communications guidelines, including proper consent mechanisms and adherence to do not disturb (DND) preferences.
However, despite these measures, one of the persistent challenges has been the verification of customer consent for receiving commercial communications.
Many businesses continue to cite offline or unverifiable consent when challenged over unsolicited messages, and consumers often report that their data was acquired through deception or unauthorised sharing.
Under the Telecom Commercial Communications Customer Preference Regulations (TCCCPR), 2018, entities can send commercial messages to consumers if they have explicit consent, even if those consumers are registered on DND lists.
Improving practices
TRAI has been encouraging the use of a secure, interoperable digital consent registry to resolve disputes and improve transparency.
However, the regulator has suggested that onboarding businesses into this framework has been slow.
The new pilot project, prioritising the banking sector, seeks to bridge this gap.
Given the heightened risks of financial fraud through spam communications targeting bank customers, the pilot will test the operational, technical, and regulatory aspects of the enhanced Consent Registration Function (CRF).
It will operate under a Regulatory Sandbox framework, which the regulator says “will validate the operational, technical, and regulatory aspects of the enhanced Consent Registration Function (CRF) and lay the foundation for sector-wise scaling of the digital consent ecosystem”.
“TRAI remains committed to safeguarding consumer interest and enhancing trust in legitimate commercial communications,” the regulator has said.
Going forward, TRAI has said that it “will continue to work with sectoral regulators and stakeholders to ensure that the ecosystem evolves towards more secure, transparent, and consumer-centric practices”.
