The Reserve Bank of India (RBI) took action against Kotak Mahindra Bank, barring it from onboarding new customers through online and mobile banking channels. The regulator also directed the bank to stop issuing new credit cards. This action stems from concerns identified by the RBI.
“Serious deficiencies and non-compliances were observed”: Why RBI takes action against Kotak Mahindra Bank
In a press release dated April 24, 2024, the regulator stated,”…Serious deficiencies and non-compliances were observed in the areas of IT inventory management, patch, and change management, user access management, vendor risk management, data security, and data leak prevention strategy, business continuity and disaster recovery rigour and drill, etc. For two consecutive years, the bank was assessed to be deficient in its IT Risk and Information Security Governance, contrary to requirements under Regulatory guidelines. During the subsequent assessments, the bank was found to be significantly non-compliant with the Corrective Action Plans issued by the Reserve Bank for the years 2022 and 2023, as the compliances submitted by the bank were found to be either inadequate, incorrect or not sustained.”
“In the absence of a robust IT infrastructure and IT Risk Management framework, the bank’s Core Banking System (CBS) and its online and digital banking channels have suffered frequent and significant outages in the last two years, the recent one being a service disruption on April 15, 2024, resulting in serious customer inconveniences,” the regulator mentioned.
Kotak Mahindra Bank under RBI lens: What happened on April 15, 2024?
What happened on April 15, 2024? Several customers of the Kotak Mahindra Bank were unable to use the bank’s mobile application on that day. They took to social media to express their dissatisfaction. Few of the customers even complained about the net banking, UPI, and debit card transactions not going through as well.
A customer wrote on social media platform X (formerly known as Twitter): @KotakBankLtd @kotak811 @udaykotak @jay_kotakone Facing issues while logging into Kotak mobile banking app. It’s a kind request to check this issue ASAP and resolve it soon. Screenshot is attached for your reference.
Replying to complaints of the customers, the official customer care handle of Kotak Mahindra Bank said,”We regret to inform you that our technical servers are currently experiencing intermittent slowness. We are working diligently to resolve the issue & restore services as soon as possible. We apologise for any inconvenience this may cause & appreciate your patience & understanding.”
“In the interest of customers”: RBI bars Kotak Mahindra Bank from certain banking facilities
Mentioning this incident in the press release, the RBI said, “The bank is found to be materially deficient in building necessary operational resilience on account of its failure to build IT systems and controls commensurate with its growth.””These actions are necessitated based on significant concerns arising out of Reserve Bank’s IT Examination of the bank for the years 2022 and 2023 and the continued failure on the part of the bank to address these concerns in a comprehensive and timely manner,” it added.
“The Reserve Bank, therefore, has decided to place certain business restrictions on the bank as mentioned above, in the interest of customers and to prevent any possible prolonged outage which may seriously impact not only the bank’s ability to render efficient customer service but also the financial ecosystem of digital banking and payment systems,” the RBI said.
On Kotak Mahindra Bank row, Jyoti Prakash Gadia, Managing Director at Resurgent India, said, “The restrictions on Kotak Mahindra Bank in respect of fresh onboarding of new customers through on line mobile banking and credit cards by RBI is indicative of the significant importance which RBI is laying on the need to have strong and sustainable Information Technology systems in the context of current growth of digital banking. While such new age private banks had set up good IT systems in the initial stages to create a niche market for them to attract new customers, upgradation of IT systems as the business grows is of utmost necessarity to ensure the required standards IT security and customer service. This is all the more relevant in today’s scenario of cyber crime proliferation, need for confidentiality of data and rapid increase in volume of digital transactions.”
“This is indicative of the fundamental general underlying need to have robust systems and procedures and the timely upgradation of the same in proportion to the increase in volume and complexity of business transactions,” he added.