Kotak Mahindra Bank Barred from Onboarding New Customers, Issue Fresh Credit Cards
Moneylife Digital Team 26 April 2024
The Reserve Bank of India (RBI) has ordered Kotak Mahindra Bank Ltd to cease and desist, with immediate effect, from on-boarding of new customers through its online and mobile banking channels and issuing fresh credit cards due to serious deficiencies related to information technology (IT) management of the lender.
 
In a release on the supervisory action, RBI says, "These actions are necessitated based on significant concerns arising out of Reserve Bank's IT examination of the Bank for 2022 and 2023 and the continued failure on part of Kotak Mahindra Bank to address these concerns in a comprehensive and timely manner." 
 
"Serious deficiencies and non-compliances were observed in the areas of IT inventory management, patch and change management, user access management, vendor risk management, data security and data leak prevention strategy, business continuity and disaster recovery rigour and drill. For two consecutive years, Kotak Mahindra Bank was assessed to be deficient in its IT risk and information security governance, contrary to requirements under regulatory guidelines. During the subsequent assessments, Kotak Mahindra Bank was found to be significantly non-compliant with the corrective action plans issued by RBI for 2022 and 2023, as the compliances submitted by the Bank were found to be either inadequate, incorrect or not sustained," it added.
 
According to RBI, in the absence of a robust IT infrastructure and IT risk management framework, Kotak Mahindra Bank's core banking system (CBS) and its online and digital banking channels have suffered frequent and significant outages in the past two years. The recent service disruption occurred on 15 April 2024, resulting in serious customer inconveniences. Kotak Mahindra Bank is found to be materially deficient in building necessary operational resilience on account of its failure to build IT systems and controls commensurate with its growth, it added.
 
In the past two years, RBI says it has been in continuous high-level engagement with Kotak Mahindra Bank on all these concerns with a view to strengthening its IT resilience, but the outcomes have been far from satisfactory. "It is also observed that, of late, there has been rapid growth in the volume of Kotak Mahindra Bank's digital transactions, including transactions pertaining to credit cards, which is building further load on the IT systems."
 
"The Reserve Bank, therefore, has decided to place certain business restrictions on Kotak Mahindra Bank, in the interest of customers and to prevent any possible prolonged outage which may seriously impact not only the bank's ability to render efficient customer service but also the financial ecosystem of digital banking and payment systems," it added.
 
RBI says the restrictions imposed on Kotak Mahindra Bank will be reviewed on completion of a comprehensive external audit to be commissioned by the lender with the prior approval of the central bank and remediation of all deficiencies that may be pointed out in the external audit as well as the observations contained in the RBI inspections, to its satisfaction. Further, these restrictions are without prejudice to any other regulatory, supervisory or enforcement action that may be initiated against Kotak Mahindra Bank by RBI.
Comments
Kamal Garg
9 months ago
Earlier it was HDFC Bank and now it is Kotak Mahindra Bank. The problem is that more and more and almost 100 % of all types of banking transactions are through CBS system with real time transaction recording and consequential ramification, result and analysis. And these banks have not upgraded their IT system and backbone to take on such massive increased load and that's why there are outages.
Good that RBI has taken serious action on the matter.
r_ashok41
9 months ago
RBI should not waited for two years to take action on the bank but should have give a max of 3 months to set right their IT system.Otherwise for two years lot of fraud might happen and then taking action will be late.In these type of issues when the whole country to going to go with digital transaction RBI the watchdog of our country should take immediate action
vupinto
Replied to r_ashok41 comment 9 months ago
Remember the money via the electoral bonds Kotak gave to you know who? That's the reason for the delay. Now that things are in the open the puppets at RBI of we know who play the saint game.
Kamal Garg
Replied to vupinto comment 9 months ago
Ha ha. Puppets at RBI and Saint game. Lovely.
ArrayArray
Free Helpline
Legal Credit
Feedback