The Reserve Bank of India (RBI) has taken a decisive step by prohibiting Kotak Mahindra Bank from onboarding new customers through its online and mobile banking channels. Additionally, the bank is barred from issuing fresh credit cards. However, existing customers, including credit card holders, will continue to receive services from the bank.
The regulatory action comes in response to significant concerns arising from the RBI’s IT examination of Kotak Mahindra Bank for the years 2022 and 2023. The central bank identified serious deficiencies and non-compliances in various critical areas:
- IT Inventory Management: The bank’s management of IT assets was found lacking.
- Patch and Change Management: Inadequate processes for managing software updates and changes.
- User Access Management: Insufficient controls over user access to systems.
- Vendor Risk Management: Weaknesses in assessing and managing risks associated with third-party vendors.
- Data Security and Leak Prevention: The bank’s data security measures were not up to par.
- Business Continuity and Disaster Recovery: The bank’s readiness for handling disruptions was inadequate.
Furthermore, Kotak Mahindra Bank faced challenges in building necessary operational resilience.
Its Core Banking System (CBS) and digital banking channels experienced frequent and significant outages over the past two years. The most recent disruption occurred on April 15, 2024, causing inconvenience to customers.
Also Read: RBI Imposes Penalty on Fatehabad Central Cooperative Bank for Non-Compliance with Unclaimed Funds Transfer Rules RBI Imposes Monetary Penalty on NABFINS Limited for Non-Compliance
The RBI’s decision reflects the bank’s failure to address these concerns comprehensively and promptly. For two consecutive years, the bank fell short in IT risk management and information security governance, contrary to regulatory guidelines.
In light of these findings, the RBI has directed Kotak Mahindra Bank to cease onboarding new customers and issuing fresh credit cards until it rectifies the deficiencies. The bank must urgently enhance its IT infrastructure and risk management framework to ensure operational stability and customer satisfaction.
Read more on : NDTV
Link to Orginal Notification: Supervisory Action against Kotak Mahindra Bank Limited under Section 35A of the Banking Regulation Act, 1949
Discover more from NewNerve
Subscribe to get the latest posts sent to your email.