In a shocking move, the Reserve Bank of India imposed restrictions on Kotak Mahindra Bank on Wednesday, April 24, 2024. The restriction bars the private lender from onboarding new customers through its online and mobile banking channels, and from issuing fresh credit cards.
The RBI’s action comes after growing concerns about Kotak Mahindra Bank’s information technology (IT) security practices. According to the central bank’s official statement, the bank was found to be “significantly non-compliant” with corrective action plans issued by the RBI for the years 2022 and 2023. These plans likely address deficiencies identified during the RBI examination of the bank’s IT infrastructure and risk management procedures.
“In the absence of a robust IT infrastructure and IT Risk Management framework, the bank’s Core Banking System (CBS) and its online and digital banking channels have suffered frequent and significant outages in the last two years, the recent one being a service disruption on April 15, 2024, resulting in serious customer inconveniences. The bank is found to be materially deficient in building necessary operational resilience on account of its failure to build IT systems and controls commensurate with its growth,” the RBI said in its circular.
Also Read: RBI Cracks Down on Unfair Interest Charges
The exact nature of these shortcomings remains undisclosed in the circular. However, these restrictions are liked to have a significant impact on Kotak Mahindra Bank’s customer acquisition and credit card business. The inability to issue new credit cards could also dampen the bank’s credit card business growth.
The RBI move highlights the growing importance of cybersecurity in the digital age. With an increasing number of financial transactions happening online, protecting customer data and safeguarding systems from cyber attacks is critical. As the sector embraces digitalization, prioritizing cybersecurity becomes non-negotiable.
