This Article is From Apr 25, 2024

Explained: Why RBI Stopped Kotak Mahindra Bank From Onboarding New Customers Online

The RBI has citeddata security concerns and deficient IT infrastructure at the Kotak Mahindra Bank.

Explained: Why RBI Stopped Kotak Mahindra Bank From Onboarding New Customers Online

Kotak Mahindra Bank is now prohibited from issuing new credit cards.

The Reserve Bank of India (RBI) has instructed Kotak Mahindra Bank to stop onboarding new customers online and through mobile banking platforms with immediate effect. As of March-end, Kotak Mahindra Bank had issued 59.54 lakh credit cards. It is now prohibited from issuing new credit cards.

Reasons behind the directive

The RBI has cited data security concerns and deficient IT infrastructure at the Kotak Mahindra Bank for 2022 and 2023 “and the continued failure on the part of the bank to address these concerns”, according to a press release.

Serious deficiencies and non-compliances in the areas of IT inventory management, patch and change management, user access management, vendor risk management, data security and data leak prevention strategy, business continuity and disaster recovery rigour and drill of Kotak Mahindra Bank prompted strong action from the country's central bank.

For two years in a row, Kotak Mahindra Bank did not meet the standards set for managing IT risks and ensuring information security, as required by the rules of the RBI. After checking again, the RBI found that the bank still hadn't fixed these issues, despite being given specific plans to follow. The bank's reports to the RBI were either not good enough, wrong, or could not be maintained over time.

According to the RBI, Kotak Mahindra Bank faced many major outages in its core banking system and online services over the past two years, due to inadequate IT infrastructure and risk management. The bank had a major breakdown in its services on April 15, troubling its customers. The issues occurred due to the bank's failure to set up strong enough IT systems and controls to handle its growth.

"In the past two years, the Reserve Bank has been in continuous high-level engagement with the bank on all these concerns with a view to strengthening its IT resilience, but the outcomes have been far from satisfactory,” the RBI said.

Rapid growth in digital transactions

The RBI also noted a huge increase in Kotak Mahindra Bank's digital transactions, like credit cards, putting added strain on its IT system. The RBI, therefore, decided to place certain business restrictions on the bank in the interest of customers and to prevent any possible prolonged outage which may seriously impact not only the bank's ability to render efficient customer service but also the financial ecosystem of digital banking and payment systems, the central bank said.

Impact on existing customers

Existing Kotak Mahindra Bank customers, including those with credit cards, will still be able to access their services as usual. The RBI clarified that the bank would continue to serve its current customer base without interruption.

What Kotak Mahindra Bank said

Kotak Mahindra Bank said that its branches will continue to provide their customers with all banking services, except for issuing new credit cards. “We want to reassure our existing customers of uninterrupted services, including credit card, mobile and net banking. Our branches continue to welcome and onboard new customers, providing them with all the Bank's services, apart from issuance of new credit cards,” they said.

“The Bank has taken measures for adoption of new technologies to strengthen its IT systems and will continue to work with RBI to swiftly resolve balance issues at the earliest.  We want to reassure our existing customers of uninterrupted services, including credit card, mobile and net banking,” the statement further read.

.