New Delhi: The Reserve Bank of India (RBI) on Wednesday directed the Kotak Mahindra Bank to stop onboarding new customers through online and mobile banking channels. It has also halted the issuance of fresh credit cards with immediate effect.
However, existing customers of Kotak Mahindra Bank including credit card users, will continue to receive uninterrupted services as usual. This action comes as a result of deficiencies identified in the bank’s IT risk management, the RBI said.
For two consecutive years, the bank was found deficient in its IT Risk and Information Security Governance, contrary to regulatory guidelines. The business restrictions aim to prevent any potentially prolonged outage that may seriously impact not only the bank’s ability to provide efficient customer service but also the financial ecosystem of digital banking and payment systems.
In the absence of a robust IT infrastructure and IT Risk Management framework, the bank’s core banking system (CBS) and its online and digital banking channels have suffered frequent and significant outages in the last two years, the most recent being a service disruption on April 15, 2024.
“The bank is found to be materially deficient in building necessary operational resilience on account of its failure to build IT systems and controls commensurate with its growth,” the banking sector regulator said.
The RBI’s decision to impose business restrictions on Kotak Mahindra Bank aims to safeguard the interests of customers and ensure the stability of the financial ecosystem. The restrictions will remain in place until the completion of a comprehensive external audit commissioned by the bank with the RBI’s approval.
This is not the first instance of the RBI taking regulatory action against a leading Indian bank for IT-related issues. In 2020, HDFC Bank faced similar restrictions after repeated outages in its online platforms, leading to a halt in new digital launches and credit card issuances. The RBI partially lifted the ban in subsequent months.
