The RBI’s decision comes from worries highlighted during the bank’s IT review for 2022 and 2023.
New Delhi: Due to worries about data security and lacking IT infrastructure, the Reserve Bank of India has stopped Kotak Mahindra Bank from accepting new customers online and issuing new credit cards right away. However, they can still assist their existing customers, including those with credit cards. This directive issued under Section 35A of the banking regulation Act 1949 comes into immediate effect.
The RBI stated that these measures are taken due to “major worries arising from the Reserve Bank’s IT review of the bank for 2022 and 2023, and the ongoing failure of the bank to effectively and promptly resolve these concerns.” The RBI mentioned that there were “major shortcomings” in how Kotak Mahindra Bank handles its IT resources and safeguards its data. “We observed significant shortcomings and failures to comply in IT inventory management, patch and change management, user access management, vendor risk management, data security, data leak prevention strategy, business continuity, disaster recovery planning, and more.
For two years straight, the bank didn’t meet the necessary standards in IT Risk and Information Security Governance, as required by regulatory guidelines,” the RBI explained. In later evaluations, the bank was discovered to be largely non-compliant with the Corrective Action Plans provided by the Reserve Bank for 2022 and 2023. The bank’s submitted compliances were either insufficient, inaccurate, or not maintained,” it further stated. As of December 31st of last year, the bank served 4.8 crore customers through 1,869 branches and 3,239 ATMs.
