India’s central financial institution on Wednesday ordered Kotak Mahindra Financial institution to instantly stop onboarding new prospects by way of its on-line and cellular banking channels, and to cease issuing recent bank cards, citing severe deficiencies within the financial institution’s IT methods and threat administration practices.
Kotak Mahindra Financial institution is likely one of the largest non-public banks in India. It’s additionally one of many key companions for a lot of fintech startups in India, together with KredX and Rupeek. The lender, additionally an investor in lots of startups, moreover works with many fintech companies to increase credit score to SMEs and MSMEs in addition to to concern co-branded bank cards.
The Reserve Financial institution of India (RBI) mentioned it was imposing the restrictions on Kotak Mahindra Financial institution due to important issues stemming from its IT examinations of the financial institution for the years 2022 and 2023. The central financial institution discovered severe deficiencies and non-compliance in areas reminiscent of IT stock administration, patch and alter administration, person entry administration, vendor threat administration, knowledge safety, and enterprise continuity planning, it mentioned.
Regardless of being underneath shut scrutiny and interesting in high-level discussions with the RBI over the previous two years, Kotak Mahindra Financial institution didn’t adequately handle these points and implement passable corrective measures, the central financial institution mentioned. The financial institution’s core banking system and digital channels have skilled frequent and important outages, with the newest disruption occurring on April 15, 2024, inflicting extreme inconvenience to prospects, the RBI added.
The RBI acknowledged that the fast development of digital transactions on the financial institution, together with bank card transactions, has put further pressure on the lender’s already weak IT methods. With out a strong IT infrastructure and threat administration framework, extended outages might significantly affect the financial institution’s capacity to supply environment friendly customer support, and probably hurt the broader digital banking and fee ecosystem, the central financial institution cautioned.
The restrictions imposed on Kotak Mahindra Financial institution might be reviewed upon completion of a complete exterior audit, commissioned by the financial institution with prior RBI approval, and the passable remediation of all recognized deficiencies, the RBI mentioned.
It is a growing story. Extra to comply with.
