The RBI on Wednesday barred Kotak Mahindra Bank from onboarding new customers through its online and mobile banking channels and issuing fresh credit cards with immediate effect as the lender found deficient in its IT risk management.
These actions, the RBI said, are necessitated based on significant concerns arising out of Reserve Bank’s IT examination of the bank for the years 2022 and 2023 and the continued failure on part of the bank to address these concerns in a comprehensive and timely manner.
“Serious deficiencies and non-compliances were observed in the areas of IT inventory management, patch and change management, user access management, vendor risk management, data security and data leak prevention strategy, business continuity and disaster recovery rigour and drill, etc,” the RBI’s statement said.
In an almost similar action, the RBI in December 2020 had barred HDFC Bank from issuing new cards and launching new digital initiatives after repeated instances of technological outages at the lender. The restrictions were later lifted in March 2022.
The Kotak Mahindra Bank has been directed “to cease and desist”, with immediate effect, from onboarding of new customers through its online and mobile banking channels and issuing fresh credit cards.
The bank shall, however, continue to provide services to its existing customers, including its credit card customers. “The bank shall, however, continue to provide services to its existing customers, including its credit card customers,” RBI said.
