RBI curbs on Kotak bank for ‘serious deficiencies’
The Reserve Bank of India (RBI) on Wednesday barred private-sector lender Kotak Mahindra Bank from signing up new customers through its banking website and mobile app, and restricted it from issuing fresh credit cards, citing “serious deficiencies” in the bank’s IT system.
The regulator said it found deficiencies and non-compliances in IT inventory management, patch and change management, user access management, vendor risk management, and data security, among others, over 2022 and 2023. The bank will continue providing services to existing customers, including its credit card customers, even as the restrictions remain in place.
As of March-end, the bank had 5.9 million credit cards, adding about a million cards in the last 12 months. India’s largest lender HDFC Bank added 3 million credit cards in the same period, showed data from RBI.
The regulatory stricture comes seven months after founder and former chief executive officer Uday Kotak stepped down ahead of his scheduled retirement. The bank’s new CEO Ashok Vaswani joined in January.
Earlier, the regulator had also imposed business restrictions on the largest private lenaffairs, der HDFC Bank in 2020, two months after former CEO Aditya Puri’s tenure ended and Sashidhar Jagdishan was elevated as CEO. After facing technology troubles in 2018 and 2019, RBI in December 2020 curbed fresh digital launches and ordered it to halt issuing new credit cards. The curbs were finally lifted in March 2022.
Public sector lender Bank of Baroda (BoB) too faced RBI’s wrath when it was barred from adding new customers on its mobile app in October, citing “material supervisory concerns”. This was a little over three months after new CEO Debadatta Chand took over from erstwhile chief Sanjiv Chadha. “For two consecutive years, the bank (Kotak) was assessed to be deficient in its IT risk and information security governance, contrary to requirements under regulatory guidelines,” it said.