Mumbai: The Reserve Bank of India (RBI) will act against banks that do not implement its guidelines on electronic security of their transactions and operations by October 2012, a senior official said Friday.
A working group, under the chairmanship of RBI Executive Director G. Gopalakrishna, has recommended strengthening the informattion technology architecture of banks and security measures to tackle cyber fraud.
“The banking regulator expects reasonable compliance. RBI will take a serious action against banks that do not implement the recommendations of the committee. By October 2012, banks will have to implement the recommendations,” Gopalakrishna said here.
“At present some banks do not have proper security policy, methods to monitor the service level agreements with third parties and inadequate audit trail,” he said. The working group submitted its report last January and the final guidelines were circulated to all banks, except regional rural banks, last April.
Inaugurating a seminar on “Banking on e-Security”, organised jointly by city-based Cyber Society of India and Indian Overseas Bank (IOB), Gopalakrishna said banks had awarded business to IT companies to comply with the recommendations of the committee.
The Indian Banks’ Association (IBA) has formed several committees for implementing the committee’s recommendations by member banks. Though the report had made 265 recommendations, all are not applicable for all the banks.
According to the report, banks with a high technology penetration will have to implement all the guidelines and those not having any major online transactions have to implement only some of its recommendations. Gopalakrishna said the committee had recommended the involvement of the top management in addressing the issues of security and many of the banks have started having IT professionals on their boards.
He said unlike in other countries where banking operations were considered crucial and telecom bandwidth was allotted on priority basis, in India banks did not get the required bandwidth to carry out their operations.
M.Narendra, chairman and managing director of IOB, said banking industry had spent lots of money in software but their usage was not at optimal level. He said banks apart from losing their money by compensating the customers for their loss owing to inadequate security measures would also face much bigger risk– the risk of losing their reputation.
K.Srinivasan, president, Cyber Society of India, said around 1.8 crore credit cards had been issued by Indian banks and around Rs.8,000 crore worth of transactions were done by the holders per month. “The banks have issued 26 crore debit cards and Rs.3,000 crore worth of transactions are done with them. On an average per month around Rs.200,000 crore worth of online banking transactions are being carried out in India. Hence securing their network for banks gains more importance,” Srinivasan said.