Non-compliance to RBI cybersecurity regulations costs Standard Chartered Rs 1.95 Crore and SBI Rs 1 Crore
Indian regulators are gearing up with a tough stance on organizations, especially in the banking sector. In the latest action, Reserve Bank of India has sent a severe message to all peers and imposed a hefty fine of Rs 1.95 crore on Standard Chartered Bank for being non-compliant with the apex banker's directions concerning cyber security, credit card and electronic banking operations. In addition, the State Bank of India (SBI) was fined Rs 1 crore for not complying with the directions laid down under 'Reserve Bank of India (Frauds classification and reporting by commercial banks and select FIs) directions 2016’.
For the fine on SBI, the apex banker stated, "A scrutiny was carried out by the RBI in a customer account maintained with the bank and the examination of the scrutiny report and all related correspondence pertaining to the same, revealed, inter alia, non-compliance with the aforesaid directions to the extent of delay in reporting of fraud in the said account to RBI."
In its order for Standard Chartered, the banking regulator stated, "This action is based on the deficiencies in regulatory compliance and is not intended to pronounce upon the validity of any transaction or agreement entered into by the bank with its customers."
It cited four broad reasons that led to a fine for non-compliance on the private bank. They include, failure to conduct shadow reversal in case of unauthorized electronic transactions, not reporting cyber security incidents within the prescribed time limit, authorizing the direct sales agents (outsourced third party) to conduct KYC verifications, and failure to ensure integrity and quality of data submitted in CRILC.