India’s central bank ordered Kotak Mahindra Bank to immediately cease onboarding new customers through its online and mobile banking channels and to stop issuing fresh credit cards, citing serious deficiencies in the bank’s IT systems and risk management practices.
Kotak Mahindra Bank is one of the largest private banks in India. It’s also one of the key partners for many fintech startups in India, including KredX and Rupeek. The lender, also an investor in many startups, additionally works with many fintech firms to extend credit to SMEs and MSMEs as well as in issuing co-branded credit cards.
The Reserve Bank of India said Wednesday it was imposing the restrictions on Kotak Mahindra Bank because of significant concerns stemming from its IT examinations of the bank for the years 2022 and 2023. The central bank found serious deficiencies and non-compliance in areas such as IT inventory management, patch and change management, user access management, vendor risk management, data security, and business continuity planning, it said.
Despite being under close scrutiny and engaging in high-level discussions with the RBI over the past two years, Kotak Mahindra Bank failed to adequately address these issues and implement satisfactory corrective measures. The bank’s core banking system and digital channels have experienced frequent and significant outages, with the most recent disruption occurring on April 15, 2024, causing severe inconvenience to customers, the RBI added.
This is a developing story. More to follow.