April 25, 2024 11:12 am | Updated 11:12 am IST

The Reserve Bank of India (RBI) on Wednesday directed the Kotak Mahindra Bank Ltd. (Kotak Bank) to immediately stop onboarding new customers through its online and mobile banking channels and issuing fresh credit cards. The bank can, however, continue to serve existing customers, including credit card customers.

RBI said it observed “serious deficiencies and non-compliances” in the bank’s IT inventory management, patch and change management, user access management, vendor risk management, data security, and data leak prevention strategy, business continuity and disaster recovery rigour and drill, etc.

The bank’s Core Banking System (CBS) and its online and digital banking channels have suffered frequent and significant outages in the last two years because of an absence of robust IT infrastructure and IT risk management framework. This has caused serious customer inconveniences, RBI said.

“These actions are necessitated based on significant concerns arising out of Reserve Bank’s IT examination of the bank for the years 2022 and 2023 and the continued failure on the part of the bank to address these concerns in a comprehensive and timely manner,” the central bank said in its directive.

The RBI also said that it has observed rapid growth in the volume of the bank’s digital transactions, including transactions pertaining to credit cards, building further load on the IT systems.

“The bank has taken measures for adoption of new technologies to strengthen its IT systems and will continue to work with the RBI to swiftly resolve balance issues at the earliest,” Kotak Bank said in a statement through an external agency.

RBI’s business restrictions on Kotak Bank are aimed at preventing possible prolonged outages which can impact the bank’s ability to render efficient customer service as well as the financial ecosystem of digital banking and payment systems.

