Monday, May 2, 2011

Electronic Banking In India

This is the updated version of my previous article on same topic. Electronic banking in India or e-banking in India is increasingly being used by both banks and customers alike. This brings mobility and convenience to both banks and customers. However, with the benefits there are drawbacks of e-banking as well. This article addresses some of these concerns.

Reserve Bank of India (RBI) has come across many complaints and disputes regarding fraudulent credit card, online banking and ATM transactions. Even phishing incidences have sharply arisen in India resulting in loss of money of public at large. RBI ombudsmen office has been flooded with such complaints.

In these circumstances, online banking in India is risky. We have no e-banking laws in India and this also makes the mobile banking in India risky. Even RBI has acknowledged risks of e-banking in India.

E-banking in India cannot succeed till a strong legal framework in this is enacted. According to Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of India, we have no dedicated E-Banking Law in India. Although, RBI has issued many guidelines in this regard and even our Information Technology Act, 2000 contains some indirect and implied provisions for Internet or E-Banking yet we need a separate and dedicated law in this regard, opines Praveen Dalal.

Recently, G Gopalakrishna, the executive director of RBI, said that all Banks would have to create a position of Chief Information Officers (CIOs) as well as Steering Committees on Information Security at the Board Level at the earliest, informs Dalal. This step was taken to ensure proper Cyber Security Policies and Strategies at the highest Board Level of Banks, says Dalal.

Although RBI has mandated cyber due diligence for banks in India especially the due diligence for banks under IT Act 2000 yet banks have still to keep their functions in order. Indian banks are poor at cyber security and they are in no mood to appoint CIOs and steering committee.

Recently the final report of working group of RBI on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds has been released. It has prescribed the time limits for implementation of RBI recommendations on information security. With the deterrent approach of RBI towards non compliance, it would be safe to presume that CIOs, steering committee and cyber security related compliances would also be taken seriously by RBI.

It is high time for banks operating in India to keep their e-banking infrastructure technologically and legally sound. The best option for banks seems to be to adopt Techno Legal Measures that covers both Technical and Legal aspects of Banking, suggests Dalal.