The Reserve Bank of India's decision barring Kotak Mahindra Bank from taking on new customers through its online as well as mobile banking channels and issuing fresh credit cards will impact the lender’s co-branded card deals, industry experts have said.
They also said the order could impact the bank’s growth prospects in the short term. The ban followed an examination of the lender’s IT-systems over the past two years and its failure to address concerns, the central bank said in its April 25 order.
“The decision will impact the bank's overall business as well. Kotak Bank can't sell their top-selling Kotak Myntra card after this action,” said Sumantha Mandal, Founder, TechnoFino and CreditPedia.
The bank already has five co-branded credit cards — with IndiGo, PVR, Indian Oil Corporation, Myntra, and Metro Cash and Carry.
Banks and other issuers offer credit cards in collaboration with popular business including airlines, hotels, e-commerce platforms and fuel companies and also offer benefits to the holders.
"The decision would not only impact the bank's growth prospects in the short term but also reflected on its ability to protect customer data and follow regulations," said Sharat Chandra, Founder, EmpowerEdge Ventures.
Moneycontrol was the first to report that the bank was working to launch new mobile applications for Kotak811, the digital banking arm of the bank and a payments application.
Kotak Mahindra Bank is yet to respond to Moneycontrol’s emailed queries. The article will be updated when the response comes in.
IT trouble
The RBI has said the bank would continue to provide services to its customers, including to its credit card holders.
"These actions are necessitated based on significant concerns arising out of Reserve Bank’s IT Examination of the bank for the years 2022 and 2023 and the continued failure on part of the bank to address these concerns in a comprehensive and timely manner," the banking regulator said.
According to the central bank, serious deficiencies and non-compliances were observed in IT inventory management, patch and change management, user access management, vendor risk management and data security and data leak prevention strategy among others.
For two consecutive years, the bank was assessed to be deficient in its IT risk and information security governance, contrary to requirements under regulatory guidelines, the RBI said.
The compliance reports submitted by the bank were either inadequate, incorrect or couldn’t be sustained, the central bank said.
In the absence of a robust IT infrastructure and risk management framework, the bank’s Core Banking System (CBS) and online and digital channels suffered frequent and significant outages in the past two years. The recent one was a service disruption on April 15, resulting in serious customer inconveniences, the RBI said.
It also found that the bank was materially deficient in building necessary operational resilience on account of its failure to build IT systems and controls commensurate with its growth, the central bank said.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
