RBI chief tells banks to maintain highest level of vigil against cyber attacks, digital frauds
Mumbai: RBI Governor Shaktikanta Das said on Friday that banks and financial institutions need to maintain the highest level of vigil and strengthen their IT systems keeping in mind the growing incidences of cyber-attacks globally.
The Reserve Bank’s supervisory assessments continue to stress the importance of improving Information Technology governance arrangements; making the technology systems, processes and infrastructure more resilient; and mitigating third-party risks.
Banks and other financial entities need to continuously invest in technology while also developing the right kind of capabilities to successfully tackle these challenges, the RBI Governor said at a media event here.
He said that another area of concern was the rise in digital fraud. Though many of such frauds are due to various social engineering attacks on customers, there is also a rapid increase in the use of mule bank accounts to perpetrate such frauds. This exposes the banks not only to serious financial and operational risks but also to reputational risks.
“Banks, therefore, need to strengthen their customer onboarding and transaction monitoring systems to monitor unscrupulous activities, including suspicious and unusual transactions. This also requires effective coordination with the law enforcement agencies so that the concerns occurring at a systemic level are detected and curbed in time,” he added.
Das also said that the RBI is working with banks and law enforcement agencies to strengthen transaction monitoring systems and ensure the sharing of best practices for the control of mule accounts and the prevention of digital fraud.
The RBI Governor also flagged the risk of third-party risk for banks and other financial institutions in outsourcing certain functions. While doing so, it is necessary to exercise strong oversight and monitoring of such outsourced activities. Regulations clearly provide that outsourcing of any activity by a regulated entity does not diminish its own obligations. Banks and NBFCs also need to consider whether cost optimisation strategies are leading to over-dependence on third-party vendors even for critical functions without commensurate oversight, he pointed out.
He also emphasised that the delinquency levels and leverage in small-ticket consumer loans warrant enhanced vigil and added that banks and NBFCs are expected to show prudence and avoid exuberance in giving out such unsecured retail credit.