Given the steep rise in cyber attacks in banks and their failure to report such incidents immediately, the Reserve Bank of India has taken a strict stance and issued a warning to the banks. The RBI has said that the banks must report cyber attacks within 2 to 6 hours. If they fail to do so, they will be fined with abetment charge which means they’ve helped the cyber criminals. This is a far cry in the RBI history but absolutely necessary in times when most banking institutions try to hide these matters as their reputation is often at stake.
The RBI deputy governor S S Mundra revealed that the RBI has received information on multiple cyber incidents — including ransomware, debit card frauds or unauthorised access to bank servers. He added that lenders have failed to report incidents in time which worsened the matter. The warning has come at a critical time as the government is pushing digital payments after the demonetization phase.
The move will allow the RBI to contain cyber crimes in the country. It is trying build high standards of security around all government-backed apps such as the Aadhaar-Enabled Payment System (AEPS) and the ‘BHIM’ app. Many of the banks also use these apps to allow users to transact and transfer money.
If the RBI becomes successful in forcing banks, it is expected to help the industry overall and thwart cyber crimes. The learnings will be helpful for even non-banking organizations. The banks need to understand that hacking or cyber crime is no longer limited to image or reputation. If they report the matter at once, it might save millions of users from losing their critical money. Other banks will also be on alert mode as it can happen to them. They would be able to take necessary measures against the attacks in advance.