The Reserve Bank of India (RBI) has recently mandated Kotak Mahindra Bank to halt the acquisition of new customers via online channels and mobile banking platforms. Additionally, the RBI mandated the bank to stop issuing fresh credit cards.

This action was taken under Section 35A of the Banking Regulation Act, 1949, which empowers the RBI to intervene if it deems that the operations of a banking company are detrimental to the interests of depositors or prejudicial to the interests of the banking company itself.

Reasons behind the directive

The RBI’s directive stemmed from concerns regarding data security and deficiencies in the IT infrastructure of Kotak Mahindra Bank for the years 2022 and 2023. Despite being made aware of these issues, the bank needed to adequately address them, leading to the directive.

Specifically, serious deficiencies and non-compliances were noted in areas like IT inventory management, patch and change management, user access management, vendor risk management, data security, data leak prevention strategy, and business continuity and disaster recovery procedures.

The central bank took decisive action due to Kotak Mahindra Bank’s failure to meet the standards set for managing IT risks and ensuring information security for two consecutive years, as required by RBI regulations.

Despite being provided with specific plans to rectify these issues; the bank was found to have yet to address them upon reevaluation by the RBI. Additionally, the reports submitted by the bank to the RBI were deemed inadequate, inaccurate, or unsustainable over time.

As per the RBI, Kotak Mahindra Bank experienced numerous significant outages in its core banking system and online services over the preceding two years, attributed to insufficient IT infrastructure and risk management.

Notably, a significant service disruption occurred on April 15, causing inconvenience to the bank’s customers. These disruptions were a result of the bank’s inability to establish robust IT systems and controls commensurate with its expansion.

Impact on Existing Customers

As per RBI, Existing customers of Kotak Mahindra Bank will continue to receive services as usual, including those with credit cards. Despite the directive, the bank’s branches will still cater to new customers, offering them all available services except for the issuance of new credit cards, as stated by Kotak Mahindra Bank in a released statement.

Bank’s Commitment

Furthermore, the bank emphasized its commitment to enhancing its IT systems by adopting new technologies and pledged to collaborate with the RBI to promptly address any outstanding issues. Kotak Mahindra Bank sought to reassure its current customers of uninterrupted access to services, encompassing credit cards, mobile banking, and net banking functionalities.

Sr.No.	Activity	Expected Timelines
1	KYC entered into KRA System and CKYCR	10 days of account opening
2	Client Onboarding	Immediate, but not later than one week
3	Order execution	Immediate on receipt of order, but not later than the same day
4	Allocation of Unique Client Code	Before trading
5	Copy of duly completed Client Registration Documents to clients	7 days from the date of upload of Unique Client Code to the Exchange by the trading member
6	Issuance of contract notes	24 hours of execution of trades
7	Collection of upfront margins from client	Before initiation of trade
8	Issuance of intimations regarding other margin due payments	At the end of the T day
9	Settlement of client funds	30 days / 90 days for running account settlement (RAS) as per the preference of client. If consent not given for RAS – within 24 hours of pay-out
10	‘Statement of Accounts’ for Funds, Securities and Commodities	Weekly basis (Within four trading days of following week)
11	Issuance of retention statement of funds/commodities	5 days from the date of settlement
12	Issuance of Annual Global Statement	30 days from the end of the financial year
13	Investor grievances redressal	30 days from the receipt of the complaint

Sr.No.	Type of Activity	Timelines for Activity
1	Receipt of Complaint	Day of complaint (C Day).
2	Additional information sought from the investor, if any, and provisionally forwarded to stock broker.	C + 7 Working days.
3	Registration of the complaint and forwarding to the stock broker.	C+8 Working Days i.e. T day.
4	Amicable Resolution.	T+15 Working Days.
5	Refer to Grievance Redressal Committee (GRC), in case of no amicable resolution.	T+16 Working Days.
6	Complete resolution process post GRC.	T + 30 Working Days.
7	In case where the GRC Member requires additional information, GRC order shall be completed within.	T + 45 Working Days.
8	Implementation of GRC Order.	On receipt of GRC Order, if the order is in favour of the investor, debit the funds of the stock broker. Order for debit is issued immediately or as per the directions given in GRC order.
9	In case the stock broker is aggrieved by the GRC order, will provide intention to avail arbitration	Within 7 days from receipt of order.
10	If intention from stock broker is received and the GRC order amount is upto Rs.20 lakhs	Investor is eligible for interim relief from Investor Protection Fund (IPF). The interim relief will be 50% of the GRC order amount or Rs.2 lakhs whichever is less. The same shall be provided after obtaining an Undertaking from the investor.
11	Stock Broker shall file for arbitration	Within 6 months from the date of GRC recommendation
12	In case the stock broker does not file for arbitration within 6 months	The GRC order amount shall be released to the investor after adjusting the amount released as interim relief, if any.

Sr.No.	DOs	DON’Ts
1	Read all documents and conditions being agreed before signing the account opening form.	Do not deal with unregistered stock broker.
2	Receive a copy of KYC, copy of account opening documents and Unique Client Code.	Do not forget to strike off blanks in your account opening and KYC.
3	Read the product / operational framework / timelines related to various Trading and Clearing & Settlement processes.	Do not submit an incomplete account opening and KYC form.
4	Receive all information about brokerage, fees and other charges levied.	Do not forget to inform any change in information linked to trading account and obtain confirmation of updation in the system.
5	Register your mobile number and email ID in your trading, demat and bank accounts to get regular alerts on your transactions.	Do not transfer funds, for the purposes of trading to anyone other than a stock broker. No payment should be made in name of employee of stock broker.
6	If executed, receive a copy of Power of Attorney. However, Power of Attorney is not a mandatory requirement as per SEBI / Stock Exchanges. Before granting Power of Attorney, carefully examine the scope and implications of powers being granted.	Do not ignore any emails / SMSs received with regards to trades done, from the Stock Exchange and raise a concern, if discrepancy is observed.
7	Receive contract notes for trades executed, showing transaction price, brokerage, GST and STT etc. as applicable, separately, within 24 hours of execution of trades.	Do not opt for digital contracts, if not familiar with computers.
8	Receive funds and securities / commodities on time within 24 hours from pay-out.	Do not share trading password.
9	Verify details of trades, contract notes and statement of account and approach relevant authority for any discrepancies. Verify trade details on the Exchange websites from the trade verification facility provided by the Exchanges.	Do not fall prey to fixed / guaranteed returns schemes.
10	Receive statement of accounts periodically. If opted for running account settlement, account has to be settled by the stock broker as per the option given by the client (30 or 90 days).	Do not fall prey to fraudsters sending emails and SMSs luring to trade in stocks / securities promising huge profits.
11	In case of any grievances, approach stock broker or Stock Exchange or SEBI for getting the same resolved within prescribed timelines.	Do not follow herd mentality for investments. Seek expert and professional advice for your investments.

Sr.No.	Guidance
1	Always deal with a SEBI registered Depository Participant for opening a demat account.
2	Read all the documents carefully before signing them.
3	Before granting Power of attorney to operate your demat account to an intermediary like Stock Broker, Portfolio Management Services (PMS) etc., carefully examine the scope and implications of powers being granted.
4	Always make payments to registered intermediary using banking channels. No payment should be made in name of employee of intermediary.
5	Accept the Delivery Instruction Slip (DIS) book from your DP only (pre- printed with a serial number along with your Client ID) and keep it in safe custody and do not sign or issue blank or partially filled DIS slips. Always mention the details like ISIN, number of securities accurately. In case of any queries, please contact your DP or broker and it should be signed by all demat account holders. Strike out any blank space on the slip and Cancellations or corrections on the DIS should be initialed or signed by all the account holder(s). Do not leave your instruction slip book with anyone else. Do not sign blank DIS as it is equivalent to a bearer cheque.
6	Inform any change in your Personal Information (for example address or Bank Account details, email ID, Mobile number) linked to your demat account in the prescribed format and obtain confirmation of updation in system
7	Mention your Mobile Number and email ID in account opening form to receive SMS alerts and regular updates directly from depository.
8	Always ensure that the mobile number and email ID linked to your demat account are the same as provided at the time of account opening/updation.
9	Do not share password of your online trading and demat account with anyone.
10	Do not share One Time Password (OTP) received from banks, brokers, etc. These are meant to be used by you only.
11	Do not share login credentials of e-facilities provided by the depositories such as e-DIS/demat gateway, SPEED-e/easiest etc. with anyone else.
12	Demat is mandatory for any transfer of securities of Listed public limited companies with few exceptions.
13	If you have any grievance in respect of your demat account, please write to designated email IDs of depositories or you may lodge the same with SEBI online at https://scores.gov.in/scores/Welcome.html
14	Keep a record of documents signed, DIS issued and account statements received.
15	As Investors you are required to verify the transaction statement carefully for all debits and credits in your account. In case of any unauthorized debit or credit, inform the DP or your respective Depository.
16	Appoint a nominee to facilitate your heirs in obtaining the securities in your demat account, on completion of the necessary procedures.
17	Register for Depository’s internet based facility or download mobile app of the depository to monitor your holdings.
18	Ensure that, both, your holding and transaction statements are received periodically as instructed to your DP. You are entitled to receive a transaction statement every month if you have any transactions.
19	Do not follow herd mentality for investments. Seek expert and professional advice for your investments
20	Beware of assured/fixed returns.

Recent Posts

Pritesh Sha

Solution Architect at Amazon Web Services

Mahesh Doshi

Solution Architect at Amazon Web Services

Nityam Vaghela

Solution Architect at Amazon Web Services

Download one of India's best trading app

Maximize Returns with India’s Top Green Energy Stocks

Bracket Orders – Advanced Strategies for Trading

Top 10 Benefits of Using Bracket Orders

Email :

Reasons behind the directive

Impact on Existing Customers

Bank’s Commitment

Pritesh Sha

Solution Architect at Amazon Web Services

Mahesh Doshi

Solution Architect at Amazon Web Services

Nityam Vaghela

Solution Architect at Amazon Web Services

Email :

Follow Us :