In continuation of my previous post, I have now placed a point by point comment on Chapter IX of the recommendations of the Working group on “Legal Issues”. The detailed note is available at Naavi.org
This note may be treated as an initial draft for the guidance of others who want to study the report and understand the implications. The recommendations consist of 18 points and there is a clear indication that RBI is being pressurized
by some of the members of the Group to recommend some anti customer suggestions.
A similar attempt was made in the S R Mittal Group also but the Group over ruled such members. I hope that even now the core of RBI officials who understand their role in protecting the interests of bank customers would not be swayed by the attempt of a few to derail the recommendations. However in order to meet any eventualities it is necessary for the public to raise their voice against any attempt to make Banks immune to assuming liabilities which are already there in law and which have been upheld by some recent judicial verdicts.

RBI must recognize that it is a “Regulator” of the Banking system in the interest of the economy and the citizens of India. RBI is not a “Promoter of Banks”. There is therefore no special need to introduce provisions that exempt Banks from liabilities which arise because of the general law of the land.

If each industry sector attempts to protect its members then SEBI can protect share brokers from online frauds, TRAI can protect telecom operators from telecom frauds and ultimately the suffering customer will be left to fight it out with the fraudulent customer.
If an attempt is made by RBI to introduce or recommend any provisions that provides immunity to Bankers against the liabilities they face in laws such as ITA 2008 or IPC, RBI will be open to the charge of acting against its constitutional obligations and the officials responsible for such recommendations could be open to be charged with malicious intentions.

It is recommended that RBI should not take any action that is aimed at protecting the banks against the interests of genuine customers who are being exposed to technology risks because Banks have been using untested technology and restricting their security efforts to what is “Commercially viable”.
Digital Signature as a means of authentication is the law of the land.  With the amendments in ITA 2008 there is a possibility of variants of “Electronic Signature” coming into place. RBI cannot therefore take any stand to endorse 2F authentication as even a temporary substitute measure.
The S.R Mittal Group had made the correct suggestion that Banks should obtain insurance to cover the losses arising out of hacking etc crimes. This provision should be extended even to losses arising out of failure of technology. The only instance where a customer should take the liability is when he himself is part of the fraud. It is open to the Banks to charge any of their Phishing victims as fraudsters if they so desire and try to prove it in the Court of law and also face defamation charges if their charge is not founded on sound reasons.
RBI should reiterate that “Legal Risk” for using authentication methods not supported by Law should be that of the Bank and as a business prudence they should get themselves insured. Such insurance should be at the cost of the Bank and not at the cost of the customer.
RBI should mandate that the annual report of every bank should contain a paragraph where the directors report on the Legal Compliance measures taken by the Bank in their Electronic Banking divisions.

Naavi of Naavi.org

Be Sociable, Share!