The Reserve Bank of India (RBI) has, by an order dated April 26, 2024, imposed a monetary penalty of ₹5.00 lakh (Rupees Five lakh only) on The Sutex Co-operative Bank Ltd., Surat, Gujarat (the bank) for non-compliance with the directions issued by RBI on ‘Comprehensive Cyber Security Framework for Primary (Urban) Cooperative Banks (UCBs) – A Graded Approach’ and ‘Levy of Penal Charges on Non-Maintenance of Minimum Balances in Inoperative Accounts’. This penalty has been imposed in exercise of powers vested in RBI, conferred under the provisions of section 47A(1)(c) read with sections 46(4)(i) and 56 of the Banking Regulation Act, 1949.
The statutory inspection of the bank was conducted by RBI with reference to its financial position as on March 31, 2023. Based on supervisory findings of non-compliance with RBI directions and related correspondence in that regard, a notice was issued to the bank advising it to show cause as to why penalty should not be imposed on it for its failure to comply with the said directions.
After considering the bank’s reply to the notice and oral submissions made by it during the personal hearing, RBI found, inter alia, that the following charges against the bank were sustained, warranting imposition of monetary penalty. The bank (i) did not conduct Vulnerability Assessment (VA) and Penetration Testing (PT) of its internet facing mobile application as per the prescribed periodicity, and (ii) had levied penal charges for non-maintenance of minimum balances in inoperative accounts.
This action is based on deficiencies in regulatory compliance and is not intended to pronounce upon the validity of any transaction or agreement entered into by the bank with its customers. Further, imposition of this monetary penalty is without prejudice to any other action that may be initiated by RBI against the bank.
(Puneet Pancholy)
Chief General Manager
Press Release: 2024-2025/316 |