The Reserve Bank of India (RBI) has, by an order dated October 10, 2023 imposed a monetary penalty of ₹5.39 Crore (Rupees Five Crore and Thirty Nine Lakh only) on Paytm Payments Bank Limited (the bank) for non-compliance with certain provisions of the ‘Reserve Bank of India (Know Your Customer (KYC)) Directions, 2016’, ‘RBI Guidelines for Licensing of Payments Banks’ read with ‘Enhancement of maximum balance at end of the day’, ‘Cyber security framework in banks’ read with ‘Guidelines on reporting of unusual cyber security incidents’ and ‘Securing mobile banking applications including UPI ecosystem’. This penalty has been imposed in exercise of powers vested in RBI conferred under the provisions of Section 47A(1)(c) read with Section 46(4)(i) of the Banking Regulation Act, 1949. This action is based on the deficiencies in regulatory compliance and is not intended to pronounce upon the validity of any transaction or agreement entered into by the bank with its customers. Background A special scrutiny from KYC/AML perspective of the bank was conducted by RBI and a comprehensive system audit of the bank was conducted by auditors identified by RBI. The examination of the special scrutiny report, comprehensive system audit report and related correspondence pertaining to the same revealed, inter alia, non-compliance with the aforesaid directions by the bank to the extent (i) it failed to identify beneficial owner in respect of entities onboarded by it for providing payout services, (ii) it did not monitor payout transactions and carry out risk profiling of entities availing payout services, (iii) it breached the regulatory ceiling of end of the day balance in certain customer advance accounts availing payout services, (iv) it reported a cyber security incident with delay, (v) it failed to implement device binding control measure related to ‘SMS delivery receipt check’ and (vi) its Video Based Customer Identification Process (V-CIP) infrastructure failed to prevent connections from IP addresses outside India. In furtherance to the same, a notice was issued to the bank advising it to show cause as to why penalty should not be imposed on it for failure to comply with the said directions, as stated therein. After considering the bank’s reply to the notice and oral submissions made during the personal hearing, RBI came to the conclusion that the charge of non-compliance with the aforesaid RBI directions was substantiated and warranted imposition of monetary penalty on the bank. (Yogesh Dayal)
Chief General Manager Press Release: 2023-2024/1091 | |