News Details- (Get Professional Updates on Whatsapp, Msg on
8285393786) More
News
RBI slams foreign banks on data rule
PrintThe Reserve Bank of India (RBI) has pulled up several multinational banks operating in the country for not providing a board-approved system audit report certifying compliance with its data-localisation norms.
In a recent communication, the RBI said that a majority of banks are yet to submit system audit reports certifying compliance to data storage norms even after three years since the issuance of the circular.
It also said that many foreign banks have said that the audit norms did not apply to them and this was not acceptable. The central bank had asked banks to submit their compliance along with a plan of action on or before May 15, 2021.
Sources said that recently, the banking regulator had a discussion with some of the foreign banks where it made its displeasure known. According to sources, several foreign banks have been unable to issue an audit report stating that all personal and non-personal transaction data which has been sent overseas for processing has been permanently deleted. Last month, the central bank barred American Express Bank and Diners Club from on-boarding new customers citing violation of data storage norms.
The issue relating to data localisation is similar to the one that Google and WhatsApp had faced. What makes it challenging for banks is that RBI’s “on soil” data storage norms. These have a condition that payments data have to be stored “only” in India and no copy should exist outside the country. Many banks had responded to the RBI’s directive and said that much of their processing was centralised and it was not feasible to restructure global operations and create a separate hub in India. The RBI then clarified that while data can be stored only locally, it can be sent intraday for processing but should be deleted from offshore servers in 24 hours.
Banks are required to provide a system audit report certifying compliance with the RBI rules. The audit has to be conducted by auditors empanelled by the Indian Computer Emergency Response Team (CERT-In, in the ministry of electronics and information technology). The auditors study the IT infrastructure of the organisation and identify all the storage locations. The auditors also have to ascertain that data is being deleted from offshore servers.
In a recent communication, the RBI said that a majority of banks are yet to submit system audit reports certifying compliance to data storage norms even after three years since the issuance of the circular.
It also said that many foreign banks have said that the audit norms did not apply to them and this was not acceptable. The central bank had asked banks to submit their compliance along with a plan of action on or before May 15, 2021.
Sources said that recently, the banking regulator had a discussion with some of the foreign banks where it made its displeasure known. According to sources, several foreign banks have been unable to issue an audit report stating that all personal and non-personal transaction data which has been sent overseas for processing has been permanently deleted. Last month, the central bank barred American Express Bank and Diners Club from on-boarding new customers citing violation of data storage norms.
The issue relating to data localisation is similar to the one that Google and WhatsApp had faced. What makes it challenging for banks is that RBI’s “on soil” data storage norms. These have a condition that payments data have to be stored “only” in India and no copy should exist outside the country. Many banks had responded to the RBI’s directive and said that much of their processing was centralised and it was not feasible to restructure global operations and create a separate hub in India. The RBI then clarified that while data can be stored only locally, it can be sent intraday for processing but should be deleted from offshore servers in 24 hours.
Banks are required to provide a system audit report certifying compliance with the RBI rules. The audit has to be conducted by auditors empanelled by the Indian Computer Emergency Response Team (CERT-In, in the ministry of electronics and information technology). The auditors study the IT infrastructure of the organisation and identify all the storage locations. The auditors also have to ascertain that data is being deleted from offshore servers.
Category : RBI | Comments : 0 | Hits : 1467
Get Free Daily Updates Via e-Mail on Income Tax, Service tax, Excise and Corporate law
Search News
News By Categories More Categories
- Income Tax Dept serves notices to salaried individuals for documentary proof to claim exemptions
- Bank Branch Audit 2021 - Update on allotment of Branches
- Bank Branch Audit 2020 Updates
- Bank Branch Audit 2021 Updates
- Bank Branch Audit 2020 - Update on Allotment of Branches
- Police Atrocities towards CA in Faridabad - Its Time to be Unite
- Bank Branch Statutory Audit Updates 2019
- Bank Branch Statutory Audit Updates
- Bank Branch Audit 2022 Updates
- Bank Branch Statutory Audit Updates
- NFRA Imposes Monetary penalty of Rs 1 Crore on M/s Dhiraj & Dheeraj
- ICAI notifies earlier announced CA exam dates despite pending legal challenge before SC
- NFRA debars Auditors, imposes Rs 50 lakh penalties for lapses in Brightcom, CMIL cases
- GST Important Update - Enhancement in the GST Portal
- NFRA Slaps Rs 5 lakh Penalty on Audit Firm for lapses in Vikas WSP Audit Case
- CBDT extends due date for filing Form 10A/10AB upto 30th June, 2024
- RBI comes out with FEMA regulations for direct listing on international exchange
- RBI directs payment firms to track high-value, fishy transactions during elections
- NCLT orders insolvency proceedings against Subhash Chandra
- Income Tax dept starts drive to dispose of appeals, 0.54 million at last count
- Payment of MCA fees –electronic mode-regarding
- Budget '11-12' Parliament Completes Approval Exercise
- Satyam restrained from operating its accounts
- ICICI a foreign firm, subject to FDI norms: Govt
- Maha expects Rs 15 crore entertainment tax revenue from IPL
- CAG blames PMO for not acting against Kalmadi
- No service tax on visa facilitators: CBEC
- Provision of 15-minutes reading and planning time allowance to the candidates of Chartered Accountants Examinations
- Companies Bill to be taken up in Monsoon Session
- File Service Tax Return in time as Maximum Penalty increased 10 times to Rs. 20000
Comments