Protect consumers from cybercrime, RBI directs banks

Mumbai: Banking regulator Reserve Bank of India (RBI) has issued a new comprehensive Master Direction to banks and NBFCs on Information Technology Governance, Risk, Controls and Assurance Practices, which spells out the role of Directors of these regulated entities to discharge their duties in order to safeguard the interests of customers.These directions incorporate, consolidate and update the guidelines, instructions and circulars on IT Governance issued earlier and will come into effect from April 1, 2024.

The guidelines have directed all regulated entities to keep a close watch on:‘Cyber events’ defined as any observable occurrence in an information system. Cyber events sometimes provide indication that a cyber incident is occurring.

Foreign banks operating in India have also been asked to follow the guidelines and to hold discussions with the RBI in case they have to seek an exemption in the case of any particular norm.

Cyber security includes preservation of confidentiality, integrity and availability of information through the cyber medium. In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved.Cyber incident is a cyber event.