The Reserve Bank of India (RBI) has dealt a significant blow to Paytm Payments Bank Limited by imposing a hefty monetary penalty of ₹5.39 Crore (Rupees Five Crore and Thirty-Nine Lakh) for non-compliance with key provisions related to ‘Know Your Customer (KYC),’ ‘Licensing of Payments Banks,’ ‘Cyber Security Framework,’ and ‘Securing Mobile Banking Applications.’ The penalty, ordered on October 10, 2023, is an outcome of the RBI’s assessment of the bank’s shortcomings in regulatory adherence.
This article delves into the background of the penalty and the reasons behind this stringent action taken by the RBI.
Paytm Payments Bank’s Regulatory Breaches:
The penalty is the culmination of a thorough examination of Paytm Payments Bank’s regulatory compliance, with a focus on KYC (Know Your Customer) and AML (Anti Money Laundering) aspects. Additionally, a comprehensive audit of the bank’s systems was conducted by auditors appointed by the RBI.
The findings from these assessments revealed several glaring shortcomings in Paytm Payments Bank’s compliance:
- Failure to Identify Beneficial Owners: The bank did not adequately identify the beneficial owners of entities onboarded for providing payout services.
- Lack of Monitoring Payout Transactions: Paytm Payments Bank failed to monitor payout transactions and conduct risk profiling of entities availing payout services, which are crucial aspects of ensuring the bank’s integrity.
- Breach of Regulatory Ceilings: The bank breached the regulatory ceiling for the end-of-day balance in specific customer advance accounts availing payout services.
- Delayed Reporting of Cyber Security Incident: A significant lapse was noted in the bank’s reporting of a cyber security incident, which was reported with undue delay.
- Device Binding Control Measure: Paytm Payments Bank did not implement an essential device binding control measure related to ‘SMS delivery receipt check.’
- V-CIP Infrastructure Inadequacy: The bank’s Video Based Customer Identification Process (V-CIP) infrastructure failed to prevent connections from IP addresses outside India, raising concerns about security.
Background and RBI’s Actions:
In response to these regulatory breaches, RBI initiated proceedings by issuing a notice to Paytm Payments Bank. The notice requested the bank to provide a valid reason as to why a penalty should not be imposed for its failure to comply with RBI’s directives. In compliance with this notice, the bank submitted its response and presented its case during a personal hearing.
After a comprehensive evaluation of the bank’s response, along with the oral submissions made during the personal hearing, RBI reached a verdict. The regulatory authority concluded that the bank had, indeed, failed to comply with the directions outlined by RBI. Consequently, the imposition of a substantial monetary penalty on Paytm Payments Bank was deemed justified.
:
The ₹5.39 Crore penalty imposed on Paytm Payments Bank underscores the RBI’s commitment to ensuring strict adherence to regulatory norms. This action serves as a reminder to all financial institutions to maintain the highest standards of security, compliance, and adherence to KYC norms.
