This article is written by Yashraj Bais. The article deals with the major legal issues faced by the Indian E-Banking system and what could be done to rectify them.
As the prosperity and growth of a country are dependent on its financial growth, therefore it is not wrong to say that the Banks are the growth engine of a Country. In the past decade, as the technology has grown it’s sphere in almost all the fields, the Banking Sector is also not untouched with it. The use of E-Banking in India, especially among the Corporate Houses is on its peak these days, the reason is it provides a user-friendly, instant platform to the customer to execute and perform their financial transactions very easily. It is pertinent to mention here that in E-Banking, the “E” stands for Electronic, therefore it is an accepted and acknowledged fact that the E-Banking will be banking via using electronic gadgets like Computer, Laptops and Mobiles. Now in today’s Cyber Era the advantages that the E-Banking offers to both customer and Banks are as follows:
- It widely removes all the traditional geographical barriers for reaching Bank to its customers, as E-Banking can be accessed from any part of the World very easily via the Internet. Therefore all C2B and B2C transactions can be very easily initiated and executed in this regard via E-Banking.
- It is also cost-effective to banks to provide user-friendly and instant platforms to it’s customers, and by virtue of this cut-throat competition, the quality of services among all the Banks has been tremendously increased. As it has created a healthy-competitive atmosphere among the Banks for providing maximum customer satisfaction to the customers.
- It even offers Bank Transactions at all times on holiday hours and also during this disastrous situation like Covid-19.
Major Issues in Indian E-Banking System
Though the Banks are providing virtual and user friendly E-Banking Systems in India, yet it is facing and suffering from some major loopholes which are likely causing harm and detriment to the privacy and security of the customers at large, some of such major issues are:
- Security and Privacy Risks: A recent study conducted in 2012 reveals that the Technology used in Cloud Computing for offering the E-Banking Services to its Customers are so weak and unsecured that it makes the Customers too vulnerable to Banking Frauds and E-Banking Scams. Even after taking preventive measures In this regard like Know Your Customer (KYC) and Biometric Finger Verification the security concerns and privacy issues are major roadblocks in the pathway of a smooth and successful E-Banking in India.
- Legal Issues: It is an accepted fact that despite having strict and specific statutes like Information and Technology Act, 2000 and Indian Penal Code, 1860 for curbing the Cyber Crimes, they are increasing day by day very rapidly and acting like a silent killer in our society. The present situation widely forecasts that there is still a lacuna in the present legal system and structure for tackling the Cyber Crimes and Criminals more strictly and perfectly.
It must be noted that the E-Banking is not a separate business among the Banking Channels, but it is only an additional facility provided by the Banks to its customers on an additional monthly charges like SMS, Annual Membership, etc. which is completely optional i.e. is dependent on the Customers to avail it or not. The Reserve Bank of India is regulated by the RBI Act, 1934 and for Electronic Records and System according to the provisions of Information and Technology Act, 2000.
It can be widely seen that despite having all this set of regulations and Hon’ble Authorities for the regulation and maintenance of E-Banking, even then we are not having any specific provisions for curbing the E-Banking Frauds and Cyber Frauds in India, rather than the traditional ones. Even if some of my able readers disagrees with me then too they must accept the fact that the enforcement structure and personnel involved in the same is too timid and un-trained which is the main reason behind the rapid increment in the Cyber Crimes in India, since the past decade. The Legal Framework of the Indian Banking System is governed by the following set of statutes which are as follows:
- The Banking Regulation Act, 1949
- The Reserve Bank of India (RBI) Act, 1934
- Foreign Exchange Management Act, 1999
- Indian Evidence Act, 1872
- Indian Contract Act, 1872
- Information and Technology (IT) Act, 2000
- Securitization and Reconstruction of Financial Assets and Enforcement of Security Interest Act (SARFAESI) Act, 2002
- Negotiable Instruments Act, 1881
Case Study: The ICICI Bank has kicked off the online banking in 1996 describing it as rubbish and useless, which was even done by the host of other banks. But even that the phrase from 1996 to 1998 was described as a “Adoption Phrase”, at-last which was even accepted by the ICICI Bank. But the usage of the E-Banking in India, raised gradually only from 1999, owing to lower ISP Charges, and increased penetration of PC’s with a tech-friendly atmosphere.
The Public Sector Units (PSU’s) since inception lagged in exercising and adopting the E-structuring and Internet Services. Among which the State Bank of India was the first bank in India who took the lead and was the primary in adopting the E-Banking Practices in India.
Provisions of Information and Technology Act, 2000
The Provisions of the Act, widely deals regarding the Management in offering of E-Banking Services by the Bank Channels along-with dealing to specific provisions for curbing the E-Banking Frauds and other ancillary Cyber Crimes.
- The Section 3(2) of the Information and Technology Act, 2000 provides specific provisions for a particular technology as a means of authenticating the records, like the Servers of Banks and other virtual platforms by virtue of which the Banks provide us the E-Banking Services.
- The Section 4 of the Information and Technology Act, 2000 further says regarding the security and privacy of a customers information that any matter which shall be in writing or in a type-written form/printed form, then notwithstanding anything contained in such law, such requirement shall be deemed to have been satisfied as true, if such information is rendered and certified in an electric form and is accessible so as to be usable for the subsequent references.
- The Section 72 and Section 79 of the Information and Technology Act, 2000 further provides the liability for Breach of Privacy of the Customers on the Service Providing Agency or the Intermediary which is responsible for providing the Data Service travelling through their servers on certain terms and conditions.
For improving the quality and status of the E-Banking services G. Gopalkrishna Working Group (GCWG) in 2011 has released a Report on the Security of E-Banking in India with some amendments on 29 April, 2009 which presently constitutes the current regulatory guidelines as an extension of IBG 2001.
Provisions of Indian Penal Code, 1860
The main provisions relating to dealing with the E-Banking Frauds in India are as follows:
- Section 383: Punishment of Extortion- Whosoever intentionally and illegally puts a person in fear to deliver any property or valuables to him, otherwise he will defame that person by posting some defamatory statement or Article against the said person shall be punished with imprisonment which may extend to three years, or fine, or both.
- Section 379: Punishment of Theft- Whosoever dishonestly take away the goods or any electronic record illegally from the possession of it’s rightful owner without his express consent shall be punished with imprisonment which may extend to three years or with fine or both.
- Section 406: Punishment of Criminal Breach of Trust- Whosoever mis-appropriates any movable property like computer device or any electronic device which was entrusted to him for a lawful purpose, causing wrongful damages to it’s owner shall be punished with imprisonment which may extend to three years or with fine or both.
- Section 417: Punishment of Cheating- Whosoever impersonates some other person which he is not or knowingly substitutes such person, and causes wrongful losses to the innocent victim shall be punished with imprisonment which may extend to one year, or fine or both.
- Section 471: Using as genuine a forged document or electronic record- Whosoever fraudulently or dishonestly uses as genuine any document or electronic record which he knows to be forged shall be punished with an imprisonment which may extend to two years or fine, or with both.
- Section 500: Punishment of Defamation- Whosoever knowingly publishes without any justification or reasonable cause any statement, image or document on social platforms, believing and knowing it to be false against any person, firm, company were such imputation will definitely lower the image and intellect of him in front of the general public, shall be punished with simple imprisonment which may extend to two years or fine or with both.
- Section 506: Punishment of Criminal Intimidation- Where a persons threatens other person to harm his reputation, life or property via an electronic means which induces that person to commit an illegal act or prevent him doing an act which is legally obligatory on him shall be punished with imprisonment which may extend to two years, or fine or both.
The main issues which are mainly faced by the banking Authorities are the Authentication of their customers. The instructions which have virtually been provided by the Customer have originally been lodged or requested by him only or someone is personating on behalf of him is the main issue. Even after enacting measures like OTP, PIN, relationship numbers, customer ID, etc. for securing the interests of the consumers, the Bank and Cyber Frauds are increasing day by day and have emerged as a major challenge before the Cyber Cells and concerned ancillary authorities. In this reference Section 3 (2) of the IT Act, 2000 provides that the concerned subscriber may authenticate an electronic record by affixing his digital signature on it.
However, there is no separate provision in the Information and Technology Act, 2000 for dealing with this Authentication Issue and securing the Interests of the consumers involved in the E-Banking. The Government should think the same and must enact some legislation or provisions in this regard to safeguard the interests of both consumers and Banks at large.
Suggestions and Measures
the Banking System is the life-blood of a Country and its Economy, therefore after analyzing the above issues in Indian E-Banking System, the suggestions and measures in this reference are as follows:
- The duty which is imposed on the Banks and NBFC’s to maintain the secrecy and confidentiality for the sensitive information of the customers must be statutorily recognized for giving it a legal status and imposing penalty on the Banking Authorities on it’s violation, so that it’s enforcement can be ensured more stringently than it is there presently.
- The Internal Auditing or the Statutory Auditing like it is their for the Government Companies by the Auditor appointed with the instructions of Comptroller and Auditor General of India must be made compulsory for all the Banks in India, at beginning we will face some teething issues but at last, it will result in maintaining the transparency in Internal Affairs of the Bank, which will ultimately serve the interests of the consumers and will result in their benefit at large.
- Some concrete measures like Biometric Authentication at the ATM Machines, or before logging in the E-Banking Website Portal which has started being opted by certain Banks in the Country must be made mandatory for all Banks by the Reserve Bank of India.
- Each Banks should incorporate one In-House Cyber Grievance Redressal Cell, who could directly deal with the Banking Frauds happening in their Banks, they must analyze their functions and affairs annually and send their Annual Report to the concerned State Cyber Cell or the District Cyber Cell for their Expert Advice and Guidance in this reference.
Banking System is an integral part of our Life in today’s era, but with the increasing trend and sphere of E-Banking in India, the Cyber and Bank frauds are also increasing with the same gravity. There is a concrete need that this issue must be paid acute heed by our present Government and must ensure more firm enforcement of Cyber Laws in this regard for curbing the same.
LawSikho has created a telegram group for exchanging legal knowledge, referrals and various opportunities. You can click on this link and join: