India - RBI imposes monetary penalty on Paytm Payments Bank Limited

The Reserve Bank of India (RBI) has, by an order dated October 10, 2023, imposed a monetary penalty of ₹5.39 Crore (Rupees Five Crore and Thirty Nine Lakh only) on Paytm Payments Bank Limited (the bank) for non-compliance with specific provisions of

• The ‘Reserve Bank of India (Know Your Customer (KYC)) Directions, 2016’,
• https://rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=11566
• ‘RBI Guidelines for Licensing of Payments Banks’ read with ‘Enhancement of maximum balance at end of the day’,
• ‘Cyber security framework in banks’ read with ‘Guidelines on reporting of unusual cyber security incidents’ and
• ‘Securing mobile banking applications including UPI ecosystem’.

This penalty has been imposed in the exercise of powers vested in RBI conferred under the provisions of Section 47A(1)(c) read with Section 46(4)(i) of the Banking Regulation Act, 1949.

This action is based on the deficiencies in regulatory compliance.

The fails

• It failed to identify beneficial owner in respect of entities onboarded by it for providing payout services,
• It did not monitor payout transactions and carry out risk profiling of entities availing payout services,
• It breached the regulatory ceiling of end of the day balance in certain customer advance accounts availing payout services,
• It reported a cyber security incident with delay,
• It failed to implement device binding control measure related to ‘SMS delivery receipt check’ and (vi) its Video Based Customer Identification Process (V-CIP) infrastructure failed to prevent connections from IP addresses outside India. In furtherance to the same, a notice was issued to the bank advising it to show cause as to why penalty should not be imposed on it for failure to comply with the said directions, as stated therein.

Source

https://rbi.org.in/scripts/BS_PressReleaseDisplay.aspx?prid=56541