The Reserve Bank of India (RBI) has wielded its regulatory authority, imposing a hefty fine of ₹5.39 crore on Paytm Payments Bank Limited, a subsidiary of Paytm. This eye-catching penalty is a result of the bank’s non-compliance with RBI’s stringent guidelines, particularly in the domains of Know Your Customer (KYC) norms and cybersecurity protocols.
The fine on Paytm underscores the central bank’s unwavering commitment to maintaining the integrity of India’s financial sector. It represents a strong stance against any lapses in critical compliance areas.
A Closer Look at Regulatory Scrutiny
RBI conducted a special scrutiny of the Paytm Payment Bank from a Know Your Customer (KYC) and Anti Money Laundering (AML) perspective. Simultaneously, a comprehensive system audit was conducted by auditors appointed by the RBI. This in-depth examination included the special scrutiny report, the comprehensive system audit report, and all relevant correspondences.
The findings unveiled multiple instances of non-compliance by Paytm Payment Bank Limited (PPBL):
- The Paytm Payment Bank failed to correctly identify beneficial owners of entities onboarded for providing payout services.
- The bank did not adequately monitor payout transactions or carry out risk profiling of entities availing payout services, among other deficiencies.
- The bank exceeded the regulatory ceiling set for end-of-the-day balances in certain customer advance accounts designated for payout services.
- Paytm Payments Bank reported a cybersecurity incident with a delay, contravening regulatory expectations.
- The bank also missed the mark when it came to implementing a critical device binding control measure related to the ‘SMS delivery receipt check.’
- The Video-Based Customer Identification Process (V-CIP) infrastructure of the Paytm bank failed to prevent connections from IP addresses outside of India.
In response to these revelations, RBI served Paytm Payments Bank with an official notice, asking for an explanation as to why a penalty should not be imposed for its non-compliance with the stated regulatory directions.
After carefully evaluating Paytm’s response to the notice and the verbal arguments presented during the personal hearing, RBI reached a decisive conclusion. It was clear that the allegations of non-compliance with the aforementioned RBI directives were well-founded, leaving no room for doubt. Consequently, the RBI deemed it necessary to impose a monetary penalty of ₹5.39 crore on the bank.
RBI’s fine on Paytm underscores the gravity of adhering to regulatory guidelines and the unwavering commitment of the RBI to uphold compliance standards in the banking sector.
A History of Regulatory Oversight
Paytm Payments Bank commenced its operations on May 23, 2017, following the acquisition of a license in 2015.
It’s, however, important to note that this isn’t the first time the RBI has taken regulatory action against the Paytm Payment Bank in India. In March 2022, the RBI issued a directive to Paytm Payments Bank, instructing them to halt the onboarding of new customers. Simultaneously, the bank was mandated to engage an IT audit firm to conduct a comprehensive System Audit of its IT infrastructure.
Further back, in October 2021, the RBI imposed a monetary penalty of ₹1 crore on Paytm Payments Bank for transgressions of specific regulations. This penalty was imposed following an examination by the RBI of the bank’s application for issuing a final Certificate of Authorisation (CoA). These instances emphasize the regulatory oversight that the RBI exercises in safeguarding the integrity and compliance of financial institutions.
As financial institutions navigate an evolving landscape, the watchful eyes of RBI stand as sentinels to ensure the safety and trust of both customers and the broader financial industry. The case of Paytm Payments Bank is a testament to the regulatory diligence ensuring a secure and robust financial system in India.
