GEETA INSTITUTE OF LAW

Banking law

RESERVE BNK OF INDIA ROLE IN REGULATION OF COMPUTER BANKING, E-

BANKING AND INTERNET BANKING IN INDIA of B.A LLB 9th (Sem)

Submitted by: submitted to:

Vaibhav jamwal Adv. Chirag Goel

B.ALL.B TH (9Sem) Assistant Professor,

Geeta Institute of Law

 Acknowledgment

This is to express my earnest gratitude and extreme joy at being bestowed with an opportunity to get an
interesting and informative project on

“RESERVE BA NK OF INDIA ROLE IN REGULATION OF COMPUTER BANKING, E- BANKING

AND INTERNET BANKING IN INDIA”

I would like to thank all the people who have helped me in complementation of project, I would anvil the
opportunity to express my profound gratitude and ineptness to all those people. I am extremely grateful to
my project guide

Asst Prof. Adv. Chirag Goel

Who has given an opportunity to work on such an interesting project? He proved to be a constant source of
inspiration to me and provide constructive comments on how to make their Assessment better. Credit also
goes to my friends whose constant encouragement kept me in good stead. Lastly without fail I would thank
all my facilities for providing all explicit and support to me during the course of my project.

Vaibhav
Contents
Introduction:............................................................................................................................................ 1
The legal structure of e-banking in India: ................................................................................................. 2
Reserve Bank of India minimum standards on e-banking: ........................................................................ 2
Legal Issues:............................................................................................................................................ 3
Information Technology Act, 2000 (“IT Act”): ........................................................................................ 4
Overlap and disconnect between Indian Penal Code (“IPC”) and IT Act: ................................................ 5
Legal remedies and some solutions to the problems in the existing legal structure: ................................... 5
Conclusion: ............................................................................................................................................. 7
References:.............................................................................................................................................. 8
Introduction:
The linking of the internet and banking has made the procedures, techniques and processes of
banking simpler, easier, faster and efficient. Since the internet works on big chunks of data that
are exploited by malicious elements, such as hackers, spammers, drudgers and infection vector
creators who target and compromise data of financial institutions by using unlawful methods to
put the safety, security and privacy of various individuals who confide, rely and trust the Banking
infrastructure of India at risk. To protect the faith reposed by Indians in the Banking System, there
are laws enacted by the Parliament of India to protect the confidence placed in the e-banking
system, meanwhile, the currently existing legal structure is sufficient but due to the entry of
artificial intelligence and daily evolution of technology, the current legal structure might fall short
by a yardstick until and unless it undergoes an upgrade to protect Indian consumers. The objective
of this paper is to analyses the existing legal structure of e-banking and give some constructive
recommendations to upgrade, improve, enhance, and adapt to the forthcoming future of the
banking processes in India.

Banking is defined as the business of accepting monetary deposits from the public with the sole
objective of loaning, or financing, repaying money on receiving requests, and withdrawal of
money via any financial instrument. The internet has been called the “highway of information”
because it possesses the capability to connect billions of people across the globe at the touch of a
button at the same time internet uses IP Addresses (Internet Protocol Address) to identify, locate
and detect servers across its network to communicate information in bytes across the network laid
down by the Service Provider.

1
The legal structure of e-banking in India:
E-Banking or Internet Banking has eliminated the need for paper and physical financial
instruments because funds, money and capital can be easily accessed and transferred to the
beneficiary on this online platform, therefore Internet Banking has reduced problems like
geographical barriers, lack of infrastructure, cost, difficulty in obtaining loans and time
consumption. Therefore, it is important to know the existing legal structure of e-banking and the
challenges that lie therein.

Reserve Bank of India minimum standards on e-banking:

On 17th October 2000 the Ministry of Information Technology issued a notification exercising
its authority under the Information Technology Act, 2000. Pursuant to this notice the Reserve
Bank of India (hereafter referred to as “RBI”) issued a notification dated 14.06.2001 and formed
the S.R. Mittal Working Group Committee and subsequently the previous notification of 14th
June 2001 was amended by RBI notification dated 20.07.2005, where the need for the approval
of RBI was scrapped off, the following were the minimum benchmarks of security set up by the
RBI: Highly encoded 128 Bit Security Socket Layer based digital signatures for authentication
purposes. Every bank should have Security Officer solely dealing with information technology
and shall work towards the execution of the rules made under the IT Act, among other things, the
Board of Directors shall approve the security policy that is adopted by the bank.

At that time login id, password, biometric verification were new notions, hence the banks were
asked to adapt to such new concepts wherein the bank must make sure that Internet and Digital
Banking System respects the security and privacy by maintaining a line of proxy server-based
firewall. All the security structures were to be tested before any kind of Internet Banking facility
was available, whereas the upgradation, bug removal and other security software were deemed
necessary to be installed.

Any security fissure which might open during the E-banking must be reported and taken care of
at the earliest possible opportunity and future policies should be framed while keeping in mind
security fissures that are incurred from time to time. Meanwhile, the burden lies upon the bank to
keep both encoded and decoded records of all the transactions and messages received during e-
transactions.

2
Legal Issues:
Considering the legal position prevalent, there is an obligation on the part of banks not only to
establish the identity but also to make enquiries about integrity and reputation of the prospective
customer. Therefore, even though request for opening account can be accepted over Internet,
accounts should be opened only after proper introduction and physical verification of the identity
of the customer. 1

From a legal perspective, security procedure adopted by banks for authenticating users needs to
be recognized by law as a substitute for signature. In India, the Information Technology Act,
2000, in Section 3(2) provides for a particular technology (viz., the asymmetric crypto system
and hash function) as a means of authenticating electronic record. Any other method used by
banks for authentication should be recognized as a source of legal risk.

Under the present regime there is an obligation on banks to maintain secrecy and confidentiality
of customers’ accounts. In the Internet banking scenario, the risk of banks not meeting the above
obligation is high on account of several factors. Despite all reasonable precautions, banks may be
exposed to enhanced risk of liability to customers on account of breach of secrecy, denial of
service etc., because of hacking/ other technological failures. The banks should, therefore,
institute adequate risk control measures to manage such risks.

In Internet banking scenario there is very little scope for the banks to act on stop-payment
instructions from the customers. Hence, banks should clearly notify to the customers the
timeframe and the circumstances in which any stop-payment instructions could be accepted.

The Consumer Protection Act, 1986 defines the rights of consumers in India and is applicable to
banking services as well. Currently, the rights and liabilities of customers availing of Internet
banking services are being determined by bilateral agreements between the banks and customers.
Considering the banking practice and rights enjoyed by customers in traditional banking, banks’
liability to the customers on account of unauthorized transfer through hacking, denial of service
on account of technological failure etc. needs to be assessed and banks providing Internet
banking should insure themselves against such risks.

1
https://www.legalindia.com/e-banking-system-in-the-banking-sector/

3
Information Technology Act, 2000 (“IT Act”):
E-banking is mainly regulated by the Banking Regulation Act, 1949 and the Reserve Bank of India
Act, 1934 but all sorts of cybercrimes and electronic payment related systems are regulated by the
IT Act and the important features of the IT Act which should be noted are:

The legislative intent behind the IT Act is to enable e-commerce and governance wherein all
electronic documents and digital signatures are recognized under IT Act which should be retained
and analyzed properly by the bank because all contracts and electronic transactions are lawful and
enforceable under this Act. 2

No e-banking transaction can survive if it is not in conformity with the provisions of the IT Act
because the protection of privacy and crypto function-based authentication of E-transactions can
only take place under the umbrella of this Act as theft of data via unethical means of hacking,
creation and spreading of the virus is punishable under this Act. In fairness, the Act also grants
immunity to prevent harassment to Internet Service Providers and intermediaries over the illegal
activities committed on their networks.

With the immunity granted, a duty is cast on the Bank (intermediary) to keep a record and conserve
the same as directed by the Central Government from time to time, meanwhile the violation of
security or privacy of E-transactions during sign-in, password typing, and other confidential
information is protected under the aegis of this Act, wherein any violation thereof has been made
punishable.

2
https://indiankanoon.org/doc/123351751/#:~:text=%2DWhere%20in%20a%20contract%20 formation,
on%20the%20ground%20that%20such

4
Overlap and disconnect between Indian Penal Code (“IPC”) and IT Act:
Section 378 IPC read with Section 424 IPC; prohibits and punishes people who steal or assist in
the theft of data either by hacking, creation of infection vectors, or spreading viruses whereas
Section 66-B of the IT Act overlapping with Section 411 IPC prohibits and punishes people for
receiving stolen data and information from any sort of technological computer-based device.
Even forgery or producing falsified electronic documents can be punished under Section 468 IPC
but no such punishment has been prescribed under the IT Act.

Any person who cheats another person by using a computer medium commits an offence of
cheating-by-personation which is punishable under Section 66-C of the IT Act which is
overlapping with Section 411 IPC, i.e., dishonestly receiving stolen property, whereas Section
425 IPC which punishes mischief has not been made punishable under the IT Act hence causing
mischief by spreading the virus and refusing access to personal data of individuals can be
punished with 3 months imprisonment, fine or both under Section 425 IPC. 3

Legal remedies and some solutions to the problems in the existing legal
structure:
There are various issues in e-banking which the existing legal structure has failed to address,
hence the following are some of the remedies and solutions to the existing cyber problems faced
during e-banking: 4

Jurisdiction and enforceability- Since the internet is a borderless world and cybercrimes threaten
the sanctity of e-banking, herein cyber-attacks can take place from any computer either located
in India or abroad hence Section 75 of the IT Act gives universal jurisdiction whenever any sort
of cyberattack takes place on any computer located within the territory of India. Such crimes are
investigated and prosecuted by cyber cells which are located across various districts in India. If a

3
https://www.rbi.org.in/scripts/BS_CircularIndexDisplay.aspx?Id=2379
4
https://www.meity.gov.in/content/notification-it-act-2000

5
cyberattack is foreign state sponsored, then compensation by means of attachment of property
existing in India of that foreign state can be claimed by the Republic of India.

Seeking Compensation, Penalty, and prosecution by Cyber Cells- Under Section 43A and 72 of
the IT Act any theft, breach of confidential data, cheating or offences of the same nature are
liable to be penalized and the victim shall be compensated in case any fraud takes place during
E-Banking transactions. It is also pertinent to note that the Banker’s Book Evidence Act
mandates that bank records in digital format can also be appreciated by the Court as it can be
treated as documentary evidence under Sections 65A and 65B of the Indian Evidence Act, 1872.

Approaching the Consumer Forum- Disputes regarding the privacy of consumer accounts, rights,
deficiency in E-banking services, liabilities of banks towards its customers, and the rights of
consumers can be enforced by the Consumer Forum having the relevant pecuniary jurisdiction
under the Consumer Protection Act, 2019. 5

Approaching Special Court for Money Laundering cases- Under Section 11 of the Prevention of
Money Laundering Act, 2002, any money laundering taking place through E-Banking can be
prosecuted and prevented under the aegis of this Act and Section 11 also casts a burden upon the
Bank to maintain a record of each transaction occurring through its electronic payment gateway.

5
https://searchcio.techtarget.com/definition/information-superhighway-infobahn

6
Conclusion:
E-banking offers a higher level of convenience for managing one’s finances. However, it continues
to present challenges to financial security and personal privacy. Many people have had their
account details compromised, as a result of online banking. Thus, if one is going to use it for
financial transactions, he should be aware of the risks involved. Awareness of the risks and
problems enables him to take precautions for a more secure online banking experience. The e-
Banking system is not only popular nationally, but also internationally, where a person can transfer
money through any part of the world. The e-banking system is useful for bankers as well as
customers of banks.

7
References:
 https://www.legalindia.com/e-banking-system-in-the-banking-sector/
 https://www.rbi.org.in/scripts/NotificationUser.aspx?Id=414&Mode=0
 https://www.rbi.org.in/scripts/BS_CircularIndexDisplay.aspx?Id=2379
 https://indiankanoon.org/doc/123351751/#:~:text=%2DWhere%20in%20a%20contract%
20 formation, on%20the%20ground%20that%20such
 https://searchcio.techtarget.com/definition/information-superhighway-infobahn
 https://www.meity.gov.in/content/notification-it-act-2000