RBI tells urban co-op banks to adopt more robust cyber security infra

Apex bank aims to bring the largest UCBs at par with other banks that run a full gamut of protection against online threats

The Reserve Bank of India (RBI) on Thursday proposed to bring cyber security rules based on the size and complexity of urban cooperative banks (UCB) with an aim to bring the largest of them at par with other banks that run a full gamut of protections against online threats. 

“The approach will ensure that the UCBs with high IT penetration and offering all payment services are brought at par with other banks having mature cyber security infrastructure and practices," the central bank said in its technology vision document for 2020-23.  

The UCBs with higher digital depth will now have to appoint Chief Information Security Officer (CISO), and set up various committees such as IT Strategy Committee, IT Steering Committee, etc. There has to be a board approved IT governance framework, and considering the implementation to be a costly process, "the responsibility for implementation, monitoring, compliance and response would have to be assigned from the Board level and percolate down till the end user," the RBI said. 

The central bank’s vision for the UCBS till 2023 is based on five pillars --GUARD, viz, - Governance Oversight, Utile Technology Investment, Appropriate Regulation and Supervision, Robust Collaboration and Developing necessary IT, cyber security skills set.  

The 12 specific action points that the vision document outlined include involving more board oversight over cyber security, enable UCBs to better manage and secure their IT assets, implement an offsite supervisory mechanism framework for UCBs on cyber security related controls, develop a forum for UCBs so that they can share best practices and discuss practical issues and challenges; and implement framework for providing awareness and training for all UCBs.