The RBI letter states that Bajaj Finance has not proactively identified gaps and vulnerabilities and also flags significant risk to customers, sources said, adding that the letter also cites the earlier letter dated January 31 this year and Bajaj Finance’s response dated February 22.
Sources added further that the RBI communication points to a reactive approach and a failure to maintain adequate internal controls. The letter also contests Bajaj Finance’s claim that its role was limited to customer solicitation.
The RBI has also argued that Bajaj Finance cannot absolve itself of its responsibility to its partner banks and customers and that it has an internal role in co-branding arrangements and access to sensitive customer data.
The RBI letter further directs:
- Bajaj Finance must monitor & ensure adherence to timelines
- Must seek independent validation through external audit, with prior RBI approval
- Audit must cover data security measures & IT / IS / Cyber Security controls
- Must obtain explicit approvals from Department of Supervision, RBI if it intends to re-engage in co branding arrangements
At the end of the December quarter, Bajaj Finance had mentioned that it will cease incremental sourcing of co-branded credit cards with RBL Bank and DBS Bank but existing card holders will continue to receive services from respective banks as usual.
Bajaj Finance is yet to respond to CNBC-TV18’s query.
Shares of Bajaj Finance are currently trading 1.1% lower at ₹8,574. The stock recently made a new peak of ₹9,260.
(Edited by : Hormaz Fatakia)
