In October 2024, Meity declared IOB, RBL Ltd, IndusInd Bank ltd, Federal Bank and Bank of Maharashtra as “Protected Systems under ITA 2000”
Notifications:
The implications are two fold.
Any attempt to access such computers other than the permitted persons noted below will be considered as an offence that can carry imprisonment of 10 years.
Who can access
(a) any designated employee of the Bank authorised in writing by the Bank to access the protected system;
(b) any team member of contractual managed service provider or third-party vendor who have been authorised in writing by the Bank for need-based access; and
(c) any consultant, regulator, Government official, auditor and stakeholder authorised in writing by the Bank on case-to-case basis.
Any other person accessing the system will be liable for imprisonment of 10 years.
Further under Section 70(4) The Central Government shall prescribe the information security practices and procedures for such protected system. (Inserted vide ITAA 2008).
Additionally the Information Security rules under the notification of 22nd May 2018 should apply to such systems (Refer here). Kindly check details here
Hope each of the Banks comply with the directions contained in the May 22 security guidelines.
Naavi
P.S: For records we note that
- CAMS was also notified on 2nd February 2024 . It is known more as a Registrar handling securities.
- KFin Technologies Private Limited was also notified on 1st February 2024.
- NIA was notified on 26th February 2024
