The Parliamentary Standing Committee on Finance, chaired by Bhartruhari Mahtab, has raised serious concerns about the cyber security challenges faced by cooperative banks, NBFCs, merchants, vendors, and other smaller participants in India’s digital financial ecosystem.
The Committee pointed out that cooperative banks report a higher number of cyber security incidents compared to commercial banks, primarily due to weaker cyber resilience and slower implementation of security measures.
The Committee highlighted a significant disparity in cyber security audits, noting that while all scheduled commercial banks have completed their audits, only 10.92% of cooperative banks (206 out of 1,886) have undertaken such audits.
This shortfall underscores the urgent need to strengthen cyber defenses in the cooperative banking sector.
Emphasizing that cyber security concerns demand immediate attention, the Committee called for a multi-faceted approach involving robust infrastructure investments, employee and customer training, and regular audits to enhance resilience in cooperative banks.
To address these vulnerabilities, the Reserve Bank of India (RBI) and NABARD have initiated several measures aimed at improving cyber resilience in the sector. The Graded Cyber Security Framework, introduced in December 2019, mandates cooperative banks to adopt baseline cyber security controls, including anti-malware protection for endpoints, servers, and network devices.
Similarly, the Technology Vision Document 2020 introduced a strategic approach, GUARD, to strengthen the cyber security posture of Urban Cooperative Banks (UCBs).
In addition, the RBI launched Mission AVTU (Awareness Vriddhi and Training for UCBs) in August 2021, in collaboration with the College of Agricultural Banking (CAB), Pune, to provide comprehensive cyber security training programs for UCBs.
The proposed Umbrella Organization (UO) for UCBs, along with the National Urban Co-operative Finance and Development Corporation Limited, is also expected to bolster cyber security by offering shared IT infrastructure, consultancy services, and capacity-building support.
The RBI is further exploring the feasibility of setting up shared cloud services for the banking sector with robust security controls, which could significantly benefit UCBs.
The Committee’s observations and recommendations underscore the urgent need for collective efforts to safeguard cooperative banks against evolving cyber threats.