Bank of Baroda (BoB), the second-largest government-owned lender, has acknowledged the unauthorized linking of mobile numbers to bank accounts of customers in order to show higher registrations on its mobile banking application.
On October 10, the Reserve Bank of India (RBI) asked BoB to suspend any further on-boarding of customers onto the ‘bob World’ mobile application with immediate effect. The RBI said that the action was taken “based on certain material supervisory concerns observed in the manner of on-boarding of their customers onto this mobile application.”
The RBI did not elaborate on the reasons any further but said that any further on-boarding of customers of the bank on the ‘bob World’ application would be subject to “rectification of the deficiencies observed and strengthening of the related processes by the bank to the satisfaction of RBI.”
In early July, Al Jazeera published a report alleging that BoB tampered with accounts and linked mobile numbers of strangers to boost app registrations. The report stated that emails show that in the Bhopal zone alone, for instance, “close to 1,300 mobile numbers were tied to anywhere from 30 to 100 bank accounts, putting nearly 62,000 bank accounts at risk.”
In an emailed response to CNBC-TV18’s query on the matter, a spokesperson for BoB denied these allegations. However, CNBC-TV18 has now learnt that when the RBI questioned the bank about these reports of tampering with bank accounts, BoB did acknowledge the deficit.
BoB has also started an internal audit of the matter to verify if indeed all three crore accounts on its mobile application, bob World, were indeed seeded to a unique number or not. The internal audit is yet to be completed.
Another report by Al Jazeera has alleged that the bank’s internal audit has shown that Rs 22 lakh were stolen from bank accounts of 362 customers by agents, banking correspondents using mobile banking. This after the bank’s employees had linked unauthorised mobile numbers to customer accounts that were missing a registered mobile number to onboard them on the bank’s new mobile banking app, bob World.
BoB has notified the exchanges on the matter and said that it has already carried out corrective measures to address the concerns of the RBI and that it has initiated further steps to plug any remaining gaps identified. The bank has also reassured its customers that its mobile banking application is fully secure with robust security controls and features.
The RBI action against BoB is a reminder to all banks of the importance of customer data protection and the need to have robust systems and processes in place to prevent unauthorized access to customer accounts.
