Latest News

Maharashtra IT Department Orders Axis Bank to Reimburse ₹1.76 Crore for Security Failures


➡️ Click here to join our Whatsapp Group

The Maharashtra Department of Information Technology (IT) has directed Axis Bank to reimburse ₹1.76 crore, along with 18% interest, to Dhule Vikas Sahakari Bank Ltd. The order comes after Axis Bank was found guilty of failing to implement adequate security measures, which led to fraudulent online transactions.

The department also imposed ₹3 lakh in legal charges and ordered Axis Bank to pay an additional ₹50 lakh as compensation for the mental stress, pain, and harassment caused to Dhule Vikas Sahakari Bank.

Case Background

The issue dates back to June 2020, when Dhule Vikas Sahakari Bank discovered unauthorised transactions involving its account with Axis Bank. The transactions bypassed mandatory security protocols, including the one-time passwords (OTPs) required for validation. Bank employees noted that neither the “maker” nor the “checker” of the transactions received the OTPs.

The complainant argued that Axis Bank’s Pay-Pro system, designed for secure login and transaction verification, had been bypassed.

Axis Bank’s Defense

In response, Axis Bank claimed that remote access software, “Any Desk,” had been used to gain unauthorized entry into Dhule Vikas Sahakari Bank’s systems. The bank also argued that OTPs were not required for certain transactions and filed an FIR, alleging its systems had been hacked.

IT Department’s Findings

After reviewing the case, the Maharashtra IT Department ruled that Axis Bank was negligent in ensuring the security of its systems. The department highlighted that the bank’s failure to comply with Section 43A of the Information Technology Act, 2000, led to the breach of sensitive personal data.

Principal Secretary Parrag Jaiin Nainutia stated, “Axis Bank’s inability to implement necessary security measures resulted in the compromise of the complainant’s confidential information and fraudulent transactions. The lack of robust fraud detection systems and real-time monitoring further demonstrated the bank’s failure to adhere to data protection standards under the IT Act and RBI guidelines.”

Conclusion

The department held Axis Bank responsible for the unauthorised transactions and ordered it to compensate Dhule Vikas Sahakari Bank for its losses. This case underscores the importance of stringent security measures in the banking sector to protect sensitive data and prevent fraud.

Leave a Reply

Your email address will not be published. Required fields are marked *