Showing posts with label RBI. Show all posts
Showing posts with label RBI. Show all posts

Sunday, March 6, 2011

E-Discovery In India And Its Uses

By
Baljeet Singh

Electronic discovery has many purposes to achieve. It can be used as an effective measure to prevent frauds from being committed by timely detection of suspicious activities. It can also be used for detection of these frauds and crimes after their commission. Thus, e-discovery is both preventive and curative in nature.

E-discovery must be regulated by a legal framework to give it legitimacy. E-discovery law in India has still to be enacted. Although India has the cyber law of India incorporated in the form of information technology act 2000 (IT Act 2000) yet it is far from being sufficient for cyber forensics and e-discovery purposes. Suitable legislation in this regard is urgently needed in India.

E-discovery is also relevant for law enforcement, lawyers and judiciary. Legal and judicial fraternity of India needs a temperament for scientific knowledge. This includes knowledge about cyber law, cyber forensics, digital evidencing and e-discovery.

E-discovery requirements for banks in India have also significantly increased due to the recent guidelines by Reserve Bank of India that requires banks in India to exercise cyber due diligence and adopt sound cyber security practices.

E-discovery can also supplement due diligence, incidence response and periodic inspection of computers and other technology related systems. This helps in timely detection of frauds and other crimes.

We have a single techno legal e-courts training and consultancy centre of India. It is managed by Perry4Law Techno Legal Base (PTLB). It provides techno legal research, training and education in the fields like digital evidencing in India, e-discovery in India, e-courts training in India, judges training, etc.

Friday, March 4, 2011

Chief Information Officers (CIOs) Made Mandatory For All Banks In India

Reserve Bank of India (RBI) executive director G Gopalakrishna recently said that all banks would have to create a position of chief information officers (CIOs) as well as steering committees on information security at the board level at the earliest. G Gopalakrishna further said the banks will have to implement the facility of "second factor verification" at merchant establishments and ATMs shortly.

The requirements are arising out of the two recently released documents by RBI. The first document is a report of its working group on information security, electronic banking, technology risk management, and cyber frauds. In this report, the RBI mandated cyber due diligence for banks in India.

The second document is known as information technology vision document for 2011-17 (IT Vision 2011-17). The vision document envisages that all banks in India now would have to create a position of CIOs as well as steering committees on information security. These requirements must be fulfilled at the highest level of board of directors. The vision document also requires that while following the above, legal aspects relating to the provisions of the Acts such as Payments and Settlement Act, 2007 and IT Act, 2000 may be strictly adhered to.

This requirement of CIO/CTO is arising because many small banks do not have a designated CTO and also do not have a clear framework on information sharing. RBI is interested in gradual shift to an online system where it can access all the information from the main server of the bank once the RBI's IT Vision is implemented. Those banks having no CIO/CTOs and a steering committee are now required to have these requirements fulfilled as soon as possible.

The objectives of vision document are to ensure the use of information technology beyond core banking and into newer areas like management of information systems (MIS) and better regulatory reporting.

The vision document has been prepared by a high-level committee chaired by deputy governor K.C. Chakrabarty. The vision document also recognises the growing operational risks arising out of adopting technology in the banking sector like use of Internet banking, which could affect financial stability.

If the vision document is fully implemented, it will ensure that the RBI gets access to the servers of all banks, including foreign banks so that it has access to all the banking transactions. Further, the vision document also emphasises on the need for internal controls, risk mitigation systems, fraud detection/prevention and business continuity plans. These are good banking reforms and they must be implemented by banks in India as soon as possible.