The Reserve Bank of India (RBI) has imposed a monetary penalty on the Central Bank of India for non-compliance with critical regulatory directives identified during the Statutory Inspection for Supervisory Evaluation (ISE 2025). The infractions primarily concern systemic failures in adhering to ‘Know Your Customer (KYC)’ guidelines and ‘Financial Inclusion’ mandates regarding Basic Savings Bank Deposit Accounts (BSBDA).
1. Key Details of the Penalty
- Bank Penalized: Central Bank of India
- Penalty Amount: ₹63.60 Lakh (Rupees Sixty-Three Lakh Sixty Thousand)
- Order Date: March 23, 2026
- Evaluation Period: Financial position as of March 31, 2025 (ISE 2025)
- Legal Provision: Section 47A(1)(c) read with sections 46(4)(i) and 51(1) of the Banking Regulation Act, 1949.
- Primary Violations:
- Failure to upload KYC records of specific customers to the Central KYC Records Registry (CKYCR) within the stipulated timeline.
- Opening multiple BSBDA (Basic Savings Bank Deposit Accounts) for customers who already held existing BSBD accounts with the bank.
2. Root Cause Analysis (RCA)
Based on the nature of the identified non-compliances, the structural root causes can be traced back to IT system configurations and operational oversight:
- CKYC Upload Delay: The bank likely faced integration bottlenecks or failures in automated End-of-Day (EOD) batch processing between the Core Banking System (CBS) and the CKYCR portal. A reliance on manual extraction and uploading processes may have led to SLA breaches.
- Multiple BSBD Accounts: A critical deficiency in the Core Banking System’s (CBS) validation logic. The system lacked a “hard stop” or deduplication check at the Customer Information File (CIF) level to identify if a customer ID, PAN, or Aadhaar was already mapped to an active BSBDA scheme code before allowing the creation of a new one.
3. Preventive Controls & Remediation
To mitigate the recurrence of such regulatory breaches, the following controls must be operationalized:
Systemic IT Controls
- CBS Parameterization: Implement mandatory system-level validation (hard blocks) restricting the opening of more than one account under the BSBDA product code per unique customer identifier (CIF/Aadhaar/PAN).
- API Integration: Transition from manual/batch CKYC uploads to real-time or automated API-driven synchronisation with the Central KYC Records Registry.
Process & Monitoring Controls
- Automated Alerting: Deploy dashboard alerts for branch managers and central compliance teams highlighting customer records nearing their CKYC upload deadlines (e.g., T+2 days alerts).
- Concurrent Audits: Update the concurrent audit checklist to run automated scripts daily to detect and flag duplicate BSBDA accounts or pending CKYC records for immediate remediation.
4. Lessons Learnt
- Technology over Manual Oversight: Regulatory compliance at scale cannot rely on manual checks at the branch level. IT system architecture must inherently enforce regulatory rules (RegTech).
- Financial Inclusion Integrity: Products designed for financial inclusion (like BSBDA) have strict regulatory parameters to prevent misuse. Banks must treat the business rules of these products with the same rigor as high-risk AML parameters.
- Continuous Supervisory Readiness: Regulatory inspections (like ISE) leverage data analytics. Banks must proactively run the same data exception tests internally that the RBI inspection teams are likely to run.