The Reserve Bank of India (RBI) on Tuesday directed state-owned Bank of Baroda (BoB) to suspend any further onboarding of customers onto the bank’s flagship mobile application — ‘BoB World’. The decision is based on certain material supervisory concerns in the manner of onboarding of customers on the application.
“Any further onboarding of customers of the bank on the mobile application will be subject to rectification of the deficiencies observed and strengthening of the related processes by the bank to the satisfaction of RBI. The bank has been further directed to ensure that already onboarded Bob World’s customers do not face any disruption on account of this suspension,” RBI said in a statement.
Following RBI’s action, BoB released a statement saying it has already carried out corrective measures to address the concerns and initiated further steps to plug any remaining gaps identified.
“Further, this order does not impact any of the bank’s other digital banking channels such as net banking, WhatsApp banking, debit cards, ATMs, etc. for servicing its existing customers as well as for onboarding of new customers,” the bank said, adding that it does not expect this action to have a material impact on overall business and growth plans.
According to Bank of Baroda’s Q1FY24 investor presentation, 43% of the bank’s new fixed deposit accounts and recurring deposit are opened through the BoB World application whereas 61% of new credit cards, 89% of personal loans and 68% of housing loans were sourced digitally as of June end.
The lender’s total deposit base stood at Rs 11.99 trillion as of June-end, whereas overall advances were at Rs 9.90 trillion during the same period. On a daily basis, there are over 8.1 million transactions that happen on the BoB World application, it said.
Speaking to FE, a top Bank of Baroda official said the action could have been taken on account of know-your-customer (KYC) onboarding deficiencies at some of the bank’s branches.
The RBI’s move also follows a media report by Al Jazeera in July, which said that senior branch officers, under pressure from top management, made a list of bank accounts which were not linked to mobile numbers and then proceeded to link these accounts to any mobile numbers they could gather.
These numbers, which belonged to bank staffers, sanitation and security workers, were used to generate a one-time password (OTP) needed to join the mobile application, and artificially sign up these accounts from the back end. The employees would then deregister these customers from the app and reuse the same mobile number in the same manner with other bank accounts, the report said.
BoB had then denied the allegations in a statement saying that a fully system-authenticated and customer consent based process is being followed for undertaking any mobile banking app registration. The bank has said that its user base of 30 million was linked to a unique mobile number seeded with the bank account.
“The system does not allow multiple mobile app users on a single mobile number. Hence, the point raised on using unauthenticated or non-customer mobile numbers for boosting app registrations is not factually correct as one mobile number can be counted with only one mobile app at any point in time,” the statement said.