A bank must protect the confidentiality of its customers’ personal and banking-related information. This duty of secrecy, or confidentiality, extends to any information obtained from a customer’s account or banking relations.
It is the most important duty of a bank that it must ensure all banking records of the customers are protected and are not available to any other party or organisation without the customer’s consent. The obligation of the banker to keep the secrecy of his customer’s accounts continues even after the account is closed.
Section 13 of the Banking Companies (Acquisition and Transfer of Undertakings) Act, 1970, especially requires them to “observe, except as otherwise required by law, the practices and usages customary amongst bankers and in particular not to divulge any information relating to the affairs of the constituents except in circumstances in which they are, in accordance with law or practices and usages or appropriate for them to divulge such information.”
As per RBI guidelines, in the case where the customer gives his consent for the bank to share the information with other agencies, banks should explicitly state and explain clearly to the customer the full meaning/ implications of the disclosure clause. The information being sought from customers should not be of such nature as will violate the provisions of the laws relating to secrecy in the transactions. Banks/NBFCs would be solely responsible for the correctness or otherwise of the data provided for the purpose.
The disclosure to the DSAs/recovery agents should also be limited to the extent that will enable them to discharge their duties. Personal information provided by the cardholder but not required for recovery purposes should not be released by the card issuing bank/NBFC. The card issuing bank/NBFCs should ensure that the DSAs/DMAs do not transfer or misuse any customer information during the marketing of credit card products.
For providing information relating to the credit history/repayment record of the cardholder to a Credit Information Company (that has obtained a Certificate of Registration from RBI), the bank/NBFC may explicitly bring to the notice of the customer that such information is being provided in terms of the Credit Information Companies (Regulation) Act, 2005.
Before reporting the default status of a credit card holder to a Credit Information Company that has obtained a Certificate of Registration from RBI and of which the bank/NBFC is a member, banks/NBFCs should ensure that they adhere to a procedure, duly approved by their Board, including issuing of sufficient notice to such cardholder about the intention to report him/ her as defaulter to the Credit Information Company. The procedure should also cover the notice period for such reporting as the period within which such report will be withdrawn in the event the customer settles his dues after having been reported as a defaulter. Banks/NBFCs should be particularly careful in the case of cards where there are pending disputes. The disclosure/release of information, particularly about the default, should be made only after the dispute is settled as far as possible. In all cases, a well-laid-down procedure should be transparently followed. These procedures should also be transparently made known as part of the Most Important Terms and Conditions (MITCs).
Banks also have obligations under the Privacy Act 2020, which governs how they collect and store customer information, how customers can access and correct their information, and how personal information can be disclosed. However, the duty is not absolute, and there are some circumstances when a bank may disclose privileged information, including:
A banker is under statutory obligation to disclose the information relating to his customer’s account when the law specially requires him to do so on the following occasions,
However, the practices and usages customary amongst bankers permit the disclosure of certain information under the following circumstances:
Banker’s Reference: Bankers having established customs and practice of making enquires with another banker about the customers, their sureties or the acceptors of the bills, etc. Such information confidentially passed on between two bankers is justified on the ground that an implied consent of the customer is presumed to exist. The basis of his opinion should be the record of the customer’s dealings with a banker.
However, while communicating banker should give a general statement of the customer’s account or his financial position without disclosing the actual figures. In expressing his general opinion, he should be very cautious he should neither speak too low about the customer nor too high. In the former case, he injures the reputation of the customer; in the latter, he might mislead the enquirer. In case an unsatisfactory opinion is to be given, the banker should give his opinion in general terms so that it does not amount to a derogatory remark. It should give caution to the enquirer who should derive his own conclusions by inference and make further enquiries, if he feels the necessity.
The banker may disclose the state of his customer’s account to legally protect his own interest. For example, if the banker has to recover the dues from the customer or the guarantor, disclosure of necessary facts to the guarantor or the solicitor becomes necessary and is quite justified.
Related Posts:
CRA 2010 is an Act to consolidate the law to regulate the acceptance and utilisation…
Monitoring of Transactions under KYC norms is a process that involves tracking customer transactions to…
Banks use wire transfers as an expeditious method for transferring funds between banks. The Reserve…
Derivatives are financial instruments whose value is derived from the underlying assets, such as commodities,…
The Reserve Bank of India (RBI) revised guidelines for credit default swaps (CDS which is…
The Issuer of Initial Public Offering (IPO) should be a company incorporated under the Companies…