0

SEBI’s Direction Under Section 11B(1) of the 1992 Act Cannot Prevent Bank From Auctioning Defaulter’s Property In Line With Bank’s Rights Under SARFAESI: Delhi High Court

blog, Blog , , , , , ,

Title:  ICICI Bank v. Deputy General Manager and Ors.

Decided on:  21st July, 2023

+  W.P.(C) 3796/2022

CORAM: HON’BLE MR. JUSTICE PURUSHAINDRA KUMAR KAURAV

The Delhi High Court has clarified the scope of SEBI’s powers under Section 11B of the SEBI Act, 1992, stating that SEBI can issue directions to any person or class of persons, including banks, under this section, irrespective of whether they are registered with SEBI under Section 12. However, the court emphasized that SEBI’s powers should be exercised in a manner that does not conflict with or curtail the effect of other laws. The court ruled that SEBI’s direction under Section 11B(1) cannot restrain a bank from auctioning a defaulter’s property according to the bank’s rights under the SARFAESI Act, 2002.

Facts

The case revolved around the petitioner bank and the third and fourth respondents who had borrowed a home loan from the bank and mortgaged a property. The Securities and Exchange Board of India (SEBI) initiated an investigation against a company in which the third and fourth respondents were directors. SEBI ordered that the respondents not dispose of or alienate any assets without prior permission. Meanwhile, the bank noted the respondents’ default in loan repayment, classified their account as a Non-Performing Asset, and issued a demand notice under the SARFAESI Act, 2002. The bank also sought to auction the mortgaged property.

Senior Advocate Sanjiv Sen represented the petitioner, while Senior Advocate Arunabh Choudhury appeared for the respondent.

Analysis

The court analyzed the interplay between SEBI’s powers under the SEBI Act and the rights of banks under the SARFAESI Act. It noted that SEBI’s powers must be exercised carefully to avoid conflicting with other laws. The court pointed out that SEBI’s directions cannot change the material terms of the direction and should not be applicable to those to whom it is not intended.

The court emphasized that the SARFAESI Act prioritizes the debts of secured creditors over other dues. It highlighted the insertion of Section 26E in the SARFAESI Act to protect banks from interference by the state machinery in realizing their dues.

Held

The Delhi High Court held that the SEBI Act’s powers are legitimate and legal as long as they do not breach the mandate of other laws. In this case, the SARFAESI Act’s provisions took precedence over SEBI’s directions. The court concluded that the bank’s actions to realize its secured asset were not connected to the securities market and were governed by the SARFAESI Act. The SEBI Act’s directions were applicable to a broader set of assets and situations.

Thus, the court held that the bank’s rights under the SARFAESI Act should not be curtailed by SEBI’s directions, and the bank could proceed with the auction of the mortgaged property in accordance with the SARFAESI Act.

“PRIME LEGAL is a full-service law firm that has won a National Award and has more than 20 years of experience in an array of sectors and practice areas. Prime legal fall into a category of best law firm, best lawyer, best family lawyer, best divorce lawyer, best divorce law firm, best criminal lawyer, best criminal law firm, best consumer lawyer, best civil lawyer.”

Written by- Ankit Kaushik

Click here to view Judgement

0

The Gujarat High Court Division Bench found that a written complaint must be filed within 45 days, and in the absence of such a complaint, the seized property should be released without insisting on a bank guarantee.

Blog , ,

Case Title

MANSUKH ALIAS RAVJI GORASIYA V. THE STATE OF GUJARAT (C/LPA/717/2020)

CORAM: HONOURABLE THE CHIEF JUSTICE, MR. JUSTICE VIKRAM NATH and HONOURABLE MR. JUSTICE ASHUTOSH J. SHASTRI

Introduction

The case results from various appeals to the HC; noting the similarity of the same, the instances were clubbed, and a single judgement was passed.  The requests involve releasing vehicles seized under the Gujarat Mineral (Prevention of Illegal Mining, Transportation and Storage) Rules, 2017. The appeals challenge the condition imposed by the learned Single Judge of furnishing a continuing bank guarantee for releasing the vehicles.

Facts of the Case

In the first appeal, the vehicle owner sought the release of a Tata Hitachi Machine seized on 16.10.2019. The petitioner argued that the vehicle was used for road levelling, not illegal mining. Despite a reply stating this, the vehicle was not released, leading to the filing of a petition for the quashing of the notice and release of the vehicle.

In the second appeal, a dumper bearing No.GJ-12-V-6037 was seized on 18.5.2020 for carrying minor minerals without a royalty pass. The petitioner claimed that the vehicle was illegally detained and offered to pay the penalty and provide a bank guarantee. However, when no response was received, a petition was filed for the release of the vehicle.

In both cases, the learned Single Judge granted interim orders allowing the release of the vehicles upon furnishing a continuing bank guarantee and fulfilling other requirements. The appellants argued that the condition of a bank guarantee conflicted with a previous judgment stating that if no prosecution is launched within 45 days of seizure, the vehicle must be released unconditionally.

Judgement

During the appeal, the appellants’ counsels argued that the learned Single Judge should have followed the earlier judgment and that the Authorized Officer must file a complaint within 45 days, failing which the vehicle should be released unconditionally. They contended that any other interpretation would give the Authorized Officer excessive power and violate the constitutional right to equality.

The Advocate General representing the state respondents defended the orders of the learned Single Judge and referred to provisions in the 1957 Act and the 2017 Rules. However, they could not provide any provision specifying a time limit for filing a complaint.

Upon considering the submissions, the Division Bench found that the previous judgment clearly stated that a written complaint must be filed within 45 days. In the absence of such a complaint, the seized property should be released without insisting on a bank guarantee.Top of Form

“PRIME LEGAL is a full-service law firm that has won a National Award and has over 20 years of experience in various sectors and practice areas. Prime legal falls into the category of best law firm, best lawyer, best family lawyer, best divorce lawyer, best divorce law firm, best criminal lawyer, best criminal law firm, best consumer lawyer, best civil lawyer.”

Written by- Aadit Shah

Click to view Judgement

0

SIGNIFICANCE OF CYBERSECURITY IN INDIAN BANKING SYSTEM

Articles ,

INTRODUCTION 

Cybersecurity is a vital component of the Indian banking system for protecting the integrity and security of client information and financial activities. As India’s banking industry grows and evolves, the importance of cybersecurity cannot be emphasised. In this article, we will look at the importance of cybersecurity in the Indian banking system, as well as the current condition of cybersecurity in Indian banks and the actions being done to boost cybersecurity in the banking industry. 

Banks and financial organisations are increasingly concerned about cybersecurity. With the increasing amount of online transactions and cyber-attacks, it is critical for banks to secure their data and protect themselves from cyber security threats. 

Banks use numerous tactics to defend their systems from hackers, such as firewalls and antivirus software, but they must go above and beyond to establish effective cybersecurity measures that can help them reduce the impact of a breach on their business operations. In this article, I will focus on the importance of cybersecurity in the Indian banking system, as well as the current condition of cybersecurity in Indian banks and the actions being done to boost cybersecurity in the banking industry.

What is Cyber Security in Banking? 

The methods and tactics used to safeguard banks and financial institutions from cyber threats and attacks such as hacking, phishing, malware, and other types of cybercrime are referred to as banking cybersecurity. Cyber attacks pose a substantial danger in the banking sector since banks are a prime target for cybercriminals due to the valuable information and financial assets they possess. Banking cybersecurity solutions include network and system security, user authentication and access control, data encryption, and frequent security evaluations and testing. The use of information technology to protect a digital network, system, and devices from attacks by hackers, unauthorised users, viruses, and other hazards is known as cybersecurity. Cyber security alerts ensure that only persons with authority can view the data they’re permitted to see.

Cyber security in banking is critical in today’s linked world, as mobile devices and web apps are utilised for everything from shopping to banking. Banks must ensure that cyberattacks do not compromise their consumers while they are online or using mobile devices. Customers are more likely to trust a bank to protect their personal information and financial assets if it is more secure. Your digital infrastructure’s security has never been more vital than now. 

Why is Cybersecurity Important in the Indian Banking System? 

The Indian banking system is critical to the country’s economic progress, and its stability and security are critical. As banks progress towards digitalization and online transactions, the potential of cyberattacks and data breaches has increased considerably. Cybercriminals steal client information using a variety of methods, including phishing, malware assaults, and social engineering. By deploying various security measures such as firewalls, encryption, multi-factor authentication, and access controls, cybersecurity helps to safeguard banks and their clients from these dangers. 

Cyber security is a crucial concern for financial institutions, and the number of cyber attacks on banks is increasing. The term “virtual reality” refers to the phenomenon of virtual reality. A bank’s customer base would dwindle if it fails to protect its customers’ money and information against cyber-attacks.

The danger landscape for financial institutions is constantly changing, with new threats developing on a regular basis to take advantage of the increasing interconnection of people and devices across networks. Human mistake is responsible for about 95% of cybersecurity breaches. While the majority of firms have begun to implement basic security measures, many remain vulnerable to sophisticated assaults because they do not prioritise security or understand what has to be done to protect themselves from these threats. 

Cybersecurity is also critical to retaining customer faith in the financial sector. Consumers want their financial information to be kept safe and secure, and any breach of this trust might have serious ramifications for both banks and customers. The Reserve Bank of India (RBI) has acknowledged the significance of cybersecurity and has developed rules and regulations to guarantee that banks are appropriately prepared to deal with cyberattacks.

 

The Current State of Cybersecurity in Indian Banks 

Despite the growing importance of cybersecurity, the Indian financial industry faces a number of issues. Many banks continue to use antiquated security methods, leaving them exposed to cyber attacks. Furthermore, a lack of employee understanding about the necessity of cybersecurity and the hazards of cyber attacks might leave institutions vulnerable to assault. One of the key difficulties in India is the scarcity of trained cybersecurity personnel. According to NASSCOM, demand for cybersecurity specialists in India is predicted to reach 1 million by 2020, but supply is only expected to be 0.2 million. This knowledge gap has resulted in a lack of experience among many Indian banks, rendering them more vulnerable to cyber attacks. 

Top Cyber Security Threats Faced by Banks 

Banks are a popular target for cybercriminals who will go to any length to steal money. The following are the biggest threats that banks face: 

  1. Phishing Attacks: This occurs when a user is duped into disclosing personal information or downloading hazardous software. Phishing scams can take various forms, including email communications that look to be from your bank and urge you to confirm your account information or text message links. Don’t get taken in by them. 
  2. Malware (malicious software): Malware is used by hackers to gain access to company networks or individual devices such as laptops and smartphones in order to steal data or cause damage. To be safe online and avoid this hazard, all staff should be trained to use security solutions such as firewalls, anti-virus software, and encryption technologies. 
  3. Cyber Attacks: when hackers gain access to a company’s computer systems in order to steal data or disrupt operations. To get access to critical cyber security information, they may use a virus, a worm, or other harmful software. They can utilise this information for fraud, such as identity theft, credit card scams, and money laundering, after they have gotten access.

Despite the growing importance of cybersecurity, the Indian banking system faces a number of issues. Many banks continue to use antiquated security methods, leaving them exposed to cyberattacks. 

Furthermore, a lack of employee understanding about the necessity of cybersecurity and the hazards of cyber attacks might leave institutions vulnerable to assault. One of the key difficulties in India is the scarcity of trained cybersecurity personnel. 

According to NASSCOM, demand for cybersecurity specialists in India is predicted to reach 1 million by 2020, but supply is only expected to be 0.2 million. This knowledge gap has resulted in a lack of experience among many Indian banks, rendering them more vulnerable to cyberattacks.

several high-profile cyber attacks on Indian banks in recent years 

  1. Cosmos Bank Cyber Attack: In August 2018, Cosmos Bank, one of India’s oldest cooperative banks, was the target of a cyber attack. A malware attack was utilised by hackers to steal over Rs 94 crore from the bank’s accounts. The attackers were successful in circumventing the bank’s security procedures and stealing client data. This attack emphasised the need for banks to develop tighter cybersecurity procedures, and in response, the RBI released instructions. 
  2. PNB Scam: In February 2018, the Punjab National Bank (PNB) was victimised by a huge scam in which fraudsters obtained loans of over Rs 13,000 crore using forged letters of undertaking. Due to a lack of sufficient checks and balances in the bank’s systems, the fraud went undiscovered for several years. This case underlined the importance of improved cybersecurity, internal controls, and risk management policies in banks.
  3. SBI data breach: It was revealed in January 2021 that the personal data of millions of State Bank of India (SBI) clients had been exposed owing to a security weakness in the bank’s mobile app. Anyone with access to sensitive consumer data such as bank account information, mobile phone numbers, and email addresses could exploit the weakness. This example demonstrated the need of conducting frequent security audits and vulnerability assessments in order to detect and address security issues in bank systems. 
  4. ICICI Bank Phishing Attack: In 2016, a phishing attack was attempted against ICICI Bank clients in order to acquire their login information. The attackers sent out bogus emails purporting to be from the bank, requesting that consumers update their login information. This instance demonstrated the need of educating clients about phishing attempts, as well as the need for banks to implement multi-factor authentication to prevent similar attacks.

Some cases in which Supreme Court of India raised the Concern related to cybersecurity in indian banking system

  1. Reserve Bank of India v. Jayantilal N. Mistry (2016)

In this case, the Supreme Court of India ruled that banks must safeguard the security of their customer’s information and transactions. The court also noted that the RBI has the authority to regulate and oversee banks’ cyber security measures. 

  1. K. Sputnik v. The Union of India and Others (2018)

This case related to the security of mobile banking transactions. The Supreme Court held that banks must ensure that their mobile banking apps are secure and that customers are protected against cyber fraud and theft. 

  1. K.S. Puttaswamy (Retd.) and Another vs. Union of India

The Supreme Court observed that the right to privacy is a fundamental right, and that individuals have the right to protect their personal data from cyber threats. 

  1. Jayantilal N. Mistry vs. LIC of India

The Supreme Court highlighted the need for cybersecurity measures to be implemented in the insurance sector. The court emphasised that financial institutions like insurance companies should ensure the confidentiality and security of their customers’ data. 

Steps Being Taken to Strengthen Cybersecurity in Indian Banks 

The Reserve Bank of India (RBI) has taken many initiatives to boost cybersecurity in the Indian banking industry. The RBI issued a set of guidelines in 2016 to help banks enhance their cybersecurity posture. Implementing security measures such as firewalls, encryption, and multi-factor authentication, conducting regular security audits and penetration testing, and ensuring that workers are trained in cybersecurity best practises are all part of these requirements. 

A few of banks have also taken aggressive initiatives to improve their cybersecurity. HDFC Bank, for example, has established a specialised cybersecurity department to monitor and prevent cyber threats. Axis Bank has created a cybersecurity system that includes frequent vulnerability evaluations and penetration testing. Furthermore, the Indian government has taken steps to solve the qualified cybersecurity expert deficit. The National Cyber Security Coordinator (NCSC) has been established to manage and integrate cybersecurity efforts across multiple industries, including banking. 

Furthermore, the government has created a number of efforts to encourage cybersecurity education and training, including the Cyber Swachhta Kendra and the Cyber Surakshit Bharat initiative. 

 

CONCLUSION 

The Indian financial sector has made considerable advancements in terms of cybersecurity, but there is still much work to be done. Cyber threats are continually growing, and institutions must be agile and adaptable to stay ahead of the curve. The RBI’s rules have laid a solid platform for banks to expand on, but banks must continue to invest in cybersecurity and training to remain ahead of the dangers. Banks can retain client trust in the banking system by ensuring the security and integrity of their customers’ financial information.

It is difficult to keep a bank safe against cybercrime. Banks must educate their staff on how to better protect themselves against threats and attacks. There is also a need to invest in technologies that can identify harmful activity on our systems before it does harm.

“PRIME LEGAL is a full-service law firm that has won a National Award and has more than 20 years of experience in an array of sectors and practice areas. Prime legal fall into a category of best law firm, best lawyer, best family lawyer, best divorce lawyer, best divorce law firm, best criminal lawyer, best criminal law firm, best consumer lawyer, best civil lawyer.”

References

  • J. J. Xavier and A. C. R. Paiva, “Cybersecurity in the banking sector: Challenges and opportunities,” Journal of Business Research, vol. 120, pp. 360-371, 2020.
  • P. M. Herath and C. M. Rao, “Cybersecurity in banking: An organizational perspective,” Journal of Business Research, vol. 69, no. 5, pp. 1792-1801, 2016.
  • P. Arora and R. K. Bali, “Cybersecurity and its impact on the banking sector,” Journal of Internet Banking and Commerce, vol. 23, no. 2, pp. 1- 13, 2018
  • NASSCOM. (2017). Indian Cybersecurity Services: Future Ready. Retrieved from https://www.nasscom.in/indian-cyber-security-servicesfuture-read
  • NASSCOM. (2017). Indian Cybersecurity Services: Future Ready. Retrieved from https://www.nasscom.in/indian-cyber-security-servicesfuture-read
  • K.S. Puttaswamy (Retd.) and Another vs. Union of India, (2017) 10 SCC 1 
  • Jayantilal N. Mistry vs. LIC of India and Ors., (2006) 3 SCC 709 

 

Article by – Abhay Shukla