The government has declared the IT resources of ICICI Bank, HDFC Bank and UPI managing entity NPCI as ‘critical information infrastructure’, implying any harm to them can have an impact on national security and any unauthorised person accessing these resources may be jailed for up to 10 years, according to an official notification. The IT resources under CII include Core Banking Solution, Real Time Gross Settlement and National Electronic Fund Transfer (NEFT) comprising Structured Financial Messaging Server.
Key Points:
The persons authorized to access IT resources of ICICI Bank, HDFC Bank, and NPCI are their designated employees, authorized team members of contractual managed service providers or third-party vendors who have been authorised by them for need- based access and any consultant, regulator, government official, auditor and stakeholder authorised by the entities on case-to-case basis. This decision, to put their IT resources under CII, has been taken due to cyber attacks which raised the need for a protected system by all the banks and financial institutions.