Breaches piling up for7 yrs at Paytm Payments Bank

The regulatory action that brought Paytm Payments Bank (PPB) to a grinding halt on January 31 was as sudden as it was unexpected but it had been brewing for the past seven years or so since its launch, according to several people who spoke to ET on the matter.

Violation of banking compliance norms on money laundering, conflict of interest, maintaining an arm’s length from the parent, lax processes allowing fraud, licensing agreement breaches—these are some of the complaints that are said to have accumulated over the years.


Elevate Your Tech Prowess with High-Value Skill Courses

Offering College Course Website
IIM Lucknow IIML Executive Programme in FinTech, Banking & Applied Risk Management Visit
MIT MIT Technology Leadership and Innovation Visit
IIM Kozhikode IIMK Advanced Data Science For Managers Visit

“This is not an overnight development because the bank has been warned and told to put its house in order for years, but it did not,’’ said a person familiar with the matter. “It was not just one or two issues, but many.”

When the Reserve Bank of India (RBI) barred it from offering banking services, such as accepting deposits and processing payments, the regulator had this long list of accusations, said the people cited above. They spoke to ET on condition of anonymity.

The bank was founded by One 97 Communications, parent of Paytm, in 2017. Its launch came in the wake of Paytm’s success in championing demonetisation in 2016 as a means of digitising payments in India through its wallet.

Paytm didn’t respond to queries. Founder Vijay Shekhar Sharma had said on February 1 that Paytm would overcome the regulatory challenges.

Discover the stories of your interest

“Your favourite app is working, will keep working beyond 29 February as usual,” Sharma said on X on February 2. “I with every Paytm team member salute you for your relentless support. For every challenge, there is a solution and we are sincerely committed to serve our nation in full compliance. India will keep winning global accolades in payment innovation and inclusion in financial services – with PaytmKaro as the biggest champion of it.”

In its January 31 order, the RBI asked Paytm Payments Bank to stop all basic payment services through various platforms and technology railroads, including the Unified Payments Interface (UPI), Immediate Payment Service (IMPS), Aadhaar-Enabled Payment System (AEPS) as well as bill payment transactions with effect from February 29.

Also read | RBI action on Paytm indicates tough times ahead for fintech startups

Among the alleged violations, know your customer (KYC) norms, a basic necessity for any financial services firm, weren’t met, the people cited above told ET. It didn’t conduct proper KYC checks for hundreds of thousands of customers. Many accounts were being operated by individuals who had been penalised or prosecuted by the enforcement agencies.

In one instance, an account linked to one Permanent Account Number (PAN) was found to be operating more than 1,000 wallets, highlighting a lack of checks. Payment wallets are meant for small transactions, but the fund balance in some were in crores of rupees.

It was also found to be in violation of the policies of the Financial Action Task Force, an organisation founded by the G7 to combat money laundering and stop terror funding. The bank’s processes were found to be in violation of the Prevention of Money Laundering Act as well.

Also, Paytm Payments Bank did not have sufficient systems and processes in place to file regular reports to the Financial Intelligence Unit. All financial institutions, especially banks, are supposed to do this routinely to detect money laundering.

Also read | ETtech Explainer: how will RBI move impact customers

In 2018, following inspections uncovering various violations, the RBI had imposed business restrictions on Paytm Payments Bank as a warning, directing it to put systems in place to comply with banking regulations.

A regulatory inspection in 2022 found inconsistencies in compliance reports that the bank was submitting. At the time though, the regulator signalled there was scope for resolution of these issues.

However, later that year, the RBI barred it from onboarding new customers and an external auditor was appointed to examine its processes. External auditors found that the bank had been lacking in compliance.

As per bank licensing norms, every bank has to build and own its technology systems and keep them separate from other group entities. In the case of Paytm Payments Bank though, parent One 97 Communications was the technology support provider.

“This apparently led to violation of data secrecy where banks are supposed to ensure that no other entity has any access to the data of the bank,” said one of the persons. “There should not be any sharing of resources, but they seemed to have done that.”

Regulatory inspections have also found that there have been transactions between the bank and One 97 Communications, apart from information exchanges between the two that benefitted the listed parent company at the cost of bank deposit holders, it was found.

Harry Byrne

Related post