As per Section 131 of the Negotiable Instruments Act, 1881 (the Act) a banker who
has in good faith and without negligence received payment for a customer of a cheque
crossed generally or specially to himself shall not, in case the title to the cheque proves
defective, incur any liability to the true owner of the cheque by reason only of having
received such payment. The banker’s action in good faith and without negligence have
been discussed in various case laws and one of the relevant passages from the judgment
of Justice Chagla in the case of Bapulal Premchand Vs Nath Bank Ltd. (AIR 1946
Bom.482) is as follows:
“Primarily, inquiry as to negligence must be directed in order to find out whether
there is negligence in collecting the cheque and not in opening the account, but if
there is any antecedent or present circumstance which aroused the suspicion of the
banker then it would be his duty before he collects the cheque to make the necessary
enquiry and undoubtedly one of the antecedent circumstances would be the opening of
the account. In certain cases failure to make enquiries as to the integrity of the
proposed customer would constitute negligence”.
7.2.3 Further the Supreme Court of India in Indian Overseas Bank Ltd. Vs. Industrial Chain
Concern [JT1989(4)SC 334] has stated that as a general rule, before accepting a
customer, the bank must take reasonable care to satisfy himself that the person in
question is in good reputation and if he fails to do so, he will run the risk of forfeiting
the protection given by Section 131 of Negotiable Instruments Act, 1881 but
reasonable care depends upon the facts and circumstances of the case. Similarly, the
Delhi High Court was also of the view that the modern banking practice requires that a
constituent should either be known to the bank or should be properly introduced. The
underlying object of the bank insisting on producing reliable references is only to find
out if possible whether the new constituent is a genuine party or an imposter or a
fraudulent rogue [Union of India Vs National Overseas Grindlays Bank Ltd. (1978)
48 Com.Cases 277 (Del)].
7.2.4 Thus, the introduction of a new customer by a third party reference is a well-recognized
practice followed by the banks before opening new accounts in order to prove the
reasonable care and absence of any negligence in permitting the new customer to open
the account. Further, in order to establish the reasonable care the banks have to make
enquiries about the integrity/reputation of the prospective customer. It is not a mere
enquiry about the identity of the person. The Group, therefore, endorses the practice
presently followed by the banks in seeking proper introduction before allowing the
operations of the customers’ accounts. In the context of Internet banking and after the
coming into force of the Information Technology Act, 2000, it may be possible for the
banks to rely on the electronic signatures of the introducer. But this may have to await
till the certification machinery as specified in the Information Technology Act, 2000
comes into operation.
7.3.1 Authentication: One of the major challenges faced by banks involved in Internet
banking is the issue relating to authentication and the concerns arising in solving
problems unique to electronic authentication such as issues of data integrity, non-
repudiation, evidentiary standards, privacy, confidentiality issues and the consumer
protection. The present legal regime does not set out the parameters as to the extent to
which a person can be bound in respect of an electronic instruction purported to have
been issued by him. Generally, authentication is achieved by what is known as security
procedure. Methods and devices like the personal identification numbers (PIN), code
numbers, telephone-PIN numbers, relationship numbers, passwords, account numbers
and encryption are evolved to establish authenticity of an instruction. From a legal
perspective, the security procedure requires to be recognized by law as a substitute for
signature. Different countries have addressed these issues through specific laws dealing
with digital signatures. In India, the Information Technology Act, 2000 (the "Act") in
Section 3 (2) provides that any subscriber may authenticate an electronic record by
affixing his digital signature. However the Act only recognizes one particular
technology as a means of authenticating the electronic records (viz, the asymmetric
crypto system and hash function which envelop and transform the initial electronic
record into another electronic record). This might lead to the doubt of whether the law
would recognize the existing methods used by the banks as a valid method of
authenticating the transactions. In this regard as noted in paragraph [3.2.2] of Chapter
[3] of this Report, the approach in the other countries has been to keep the legislation
technology neutral. The Group is of the view that the law should be technology neutral
so that it can keep pace with the technological developments without requiring
frequent amendments to the law as there exists a lot of uncertainty about future
technological and market developments in Internet banking. This however would not
imply that the security risks associated with Internet banking should go unregulated.
7.3.2 Hence, Section 3 (2) of the Information Technology Act 2000 may need to be
amended to provide that the authentication of an electronic record may be effected
either by the use of the asymmetric crypto system and hash function, or a system as
may be mutually determined by the parties or by such other system as may be
prescribed or approved by the Central Government. If the agreed procedure is followed
by the parties concerned it should be deemed as being an authenticate transaction. A
clarification to this effect by way of an amendment of the aforesaid Act will facilitate
the Internet banking transactions.
7.3.3 Further, the banks may be allowed to apply for a license to issue digital signature
certificate under Section 21 of the Information Technology Act, 2000 and become a
certifying authority for facilitating Internet banking. The certifying authority acts like a
trusted notary for authenticating the person, transaction and information transmitted
electronically. Using a digital certificate from trusted certificate authority like a bank
shall provide a level of comfort to the parties of an Internet banking transaction.
Hence, it is recommended by the Committee that the Reserve Bank of India may
recommend to the Central Government to notify the business of the certifying authority
under Clause (o) of Section 6(1) of the Banking Regulation Act, 1949, to permit the
banks to act as such trusted third parties in e-commerce transactions.
7.4.1 Mode of Payment under the Income Tax Act, 1961: Section 40A(3) of the Income tax
Act, 1961, dealing with deductible expenses, provides that in cases where the amount
exceeds Rs. 20,000/-, the benefit of the said section will be available only if the
payment is made by a crossed cheque or a crossed bank draft. One of the services
provided by the banks offering Internet banking service is the online transfer of funds
between accounts where cheques are not used, in which the above benefit will not be
available to the customers.
7.4.2 The primary intention behind the enactment of Section 40 A of the Income tax Act,
1961 is to check tax evasion by requiring payment to designated accounts. In the case
of a funds transfer, the transfer of funds takes place only between identified accounts,
which serves the same purpose as a crossed cheque or a crossed bank draft. Hence, the
Committee recommends that Section 40A of the Income Tax Act, 1961, may be
amended to recognise even electronic funds transfer.
7.5.1. Secrecy of Customer's Account: The existing regime imposes a legal obligation on the
bankers to maintain secrecy and confidentiality about the customer’s account. The law
at present requires the banker to take scrupulous care not to disclose the state of his
customer's account except on reasonable and proper occasions.1
7.5.2. While availing the Internet banking services the customers are allotted proper User ID,
passwords and/or personal identification numbers and/or the other agreed
authentication procedure to access the Internet banking service and only users with
such access methodology and in accordance with the agreed procedure are authorized
to access the Internet banking services. In other words a third party would not be able
to withdraw money from an account or access the account of the customer unless the
customer had divulged his/her password in the first place.
7.5.3 However, if the password or the identification number is misplaced or lost or gets into
the hands of the wrong person and such person procures details about the customers
account then the banker may be faced with legal proceedings on the grounds of
violation of the obligation to maintain secrecy of the customer's accounts. This concern
of the bankers is very high especially in the case of joint accounts where both the
parties share one personal identification numbers or relationship numbers and operate
the account jointly. Further, by the very nature of Internet the account of a customer
availing Internet banking services would be exposed to the risk of being accessed by
hackers and inadvertent finders.
7.5.4 The Internet banking services at present are being provided by most of the banks by
1
Tournier v. National Provincial and Union Bank of England, (1924) 1 K.B. 461
systems which are only accessible through "secure zones" or SSL (Secure Sockets
Layer) to secure and authenticate the user through a secure browser. Most of the banks
have adopted 128 Bit strong encryption which is widely accepted worldwide as a
standard for securing financial transaction. To reduce the risk of the customers’
account information being accessed by third parties, it is very important that the banks
continue to be obliged to protect the customer account. However, it is equally
important to note that the banks may still be exposed to the risk of liability to
customers and hence they should adopt all reasonable safety controls and detection
measures like establishment of firewalls, net security devices, etc. Further, banks should
put in place adequate risk control measures in order to minimize possible risk arising
out of breach of secrecy due to loss/ misplacement/ theft of customers’ ID/PIN, etc.
7.6.1 Revocation and Amendment of Instructions: The general revocation and amendment
instructions to the banks are intended to correct errors, including the sending of an
instruction more than once. Occasionally, a revocation or amendment may be intended
to stop a fraud. Under the existing law, banks are responsible for making and stopping
payment in good faith and without negligence. In an Internet banking scenario there is
very limited or no stop-payment privileges since it becomes impossible for the banks to
stop payment in spite of receipt of a stop payment instruction as the transactions are
completed instantaneously and are incapable of being reversed.
offering Internet banking services may clearly notify the customers the time frame and
the circumstances in which any stop payment instructions could be accepted.
7.7.1 Rights and Liabilities of the Parties: Typically, the banker-customer relationship is
embodied in a contract entered into by them. The banks providing the Internet banking
services currently enter into agreements with their customers stipulating their respective
rights and responsibilities including the disclosure requirements in the case of Internet
banking transactions, contractually. A Standard format/minimum consent requirement
to be adopted by the banks offering Internet banking facility, could be designed by the
Indian Banks’ Association capturing, inter alia, access requirements, duties and
responsibilities of the banks as well as customers and any limitations on the liabilities of
the banks in case of negligence and non-adherence to the terms of agreement by
customers.
7.8.1. Internet Banking and Money Laundering:
One of the major concerns associated with Internet Banking has been that the Internet
banking transactions may become untraceable and are incredibly mobile and may easily
be anonymous and may not leave a traditional audit trail by allowing instantaneous
transfer of funds. It is pertinent to note that money-laundering transactions are cash
transactions leaving no paper trail. Such an apprehension will be more in the case of use
of electronic money or e-cash. In the case of Internet Banking the transactions are
initiated and concluded between designated accounts. Further Section 11 of the
proposed Prevention of Money Laundering Bill, 1999 imposes an obligation on every
Banking Company, Financial Institution and intermediary to maintain a record of all the
transactions or series of transactions taking place within a month, the nature and value
of which may be prescribed by the Central Government. These records are to be
maintained for a period of five years from the date of cessation of the transaction
between the client and the banking company or the financial institution or the
intermediary. This would apply to banks offering physical or Internet banking services.
This will adequately guard against any misuse of the Internet banking services for the
purpose of money laundering. Further the requirement of the banking companies to
preserve specified ledgers, registers and other records for a period of 5 to 8 years, as
per the Banking Companies (Period of Preservation of Records) Rules, 1985
promulgated by the Central Government also adequately takes care of this concern.
7.9.1. Maintenance of Records: Section 4 of the Bankers’ Books Evidence Act, 1891,
provides that a certified copy of any entry in a banker’s book shall in all legal
proceedings be received as a prima facie evidence of the existence of such an entry. The
Banking Companies (Period of Preservation of Records) Rules, 1985 promulgated by
the Central Government requires banking companies to maintain ledgers, records,
books and other documents for a period of 5 to 8 years. A fear has been expressed as
to whether the above details of the transactions if maintained in an electronic form will
also serve the above purpose. The Group is of the considered opinion that that this has
been adequately taken care of by Section 7 and Third Schedule of the Information
Technology Act, 2000.
source;https://docs.google.com/viewer?a=v&q=cache:hfpidzO3GqgJ:rbidocs.rbi.org.in/rdocs/PublicationReport/Pdfs/21595.pdf+&hl=en&gl=in&pid=bl&srcid=ADGEESjOXc4zuGPbJxE9D6GLMbJZajXXOuMtrf60AKa2swcjcAF0hbxWCbIf6xmTodLgobRBSIM_RAq90zReiCxGqMaTeujQPY4YgchGdeIA2zx-URaqvz1zbW2RXn6Yr21C97u2ymtu&sig=AHIEtbRiTPQbSD-Rf1-I4Qeo3L0U4B12LA
No comments:
Post a Comment