Banking is the engine of an economy’s production. Therefore one cannot undermine the importance of a sound banking system , it provides numerous facilities to the enterprises, government and the common man. A technology outburst has been taking place in all sectors over the last few decades and banking has been one of the sectors for adopting information technology. Internet or e-banking means any customer with a PC and a browser can connect to the site of his bank to play any of the virtual banking functions.

It offers traditional banking services through a virtual medium in layman terms. From the point of view of banking items and administrations that are offered through the Internet , Internet banking is just the usual financial administration that is conveyed through electronic correspondence, i.e. the Internet.


Various legal provisions that apply to traditional banking activity also apply to internet banking. This does not solve the problems, and therefore there is a need to introduce more stringent rules and specific laws to address e-bank problems. A group of enactments provide the legal framework for banking in India, viz.

Among several such legislation, the Banking Regulation Act, 1949; the Reserve Bank of India Act, 1934 and the Foreign Exchange Management Act, 1999 are few. To function as a bank, it is mandatory for all entities to obtain a license from Reserve Bank of India under the Banking Regulations Act, 1949. In addition, banking practices are also regulated by various trade and exchange laws, such as the Indian Contract Act of 1872, the Negotiable Instruments Act of 1881, the Indian Proof Act of 1872, etc.[1]

While e-banking has introduced banking ease, it has given rise to many issues and risks such as operational risks, security risks, and customer satisfaction and tax for privacy. Some of these concerns are more sensitive than others, such as privacy and protection, which are the main features on which e-banks have grown.

There are also some legal challenges that E-Banking faces while carrying out its activities, the Information Technology Act, 2000 set out some guidelines on E-Banking to address technology and security standards; legal issues; regulatory and supervisory issues[2].

  1. The Information Technology Act, 2000 provided for a punishment for refusing access to a computer network (Section-43) and hacking (Section 66), banks’ responsibility is not explicit in these cases. Section 72 provided for a provision for breach of privacy and confidentiality and Section 79 of the Act further provided for the removal of a network service provider ‘s responsibility for data passing across their network under certain conditions. Therefore, banks’ liability for privacy breaches when data is traveling through a network is not clear. The aspect needs a thorough legal analysis. The issue of ownership of transactional data stored in the computer systems of banks also needs further scrutiny.
  2. Currently, banks offering Internet banking service consider only the request to open accounts, and this will only be done after proper physical introduction and verification. Section 131 of the Negotiable Instruments Act, 1881, provides that the Group is of the opinion that the banks have an obligation not only to establish the identity but also to inquire into the integrity and reputation of the prospective customer. After the Information Technology Act, 2000 and digital certification machinery came into force, it was suggested to banks that they rely on the introducer’s digital signature.
  3. But the current legal regime does not set the parameters as to how often an individual is bound by an electronic instruction that he allegedly issued. Authentication is achieved through a security procedure, involving methods and devices such as user-id, password, personal identification number ( PIN), code numbers, and encryption, etc., used to establish an instruction ‘s authenticity. However, a protection technique needs to be accepted as a replacement for signature from a legal viewpoint by statute.
  4. In India, Section 3(2) of the Information Technology Act, 2000 provides for a specific technology ( i.e., the asymmetric cryptosystem and hash function) as a means to authenticate electronic records. That posed doubts as to whether the law would accept the prevalent methods used by banks as legitimate authentication methods.
  5. There is very little room in the Internet banking scenario for the banks to operate on the customers’ stop-payment instructions. Therefore, banks should notify the customers of the timeframe and the circumstances in which any instructions for stopping payment could be accepted.
  6. Actually, banks offering Internet banking services and consumers making use of the same are entering into agreements specifying their respective rights and liabilities for Internet banking transactions. The Indian Banks’ Association may also create a standard format / minimum consent requirement to be followed by banks, which would capture all the necessary requirements to be met by banks, customers and the relevant rights and liabilities arising from them. This will help to standardize documentation, as well as develop standard practice among Internet banking facility offering bankers.
  7. The group has raised the concern that internet banking transactions could become a conduit for money laundering. Such transactions are initiated between designated accounts and concluded between. In addition , the proposed Money Laundering Prevention Bill 1999 places an duty on each depositary financial institution to take care of transaction records for a given duration.
  8. The Banking Companies (Period of Preservation of Records) Rules, 1985 also require that banks keep certain records for a period of 5 to 8 years. The Group is of the opinion that certain regulatory provisions applicable to all banking transactions, whether Internet banking or conventional banking, should take sufficient care of this issue and no special steps are required for Internet banking.
  9. The Consumer Protection Act, 1986 specifies consumer protection in India, and also applies to banking services. Currently, the rights and responsibilities of consumers who make use of Internet banking services are determined through bilateral agreements between banks and clients. Whether any bilateral arrangement specifying customer rights and responsibilities that are detrimental to customers than what they enjoy in the conventional banking scenario would be legally sustainable[3] is open to consideration.[3]



The Information Technology Act 2000 attempted to address several e-commerce regulatory issues, but some grey areas still exist, which have neither been spelled out properly nor any workable modes of implementation suggested by Constitutional institutions. The IT Act of 2000 did address the necessity for banks to travel online and have laid out security measures to be adopted. However, one cannot say the aspirations of the industry are satisfactorily looked into. Also, the privacy procedure laid down by banks for providing access to internet banking needs to be recognized by law similarly security procedures.



[1] M.L.Tannan, Tannan’s, Banking Law and Practice in India, (20th Ed.), (New Delhi: India Law House, 2003), p.157.

[2] Gunjan Bhagtani, Janvi Pandya, Contemporary Legal Issues in Indian E-Banking System,Vol 2 Law Journals 17-24 (2019).

[3] Internet Banking  Legal Issues (May 20, 2020, 10:00 AM)


Author: Arvind Bhati,
Lloyd law college 3rd year student

Leave a Comment