+91 9819157403
cabhavi10@gmail.com
Mon - Sat: 10:00 AM - 6:00 PM
← Back to Home/Updates

Banks Must Follow Strict Data Protection Rules, Says Nirmala Sitharaman in Lok Sabha

30 March 2026Vanshika verma
Banks Must Follow Strict Data Protection Rules, Says Nirmala Sitharaman in Lok Sabha

Banks Must Follow Strict Data Protection Rules, Says Nirmala Sitharaman in Lok Sabha

Finance Minister Nirmala Sitharaman recently told the Lok Sabha that banks in India must follow strict rules to protect customer data.

In the Lok Sabha, Manoj Kumar asked whether the government is planning to introduce a customer data access alert system, under which customers would receive notifications via SMS or email every time their personal data is accessed. He also enquired about alternative measures if such a system is not being considered.

Also Read
India Managing Fuel Crisis Better Than Neighbours, Says FM Nirmala Sitharaman

Responding to the question, Finance Minister Nirmala Sitharaman said that data privacy under the Know Your Customer (KYC) framework is guided by master directions issued by the Reserve Bank of India. These directions also include clear instructions on maintaining customer confidentiality and on how information can be shared.

According to her, banks are legally required to keep customer information confidential. This responsibility comes from the contractual relationship between a bank and its customer. Banks must protect customer data and not misuse it.

Every bank and regulated entity must follow these rules. Sitharaman said that such institutions operate under five key laws:

  1. The State Bank of India Act
  2. The Banking Regulation Act
  3. The Regional Rural Banks Act
  4. The Credit Information Companies Act and
  5. The Public Financial Institutions Act.

These laws set out how banks and data-related entities must function.

Also Read
Mis-selling insurance is an Offense; Banks Must Rather Focus on Core Activities: Finance Minister

She also pointed to the RBI’s digital lending guidelines, which state that customer data should be collected only when necessary and shared only with authorised authorities when required.

← Back to Home