Need for Strengthening the IT Governance Framework in Banking Sector for Achieving Digital Operational Resilience

Proactively, by a Master Direction issued in November 2023, the Banking Sector Regulator, the Reserve Bank of India introduced mandatory requirements for ensuring that the IT governance framework is functional and effective, and it can manage risks from cyber threats and risks
emanating from third-party service providers and vendors. The RBI framework requires entities operating in the banking sector in India to identify risks, report incidents, take preventive and remedial measures and ensure business continuity. The Master Direction has already come into
force with effect from 01st April 2024. At this point of time, the European union introduced the Regulations for financial sector entities for achieving digital operational resilience. These EU Regulations provide a lot of insights, especially in the areas of imposing contractual obligations on
third-party service providers. This article underscores the need for benefitting from certain aspects the EU Regulations. Having been an independent director of a private sector bank, with considerable
experience on the nuances of overall governance, the author highlights the need for greater attention at the level of Board of Directors on this important subject.