Banking is the growth engine of an economy. It provides numerous facilities to the enterprises, government and the common man therefore one cannot undermine the importance of a sound banking system. During the past few decades there has been a technology outburst in all sectors and banking has been one of the sectors to adopt information technology. Internet or e-banking implies any client with a PC and a browser can get associated with his bank's site to play out any of the virtual banking functions.

In layman terms it offers traditional banking services through the virtual medium. From the viewpoint of banking items and administrations being offered through the Internet, Internet banking is just customary financial administrations conveyed through an electronic correspondence spine, viz, Internet.

Legal Framework and Issues in E-Banking

Various provisions of law, which apply to traditional banking activity, are also applicable to internet banking. This does not overcome the problems, and therefore there is a need for the introduction of more stringent rules and laws specific to meet the problems of e-banking. The legal framework for banking in India is provided by a group of enactments, viz.

The Banking Regulation Act, 1949; the Reserve Bank of India Act, 1934 and Foreign Exchange Management Act, 1999 are few among many such legislations. It is mandatory on the part of all entities to obtain a license from Reserve Bank of India under Banking Regulations Act, 1949 to function as a bank. Besides, banking activities are also influenced by various enactments governing trade and commerce, such as The Indian Contract Act, 1872, the Negotiable Instruments Act, 1881, Indian Evidence Act, 1872, etc[1].

Though e-banking has introduced ease of doing banking it has with it given rise to many issues and risks such as operational risks, security risks and privacy customer satisfaction and tax. Some of these issues are more sensitive than others for example privacy and security are the pivotal features around which e-banking has evolved.

There are some legal challenges also which are faced by E-Banking while performing their activity, Information Technology Act, 2000 laid down some guideline about E-Banking to deal with Technology and Security Standards; Legal Issues; Regulatory and Supervisory Issues.[2]

1. The Information Technology Act, 2000 has provided for a penalty for denial of access to a computer system (Section-43) and hacking (Section – 66), the liability of banks in such situations is not clear. Section 72 has provided for a penalty for breach of privacy and confidentiality and Section 79 of the Act has also provided for exclusion of liability of a network service provider for data traveling through their network subject to certain conditions. Thus, the liability of banks for breach of privacy when data is traveling through a network is not clear. This aspect needs a detailed legal examination. The issue of ownership of transactional data stored in banks' computer systems also needs further examination.
    
2. At present banks providing Internet banking service, only accepting the request for opening f accounts, and it will be done only after proper physical introduction and verification. Section 131 of the Negotiable Instruments Act, 1881, provides the Group holds the view that there is an obligation on the banks not only to establish the identity but also to make inquiries about the integrity and reputation of the prospective customer. After coming in to force of the Information Technology Act, 2000 and digital certification machinery it has been suggested to banks to rely on the digital signature of the introducer.
   
   But the present legal regime doesn't set out the parameters on the extent to which an individual are often bound in respect of an electronic instruction alleged to have been issued by him. The authentication is achieved by security procedure, which involves methods and devices like user-id, password, personal identification number (PIN), code numbers and encryption etc., used to establish authenticity of an instruction. However, from a legal perspective a security procedure needs to be recognized by law as a substitute for signature.
   
   In India, the Information Technology Act, 2000, in Section 3(2) provides for a particular technology (viz., the asymmetric cryptosystem and hash function) as a means of authenticating electronic records. This has raised the doubt whether the law would recognize the prevailing methods employed by banks as valid methods of authentication.
    
3. In the Internet banking scenario there is very little scope for the banks to act on stop-payment instructions from the customers. Hence, banks should notify the customers of the timeframe and the circumstances in which any stop-payment instructions could be accepted.
    
4. The banks providing Internet banking service and customers availing of the same are currently entering into agreements defining respective rights and liabilities in respect of Internet banking transactions. A standard format / minimum consent requirement to be adopted by banks could even be designed by the Indian Banks' Association, which should capture all essential conditions to be fulfilled by the banks, the customers and relative rights and liabilities arising therefrom. This will help in standardizing documentation as also develop standard practice among bankers offering Internet banking facility.
    
5. The concern that Internet banking transactions may become a conduit for money laundering, has been addressed by the Group. Such transactions are initiated and concluded between designated accounts. Further, the proposed Prevention of Money Laundering Bill 1999 imposes an obligation on every depository financial institution to take care of records of transactions for a particular prescribed period.
   
   The Banking Companies (Period of Preservation of Records) Rules, 1985 also require banks to preserve certain records for a period ranging between 5 to 8 years. The Group is of the view that these legal provisions which apply to all banking transactions, whether Internet banking or traditional banking, will adequately take care of this concern and no specific measures for Internet banking are necessary.
    
6. The Consumer Protection Act, 1986 defines the rights of consumers in India and applies to banking services as well. Currently, the rights and liabilities of consumers availing of Internet banking services are being determined by bilateral agreements between the banks and customers. It is open to debate whether any bilateral agreement defining customers rights and liabilities, which are adverse to consumers than what's enjoyed by them within the traditional banking scenario will be legally tenable.[3]

Conclusion
The Information Technology Act 2000 attempted to address several e-commerce regulatory issues, but some grey areas still exist, which have neither been spelled out properly nor any workable modes of implementation suggested by Constitutional institutions. The IT Act of 2000 did address the necessity for banks to travel online and have laid out security measures to be adopted. However, one cannot say the aspirations of the industry are satisfactorily looked into. Also, the privacy procedure laid down by banks for providing access to internet banking needs to be recognized by law similarly security procedures.

End-Notes:

1. M.L.Tannan, Tannan's, Banking Law and Practice in India, (20th Ed.), (New Delhi: India Law House, 2003), p.157.
2. Gunjan Bhagtani, Janvi Pandya, Contemporary Legal Issues in Indian E-Banking System,Vol 2 Law Journals 17-24 (2019).
3. Internet Banking – Legal Issues (May 20, 2020, 10:00 AM), http://rajdeepandjoyeeta.com/internet-banking-legal-issues/.