Concur News
  • Home
  • India
  • Startup
  • Regulation
  • Interview
  • Press Release
  • Login
July 13, 2025
No Result
View All Result
Concur News

Home » Draft DPDP Rules: Banks Prepare to Tackle Operational Challenges

Draft DPDP Rules: Banks Prepare to Tackle Operational Challenges

May 26, 2025
in India, LAW, News, Regulation
Reading Time: 3 mins read
draft rules
Share on LinkedinShare on Whatsapp

The draft Digital Personal Data Protection (DPDP) rules require banks to get clear, explicit consent from customers before using their data for anything beyond the original purpose. While many banks already follow this principle, experts say these formal rules leave no room for regulatory shortcuts or loopholes.

Experts also say it’s still too early to fully understand how these rules will affect business. However, once finalized, banks will need to create proper data processing agreements with third-party companies. This will help ensure they meet the rules.

Banks often cross-sell products from their subsidiaries or partner companies to their customers. Although banks generally get consent before sharing customer data for cross-selling — as part of good governance — there have been exceptions. In some cases, this practice has not always been properly followed.

Consent Foundation

“Banks and NBFCs were not sharing data without the explicit consent of customers with their subsidiaries. Formal regulations make the requirement very explicit and leave no room for regulatory arbitrage. We do not foresee any business impact as such on account of the regulations. In fact, we see this as a great opportunity to build trust within the financial services ecosystem,” said Vivek Iyer, Partner, Financial Services Risk Advisory, Grant Thornton Bharat LLP.

Experts believe the draft rules are a positive move for customers because they improve data protection and bring India’s practices in line with global standards.

But corporate advisor Srinath Sridharan points out another concern. He questions whether banks are fully prepared for the operational challenges these rules bring. Banks will now need explicit consent before using customer data for anything beyond its original purpose. Except for a few large banks that have already started working on DPDP readiness, most of the sector still has a long way to go.

“One would assume that with the draft rules open for comments, the RBI might get the sector to ideate on this, through the Indian Banks’ Association (IBA) to help them prepare for DPDP implementation. This will require investment from banks — financial, technological, process change and training. A playbook of minimum acceptable operational norm could be expected from the regulator soon,” he added.

Currently, banks and insurance companies are reviewing the draft rules, which are open for public comment. They haven’t yet finalized their views or decided on their next steps.

“We are studying the draft rules and will finalise our views in some time. However, for us, since mobilisation of customers is done by bank staff who are qualified for selling insurance, they get the forms filled by the customer with their consent duly signed,” said a senior private sector insurance executive.

At the same time, a senior private sector banker warned that because many businesses rely on cross-leveraging group customers, requiring explicit consent could result in some business leakage.

According to Tisha Bhambry, Director Analyst at Gartner, the DPDP rules will require banks to set up strong consent management systems. These systems must allow customers to easily give consent, manage it, and withdraw it whenever they choose.

Besides that, banks must also have clear agreements with third-party partners to stay compliant. While these changes strengthen data protection and align with international standards, they also bring both challenges and opportunities for banks to build more customer trust through better privacy practices.

Read : Draft Digital Personal Data Protection Rules, 2025

Tags: Data privacyData ProtectionDPDP ActDPDPAPrivacy

Related Posts

India: CERT-In & BITS Pilani Launch Cyber Training
India

India: CERT-In & BITS Pilani Launch Cyber Training

July 12, 2025
India Approves Elon’s Starlink, Privacy and Debris Concerns Arise
Global

India Approves Elon’s Starlink, Privacy and Debris Concerns Arise

July 12, 2025
Agendra kumar
India

Esri India Chief Says Data Protection Bill Lacks Clarity and Faces Implementation Challenges

July 12, 2025
India Boosts Data Governance with DPDP Act
Africa

India Boosts Data Governance with DPDP Act

July 11, 2025

RECOMMENDED NEWS

New Security Scheme Could Protect Sensitive Data During Cloud Computation

New Security Scheme Could Protect Sensitive Data During Cloud Computation

4 months ago
Alexa’s Privacy Shift: Send Data or Stop Using Echo

Alexa’s Privacy Shift: Send Data or Stop Using Echo

4 months ago
Texas

Google will pay Texas $1.4 billion to settle claims the company collected users’ data without permission

2 months ago
Meta Plans to Use Public Posts and AI Data for EU Model Training

Meta Plans to Use Public Posts and AI Data for EU Model Training

3 months ago

BROWSE BY TOPICS

AI AI Governance AI Privacy Apps Children privacy Compliance Consent Cross-Border Cybercrime Cyber security Data Data breach Data leak Data privacy Data Protection Data security Data Violation Digital DPDP DPDPA DPDP Act EU FBI Fines GDPR google Hack Hacked Industry Interview Investigation Investment Law Meity penalty Personal data Press Release Privacy RBI RTI Act Startek Tech giants Technology Training Trending

701, The Capital, BKC(E), Mumbai, India

Follow us on social media:

Categories

Categories Layout
  • Africa
  • America
  • India
  • Asia
  • Europe
  • Japan
  • Business
  • Events
  • Regulation
  • Law
  • News
  • Privacy
  • Startup
  • Technology
Categories Layout
  • Apps
  • Cybercrime
  • Data
  • Data Breach
  • Data Privacy
  • Data Protection
  • Digital
  • FBI
  • Investment
  • Law
  • Privacy
  • Tech Giants
  • DPDP
  • DPDPA

Harmonize Data Compliance

Footer with Animated Button
Effortlessly align your data compliance with Concur, ensuring seamless integration and robust adherence to regulatory standards.
BOOK A DEMO
  • About
  • Advertise
  • Careers
  • Home
  • Demo

© 2025 Concur - consent manager

Welcome Back!

OR

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Home
  • News
  • Business

© 2025 Concur - consent manager