THE DPDP ACT AND KERALA BANK: A CASE STUDY IN DATA GOVERNANCE AND RISK MANAGEMENT
- Adv. K Gopika & Adv. K Devika
- Mar 1, 2025
- 1 min read
Updated: May 6
India’s approach to data governance and privacy has undergone a major shift with the passage of the Digital Personal Data Protection Act, 2023. It aims to create a uniform framework for the public and private sectors to handle, maintain, and safeguard personal data This new regime presents significant compliance challenges for the banking industry, one of the biggest processors of sensitive financial and personal data. As a state-regulated cooperative bank, Kerala Bank offers a unique example of how regional banks adjust to their responsibilities regarding data security and cyber governance. This paper evaluates how the DPDP Act impacts Kerala Bank’s data governance framework, focusing on ability to operate, customer trust, and institutional risk management. It also looks at how the Act affects governance structures, capacity building, and compliance architecture in cooperative banking systems. The study also explores how Kerala Bank can improve its cyber security, transparency, and long-term depositor trust by utilizing the DPDP Act. By demonstrating that privacy protection is not only a legal necessity but also a fundamental component of sustainable banking governance in India, this study ultimately seeks to close the gap between legal compliance and real-world implementation.

Comments