Private Banks under fire: Yes Bank, IDFC First, AU Small Finance face breach, fraud, governance concerns

India’s private‑sector banking space came under sharp focus this week as a series of breaches and irregularities across multiple lenders sparked regulatory attention and investor unease. Yes Bank confronted a major security lapse after its multi‑currency forex card platform with BookMyForex was hit by unauthorised transactions and exposure of sensitive customer data, prompting the Reserve Bank of India to seek a full account of the failure.

At the start of the week, IDFC First Bank reported a suspected Rs 590‑crore fraud linked to government accounts at its Chandigarh branch, leading to employee suspensions and an independent forensic audit. Adding to the turmoil, AU Small Finance Bank was also de‑empanelled by the Haryana government at the backdrop of suspected unauthorised activities linked to another private sector bank.

A data breach involving the Yes Bank–BookMyForex multi‑currency forex card happened on Wednesday. The breach exposed sensitive customer information, including CVV details of several cardholders.

The bank in an exchange filing said that it’s Multi-Currency Prepaid Forex Card, which were issued in partnership with BookMyForex observed an unusual increase in transaction decline by the bank’s fraud monitoring system.

These unauthorised transactions were attempted on specific BIN numbers only. These fraudulent transactions were carried out on 15 merchants that are based out of Latin American Country, in the early hours on February 24.

The internal investigation by the Bank has revealed that during the incident period transactions approximately equivalent of USD 0.28 million have been approved on behalf of 5,000 customers. Due to the Bank’s monitoring and control mechanisms, 688 unauthorised transaction attempts were declined, which led to safeguarding of approximately equivalent to USD 0.1 million. The Bank is working with Card Network to raise chargeback to ensure that the impacted customers do not face any financial loss

The central bank has asked the lender to furnish a comprehensive explanation of the incident, outlining how its systems were compromised and the sequence of events that led to the leak of confidential data.

IDFC First Bank disclosed a suspected Rs 590 crore fraud linked to government accounts maintained at its Chandigarh branch, which triggered serious concerns over internal controls and governance.

The discrepancies were discovered when Haryana government departments flagged mismatches in account balances while closing and transferring funds, leading to a deeper investigation.

The bank said in an exchange filing that "unauthorised and fraudulent activities have been carried out by certain employees at a particular branch in Chandigarh in a specific set of Haryana state government accounts." Four officials have been suspended, and disciplinary, civil and criminal proceedings are underway.

To probe the irregularities, IDFC First Bank has appointed KPMG to conduct an independent forensic audit aimed at identifying control lapses and accountability.

AU Small Finance bank also faced de‑empanelment by the Haryana government at the backdrop of suspected unauthorised activities linked to another private sector bank.

AU Small Finance Bank however said that there is no indication of financial impact or fraud on the bank so far. It also added that the some of the bank's employees have been placed off duty to ensure transparent review. Following the de‑empanelment Haryana Govt deposits with AU SFB fell to around Rs 538 crore post de-empanelment versus Rs 735 crore earlier. The deposits account for around 0.4 percent of AU SFB's total deposits.

The Haryana government account in question had initially received Rs 25 crore from one large private‑sector bank, followed by additional credits of around Rs 47 crore from another private‑sector lender. The bank noted that roughly Rs 47 crore was subsequently transferred from the government account to a customer account through 14 transactions, all of which were initiated and authorised by the concerned government department. The lender added that a complete audit trail and all relevant records are available and have been shared with the authorities as part of the ongoing review.