Reserve Bank of India
RBI/2014-15/563
DBR.No.BP.BC.88/21.04.048/2014-15
April 23, 2015
All Scheduled Commercial Banks
(Excluding Regional Rural Banks)
Dear Sir,
Mandatory Leave for Employees Posted in Sensitive Positions or Areas of Operation
Please refer to our circular DBS.CO.FrMC.BC.No.10/23.04.001/2010-11 dated May 31, 2011 on ‘Findings of Forensic Scrutiny- Guidelines for prevention of frauds’, in terms of which banks were advised to immediately put in place ‘staff rotation’ policy and policy for ‘mandatory leave’ for staff. However, it has been observed that the policy of ‘mandatory leave’ is not being implemented effectively, leading to an increase in operational risk across the banks.
2. Banks are hereby advised that, as a prudent operational risk management measure, it is imperative that employees posted in sensitive positions or areas of operations (viz., treasury, currency chests, risk modelling, model validation, etc.) are covered under a ‘Mandatory Leave’ policy wherein such employees are required to compulsorily avail of leave for a few days (say 10 working days) in a single spell every year, during their posting in such areas. The bank should also identify such highly sensitive positions where the bank will, without any prior intimation, advise the employee to be away from his desk for a specified number of working days each year.
3. While the employee is on ’mandatory leave’ or asked to be away from his desk as above, it should be ensured that he does not have access to any physical or virtual resources related to his work responsibilities, with the possible exception of corporate email.
4. Banks should immediately put the above arrangements in place, if not already done, and implement the same without fail. An exhaustive list of sensitive positions or areas of operations to be covered under ‘mandatory leave’ and under ‘away from desk’ requirement, may be decided as per the bank’s own policy duly approved by the Board of Directors or committee of the Board, and the incumbents of these positions should be kept aware of the above requirements. Implementation of such policy would be covered under the Pillar 2 review of banks’ risk management system by the Reserve Bank of India.
Yours faithfully,
(Sudarshan Sen)
Chief General Manager-in-Charge
