Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+{{htmlmetatags>
+metatag-keywords=(banking rti, rbi rti, financial rti, jayantilal mistry rti, customer data rti)
+metatag-description=(Practical framework for PIOs in banks + RBI + financial regulators handling RTIs — the *RBI v Jayantilal Mistry* foundational ruling, customer vs regulator data distinction, and DPDP §44(3) interaction.)
+}}
+====== Banking + financial RTI — Jayantilal Mistry; customer vs regulator data (2026) ======
+{{ :social:auto:pio-banking-financial-rti.png?direct&1200 }}
+{{page>snippets:dpdp-banner}}
+<WRAP info>
+*RBI v Jayantilal Mistry* (SC 2015) is the most-cited ruling for banking RTI. It rejected the blanket §8(1)(e) "fiduciary" defense and held that RBI inspection reports of banks are disclosable. The framework: customer-account data is exempt under §8(1)(j) + DPDP §44(3); regulator + supervisory + inspection records are disclosable subject to specific carve-outs.
+</WRAP>
+===== Statutory framework =====
+RTI Act §8(1)(d) + §8(1)(e) + §8(1)(j); RBI v Jayantilal Mistry (SC 2015); DPDP Act 2023 §44(3); Banking Regulation Act + Banking Companies Act privacy.
+===== Key principles =====
+  * Customer account data — exempt under §8(1)(j) + DPDP §44(3).
+  * Bank inspection / supervisory reports — disclosable per Jayantilal Mistry.
+  * Loan defaulter aggregates — generally disclosable; individual identifying details case-specific.
+  * NPA classifications — disclosable for accountability.
+  * Risk weighting / capital adequacy — disclosable subject to commercial confidence balancing.
+  * Banking secrecy is NOT absolute fiduciary privilege; only customer-individual data exempt.
+===== Decision framework =====
+  - **Identify the data category** — Customer-account / inspection / defaulter list / regulatory ratio?
+  - **Apply Jayantilal Mistry filter** — Inspection / supervisory / regulatory records: disclosable presumptively.
+  - **For customer data, apply §8(1)(j) + DPDP** — Specific identifying details exempt; aggregates disclosable.
+  - **For commercial confidence (§8(1)(d))** — Balance against public-interest accountability.
+  - **Apply §10 severability** — Mixed files: disclose regulatory portions, redact customer.
+  - **Issue speaking order** — Cite Jayantilal Mistry + §44(3) framework.
+===== Template =====
+<code>
+To: [Applicant Name]
+Subject: Reply to RTI [____] — Banking / financial records
+Sir/Madam,
+Your application sought [specific records — e.g., "RBI inspection report of XYZ Bank, FY 2023-24"]. Pursuant to *RBI v Jayantilal Mistry* (2015) 4 SCC 575, the framework for banking RTIs:
+CUSTOMER ACCOUNT DATA:
+Specific customer account details (account no., balance, transactions, KYC) are exempt under §8(1)(j) + DPDP §44(3) — relating to identifiable individuals.
+REGULATORY / SUPERVISORY RECORDS:
+The Supreme Court in Jayantilal Mistry definitively rejected the blanket §8(1)(e) "fiduciary" defense for RBI vis-à-vis banks. RBI inspection reports + supervisory reports are disclosable. Specific portions:
+- Inspection findings: Disclosed.
+- Risk classifications: Disclosed.
+- Regulatory observations: Disclosed.
+- Specific customer-identifying entries: Redacted under §8(1)(j) per §10 severability.
+NPA / DEFAULTER DATA:
+Aggregate defaulter data + sectoral NPAs disclosable per public-interest in financial-system transparency. Individual large defaulter identities case-specific — typically disclosable for accountability.
+COMMERCIAL CONFIDENCE (§8(1)(d)):
+For specific bank business strategy / pricing data, the balancing test under §8(2) is applied. Where public-money / regulatory concerns predominate, override applies.
+Section 10 severability throughout.
+Yours faithfully,
+[Name, Designation, PIO]
+</code>
+===== Illustrations =====
+==== RBI inspection of Bank XYZ FY 2023 ====
+Disclosed per Jayantilal Mistry; redact specific customer entries.
+==== Customer's own account data via account holder ====
+Account holder can request own data — banking law + RTI both permit.
+==== Top 100 NPA defaulter list of bank ====
+Generally disclosable — public-interest in transparency overrides commercial confidence.
+==== CRAR / capital adequacy data of specific bank ====
+Disclosable; supervisory data not commercial secret.
+==== Loan rate-pricing strategy of bank ====
+Limited disclosure; specific commercial strategy exempt under §8(1)(d).
+==== Money laundering investigation by ED ====
+Exempt under §8(1)(h) until concluded.
+===== Case law anchors =====
+  * **RBI v Jayantilal Mistry (SC 2015)** — Foundational — RBI inspection reports disclosable; fiduciary narrow.
+  * **Subhash Chandra Agarwal v CPIO (SC 2019)** — Public-interest override for regulator accountability.
+  * **Bombay HC, In Re: Banking Disclosure (2018)** — Customer data clear distinction from regulatory.
+  * **CIC, Re: HDFC Bank cases (2017-2020)** — Specific framework for bank RTIs.
+  * **Reliance Industries v CIC (Delhi HC 2014)** — Commercial confidence requires specific harm showing.
+===== Common mistakes =====
+  * Citing §8(1)(e) "fiduciary" for regulator records — Jayantilal Mistry rejected this.
+  * Refusing customer's own account data — applicant has right.
+  * Treating all banking data as commercial confidence — only specific business strategy.
+  * Failing to apply §10 severability for inspection reports.
+  * DPDP §44(3) interpretation overly broad — only personal-individual data covered.
+  * Generic refusal without reasoning — violates §7(8).
+===== Pro tips =====
+  * Maintain a "regulatory disclosure log" — track patterns of similar requests.
+  * For inspection reports, prepare standard redaction template (account-identifying details).
+  * Train compliance team on Jayantilal Mistry — many over-citations of fiduciary come from caution.
+  * For NPA data, prepare aggregate-disclosure templates — speeds future replies.
+  * Develop relationship with applicant team — clarify queries before outright refusal.
+  * For commercial confidence claims, document specific harm before invoking §8(1)(d).
+===== FAQs =====
+==== Can I disclose customer's loan account data? ====
+Customer's own: yes (KYC). Third party: no (§8(1)(j) + DPDP §44(3)).
+==== Are RBI inspection reports always fully disclosable? ====
+Per Jayantilal Mistry: yes. Specific customer entries redacted via §10. Specific commercial strategy may be redacted under §8(1)(d).
+==== What about ED / IT investigation records? ====
+Exempt under §8(1)(h) until concluded. Post-conclusion: case-specific.
+==== NPA defaulter privacy? ====
+Aggregate yes. Individual large-defaulter case-specific. Public-money component favors disclosure.
+==== DPDP §44(3) — does it overturn Jayantilal Mistry? ====
+No — only modifies §8(1)(j) for personal-individual data. Regulator records framework intact.
+===== Related reading =====
+  * [[:pio-faa-knowledge-base|pio faa knowledge base]]
+  * [[:pio-supreme-court-rulings|pio supreme court rulings]]
+  * [[:pio-faa-knowledge-base|pio section 8 1 e fiduciary]]
+  * [[:act:section-8|act/section-8]]
+  * [[:citizen-rti-playbook|rti for banking financial]]
+===== Sources =====
+RTI Act §8(1)(d), (e), (j); RBI v Jayantilal Mistry (SC 2015); DPDP Act 2023 §44(3); CIC banking-related orders.
+//Last reviewed: 25 April 2026.//
+{{tag>pio-faa pio rti-act-2005 pio-banking-financial-rti}}

Was this helpful? — views