Recent PNB Fraud case has started the discussion among Tech experts whether or not Blockchain Technology could help prevents future bank frauds
Banking sector is the engine of economic growth and any malfunction in this engine sends shivers down the entire economy. In the recent years, banks have achieved phenomenal growth which has predominantly been enabled by technology. But human intervention can lead to situation where one can not imagine. PNB fraud case is also a case of technology v/s human intervention. If seeing it from a technology aspect, the case could be considered as a hack in the system however it is indeed more of a bank break-in rather than considering as a cyber crime.
In the wake of PNB SWIFT-related fraud involving significant amount, RBI also reiterated its confidential instructions and mandated the banks to implement, within the stipulated deadlines, the prescribed measures for strengthening the SWIFT operating environment in banks.
SWIFT or Society For Worldwide Interbank Financial Telecommunication is the tool used for international money transfer.
Dr. Preeti Goyal a professor of Finance & Accounting at Great Lakes Institute of Management in Gurgaon says, “In the coming years this sector is expected to witness explosive changes and growth with the use of newer technologies such as NFC, block chains, robotic process automation etc. Unfortunately, the fraudsters have also started using innovative methods to misuse the banking system. At the same time tools and techniques such as real time neural network based behavior models and forensic accounting are already changing the face of fraud detection and prevention. This is like a cat and mouse game between the banks and fraudsters and technology remains both a root cause as well as the solution to this.”
While the Nirav Modi fraud has been highlighted as a technology fraud, the focus should actually be on the lack of internal controls, checks and balances that led to this situation. It is not that bank frauds did not happen prior to the use of technology. Many of us will recall how Harshad Mehta duped the banking system of crores of rupees in late 1980s – at that time it was said if banks were automated, it may have been possible to prevent the fraud.
“There is no nirvana to prevent bank fraud. The solution lies in strengthening the internal controls, checks and balances and at the same time investing in latest technology and training people to use it.” She adds.
While this fraud has occurred at one of the branches of PNB, it would eventually affect other Banks in India and outside India due to nature of such contracts. If PNB backs out of its obligations to pay and takes legal route, other banks will also a take a hot.
“As we have seen in past, such frauds are not limited to one branch and we may see other Banks unearthing similar frauds in near future in one of their branches. Considering that Public sector Banks in India are Government backed, there is no immediate threat on existence of any of banks. However, such news weakens the faith of Indian Public and International investors in the Banking system. This is not a good news and will have long term repercussions for Indian banking system as a whole. This is also a final wake up call for banks to put their house in order.” Says Rajeev Mahajan, Co-Founder, CEO and Director at Antworks Money, also the Ex-Senior President – MNC Infrastructure, Yes Bank.
Whom to Trust
“Technology can protect you from invasion or hacking, but technology cannot protect you from human tendency to perpetrate fraud. It is important to minimize human interference and maximize technology-based transactions.” Says Prasad Ajgaonkar, CEO, iRealities Pvt. Ltd (The company specializes in offering technological innovation, digital services.)
Gokulnath Shetty, retired deputy branch manager with another junior employee misused the Society For Worldwide Interbank Financial Telecommunication or SWIFT codes; as he had passwords to them. He has worked in the bank for a long time and he managed to cover up the whole mess for years. While, there are also other people who have been arrested from authorized signatory of the accused firms.
A big question arises here is whom to trust as modern day banking necessitates working in hand with partners, agents and vendors, etc. besides outsourcing, peripheral and several operational activities involve deploying and trusting outside agency’s employees.
In the mist of the PNB Fraud case, there is need to have vigilant backgrounds checks for the employees working in financial institutions. CEO of SecUR Credentials, a background screening company Rahul Belwalkar says, “Currently, the numbers of PSU’s that opt for Background screening are low because of HR Practices that have been ingrained through the years and their resistance to change these practices. We also suspect that there are push backs from unions as well because of which HR policies haven’t changed in a while. There has been a rise in number of private sector banks and NBFCs that are not only conducting background screening but are also doing regular credit checks on their employees who at the end of the day handle large amounts of clients’ money. In this case too, right from general manager level and other 18 employees have been accused of the fraud; having proper and systematic employee background verification is the need of the hour.”
What should be Done
As the risks arising from the potential malicious use of the SWIFT infrastructure, created by banks for their genuine business needs, has always been a component of their operational risk profile. RBI had, therefore, confidentially cautioned and alerted banks of such possible misuse, at least on three occasions since August 2016, advising them to implement the safeguards detailed in the RBI’s communications, for pre-empting such occurrences. Banks have, however, been at varying levels in implementation of such measures. Even Finance Minister Arun Jaitley has also said that it is incumbent upon the state to chase those who cheat the banking system.
In the light of this case; leaders in the industry have suggested some of the measures that should not be avoid. Prasad Ajgaonkar CEO of iRealities suggests that it is extremely important to educate all stakeholders in the banking ecosystem on information security, as banking frauds are not technology frauds but process frauds.
“Making information security training compulsory for all bank employees is an important step in significantly reducing bank frauds. For one of the largest private sector banks, we have created and deployed a comprehensive information security training module, which they are successfully running for the last 3 years.” He says.
There should be a system or mechanism to immediately make the changes in the patches in the system, and it can be made secure. For this, the systems should be open systems. Banks should also have a crises management system in place, for immediate external and internal communication.