A Bank Should Be Something One Can “Bank” Upon, inspired by the real meaning behind banking upon something, a statement of credibility, of confidence, of trust.
In this digital era the importance in application of consumer protection have shifted from operations towards product design & delivery. When the services are delivered primarily through from line staff, customer is protected by ensuring that staff are well trained and properly incentivized. With digital service services, the consumer experience is embedded in the design of the product and user interfaces. To ensure customer protection, digital financial services providers will need to institute practices in the design process to confirm that customer risks are mitigated.
Recently we have seen several high-profile cybercrime-incidents happened in India which has forced us to introspection towards our vulnerable cyber security systems. There is an increasing trend in the incidences of theft of PII (personal identifiable information), misuse of ATMs and DDoS (Distributed Denial of Service) attacks on various banks, ransomware attack, ATM/Debit card incident or unauthorized access to bank servers. Phishing and Vishing also continue to worry bank customers with such attacks becoming increasingly advanced.
As per FIS study: Indian customers are one the biggest victims of online banking frauds. One out of every four people in the most prolific in using digital banking apps(27-37-year age group)have reported a fraud in the past year.
There are many reasons of digital (online) frauds primarily related to lack of awareness of customer and employees and poor coordination, poor regulatory system, carelessness of employees, lack of proper use of technology and supervision.
Risk Factors
Financial sector involved with following types of risk factors for frauds:
- Cybercrime- Almost all banks, offer online and mobile banking services. Debit card, credit cards and other payment methods are used for banking transactions.
- ATM’s and other electronic channels like e-commerce, POS are main soft targets of cyber-attacks.
- Cybercrimes have become more organised, significantly funded, passionate, and have evolved more sophisticated.
- The fast rate at which technology is changing is contrary to human beings ’behaviour of slow learning and adaptability to migrate to a new technology.
- Instances of cyber fraud by introduction of malware in the computer systems by the fraudsters.
- Money laundering- Money laundering activities increase the terrorist funding. Rigorous Regulatory requirements, control and scrutiny by the banks is a must to control frauds.
- Black Money- Cybercrimes and financial frauds will lead to financial instability. India holds one of the top positions in the world for increasing black money.
- Data privacy: As more data is manipulated, stored, and moved, risks increase for data breaches & mis use, prompting bank to deepen attention to cyber security.
The Role of Banks:
Banks need to make sufficient disclosures on all aspects of their operations, functioning and proactive role in educating customers on the products and services offered, with operational techniques and risks involved, availability of safeguards & redressal options. Liability for customer losses due to lapses on the part of banks should lie with the bank. Prevention is more important than compensation, through awareness initiatives.
Issues to be addressed in Customer Protection:
- Timeliness in complaint disposal
- High level of non-maintainable complaints
- Large proportion of rejections
- Communication issues
- Effectiveness of redressal system.
To overpower these issues Banks should regularly monitor the system and continuously review and cross check transitions vulnerable to online banking fraud. Increasing usage of e-banking, internet & mobile banking, makes customers more vulnerable to fraud.
Steps to be taken by the bank:
- Quality outcome by evolving the operating staffs with latest development in an agile environment.
- Exemplify a commitment to procedural fairness.
- Consistency of outcome of outcome in similar cases.
- Customer awareness initiatives to make customer aware of the ‘what and how’ of the entire ‘grievance redressal’ structure.
- Use of data for providing meaningful insights and support.
- Have a robust Fraud risk identification, event reporting, control, allocation, and mitigation framework.
Digital Risk Management Life Cycle:
Risk management, governance and compliance needs are turning more and more complicated. The risk management lifecycle deals with numerous statutory requirements and ever-changing risks.
- Identification: You can’t manage your risks if you don’t know what they are, or if they even exist. The 1ststep is to recognize the actions that affect your ability to accomplish your objectives, describe them and allocate rights.
- Assessment: After identification of risks they need to be examined in terms of likelihood and impact. It’s important to measure the prospect of a risk, and the penalty of this risk occurring and vulnerability.
- Treatment: Once the risk has been assessed, an approach for treating each risk should be defined. After evaluation, some risks just need to be monitored. Others require an action/ mitigation to prevent, reduce, or remove that risk.
- Monitoring: Once the risk is identified, assessed and a treatment process defined, the risk cannot be left. Review process is essential for managing risk proactively because things can always change.
- Reporting: Reporting at each of the above-mentioned stages is a core part of driving decision. Reporting should be defined at an early point by focusing on report content, format, and the frequency of production.
There is a need to educate customers and create awareness. The foremost challenge for bankers is to secure banks and customers from internet related crimes. Online banking transactions should be highly secured.
Conclusion:
There are always risks and costs involved to a program of action – but they are comparatively less than the long-range cost of comfortable INACTION’. Agility in addressing customer grievances needs to be inculcated at all levels of staff within the specified TAT (Turn Around Time). So, let us continue our journey with times and resolve to evolve.
Satish Kumar
Chief Manager (Faculty)
State Bank Institute of Learning and Development,
Deoghar.