Banks appear to be underestimating their ability to prevent frauds and this may impact the nature of anti-fraud compliance programmes being developed
While risks are inherent in the banking space, dealing with risks associated with fraud is on no bank’s wish list. But the fact remains that frauds are on the rise and will continue to rise, according to a Deloitte India Banking Fraud Survey, Edition III.
“About 84 percent of respondents pointed to a substantial rise in fraud incidents and identified the top four types of frauds experienced by them as follows: fraudulent documentation, cybercrime, overvaluation/non-existence of collateral, and siphoning/diversion of funds,” the report said.
Banks appear to be underestimating their ability to prevent frauds and this may impact the nature of anti-fraud compliance programmes being developed.
“The kind of frauds highlighted above indicates the ineffectiveness of existing controls to prevent such occurrences. The current fraud risk management framework and/or processes tend to have the following limitations: being reactive rather than proactive in their ability to detect fraud incidents, the inability to identify emerging threats and run periodic fraud risk assessments based on those findings, as well as limited use of technology tools. If these are not addressed, future investments may not bear fruit,” KV Karthik, Partner – Forensic, Financial Advisory, Deloitte India, said.
The third in its series (previous two editions released in 2012 and 2015), the survey takes a look at the dynamic fraud environment that the banking sector faces today and also explores areas like cybercrime, stressed assets and use of technology.
Views were gathered from 43 key C-suite stakeholders/senior management responsible for compliance and fraud risk management, audit/finance, asset recovery from varied financial institutions based in India.Why are frauds rising?
It said that despite issues identified across previous surveys, the root cause responsible for increase in fraud incidents have not been adequately addressed.
Some of the key reasons identified by respondents towards increase in fraud incidents include: use of new technology/digital channels that have made fraud detection difficult, lack of tools to identify potential red flags and business pressures to meet targets.
“What seems to be missing is the use of technology tools, intelligence gathering, conducting regular fraud risk assessments, fraud awareness training and workshops, vendor due diligence and social network analysis,” the survey highlighted.
About 54 percent of respondents pointed to an increase in investments planned across anti-fraud measures over the next two years.Focus areas required
The current edition of the survey also explores aspects such as cybercrime and stressed assets and how the usage of new technologies like artificial intelligence can be used to mitigate fraud risks.
About 32 percent of respondents said they currently use artificial intelligence applications to detect fraudulent behaviour and/or to identify suspicious patterns and red flags. “The availability of skilled talent, limited understanding of this technology and data security of AI applications are real challenges that need to be overcome to sustain any success experienced so far,” the report said.
In the area of stressed assets, responses received indicate that banks are affected by concerns related to suspected shell companies (highlighted by 59 percent) and lapses in the due diligence process during loan disbursement having inadvertently on higher stressed assets (67 percent).
The top three challenges faced while managing stressed assets were identified as the lack of/incomplete information and data shared between consortium banks, lack of robust data governance models and limited standards for collection and storage of relevant risk data within the bank, all of which limits the banks’ capabilities to make useful inferences from the vast amounts of data gathered.
These responses indicate that the monitoring and remediation efforts were currently at a rudimentary level.
With a substantial increase in the dependence on technology, it was not surprising that cybercrime was highlighted as one of the biggest concerns by banks. The other concerns highlighted by respondents were card skimming, funds transfer fraud, data theft and identity theft. Periodic cyber security audits (highlighted by 11 percent) appear to be the only preventive measure being deployed in securing banks.“Banks should consider integrating elements of security, vigilance and resilience within a dedicated cyber risk management programme. Expecting the banks’ overall fraud risk management framework/strategy to deal with issues related to cybercrime will not be effective. Having a robust incident response mechanism, proactively monitoring threats, building vendor assessment processes, utilising certified ethical hackers, and providing training are other aspects that need to be incorporated within the cyber risk management strategy,” Karthik concluded.The Great Diwali Discount!
Unlock 75% more savings this festive season. Get Moneycontrol Pro for a year for Rs 289 only.
Coupon code: DIWALI. Offer valid till 10th November, 2019 .