DEFINITION OF FRAUD Fraud is defined as "any behavior by which one person intends to gain a dishonest advantage over another".

In other words , fraud is an act or omission which is intended to cause wrongful gain to one person and wrongful loss to the other, either by way of concealment of facts or otherwise. The Chairmen and Managing Directors(CMD)/Chief Executive Officers (CEOs) of banks must provide focus on the "Fraud Prevention and Management Function" to enable, among others, effective investigation of fraud cases and prompt as well as accurate reporting to appropriate regulatory and law enforcement authorities including Reserve Bank of India. The fraud risk management, fraud monitoring and fraud investigation function must be owned by the bank's CEO, Audit Committee of the Board and the Special Committee of the Board, at least in respect of large value frauds. 2. CLASSIFICATION OF FRAUDS

In order to have uniformity in reporting, frauds have been classified as under, based mainly on

the provisions of the Indian Penal Code:

a) Misappropriation and criminal breach of trust. b) Fraudulent encashment through forged instruments, manipulation of books of account or through fictitious accounts and conversion of property. c) Unauthorised credit facilities extended for reward or for illegal gratification. d) Negligence and cash shortages. e) Cheating and forgery. f) Irregularities in foreign exchange transactions. g) Any other type of fraud not coming under the specific heads as above.

Why is fraud monitoring imperative? Current landscape

According to RBI-released data, banking-related frauds have doubled in the five-year period between 2004 and 2009. In 2009, the total number of bank frauds was recorded at 23,914, amounting to a loss of `18.83 billion, where less than 1% of the fraud cases amounted to `10 million each or even more. The last reported count of online fraud cases was 269, amounting to `590 million. With acquisitions and expansions spurring the growth in size and customer base, banks are witnessing a substantial rise in the numbers and complexity of fraud scenarios. As such, there is a stringent need for robust monitoring.

 The regulator has directed financial institutions to continuously monitor transactions and establish an integrated fraud risk management framework. There is an increasing need to identify early warning signals to capture frau close to their occurrence. A centralized framework can address fraud risks associated with various business units and products and provide insights to stakeholders to take preventive action at the right time. This also eliminates uncertainty around losses due to fraud and helps the management have a more focused strategy to address fraud-related risks.Current landscape The public sector banks (PSBs) may have a 75% market share, but the number of banking frauds by private banks is five times that of PSBs. The public sector banks (PSBs) may have a 75% market share, but the number of banking frauds by private banks is five times that of PSBs. Information obtained under the Right to Information (RTI) Act from the Reserve Bank of India (RBI), revealed that while private banks, including foreign banks, have reported about 15,000 cases during 2010-11, PSBs, comprising 19 nationalised banks, including the State Bank of India and its six associates, recorded 3,700 cases. While PSBs lost approximately Rs2,500 crore, their better equipped counterparts in the private sector lost Rs1,100 crore. According to data released by the RBI as on June-end 2011, PSBs accounted for 74.6% of bank

deposits while private sector banks had only 18%, with the rest of the funds lying with regional rural banks and foreign banks. Interestingly, it is the private banks, including foreign banks, which stand for perfection and are known for prompt service that appear to be more prone to banking frauds. During 2010-11, the ICICI and HSBC banks put together have reported 13,067 cases. SBI tops the list of PSBs with the highest number of fraud cases reported in the current financial year. SBI reported 784 cases involving Rs298 crore for the year 2010-11, the RTI query revealed. ICICI Bank alone accounted for almost half of the frauds reported to the RBI. Of the 5,319 cases reported in the current financial year (till September) by 29 private banks, a whopping 3,304 were from ICICI. Similarly, in 2010-11, ICICI reported 10,684 of the total 19,845 cases. The second highest numbers of cases were reported by HSBC at 2,383 for the same period. With the advent of mobile and internet banking, the number of banking frauds in the country is on the rise as banks are losing money to the tune of approximately Rs2,500 crore every year. While the figure for 2010-11 was Rs3,500 crore, for the current financial year (till September) it is about Rs1,800 crore. Further, state-wise list of information on banking frauds shows Maharashtra reporting the highest number of cases to the RBI. In the last financial year, banks in the Maharashtra reported 1,179 cases with Rs1,141 crore

being lost to such frauds. Maharashtra is followed by Uttar Pradesh with 385 cases during the same period. More frauds and shocking loss 1,045 bank fraud cases reported by Maharashtra reported in 2010-11 338 such cases were reported in Delhi in 2010-11 545 cases reported by SBI - highest by a public sector bank in 2009-10 15,074 cases reported by ICICI in 2009-10 - highest by a private bank 2,741 frauds reported by HSBC in 2009-10 - highest by a foreign bank 2,764 cases reported by public Sector banks in 2010-11 (till Dec) Rs.1,497 cr Loss incurred by public Sector banks in 201011 (till Dec) 9,175 cases reported by private banks in 2010-11 Rs.307 cr Loss to private banks in 2010-11

Robberies / thefts

Rs.96 lakh Loss reported by banks in Punjab in 2009-10 because of 81 cases Rs.21.22 cr Loss reported by banks in across the country in 2009-10 Rs.16.17 cr Loss reported by banks in the country in 2010-11 (till date)

Banking Frauds

With internet banking on the rise, frauds are just a click away

As most banks urge customers to shift to the virtual space, their ability to create fortresses against cyber aggresses has come into the spotlight. ET argues that banks' current defences against online fraud are not unbreachable Two Indian payment processors, ElectraCard and Enstage, were in the spotlight recently for their alleged role in a $45-million credit card fraud impacting Indian and international banks. In the last week of May, phishers embezzled over Rs 5 lakh from the Andhra Pradesh State Road Transport

Corporation's bank accounts through refunds after booking over 100 fake tickets and cancelling them.

* Last month, cyber criminals hacked into an RPG group company's bank account and siphoned off Rs 2.4 crore through the real time gross settlement system (RTGS). * "The total amount involved in frauds relating to credit card, debit card and internet banking rose 74 % to Rs 38.4 crore in 2012." These are a few cases of online fraud that came to light recently. With electronic banking on the rise, lenders have become vulnerable to the risks of such transactions, even as regulations are becoming more stringent as far as know your customer (KYC) rules are concerned. Internet banking still does not account for a significant portion of total transactions in India. In FY13, Rs 31.8 lakh crore was settled via 69.4 crore transactions through various retail electronic banking channels while Rs 18.6 lakh crore was settled through 64 crore card-related transactions, according to Reserve Bank of India's data. In addition, Rs 1,026 lakh crore through 6.85 crore transactions were settled through the real time gross settlement system, or RTGS, involving both retail and

interbank transactions. The young generation is increasingly opting for net transactions to settle bills and all kinds of bank-related work from cash transfer and seeking cheque books to passwords for debit cards. Moreover, with banks including public sector ones urging customers to opt for net banking, the ability to shield customers from cyber threats will be crucial to gaining their confidence. From just a few stray cases of identity thefts a few years ago, internet frauds have not only risen in scale but also gone high tech, so much so that it has become difficult to identify the origin of the crime and nail the culprit(s). Cyber heist is an issue that not just Indian banks are faced with. Cyber attacks ranked fourth among top global risks, in terms of likelihood, according to the 'World Economic Forum Report: Global Risks 2012'. When internet banking was introduced in the country, it was felt that having a password-protected account was adequate to ensure safety, but not any more. The cyberthreat landscape has changed. Five to seven years ago, most frauds were related to identity thefts, the techniques adopted by fraudsters were easy to trace and these did not involve big money either. But over the years, online heist has become an organised crime. Hackers are spread across the globe, from Africa to Russia and China, and each one has his or her own technique. The attacks involve compromising a bank's database with systemlevel implications. Apart from the internet, mobile transactions, that are finding favour among customers, could also be hit. Globally, targeted attacks rose 42% in 2012. India is ranked third globally in terms of vulnerability, accounting for 6.5% of the total

targeted attacks in 2012, according to California-based Symantec's Internet Security Threat Report, 2013.

Types of Fraud
Most offline fraud incidences happen as a result of theft of your mail, sensitive information related to your bank or credit card accounts, stolen atm/debit/credit cards, forged/ stolen cheques etc. You can protect yourself from such instances by exercising caution while receiving, storing and disposing your account statements as well as your cheques, atm/debit and credit cards Online fraud occurs when someone poses as a legitimate company (that may or may not be in order to obtain sensitive personal data and illegally conducts transactions on your existing accounts. Often called "phishing" or "spoofing", the most current methods of online fraud are usually through fake emails, Web sites and pop-up windows , or any combination of such methods. The main objective of both offline as well as online fraud is to steal your 'identity'. This phenomenon is commonly known as "identity theft". Identity theft occurs when someone illegally obtains your personal information - such as your credit card number, bank account number, or other identification and uses it repeatedly to open new accounts or to initiate transactions in your name. Identity theft can happen even to those who do not shop, communicate, or transact online. A majority of identity theft occurs offline. Stealing wallets and purses, intercepting or rerouting your mail, and rummaging through your trash are some of the common tactics that thieves can use to obtain personal information. The more you are aware about identity theft the better prepared you will be. Phishing Emails

Every user of the Internet should be aware about the common attempts of fraud through means like 'phishing' or 'spoofing' 'Phishing' is an attempt by fraudsters to 'fish' for your banking details. 'Phishing' attempts usually appear in the form of an email appearing to be from your bank. Within the email you are then usually encouraged to click a link to a fraudulent log on page designed to capture your details. Email addresses can be obtained from publicly available sources or through randomly generated lists. Therefore, if you receive a fake email that appears to be from ICICI Bank, this does not mean that your email address, name, or any other information has been taken from our systems. Although they can be difficult to spot, 'phishing' emails generally ask you to click on a link which takes you back to a spoof web site that looks similar to your bank's website, wherein you are asked to provide, update or confirm sensitive personal information. To prompt you into action, such emails may signify a sense of urgency or threatening condition concerning your account. The information most commonly sought through such means are: Your PIN numbers Your Internet Banking Passwords

You Bank Account/Credit Card/Debit Card number Other verification parameters, like; your date of birth, mother's maiden name etc.

Some fake emails may also contain a virus known as a "Trojan horse" that can record your keystrokes or could trigger background installations of key logging software or viruses onto your computer.The virus may live in an attachment or be accessed via a link in the email. Never respond to emails, open attachments, or click on links from suspicious or unknown senders. If you're not sure if a email sent by ICICI Bank is legitimate, report it to us without replying to the email. Counterfeit Web sites

Online thieves often direct you to fraudulent Web sites via email and pop-up windows and try to collect your personal information. One way to detect a phony Web site is to consider how you arrived there. Generally, you may have been directed by a link in a fake email requesting your account information. However, if you type, or cut and paste, the URL into a new Web browser window and it does not take you to a legitimate Web site, or you get an error message, it was probably just a cover for a fake Web site

2010 housing loan scam in India The 2010 fake housing loan in India was uncovered by the Central Bureau of Investigation (CBI) in India. CBI arrested eight top-ranking officials of public sector banks and financial institutions, including the LIC Housing Finance CEO Ramchandran Nair, in connection with the scam. Banking sector will not get affected by loan scam in the long run

The conference is basically on the consumer and retail sector which is a growing sector at the moment in India and has a great future. We have been able to bring about 20 companies in the sectors to talk to investors. The investors interest is great both from India and overseas. We have more than 700 meetings lined up for various investors. India is a consumption story and that is where these companies which are in this segment are going to have robust growth in many years to come. Therefore most investors are looking at the consumption story and are very keen to meet the company

corporate people. We also had a panel discussion where 4 leading companies were present and there we got the micro view. The other thing which is coming out that is many of these companies in India are now becoming multinational companies in the sense that they are going abroad acquiring a lot of companies overseas. They believe that today's valuation sources are much cheaper than what you get in India and therefore there is a great opportunity for them to expand their footprint not only in India but in other parts of the world. Therefore, this is bringing a new sort of trend in the sector where we can see a number of Indian companies working in 20-30 countries in the next ten years.

Impact of the economy

Occupational Fraud: A Study of the Impact of an Economic Recession Intense financial pressures during the economic crisis have led to an increase of fraud, according to a survey of fraud experts conducted by the ACFE. Results of the survey, published in the new ACFE report "Occupational Fraud: A Study of the Impact of an Economic Recession," also found that layoffs are pervasive and are leaving holes in organizations' internal control systems.

The report, recently detailed in the Wall Street Journal, is based upon the responses of more than 500 randomly selected Certified Fraud Examiners (CFEs). CFEs are experts in fraud detection, prevention and deterrence, and must pass a rigorous exam as well as meet high professional, educational and ethical standards. More than half (55.4 percent) of respondents said that the level of fraud has slightly or significantly increased in the previous 12 months compared to the level of fraud they investigated or observed in years prior. Additionally, about half (49.1 percent) of respondents cited increased financial pressure as the biggest factor contributing to the increase in fraud, compared to increased opportunity (27.1 percent) and increased rationalization (23.7 percent). "The message to Corporate America is simple: Desperate people do desperate things," said ACFE President James D. Ratley, CFE. "Loyal employees have bills to pay and families to feed. In a good economy, they would never think of committing fraud against their employers. But especially now, organizations must be vigilant during these turbulent times by ensuring proper fraud prevention procedures are in place."

Banks lost Rs.2,289 cr in scams

ICICI bank The recent Rs.300-crore scam in the Gurgaon branch of Citi Bank is a pointer to a disturbing trend: the steady rise in the number of banks falling prey to such frauds. According to the data compiled by the Reserve Bank of India (RBI), the money lost to such scams has doubled in the past four years. In the current finanacial year, banks lost Rs.2,289 crore (till December), while the loss was Rs.1,057 crore in 2007-08. It's the state-of-the-art private banks, including foreign banks, that appear to be more prone to such frauds.

The public sector banks, with their massive presence across the country, also reported an annual average of more than 3,000 cases of frauds and cheating during the past four years. Their better equipped counterparts in the private sector reported almost five times the number of cases. ICICI Bank alone accounted for almost half of the total scams reported to the RBI. Of the total 21,244 cases reported in 200708, a whopping 10,976 were from ICICI. Similarly, in 2008-09, ICICI reported 13,221 of the total 23,579 cases. The bank reported 15,074 of the total 24,788 fraud cases in 2009-10. The second highest number of cases were reported by HSBC (3,770, 3,481, 2,741, 2028); followed by Citi Bank (1,647, 1,182, 1,277, 666); American Express banking (499, 703, 817, 637) and the distant fourth was State Bank of India (561, 745, 545, 615) during the past four financial years - 2007-08, 2008-09, 2009-10, 2010-11 respectively. The figures for the current fiscal are till December, 2010. Maharashtra, with Mumbai being the country's financial capital, reported the maximum number of fraud cases: (1,006 in 2009-10 and 1,045 in 2010-11). Delhi was second with 349 cases in 2009-10 and 338 in 2010-11. Union minister of state for finance Namo Narain Meena presented these figures in the Lok Sabha on Friday. The data has thrown up interesting trends in not just scams and frauds but also the way banks were being targeted by robbers and thieves. Punjab reported the maximum number of dacoity and ATM thefts, followed by Uttar Pradesh and Haryana. State Bank of India appeared to be the favourite for thieves and burglars.

SBI reported 114 such cases in 2009-10 and 79 this year, followed by State bank of Patiala - 41 and 39 respectively. Overall, 582 cases were reported across the country in 2009-10 that resulted in a loss of Rs.21.22 crore, while a recovery of Rs.6.67 crore could be only made. This year's figure stands at 392 cases, Rs.16.17 crore loss and Rs.4.98 crore recoveries. More frauds and shocking loss 1,045 bank fraud cases reported by Maharashtra reported in 2010-11 338 such cases were reported in Delhi in 2010-11 545 cases reported by SBI - highest by a public sector bank in 2009-10 15,074 cases reported by ICICI in 2009-10 - highest by a private bank 2,741 frauds reported by HSBC in 2009-10 - highest by a foreign bank 2,764 cases reported by public Sector banks in 2010-11 (till Dec) Rs.1,497 cr Loss incurred by public Sector banks in 2010-11 (till Dec) 9,175 cases reported by private banks in 2010-11 Rs.307 cr Loss to private banks in 2010-11 Robberies / thefts Rs.96 lakh Loss reported by banks in Punjab in 2009-10 because of 81 cases

Rs.21.22 cr Loss reported by banks in across the country in 200910 Rs.16.17 cr Loss reported by banks in the country in 2010-11 (till date)

RBI GIVES THE FRAUD AMNT OF BANK

RBI had, per se, not defined the term fraud in its guidelines on Frauds. A definition of fraud was, however, suggested in the context of electronic banking in the Report of RBI Working Group on Information Security, Electronic Banking, Technology Risk Management and Cyber Frauds, which reads as under:A deliberate act of omission or commission by any person, carried out in the course of a banking transaction or in the books of accounts maintained manually or under computer system in banks, resulting into wrongful gain to any person for a temporary period or otherwise, with or without any monetary loss to the bank. Frauds in the banking sector: Some statistics Though RBI had not given a specific definition of the term, it has, for quite some time now, been monitoring the nature, volume and magnitude of frauds in certain sections of the financial sector that fall under its jurisdiction. The reporting of fraud cases by banks was prescribed by RBI way back in July 1970. In 2005-06, the prescription of reporting of fraud cases was extended to urban cooperative banks and deposit taking NBFCs registered with RBI. In March 2012, NBFC-ND-SIs (systemically important, non-deposit taking NBFCs) having asset base of Rs. 100 crore and above were also brought under the reporting requirements. While online reporting and monitoring of fraud cases by the banks has been in place since May 2004, the reporting by UCBs and NBFCs is still in manual format. A comparative picture (Table 1) of total number of fraud cases and amount involved as on March 31, 2013 for scheduled commercial banks, NBFCs, Urban Cooperative banks, and Financial Institutions is as under:

Table 1: No. of frauds cases reported by RBI regulated entities (No. of cases in absolute terms and amount involved in Rs. crore) Amount Category No. of Cases Involved Commercial 169190 29910.12 Banks NBFCs 935 154.78 UCBs 6345 1057.03 FIs 77 279.08 176547 31401.01 As is evident from the above table, the cumulative number of frauds reported by the banking sector and the total amount involved in these fraud cases have a major share in the frauds reported by all entities under RBIs supervisory jurisdiction. A year-wise break up of fraud cases reported by the banking sector together with the amount involved is given in Table 2 below: Table 2: Year-wise no. and amount of fraud cases in the banking sector (No. of cases in absolute terms and amount involved in Rs. crore) Year No. of cases Total Amount 2009-10 24791 2037.81 2010-11 19827 3832.08 2011-12 14735 4491.54 2012-13 13293 8646.00 Total frauds reported as of 169190 29910.12 March 2013 It may be observed that while the number of fraud cases has shown a decreasing trend from 24791 cases in 2009-10 to 13293 cases in 2012-13 i.e. a decline of 46.37%, the amount involved has increased substantially from Rs 2037.81 crore to Rs. 8646.00 crore i.e. an increase of 324.27%. A granular analysis reveals that nearly 80% of all fraud cases involved amounts less than Rs. one lakh while on an aggregated basis, the amount involved in such cases was only around 2% of the total amount involved. Similarly, the large value fraud cases involving amount of Rs.50 crore and above, has also increased more than tenfold from 3 cases in FY 2009-10 (involving an amount of Rs 404.13 crore) to 45 cases in FY 2013 (involving an amount of Rs 5334.75 crore) (Annex 1). Further, a bank group wise analysis of frauds reveals that while the private sector and the foreign bank groups accounted for a majority of frauds by number (82.5%), the public sector banks (including SBI Group) accounted for nearly 83% of total amount involved in all reported frauds (Table 3 below).

Table 3: Bank Group wise fraud cases (No. of cases in absolute terms and amount involved in Rs. Crore) No. of % to Total Amount % to Total Bank Group cases Cases Involved Amount Nationalised Banks including SBI 29653 17.53 24828.01 83.01 Group Old Pvt. Sector Banks 2271 1.34 1707.71 5.71 New Pvt. Sector Banks 91060 53.82 2140.48 7.16 Sub Total (Private Banks) 93331 55.16 3848.19 12.87 Foreign Banks 46206 27.31 1233.92 4.12 Total 169190 100 29910.12 100 A bank group wise distribution of fraud cases in terms of amount involved and details of year wise closure of fraud cases is also enclosed at Annex 2 and 3 respectively. While the sheer number of frauds and the amount involved, when seen in isolation, may appear overwhelming, it is important to view the incidence of frauds in the banking sector in the context of the massive increase in the number of deposit and credit accounts in banks and the staggering volume and value of transactions that are processed by the banks every day. To put things in perspective, let me quote some statistics again. The number of deposit accounts in the banks over the last ten years (between end 2002 and end 2012) has gone up from 43.99 crore to 90.32 crore while the number of loan accounts in the same period has also more than doubled from 5.64 crore to 13.08 crore. A quick estimate puts the average number of all transactions that happen every day in the banking system at approximately 10 crore, which is enormous. The number of frauds per million banking transactions was about 0.4, which is not a very high figure. Likewise, besides increase in the number of brick and mortar branches, additional service delivery points like ATMs and Point of Sale (POS) terminals have also gone up significantly. While the number of ATM machines has grown from 34789 in March 2008 to 114014 in March 2013, the number of POS terminals has also more than doubled (from 423667 to 845653) during the same period. The point I am trying to drive home here is that on a standalone basis the quantum of frauds, both in terms of number and amount involved, may appear to be very high, but when one weighs it against the sheer magnitude of accounts and transactions handled by the banking system, they are not alarming. Category of Frauds Broadly, the frauds reported by banks can be divided into three main subgroups: a. Technology related

b. KYC related (mainly in deposit accounts) c. Advances related A closer examination of the reported fraud cases has revealed that around 65% of the total fraud cases reported by banks were technology related frauds (covering frauds committed through /at internet banking channel, ATMs and other alternate payment channels like credit/ debit/prepaid cards) while the advances portfolio accounted for a major proportion (64%) of the total amount involved in frauds. Table 4 below shows that relatively large value advances related frauds (> Rs. 1 crore) have increased both in terms of number and amount involved over the last four years. Table 4: Bank Group wise Advance Related Frauds (Rs. 1 Crore & above in value) (No. of cases in absolute terms and amount involved in Rs. Crore) Cumulative total (As 2009-10 2010-11 2011-12 2012-13 at end March 2013) No. Amoun No. Amount Amount No. of No. of Amount of t No. of Amount Bank Group of Involve Involve cases cases Involved case Involve cases Involved cases d d s d Nationalised 1820.1 6078.4 14577.2 Banks including 152 736.14 201 228 2961.45 309 1792 2 3 8 SBI Group Old Private 16 99.10 20 289.31 14 63.31 12 49.87 149 767.75 Sector Banks New Private 10 63.38 18 234.18 12 75.68 24 67.47 363 1068.18 Sector Banks Sub-total 26 162.48 38 523.49 26 138.98 36 117.34 512 1835.93 Foreign Banks 4 45.26 3 33.20 19 83.51 4 16.75 456 277.05 2376.8 6212.5 16690.2 Grand Total 182 943.87 242 273 3183.94 349 2760 1 1 6 Technology Related Frauds 12. The substantially larger proportion of technology related frauds by number is only expected as there has been a remarkable shift in the service delivery model with greater technology integration in the financial services sector. Banks are increasingly nudging their customers to adopt newer service delivery platforms like mobile, internet and social media, for enhanced efficiency and cost-cutting. But while banks customers have become tech-savvy and started using online banking services and products, evidence suggests that even fraudsters are devising newer ways of perpetrating frauds by exploiting the loopholes in technology systems and

processes. There have been several instances of low value frauds wherein the fraudsters have employed hostile software programs or malware attacks, phishing, Vishing (voicemail), SMSishing (text messages), Whaling (targeted phishing on High Networth Individuals) techniques apart from stealing confidential data to perpetrate frauds. Bank group-wise detail of the number of technology related fraud cases with the amount involved therein over the last 4 years is as under in Table 5: 5: Bank Group wise Technology Related Frauds (No. of cases in absolute terms and amount involved in Rs. Crore) Cumulative total (As 2009-10 2010-11 2011-12 2012-13 at end March 2013) No. Amou No. Amou No. Amou Amou No. Amount of nt of nt of nt nt No. of of Involve case involv case involv case involv involv cases cases d s ed s ed s ed ed 3.39 172 0.46 9 7.26 0.06 190 6 9.85 1.09 824 55 25.60 2.30

Bank Group

Nationalized Banks 118 1.82 143 including SBI Group Old Private Sector 9 0.15 4 Banks New Private Sector 1438 34.53 9638 Banks 7 1439 Sub Total 34.68 9642 6 Foreign Banks 5273 26.88 4486 1978 1427 Grand Total 63.38 7 1

21.41 6552 16.54 3408 33.97 21.87 6561 16.6 3414 35.06

74321 183.48 75200 211.38

14.77 3315 14.60 5161 22.45 36455 145.95 1004 40.03 38.46 8765 67.36 111655 357.33 8

13. The predominance of the new private sector banks and the foreign banks in the number of technology related frauds is intuitive as they lead the technology enabled service delivery in the Indian banking sector. From the above it is evident that though the incidence of cyber frauds is extremely high, the actual amount involved is generally very low. However, let me emphasize that while the amounts involved may be small from banks perspective, these are significant from the viewpoint of individuals, who are victims of such frauds. The small value of frauds, therefore, cannot be a comfort to the banks. The banks must realize that the community that uses online banking services is a very powerful group capable of launching scathing attacks using the social media, which can irreparably tarnish the reputation of banks. It is, therefore, in banks own interest to ensure that they are constantly on the guard and up to the challenge of providing a secure environment for customers to conduct banking transactions. For this purpose, the banks would need to constantly monitor the typology of the fraudulent activities in such transactions and regularly review and update

the existing security features to prevent easy manipulation by hackers, skimmers, phishers, etc. With cyber attack becoming more frequent, RBI has advised banks in February 2013 to introduce certain minimum checks and balances like introduction of two factor authentication in case of card not present transactions, converting all strip based cards to chip based cards for better security, issuing debit and credit cards only for domestic usage unless sought specifically by the customer, putting threshold limit on international usage of debit/ credit cards, constant review of the pattern of card transactions in coordination with customers, sending SMS alerts in respect of card transactions etc., to minimize the impact of such attacks on banks as well as customers. 14. The electronic modes of payment like NEFT and RTGS have gained traction due to their almost real time impact and also comparatively lower cost. These transactions are generally undertaken remotely, through internet banking, by using specific ID and password provided to the users. Though, it is the responsibility of the user to ensure that his unique ID and password are properly secured and do not get misused due to his laxity, the banks, on their part, should also ensure that these payment channels are safe and secure. Towards this end, RBI has advised banks to introduce preventive measures such as putting a cap on the value/ number of beneficiaries, introducing system of issuing alert on inclusion of additional beneficiary, velocity checks on number of transactions effected per day/ per beneficiary, considering introduction of digital signature for large value payments, capturing internet protocol check as an additional validation check for any transaction, etc.

India banking fraud survey -2012

Over the last few years, India has been one of the worlds fastest growing economies with banking and financial services companies experiencing significant growth both in size and profitability. In the last decade, the Indian banking sector grew at an average of 18 percentcompared to over 7 percent GDP growth. So frauds in the financial services industrypose a significant risk to institutions, as well as to the integrity of capital markets. Its effect can be widespread, causing long term financial and reputational damage. Deloittes fraud survey focuses on the key challenges facing the banking industry infighting fraud. The objective of the survey is to gain an insight into the current scenario on frauds in the industry, theareas that are prone to fraud, and the way organizations are fighting this menace and preparing for the future. This survey has been developed based on the survey questionnaire responses received from banks in India including public sector banks, privatesector banks, co-operative banks and multi-national (MNC) banks. We have consciously attempted to include a variety of banks with different sizes and type of operations to obtain a comprehensive picture of the fraud environment in the country. The profile of the respondents is given in Section 3. The survey covers the following key topics 1. What is happening Current perception of fraud in the country/industry Fraud incidents encountered by the banks Average loss and ability to recover 2. What is the Issue Fraud prone areas Root cause analysis Detection mechanism 3. How are banks geared to fight the menace Anti-Fraud framework Role of technology 4. What will happen Areas perceived to be vulnerable in the years to come Cost of various anti-fraud measures

About the survey

his report presents the key findings from Deloittes Fraud survey for banks. The survey was conducted over three months from November 2011 to January 2012, to gather the views of key people responsible for fraud risk management in banks. Institutions who participated in the survey included private, public, multi-national and co-operative banks in India. The asset base of the participants varied from less than Rs 500 crore to greater than Rs 5000 crore. The majority of respondents were primarily with asset base of more than Rs 5000 crore. The customer base of the institutions who participated in the survey included those who had less than10 lacs to a sizeable proportion with more than 50 lacs number of customers Responses were received from head of fraud risk management for banks or key people responsible for managing fraud risk in the organization.

CASE STDY

Fund scams target Indians beyond the reach of banks

Dalia Ghosh, a 28-year-old nurse in Kolkata, invested her savings in an unlicensed fund run by media conglomerate Saradha Group last year, hoping to start her own clothes business. But Saradha went bust in April, wiping out as much as $3.7 billion in deposits from mostly low-income Indians, miring West Bengal's government in scandal, and illustrating the risks faced by the millions who live outside the banking system.

Saradha, which until April had at least two high-profile members of parliament on its payroll, lost money in bad investments, and on paying steep commissions to its agents, government officials said. "We trusted them like fools because the return they assured was four times more than a nationalised bank," said Ghosh, who says she lost 100,000 rupees in the collapse of Saradha, believing it to be a government-approved fund. Until it fell apart, Saradha was a powerful outfit in parts of India with holdings in real estate and media, including several newspapers and TV channels seen by many as the voice of Mamata Banerjee, the chief minister of West Bengal. That media business has dissolved, and Banerjee is at war with what remains of Saradha. Saradha ran one of the thousands of unlicensed financial schemes in India, many of which thrive below the regulatory radar with the protection of local politicians, economists say. Lack of education and the absence of bank branches across huge swathes of the country puts more than half of India's population outside the formal banking sector.

Duvurri Subbarao, head of the Reserve Bank of India (RBI), worries about the number of unregulated investment and savings schemes, but says the central bank alone cannot stamp them out. "Curbing all this will need investigation, will need enforcement of law, but more importantly ... we must provide access to the formal financial system for a large segment of the population which do not have access now," he said. The distinction between licensed and unlicensed financial services firms is lost on millions of Indians, many of whom have never stepped inside a bank branch. "The basic problem is a lot of these para-banking models are based on Ponzi schemes," said Abheek Barua, chief economist at HDFC Bank Ltd (HDBK.NS), referring to a type of pyramid selling where returns are taken from money coming in from new joiners. "Unless we have very aggressive bank penetration, these para-banking models will always have allure." India has 10.6 bank branches for every 100,000 adults, compared with about 35 in the United States, according to the World Bank, while only 12 percent of adults said they had saved money at a formal financial institution in the past year.

Assets at non-bank finance companies in India have increased 20 percent annually for the past five years - faster than at banks - and stand at over $670 billion, a November report by the Switzerland-based Financial Stability Board said. Saradha took its slice of this cash by operating under the guise of a credit association, according to India's market regulator the Securities and Exchange Board of India (SEBI). Such credit associations are known locally as a chit fund, legal in India if they are state-registered. Conventionally, members of a chit fund pool money which is deposited in a regulated bank, and each month the winner of a big payout is selected at random. Instead, Saradha used savers' money to buy into property and broadcasting businesses, government officials said. ENFORCEMENT SEBI began an investigation into the group in April 2010 after a government body brought Saradha's unregistered "collective investment scheme" to its attention. Saradha denied it was running a fund, but in April this year SEBI ordered it to wind up the scheme as it was unlicensed, and refund investors' money within three months. Saradha's chief Sudipta Sen is now under arrest and West Bengal police are trying to track down the missing money. Before police picked him up Sen wrote a letter later seen by Reuters - saying he had been "blackmailed" by senior leaders of Banerjee's Trinamool Congress party into paying bribes to them. Banerjee denies those allegations. Sen and his aide Debjani Mukherjee, a director of Saradha, could not be contacted as they are in police custody.

Cyber Fraud in India: INR 52.7 Cr in 2012, ICICI Bank tops the chart

he number of reported cases of cyber fraud has nearly halved in the last three years while the amount involved has gone up by 30 % in from 2010 to 2012, according to information shared by the Minister for State for Finance in the Parliament on Friday. In 2010, there were 15018 cases of cyber fraud including fraud relating to ATM, Debit Cards, Internet Banking and Credit Cards while the number came down to 8322 in 2012. The amount involved in these frauds went up from Rs 40.5 cr in 2010 to Rs 52.7 cr in 2012. It showed a decline in 2011 at Rs 36.72 cr Of the banks which reported fraud in 2012, ICICI bank reported the most number of cases followed by Citibank, American Express and Standard Chartered bank. Interestingly, Axis Bank has reported a very low number of cases but the amount reported is at par with banks that have reported a high number of cases. It could have been on the receiving end of a major fraud. In a recent post on NextBigWhat, Sanjay Swamy, the Managing Partner of early stage investing firm AngelPrime had written about minimizing credit card fraud. The three steps he suggests involve eliminating land line based

point of sale terminals, enabling pay at table option for restaurants and turning off the card when its not in use. While India is still a predominantly cash based economy, as penetration of mobile phones increase and the technology heavy financial inclusion measures championed by the central government take root, electronic fraud is likely to go up.