Professional Documents
Culture Documents
February 2012
Contents
1. Foreword 2. Executive summary 3. About the survey 4. Size of the issue 4.1 What is the industry view 4.2 What is the banks Individual experience 4.3 Why did it happen 4.4 How much did they lose 5. The issue 5.1 Where did it happen 5.2 How did it happen 5.3 Retail Banking 5.4 Corporate Banking 5.5 Priority sector Banking 5.6 Others 5.7 Who committed the fraud 5.8 How was it discovered 5.9 How long did it take to uncover fraud 5.10 What was the response to fraud 6. How are banks geared to fight this menace 6.1 Who is responsible for fraud risk management 6.2 What is the current status of anti fraud programs 6.3 Proactive or reactive - What is the role of technology 7. What does the future foretell 7.1 What are the future trends 7.2 What will be the cost of fighting fraud Conclusion 4 5 12 13 13 13 14 15 17 17 17 18 18 19 19 20 21 21 22 24 24 25 26 30 30 31 33
1. Foreword
The Indian banking and financial services sector has witnessed exponential growth in the last decade. This growth has not been without its pitfalls as incidents of fraud in the industry have also been on the rise. Deloittes fraud survey shows that banks have witnessed a rise in the number of fraud incidents in the last one year, and the trend is likely to continue in the near future. The survey points to the increased difficult scenario for banks with increased fraud incidents and low recoveries, thereby directly affecting their bottomline. With increased regulatory scrutiny, banks are under increased pressure to implement best practices and fraud risk management framework. However, as indicated from the survey, this still appears to be work in progress in many of the organizations. Risks are inherent in the banking business. In todays economic climate, the adage prevention is better than cure has never been more accurate. No organization can be completely immune to fraudulent activity, but steps can be taken to reduce the exposure to financial loss and reputational damage, which are common consequences of fraud. Deloittes fraud survey for the banking industry was aimed at gaining an insight into the fraud scenario in the industry, the areas that incur the maximum number of fraud incidents, and the measures organizations are taking to fight the menace. The survey questionnaire was sent out in November 2011 to leading banks in India. The respondents included Chief Risk Officers, Chief Compliance Officers, Heads of internal audit and other senior management personnel. We would like to take this opportunity to thank the people and organizations who have taken time to share their views about the impact of fraud in their respective organisations. Our gratitude to the executives and their respective banks as the survey would not have been possible without their support. We hope you will find the report insightful and informative.
2. Executive summary
Over the last few years, India has been one of the worlds fastest growing economies with banking and financial services companies experiencing significant growth both in size and profitability. In the last decade, the Indian banking sector grew at an average of 18 percent compared to over 7 percent GDP growth. So frauds in the financial services industry pose a significant risk to institutions, as well as to the integrity of capital markets. Its effect can be widespread, causing long term financial and reputational damage. Deloittes fraud survey focuses on the key challenges facing the banking industry in fighting fraud. The objective of the survey is to gain an insight into the current scenario on frauds in the industry, the areas that are prone to fraud, and the way organizations are fighting this menace and preparing for the future. This survey has been developed based on the survey questionnaire responses received from banks in India including public sector banks, private sector banks, co-operative banks and multi-national (MNC) banks. We have consciously attempted to include a variety of banks with different sizes and type of operations to obtain a comprehensive picture of the fraud environment in the country. The profile of the respondents is given in Section 3. The survey covers the following key topics 1. What is happening 2. Current perception of fraud in the country/industry Fraud incidents encountered by the banks Average loss and ability to recover
What is the Issue Fraud prone areas Root cause analysis Detection mechanism
3.
How are banks geared to fight the menace Anti-Fraud framework Role of technology
4.
What will happen Areas perceived to be vulnerable in the years to come Cost of various anti-fraud measures
93% of respondents say banking industry has seen an increase of fraud incidents in the last year
An overwhelming 93% of the respondents indicated that there has been an increase in fraud incidents in the banking industry during the last year. Seventy-five percent of these respondents indicated that banking industry has seen an increase in fraud incidents by at least 5% as compared to the last one year. An analysis of the survey findings for respondents who have disclosed the number of fraud incidents encountered by them indicated that nearly one in every two institutions had encountered more than 50 incidents of fraud within the organization in the last one year. Similarly, one in every four institutions have witnessed at least 100+ fraud incidents in the last one year. Banks with higher asset size, appear to have encountered more fraud incidents. The average loss per incident for nearly half of the respondents is more than Rs 10 lac. The average value of recovery for more than half of the respondents is less than 25% of the reported fraud losses.
The banks are able to recover less than 25% of the losses in more than half of the fraud cases
... lack of oversight by line managers or senior managers on deviations from existing process/controls has been identified as one of the major reason for increased fraud incidents
Technology appears to be gaining prominence in fraud detection. Forty percent of the respondents indicated that they detected fraud using a fraud detection/analytics tool. According to more than half of the respondents, the average time taken to discover a fraud incident is more than six months and 23% of them indicated it to be greater than a year.
More than half the respondents discovered fraud after more than six months
Fifty percent of the respondents indicated, that they have already implemented a fraud analytics solution, and overwhelming 73% of these respondents appear to be completely satisfied with the solution. The primary issue for those who have not implemented a fraud analytics solution is "issues in data integration from existing internal system" or data insufficiency.
Future Trends
What is in store?
With the current economic scenario, an overwhelming 83% of the respondents have indicated that the fraud incidents will increase with 64% of them indicating that the increase will be between 6-25% Of the respondents who indicated that frauds will rise in the coming years, an overwhelming 96% of respondents indicated that retail banking will continue to be the most vulnerable to fraud. The surprising revelation is that respondents feel that in the coming years priority sector will contribute to increased fraud incidents with a small decrease in the corporate banking as compared to the current scenario. Surprisingly, a few respondents indicated administration/procurement as the new areas vulnerable to fraud, which is not reflected in the current environment.
Cost of compliance
An overwhelming 83% of the respondents indicated that the cost of anti-fraud measures will increase over the next two years with "implementing a fraud detection/analytics solution", "periodic fraud assessment", "providing fraud awareness training" and "setting up a dedicated fraud investigative cell" appearing to be the top contributors for this increase in cost.
Frauds in priority sector are expected to increase and the new areas of focus appear to be administration /procurement
Conclusion
Banks are facing a tidal wave of regulatory requirements and are increasingly under regulatory scrutiny. In a bid to tackle the rising incidents of frauds, the Reserve Bank of India has issued various circulars and guidelines for banks to implement robust anti-fraud systems and controls to counter fraud risks. With the expected economic slowdown, the incidences of frauds are expected to increase further, which is confirmed by the survey results. An interesting finding of the survey is that greater the asset size, higher is the number of fraud incidents encountered. This could be due to the fact that as banks continue to increase their asset size by entering into new geographies or by introducing new products and systems, these developments if not managed well could contribute to increased fraud. However, it is important first to note the causes of increase in fraud incidents. According to the survey respondents, it appears that lack of oversight by the line managers or senior managers to the deviations from existing process/controls is cited as one of the major reasons for fraud followed by the current difficult business scenario and business pressure to meet targets. However only 37% of the respondents indicated that there was collusion between the employees and other third parties in perpetrating fraud. So does this indicate business pressure to meet targets is resulting in circumvention of controls? This brings us to a moot question: What does the future foretell? An overwhelming majority of respondents indicated that fraud incidents will increase, with over 64% of them stating that the increase will be at least 6%. In the current fraud situation coupled with the economic scenario it becomes all the more imperative for banks to ensure that they adopt realistic business strategies and ensure adequate internal controls and vigilance so as not to accentuate the existing problem. It comes as no surprise that the usual suspect - Retail banking - has been identified as the major contributor of fraud and will continue to do so in the foreseeable future. This fact has been highlighted by the Reserve Bank of India as well through their circular in 2009. As retail banking is more process as well as volume driven and decentralized, increased fraud incidents in this area could possibly be the tip of the iceberg - an indicator of deeper issues waiting to surface that can adversely impact the entire portfolio of the bank. Another area where banks are focusing is on the priority sector not only to meet their priority sector target, but also due to increased expectation of financial inclusion. With a significant number of respondents identifying it to be the area where fraud incidents are expected to increase, banks need to consider the risks involved in priority sector lending and develop appropriate risk mitigation strategies to ensure profitable growth. In the current economic climate, there is increased pressure on organizations to reconsider the way in which they incur and monitor expenses; the focus is shifting to frauds in the procurement/administration functions. One of the reasons that organizations have not been actively focusing on this area is perhaps because of the low ticket size and the difficulty in detecting them. However banks need to scrutinize this area as it not only directly affects their bottom line, but could also lead to potential violation of various anticorruption laws. The Reserve Bank of India has been coming out with various circulars and guidelines prodding banks to adopt measures to fight the menace of fraud. The challenge for banks is to develop comprehensive fraud risk management controls that will not only prevent frauds, but detect them as soon as they occur and respond to them. It is encouraging to note that an overwhelming 80% of the respondents indicated that they had a formal fraud risk framework in place. The survey responses when considered separately indicate near uniform adoption of various anti-fraud measures; however, when responses were analyzed there appeared to be some conflicting messages. With77% of the respondents investigating frauds internally, it appears surprising that only 20% of them had implemented a dedicated forensic technology tools for investigation and 28% having implemented intelligence gathering mechanism; bringing into question the effectiveness of the fraud risk management framework. This could possibly be because fraud risk management techniques are still in the development phase and many of the framework measures may be work in progress. According to the survey, it appears that the majority of the fraud incidents are still detected through a formal and informal complaint mechanism. More than half the respondents indicated that they detected fraud through internal audit reviews. However, the disturbing part is that 20% of the cases were still detected by accident and another 43% were by anonymous complaints by third parties, indicating that in spite of various anti-fraud measures adopted by banks, a significant number of frauds are detected by means other than the organizations fraud control framework. Hence it did not come as a surprise that the average time taken to
uncover fraud is more than six months for more than 53% of cases. However, the silver lining is that banks are increasingly looking at leveraging technology solutions to detect fraud in addition to traditional methods like internal audit reviews and whistle-blower mechanisms. Usage of technology solutions can provide banks with a proactive way in identifying Red Flag transactions and weaknesses in their internal controls. With the increase in fraud incidents and recovery being less than 25% for 60% of the respondents, fraud directly affects the bottom line of banks. An overwhelming 83% of the respondents indicated that the cost of fraud risk management will increase over the years, which is attributed to implementing technology solutions, periodic risk assessments, and various due diligence measures. Organizations are slowly realizing that lack of crackdown in controlling frauds could create a culture of acceptability for this behaviour within the organization leading to increased incidents or more sophisticated frauds in future. By implementing appropriate controls and monitoring mechanism, management will not only be able to limit frauds, but also set the tone for ethical behaviour within the organization. So this could be money well spent.
3% Co-operative Bank 34% 40% Foreign bank Private Sector Bank 23% Public sector 57% 10% 7%
26%
10% 10%
Audit Business
7%
3%3%
3000 5000 CR
Dont know, 7%
43%
Larger organizations are more likely to experience increased fraud incidents. This is true for banks as well. A comparison of the fraud incidents experienced by the organization indicates that banks with larger asset size have been encountering more fraud cases with public, private and MNC banks equally affected by it.
Not Disclosed Collusion between employees and external parties Lack of Fraud Risk Framework within the organization Business pressure to meet targets Lack of oversight by line managers or senior management on deviations from existing process/controls Change to business strategy without changes in business processes Lack of tools to identify potential Red Flags
40%
10 Lacs
10-20 Lacs
20- 50 Lacs
>100 Lacs
Not Disclosed
30%
17%
< 1%
1-5%
5- 10%
10-25%
>25%
Not Disclosed
5. The issue
Since the developments in the 1990s, the entire banking products structure has undergone a major change. With de-regulation, increased competition and IT revolution making it possible to provide ease and flexibility in operations to customers, banks are also evolving and trying to become one-stop financial supermarkets. However, the entire range of banking operations can be segmented into four broad heads - retail, wholesale or corporate banking businesses, treasury operations and other banking activities including advisory services termed as private banking to "high relationship value" clients. Fraud follows opportunity and attacks weakness in the system. It is important to know the areas which are vulnerable to fraud before organizations can start working towards controlling them. With banks operating in various areas, we specifically asked the respondents on the areas where they have encountered fraud and the root cause analysis of the incidents.
77%
57% 33%
10% 3% 3%
13%
Retail Banking
Corporate Banking
Private Banking
Treasury
Administration / Procurement
No Response
55% 8%
9% 9% 31%
27%
8% 23%
46%
Multiple funding 13%7% 20% 13% Fraudulent documentation 7% 7% Overvaluation/non-existence of collateral 29% 29% 14% 21%
7% 14%
Incorrect sanctioning
50%
25%
13% 13%
Asset Stripping
44%
22%
20%
30%
30%
20%
Low Medium
Siphoning/Diversion of funds
40%
20%
20%
20%
Fraudulent documentation
30%
10%
40%
10%10%
Overvaluation/non-existence of collateral
45%
18% 9% 9% 18%
100% 20% 30% 14% 14% 11%11%11%11% 25% 22% 13% 13% 22% 27% 43% Very Low Low Medium High Very High
18% 9%
5.6 Others
Ten percent of respondents have indicated that they have encountered fraud in private banking and 3% in treasury operations and administration/procurement functions. Amongst various areas, in private banking, respondents identified fraudulent documentation followed by identity theft as being the highest number of fraud incidents. It is very surprising to note that mis-selling is considered as a low risk, especially in view of the recent incidents highlighted in the media.
Fig 15 : Fraud incidents in Private Banking Account takeover/misuse of power of attorney Misselling Identity Theft Fraudulent documentation
25% Very Low 20% 25% 33% Low Medium High Very High
Others - Business Target Pressure Overriding of controls Collusion with external parties Deviations from existing process Un accounted trades in error accounts
100% 100% 100% 100% 100% Very Low Low Medium High Very High
47%
37%
Not Answered
No
Yes
20%
20%
17%
Whistleblower mechanism
By accident
Others
Not disclosed
With the advent of technology, banks are at the forefront of leveraging technology to fight frauds. Forty percent of respondents were identifying frauds using a fraud analytics solution. This is an encouraging sign as a proactive fraud detection solution will not only enable banks to identify frauds before they occur, but can also be leveraged to improve their internal control mechanism. Even though 37% of the respondents indicated that they detected frauds through a whistle-blower mechanism, the number of frauds discovered by anonymous complaints is more at 43%. This could possibly be due to the fact that either the whistle-blower mechanism is probably not implemented fully or the complainants are not comfortable using the whistleblowing hotline. However, the disturbing part is that 20% of the cases were detected by accident and another 43% were by anonymous complaints by third parties, indicating that despite various anti-fraud measures adopted by banks, a significant number of frauds were detected by means other than the organizations fraud control framework. It leads to the question: do many frauds stay undetected?
17% 3% 30%
20% 30%
A timely detection of fraud incidents will go a long way in containing the losses and improving the chances of recovery. It is now time for banks to ensure that their current fraud risk management strategies are revised to ensure that they are in line with the current fraud trends and adequate to take care of future growth besides increasing ways of detecting frauds proactively. Hopefully, with the increase in usage of technology to detect frauds, as mentioned in the previous section, the average time to uncover frauds should reduce in future.
77%
63%
30%
17%
Not disclosed
The risk profile of different segments in banks like retail or corporate banking is different and therefore the processes which are required to control the risk of fraud in each segment needs to be customised for each bank and their processes applicable to that particular segment. Since retail and priority sector banking needs to be process driven due to huge volume of transaction, it is suitable for banks to employ fraud analytics solution to detect anomalies or Red Flags to detect any deviations which may not be suitable in corporate banking environment. For corporate banking adequate due-diligence and close post disbursement monitoring are some measures which can help prevent or detect frauds. Depending on the process, each bank must decide on the control that is appropriate to mitigate the risks. By adopting a leading-practice approach to designing and implementing antifraud programs and controls, Banks can reduce the risk of fraudulent activity. Assessing your fraud risks is the first step that can help create greater awareness of where your organization should improve its financial systems and processes. An effective fraud risk management framework will enable banks to have controls that first prevent/reduce the fraud from occurring, detect as soon as a fraud happens and respond effectively to fraud incidents when they occur.
A significant 80% of the respondents indicated that they have already implemented a formal risk management framework at the bank. Fraud risk management has become a board level issue, with an overwhelming 93% of the respondents indicating that these issues are discussed at the board level with senior management at least every quarter. A significant 23% of these respondents said that these issues were discussed at the board level every month.
Others
13%
Internal audit
3%
37%
Chief risk officer (also responsible for financial risk management including credit and market risk)
17%
13%
17%
A small 7% of the respondents have still not implemented a FRM framework, which is surprising considering the increased incidents of fraud and the scrutiny by the regulators. As per RBIs September 2009 circular, the fraud risk management and fraud investigation function must be owned by the bank's CEO, its Audit Committee of the Board and the Special Committee of the Board; and they should set up a dedicated outfit to manage this function. To help ensure that fraud controls remain effective, responsibility for the organizations fraud risk management should be delegated to a person at the senior level who can interact with various departments of the banks like internal audit, vigilance and risk management. The responsibility of fraud risk management is with the chief vigilance officer according to 37% of the respondents. However, only 13% of the respondents indicated that there is a separate chief fraud risk officer who is responsible for only fraud risk management with another 17% of the respondents indicating that the responsibility for this activity rests with the chief compliance officer or chief risk officer (who is also responsible for financial risk management).
Customer screening against negative list 3% 3% 7% 7% Employee background check 7% 3% 13% Vendor/third party due diligence 7% 3% 17% Fraud awareness training 20% 13% 13% 27%
80% 63% 60% 53% 70% 73% 20% 23% 21% 23% 34% 63% Implemented 67% 60% 53% 13% 7% 20% 28% Partially Implemented Planning to start in the next 12 months Just Started Not Started
Fraud risk assessment 3%10% 13% Dedicated forensic technology tools for investigation Intelligence gathering mechanism Dedicated fraud investigative cell/team and associated process 37% 10% 7% 10%3%
Fraud control strategy and policies 3% 3% 3% Fraud control organization structure 3% 13% including clearly defined reporting
23% 23%
Despite the fact that more than half the respondents having implemented a fraud control organization structure, number of frauds are rising which brings into question the effectiveness of the fraud risk management framework at the banks. The reason for complete implementation of all these framework controls could possibly be because of the fact that many banks are in the early stages of implementation of the framework and these are work in progress. With the advent of new products and technologies, fraudsters will keep finding new ways to exploit the system. To have robust and effective fraud control mechanism in place it is imperative for the banks to keep reviewing their operations and gather market intelligence on the new fraud scenarios to understand their operations vulnerability to fraud. However, it should be noted that market intelligence plays a key role in understanding new fraud schemes in the market and banks may need to employ mystery shopping exercise to understand the weakness in their system. So for a meaningful fraud risk assessment, banks should look at increasing their market intelligence capabilities or seek external help. A quick analysis of the results indicate that banks need to immediately focus and speed up their efforts in the following areas to foster better fraud risk management: Intelligence gathering mechanism Dedicated forensic tools for investigation Fraud risk assessment Due diligence of vendor/third party
20% 7% 73%
Planned
No
Yes
50%
50%
25%
13%
13%
Issues in data Do not have integration from sufficient data to existing internal implement systems
Fig 25 : Reason for non-implementation of fraud analytic solution (multiple choice) Of the 27% percent who have not implemented technology solution, the prominent reason appear to be data related issues like data integration or data sufficiency issues. The other reasons are: Solution being expensive 13% Ineffective solution 25%
Banks have been traditionally early adopters of technology resulting in a number of legacy applications catering to various aspects of their operations. These systems often result in islands or pockets of information with limited data. With modern data analytics solution requiring varied types of data, banks are realizing that they may not have been capturing the requisite information in their existing system, resulting in lack of sufficient data for analytics. Also integrating these varied data sources which may exist in different platforms with varied formats is often cumbersome.
In organizations with multiple stakeholders, there is growing need for board of directors or other governing body to ensure that its governance practices set the tone for fraud risk management. Top management should implement policies that encourage ethical behaviour and demonstrate Enhanced ethical culture (tone at the top). The roles and responsibilities for personnel at all levels of the organization involved in fraud risk management should be defined clearly. The board of directors may appoint a senior person who would be responsible for the anti-fraud efforts and report to the board of directors. Since one of the strongest anti-fraud deterrents is the awareness that fraud prevention and controls are in place, it is essential for the top management to communicate to employees across levels/functions. Additionally, communication of action taken report to employees will go a long way in reinforcing the message. 2. Prevent: Conduct detailed fraud risk assessments
One of the objectives of a fraud risk assessment is to help focus managements attention on the significant fraud risks to be addressed. A fraud risk assessment can be recurring and systematic, and it can involve various levels of management across all functions of the business. An effective fraud risk assessment may include specific fraud schemes that could be perpetrated against the organization, including the people or departments within the organization that could commit them. The specific fraud schemes identified can be linked to existing internal controls within the organization that can mitigate the fraud risk and a remediation plan for significant fraud risks that could not be linked to existing internal controls. 3. Deter and detect: Promote the tools for effective reporting of suspicious or inappropriate activities A whistle-blower hotline is one of the easiest and least expensive of procedures that can be used for reporting fraud and misconduct. However, the existence of a hotline may not be enough. Management should also consider conducting periodic evaluations to determine whether the whistle-blower hotline is effective, including benchmarking analysis against competitors. The organization should consider the use of an experienced outside agency managing the whistle-blower hotline to enhance the perception of confidentiality. 4. Prevent and deter: Anti-fraud policy and appropriate training
Fraud risks can never be completely eliminated, as some degree of residual risk always exists in the operating environment. Hence actions to minimize such a risk include the fostering and development of a strong ethical culture as a part of the anti-fraud program. It is not uncommon for employees to be confused as to what activities constitute fraud or misconduct against the organization. The tolerance of frauds or misconduct within an organization could also send the wrong message about managements lenience towards employee misconduct and fraudulent behavior. This misunderstanding can be addressed by drafting and publishing an anti-fraud policy that clearly defines fraud and misconduct. This definition of fraud can also include specific, relevant examples of behavior that is not acceptable within the organization. Once the anti-fraud policy is published, periodic training can be held throughout the organization to provide employees with a forum to discuss the importance of ethical behavior. In addition to defining fraud, this policy can also address how the company intends to respond to fraud and misconduct allegations. 5. Deter and detect: Response to fraud allegations
Regardless of the size of the fraud allegation or the individual involved, the organization should consider having a documented policy of how fraud allegations will be investigated and resolved. The policy would typically include procedures for preserving documentation and gathering evidence. The policy can address which individuals or departments should be responsible, accountable, consulted, and informed depending on the nature of the allegation. Similar to fraud risk assessments, there are many companies that may have certified fraud examiners, attorneys, and certified public accountants on the payroll who may be able to conduct an effective internal investigation. However, if the amounts involved are potentially material to the
financial statements or might involve members of senior management, leading practices would suggest that in many cases the investigation be conducted by independent attorneys and other third-party specialists.
4% 4% <1% 16% 28% 83% 48% 17% Fraud incidents will Fraud incidents will rise remain same 1125% Undisclosed 1-5 6-10%
An overwhelming 96 % of the respondents have indicated that retail banking will be most prone to fraud followed by the priority sector by 52% respondents and corporate banking at 48%. According to the respondents, the priority sector appears to be more vulnerable in the current situation. Due to the current economic conditions, banks may be planning to grow their retail asset portfolio along with priority sector due to financial inclusion agenda; it appears that banks do not expect a sizeable increase in frauds in the corporate banking environment. With retail and priority sector appearing to be vulnerable to fraud, banks should focus their efforts in enhancing their fraud risk management efforts in this area if they are to contain their non-performing asset (NPA) levels and also limit losses from fraud. A recent survey report on occupational fraud and abuse by Association of Fraud Examiners (ACFE) indicates that globally organizations lose approximately 5% of their revenues or more than $2.9 trillion to fraud. Fraud in administration and procurement functions is also expected to contribute to about 14% of fraud incidents. Banks therefore want to focus internally on their operational and administration expenses to contain fraud in this area.
96%
52%
4%
Retail Banking
Treasury
Priority Sector
Not disclosed
Fig 28 : Cost of Anti fraud measures Customer screening against negative list Increased vendor/third party due diligence Providing fraud awareness training Implementing a whistleblower hotline Implementing a fraud detection/analytics solution 9% Periodic fraud risk assessment Setting up dedicated fraud investigative cell Developing fraud control strategy and policies 17% 22% 22% 21% 35% 30% 17% 26% 13% 38% 26% 35% 29% 13% 13% 21% 25% 25% 30% 21% 17% 30% 30% 22% 25% 4% 13% 17% Very Low Low Medium 26% 13% 13% 8% High Very High
17% 9% 13%
30% 25%
The results are a bit surprising considering the fact that nearly half of the organizations have indicated that they already have an analytical solution in place and a majority of them are satisfied with its results. However, the fact that anti-fraud spending will increase indicates that some institutions may be using their existing transaction monitoring and other technology solution to undertake some fraud analytics and would
like to go in for a dedicated fraud risk management solution going forward. The other reason could be that these solutions may be catering to specific areas only, and the banks are now looking at enhancing their capability to cover other areas. With retail and priority sector being the focus areas for banks, the increased use of technology is inevitable when dealing with large volumes of data and banks will not have an option but to seek technology for detecting red flags proactively. With banks aspiring to go global, they should be cognisant of the fact that prosecutors and regulators across the globe are becoming increasingly active in enforcing the anti-corruption legislation. With the advent of the new UK Bribery Act (UKBA) and continued regulatory developments, ant-bribery and corruption compliance would now be a high priority for financial institutions. The highlight of the UKBA act is the introduction of new offence of failing to prevent bribery (including bribery by an associated person of the company) resulting in vendors coming under increased scrutiny. Expectedly, banks will be looking at increased vendor due diligence to not only contain fraud risk, but also to comply with the anti-bribery and corruption laws to which they must adhere.
Conclusion
Risks are inherent in the banking business, but fraud risk is something that no bank would like to deal with. But the fact is that frauds are on the rise and organizations need to put their business affairs in order by having effective control mechanisms in place to curb the menace. Internal controls can weaken over time due to technological advances or human intervention (management override or collusion) or because of the rise in new fraud schemes. Implementing anti-fraud controls is not a fool-proof measure against frauds. Nonetheless, having anti-fraud measures in an organizations control environment can go a long way in deterring individuals from perpetrating fraud because the message going down the line is that the senior management is cognizant of this crime and is committed to preventing it within the organization.
Contacts
Neeta Potnis Senior Director and National Leader Forensic & Dispute Services Mail: neetapotnis@deloitte.com Tel: +91 (22) 61855170
Tedd Avey Senior Director, Forensic & Dispute Services Mail: teddavey@deloitte.com Tel: +91 (22) 61855180
Sumit Makhija Senior Director, Forensic & Dispute Services Mail: sumitmakhija@deloitte.com Tel: +91 124 679 2016
K.V. Karthik Director Lead Financial Services Forensic & Dispute Services Mail: kvkarthik@deloitte.com Tel: +91 (22) 61855212
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. This material and the information contained herein prepared by Deloitte Touche Tohmatsu India Private Limited (DTTIPL) is intended to provide general information on a particular subject or subjects and is not an exhaustive treatment of such subject(s). None of DTTIPL, Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively, the Deloitte Network) is, by means of this material, rendering professional advice or services. The information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on this material. 2012 Deloitte Touche Tohmatsu India Private Limited. Member of Deloitte Touche Tohmatsu Limited