INTRODUCTION

The primary responsibility for preventing frauds lies with individual banks; however, the
Reserve Bank of India (RBI) routinely advises banks about major fraud prone areas and the
safeguards necessary for prevention of frauds. This is done so that banks can introduce
necessary safeguards by way of appropriate procedures and internal checks. Though there are
rules in place and RBI, as a guardian bank, proactively keeps a vigil on the conduct, the onus
largely lies upon the banks to keep a check on frauds and fraudulent behaviours, employ
means to secure transactions and report to RBI if they experience any fraud in their branches.
The Financial Fraud (Investigation, Prosecution, Recovery and Restoration of property)
Bill, 2001 has been proposed to prohibit, control, investigate financial frauds; recover and
restore properties subject to bank frauds, prosecute for causing financial fraud and all related
matters.

BANK FRAUDS

Fraud is defined in Section 421 of the Indian Penal Code and section 17 of the Indian
Contract Act and has the following essential elements:

a. There must be a representation and assertion;

b. It must relate to a fact;
c. It must be with the knowledge that it is false or without belief in its truth; and
d. It must induce another to act upon the assertion in question or to do or not to do
certain act.

There are three crucial elements which are considered responsible for the commission of
frauds in banks:

a. Involvement of bank's employee or in connivance with outsiders;

b. Failure of the bank staff to follow the instructions and guidelines; and
c. External elements or collusion between various parties or by a hacker.

Losses sustained by banks as a result of frauds exceed the losses due to robbery, dacoit,
burglary and theft-all put together. Unauthorized credit facilities are extended for illegal
gratification such as case credit allowed against pledge of goods, hypothecation of goods
against bills or against book debts. Common modus operandi are, pledging of spurious goods,
inletting the value of goods, hypothecating goods to more than one bank, fraudulent removal
of goods with the knowledge and connivance of in negligence of bank staff, pledging of
goods belonging to a third party.

Frauds in deposit accounts take place by opening of bogus accounts, forging signatures of
introducers and collecting through such accounts stolen or forged cheques or bank drafts.
Frauds are also committed in the area of granting overdraft facility in the current accounts of
customers. A large number of frauds have been committed through bank draft, mail transfers
and telegraphic transfers. An analysis made of cases brings out broadly the under mentioned
four major elements responsible for the commission of frauds in banks.

 Active involvement of the staff-both supervisor and clerical either independent of

external elements or in connivance with outsiders.
 Failure on the part of the bank staff to follow meticulously laid down instructions and
guidelines.
 External elements perpetuating frauds on banks by forgeries or manipulations of
cheques, drafts and other instruments.
 There has been a growing collusion between business, top banks executives, civil
servants and politicians in power to defraud the banks, by getting the rules bent,
regulations flouted and banking norms thrown to the winds.

Although, in India, frauds committed so far have not revealed any extensive manipulation of
computer systems, it is no doubt a potentially high-risk area, which should be addressed
carefully and in timely manner. According to a recent survey, companies in India have not
addressed security issues appropriately.

Components of Fraud:

There are two important components in any fraud committed by an employee of a bank,
himself or in collusion with a burrower. They are, firstly, the intention which is subjective;
and secondly, the opportunity which is objective. Conditions must be created in the bank that
the person who intends perpetrating a fraud does not get the opportunity to commit it.
Reporting of banking frauds

To keep the above frauds at bay, RBI prescribes that bank should conduct annual review of
frauds and apprise its board regarding the findings. While conducting the review, the most
crucial aspect that must be taken into account by banks includes the following:

a. Has the bank employed adequate system to detect frauds?

b. How are frauds examined?
c. What kind of action bank takes and within how much time if a person is found
responsible for fraud?
d. What are the reasons for the fraud - laxity in following the systems and procedures or
loopholes in the system?
e. What measures have been taken to ensure that the systems and procedures are
scrupulously followed by the staff concerned or the loopholes are plugged?
f. Whether frauds are reported to the local police for investigation?
g. Whether bank maintains the data and records of these facts: (i) total number of frauds
detected during the year; (ii) amount involved as compared to the previous two
years; (iii) modus operandi of major frauds reported during the year along with their
present position; (iv) estimated loss to the bank; (v)number of cases (with
amounts) where staff are involved and the action taken against staff; (vi) time taken to
detect frauds (number of cases detected within three months, six months, one year,
more than one year of their taking place); (vii) status of the matters reported to the
police and (viii)preventive/punitive steps taken by the bank.

In order for the RBI to continue doing this work, it is essential that banks should have proper
reporting mechanism in place to report to the RBI all information about frauds and the
follow-up action taken.

LEGAL REGIMES FOR REGULATING FRAUDS

The legal and institutional framework for bank supervision in India is provided under the
Banking Regulation Act, 1949. Until 1994, different departments in Reserve Bank of India
were exercising supervision over banks, non-banking financial companies and financial
institutions. To keep a close watch on financial markets and avoid recurrence of crisis in the
financial system, the Board for Financial Supervision was set up under the aegis Reserve
Bank under Reserve Bank of India (Board for Financial Supervision) Regulations, 1994 with
the objective of paying undivided attention to the supervision of the institutions in the
financial sector.

 Organisation of the Supervision Function

Prior to 1993, the supervision and regulation of commercial banks was handled by the
Department of Banking Operations & Development (DBOD). In December 1993 the
Department of Supervision was carved out of the DBOD with the objective of segregating the
supervisory role from the regulatory functions of RBI.

 Department of Banking Supervision (DBS)

The Department of Banking Supervision at present exercises the supervisory role relating to
commercial banks in the following forms:

 Preparing of independent inspection programmes for different institutions.

 Undertaking scheduled and special on-site inspections, off-site surveillance, ensuring
follow-up and compliance.
 Determining the criteria for the appointment of statutory auditors and special auditors
and assessing audit performance and disclosure standards.
 Dealing with financial sector frauds.
 Exercising supervisory intervention in the implementation of regulations which
includes – recommendation for removal of managerial and other persons, suspension
of business, amalgamation, merger/winding up, issuance of directives and imposition
of penalties.

 Department of Non-Banking Supervision (DNBS)

Department of Non-Banking Supervision has following responsibilities:

 Administration of Chapter IIIB of the RBI Act, formulating regulatory framework and
issuing directions to the NBFCs (including residuary non-banking companies, mutual
benefit companies, chit fund companies);
 Administration of Chapter III-C of the RBI Act in respect of unincorporated bodies,
Chit Funds Act in respect of chit fund companies, Prize Chits and Moneys Circulation
Schemes (Banning) Act in respect of prize chits;
  Identification and classification of NBFCs;
 Registration of NBFCs under section 45-IA of the RBI Act;
 On-site inspection and follow up;
 Off-site surveillance and scrutiny of various returns;
 Attending to complaints relating to NBFC sector; and
 Initiating deterrent action against the errant companies.

 Supervisory Process

The major instrument of supervision of the financial sector is inspection. The inspection
process focuses mainly on aspects crucial to the bank’s financial soundness with a recent shift
in focus towards risk management. Areas relating to internal control, credit management,
overseas branch operations, profitability, compliance with prudential regulations,
developmental aspects, proper valuation of asset/ liability portfolio investment portfolio, and
the bank’s role in social lending are covered in the course of the inspection. The Department
undertakes statutory inspections of banks on the basis of an annual programme, which is co-
terminus with the financial year for public sector banks. After the inspection report is
released to the bank, followed by a ‘supervisory letter’ based on the inspection findings to the
bank, the concerns of the inspections are discussed with the CEO of the bank and a Monitor
able Action Plan is given to the bank for rectification of those deficiencies. The Department
submits a memorandum covering supervisory concerns brought out by the inspection to the
Board for Financial Supervision (BFS). Specific corrective directions of the BFS are
conveyed to the banks concerned for immediate compliance. The Memoranda submitted by
the departments for supervisory scrutiny and consideration of BFS generally cover matters
relating to supervisory strategy and operational supervision of individual banks, financial
institutions and non-banking financial companies as also industry-wide issues and sectoral
performance reviews.

 On-site inspection

In terms of the new approach adopted for the on-site inspection of banks, the Inspecting
Officers concentrate on core assessments based on the CAMELS model (Capital adequacy,
Asset quality, Management, Earnings appraisal, Liquidity and Systems & controls). This
approach eschews aspects which do not have a direct bearing on the evaluation of the bank as
a whole or which should essentially concern the internal management of the bank.
A model to rate the level of customer service in banks was developed and forwarded to
Indian Banks’ Association for conducting appropriate surveys on customer satisfaction at
periodical intervals. A Quarterly Monitoring System through on-site visits to the newly
licensed banks in their first year of operation has been put in place. Old and new private
banks displaying systemic weaknesses are also subjected to quarterly monitoring. Detailed
guidelines on risk control systems in computerised banks have been circulated amongst banks
along with the details of electronic records to be maintained for supervisory access. In order
to address the issue of causes of divergence observed with regard to asset classification etc.,
provisioning required to be made between the banks/auditors and RBI Inspectors, a
representative group of banks, a chartered accountant and RBI officials was constituted in
March 2000 to review and arrive at uniform parameters of assessment of NPAs by
banks/auditors and RBI Inspectors. Guidelines are being issued to the banks and the
Inspecting Officers based on the recommendations of the Group.

 Off-site Monitoring & Surveillance System

As a part of the new supervisory strategy, an off-site monitoring system for surveillance over
banks was put in place in RBI in March 1996. The first tranche of OSMOS returns require
quarterly reporting on assets, liabilities and off balance-sheet exposures, CRAR, operating
results for the quarter, asset quality and large credit exposures in respect of domestic
operations by all banks in India. Data on connected and related lending and profile of
ownership, control and management are also obtained in respect of Indian banks.The second
tranche of returns covering liquidity and interest rate risk exposures were introduced in June
1999.

 Board for Financial Supervision: Constitution

The Committee on Financial System set up by the Government of India had suggested that
the supervisory functions of RBI should be separated from the more traditional central
banking functions and that a separate agency, which could pay undivided attention to
supervision, should be set up under the aegis of RBI. So, based on this recommendation, the
first Board for Financial Supervision (BFS) was constituted on November 16, 1994 by the
Governor as a committee of the Central Board of Directors of the Reserve Bank of India
(RBI). It functions under the RBI (BFS) Regulations, 1994 exclusively framed for the
purpose in consultation with the Government of India. The Board is chaired by the Governor
and is constituted by co-opting four non-official Directors from the Central Board as
Members for a term of two years. The Deputy Governors of the Bank are ex-officio
Members. One of the Deputy Governors is nominated as Vice-Chairman. The Department of
Banking Supervision serves as the Secretariat for the BFS.

Advisory Council to BFS: For tendering advice to the BFS in its initial years on policy
matters relating to the supervision of the financial system an Advisory Council was
constituted on November 16, 1994 and was in place till March 27, 1998. The Council
consisting of five members, eminent in the fields of law, accountancy, banking, finance and
management met normally once a quarter during the period of its tenure.

Sub Committee (Audit) to BFS: The BFS also constituted an Audit Sub-Committee in
January 1995 with the Vice Chairman of BFS as Chairman of the sub-Committee and two
non-official members of BFS as other Members. Representatives of the Institute of Chartered
Accountants are also invited to the meetings of the Sub Committee depending on the nature
of the agenda. The Sub Committee’s main focus is on up-gradation of the quality of the
statutory audit and concurrent audit / internal audit functions in banks, NBFCs and financial
institutions, fixing of remuneration, approval of the panel of statutory auditors and branch
auditors as also the accounting and disclosure standards.

Supervisory Jurisdiction: The supervision by BFS at present covers commercial banks, all
India development financial institutions and non-banking finance companies. In its very first
meeting, the BFS approved a new strategy of supervision, the key elements of which include:

 Setting up an off-site surveillance function, the major components of which include

establishing a system for in-house monitoring of banks and other credit institutions,
based on a prudential supervisory reporting framework; building a ';Memory'; on all
supervised institutions and setting up a market intelligence and surveillance unit
(MISU)
 Restructuring the system of bank inspections in terms of focus, process, reporting &
follow up.
 Strengthening the statutory audit of banks and enlarging the role of auditors in the
supervisory process including using them as agents.
 Strengthening the internal defences within the supervised institutions such as
corporate governance, internal control and audit functions, and management
information and risk control systems, as an extension of the task of supervision.
  Restructuring the System of Financial Supervision

To start with, expert working groups were constituted in 1994 to devise revised strategies of
on-site supervision over banks and NBFCs for continuous supervision. Some of the important
steps taken based on the recommendations of these working groups are as under:

 Changes in frequency/periodicity of inspections, reporting formats and introduce new

off-site reporting system, introduction of three types of supplementary on-site
assessments in between the statutory examinations, Rating system for banks based on
the international CAMELS model as also more focused and enforcement-oriented
follow-up based on the recommendations of Padmanabhan Working Group.
 Toning up of the internal control/audit function in banks and more particularly the
safeguards to be adopted in EDP environment.
 Introduction of an effective prudential reporting system and registration process for
NBFCs by switching over from the then prevailing compliance monitoring system
with reference to RBI directions on deposit taking activities of such companies.

 Transparency and Disclosure

RBI has always been committed to enhancing the element of transparency and adequate
disclosures in the financial statements of banks. The formats of balance sheet and profit &
loss account have been prescribed in the Banking Regulation Act, 1949, and banks have to
strictly comply with this. The accounts and balance sheets are required to be duly audited by
statutory auditors (including branch auditors) appointed with the approval of RBI.

The task of moving towards greater disclosure by banks in India was taken up in 1982 when
the formats of the financial statements were revised and expanded. Following the
liberalization measures introduced in the beginning of this decade, the process and extent of
disclosure by the banking system has been further enhanced. Over the past few years, banks
have been advised to disclose key information on capital adequacy and composition, NPA’s,
provisions, investments and shareholding of Government. Banks are also required to disclose
certain critical financial ratios on profitability and efficiency. More recently, banks have been
asked to disclose maturity pattern of assets and liabilities, movement in NPA’s and exposure
to sensitive sectors.

MECHANISM FOR REGULATING FRAUDS

A close study of any fraud in bank reveals many common basic features. There may have
been negligence or dishonesty at some stage, on part of one or more of the bank employees.
One of them may have colluded with the borrower. The bank official may have been putting
up with the borrower’s sharp practices for a personal gain. The proper care which was
expected of the staff, as custodians of banks interest may not have been taken. The bank’s
rules and procedures laid down in the Manual instructions and the circulars may not have
been observed or may have been deliberately ignored.

Prevention of frauds:

Internal Prevention:

In today's competitive market, it is necessary that the banks are able to service their clients
effectively. Therefore strongly urge is that we should have a massive effort at
computerisation of the banks.

External Prevention:

In the banking and financial sectors, the introduction of electronic technology for
transactions, settlement of accounts, book–keeping and all other related functions is now an
imperative. Increasingly, whether we like it or not, all banking transactions are going to be
electronic. The thrust is on commercially important centers, which account for 65 percent of
banking business in terms of value. There are now a large number of fully computerized
branches across the country

Relevant Measures to tackle Bank Frauds in India:

All the major operational areas in banking represent a good opportunity for fraudsters with
growing incidence being reported under deposit, loan and inter-branch accounting
transactions, including remittances. Broad analyses of various frauds that have taken place
throw up the following high-risk areas in committing frauds:
  Misappropriation of cash by fudging accounts.
 Unauthorized withdrawal or transfers of funds, mostly from long dormant accounts.
 Opening of fictitious accounts to misappropriate funds from illegal activities i.e.
Laundering through the fictitious accounts
 Use of interbank clearing for accommodation, kite-flying and misappropriation.
 Cheating in foreign exchange transactions by flouting exchange control provisions.
 Withdrawal from deposit accounts through forged documents.

Following is the procedure to tackle frauds in banks:

 Expect fraud:

Nowhere in the world the fraud can be avoided hence can the banks be no exceptions. It is
a human tendency of taking the risk to commit the frauds if he finds suitable
opportunities. So it is wise to expect the occurrence of the fraud. If the fraud is expected,
efforts can be concentrated on the areas, which are fraud prone. Fraud is the game of two.
The rule makers and rule breakers. Whoever is strong in the anticipation of the situations
wins the game of frauds. Fraud is a phenomenon, which cannot be eliminated, but it needs
to be managed.

 Develop a fraud policy:

The policy should be written and distributed to all employees, Borrowers and depositors.
This gives a moral tension to the potential Fraudster. Maintain a zero tolerance for
violations. The Indian bank needs to roar against the action that is taken against the
Fraudsters. The media publicity against the fraudsters at all the levels is necessary. The
announcement by US president George W. Bush that the “Corporate crooks will not be
spared” gave the deep impact to the Corporate America. In India also we need to consider
it as a severe problem and need to fight against it.

 Assess Risk:

Look at the ways fraud can happen in the organization. It is very important to study the
trend and the style of frauds in the bank. Some of the big nationalized banks maintain the
databases of the fraud cases reported in their banks. But the databases are dumb. They
yield nothing unless they are analyzed effectively. Establish regular fraud-detection
procedures. It could be in the form of internal audit or it could also be in the form of
inspections. These procedures alone discourage employees from committing fraud. In
addition to this the Institute of Chartered Accountants of India has issued an “Accounting
and Assurance standard on internal controls which is a real guideline to test internal
controls. Controls break down because people affect them, and because circumstances
change.

 Segregate duties in critical areas:

It is the absolutely basic principle of auditing a single person should not have the control
of the books of accounts and the physical asset because this is the scenario which tempts
the employee to commit the fraud. Hence it becomes essential to see that no one
employee should be able to initiate and complete a critical transaction without involving
someone else. Most of the banks in India have the well-defined authorization procedures.
The allocation of the sanctioning limits is also observed in most of the cases. But still the
bankers violate the authorities very easily. They just need to collude with the outside
parties. However the detection of the collusions is possible in most of the cases if the
higher authorities are willing to dig the frauds.

 Maintain the tone of Ethics at the top:

The subordinates have the tendency to follow their superiors. When the signals are
passed on to the middle management about the unethical behavior of the top management
the fear of punishment gets reduced and the tendency of following the superior
dominates. Fear vanishes when the tendency of “If I have to die I’ll take along the
superior and die” tendency rises.

 Review and enforce password security:

The incidences of hacking and the Phishing have troubled the Indian Private Sector
banks to a great extent. In addition to this most of the Indian banks are running behind the
ATM and credit cards to compete with each other but have conveniently forgone the fact
that ATM cards and the credit cards are the best tools available in the hands of the
fraudsters. Inappropriate system access makes it possible to steal large amounts of money
very quickly and, in many cases, without detection. Hence the review and the
enforcement of the security policy are going to be a crucial.
  Conduct pre-employment screening:

Since the raw material of the Banks is cash the banker needs to be more alert than any
other employer before they recruit. Only testing the aptitude of a person is not of any use.
Know whom you are hiring. More than 20 percent of resumes contain false statements.
Most employers will only confirm dates of employment. Sometimes post employment
condition might create the greed in the minds of employee, hence at least the bankers
should test check the characters of their subordinates by creating real life scenarios such
as offering the bribes by calling on some dummy borrower.

 Screen and monitor Borrowers:

Bad borrowers cause the biggest losses to the banks. What are they? Who they represent
themselves to be? Look at their ownership, clients, references, and litigation history. In
many cases the potential fraudsters have history of defaulting in some other bank or
Financial Institution.

 SECURITY IN BANKING SYSTEM:

Security implies sense of safety and of freedom from danger or anxiety. When a banker takes
a collateral security, say in the form of gold or a title deed, against the money lent by him, he
has a sense of safety and of freedom from anxiety about the possible non-payment of the loan
by the borrower. These should be communicated to all strata of the organization through
appropriate means. Before staff managers should analyze current practices. Security
procedure should be stated explicitly and agreed upon by each user in the specific
environment. Such practices ensure information security and enhance availability. Bank
security is essentially a defense against unforced attacks by thieves, dacoits and burglars.

Customer guidelines to avoid Fraud:

The customer should keep in mind the following guidelines to prevent themselves from any
frauds.

 Never give your account number to people you do not know, especially on telephone.
  Never give out financial or other personal information such as bank account or credit
card numbers unless you are sure that the company is legitimate and the information
is necessary for the transaction.
 Never judge a website by its appearance. Anyone can create a flashy website. Just
because it looks professional does not mean it is run by a professional.
 Do not write your credit card number on the cheque.
 Don’t leave blank spaces on the payee and amount lines.
 Keep changing your e-mail password frequently because it can be hacked.
 Limit the amount of personal information on your cheque. For e.g. driver’s license,
telephone numbers. A criminal can use this information by applying for credit card or
loan, opening a new account.
 Don’t send any personal information to any e-mail ID this can lead phising.

Thus above are some the measures that the customer should undertake to avoid any type
of bank frauds.

E- BANKING TRANSACTIONS

An electronic banking transaction involves the transmission of an electronic message from

the customer to the bank directing the bank to transfer money from his account to another
account either in the same bank or to another branch or any other bank anywhere in the
world. This may also be a bank's electronic communication regarding the credit or debit card
statement to a customer, which essentially and mostly is a statement of account. The
generation today is increasingly opting for net transactions to settle their utility bills and do
all kinds of bank-related work. With increased online usage, online frauds have also
increased. E-banking transactions are made safe, its integrity and authenticity preserved by
encrypting the messages. These messages are further hashed and converted into a digital
signature with a private key having a secret and individualistic signer. Digital signatures
cannot be unwrapped or tampered. A key pair is generated by the subscriber using
asymmetric crypto system and is registered with the controlling authorities. While the private
key remains with the subscriber, the other key remains with the controlling authorities and is
published and is available to persons who need them. In order to secure the e-transactions, the
Information Technology (Certifying Authorities) Rules, 2000 were issued and it provides
for the security guidelines for the implementation and management of information
technology security.

CHANGES IN LEGISLATIONS AFTER ELECTRONIC TRANSACTIONS:

1. Section 91 of IPC shall be amended to include electronic documents also.

2. Section 92 of Indian Evidence Act, 1872 shall be amended to include commuter
based communications.
3. Section 93 of Bankers Book Evidence Act, 1891 has been amended to give legal
sanctity for books of account maintained in the electronic form by the banks.
4. Section 94 of the Reserve Bank of India Act, 1939 shall be amended to facilitate
electronic fund transfers between the financial institutions and the banks. A new
clause has been inserted in Section 58(2).

CONCLUSION

 Banks should ensure that the reporting system is suitably streamlined so that frauds
are reported without any delay. Banks must fix staff accountability in respect of
delays in reporting fraud cases to the RBI. Delay in reporting of frauds and the
consequent delay in alerting other banks about the modus operandi and issue of
caution advices against unscrupulous borrowers could result in similar frauds being
perpetrated elsewhere.
 Banks may, therefore, strictly adhere to the timeframe fixed by RBI for reporting
fraud cases failing which banks would be liable for penal action as prescribed under
Section 47(A) of the Banking Regulation Act, 1949.
 Banks should specifically nominate an official of the rank of General Manager who
will be responsible for submitting all the returns referred to in this circular. Fraud
Monitoring Cell, Department of Banking Supervision, Central Office publishes a
directory of officers of all banks/financial institutions responsible for reporting of
frauds. All banks should furnish to the aforesaid department any changes in the names
of officials that will be necessary for inclusion in the directory on priority basis as and
when called for.
 Banks must provide sufficient focus on the "Fraud Prevention and Management
Function" to enable, among others, effective investigation of fraud cases.
 Banks should be able to provide promptly as well as accurate reporting of frauds to
appropriate regulatory and law enforcement authorities including RBI.
 The fraud risk management, fraud monitoring and fraud investigation function
must be owned by the bank's CEO, its Audit Committee of the Board and the
Special Committee of the Board, at least in respect of large value frauds.
 Banks can also frame internal policy for fraud risk management and fraud
investigation function, based on the governance standards relating to the ownership
of the function and accountability for malfunctioning of the fraud risk management
process in their banks.