Raghuram Rajan exits.. Media starts its games once again.

The media including the otherwise respected Economic Times and CNBC TV  all predicted dooms day for Indian economy if Rajan is not given a second term. It was funny to observe that even Mr Narayana Murthy of Infosys made a suggestion that Rajan deserves not one renewal but two at one go.

Now that Mr Rajan has decided to call it quits, all these people should accept that  their attempt to manipulate the process of appointment of an RBI Governor which is the prerogative of the current Government has not been successful and keep quiet.

All said and done, Mr Rajan was a personal choice of the previous Finance Minister Mr Chidambaram who is a tainted with issues such as  the Ishrat Jehan files involving National Security issues  and that should be sufficient to cause distrust of Mr Rajan by neutral observers.

Mr Rajan did not do enough to present himself as a person who is not pro-Congress during his tenure. The support he received from Congress in the last month and receiving till today is sufficient to vindicate the belief that Congress had a vested interest in his continuation and it was therefore a political decision to continue him or not.

The media which thinks it can influence every Government decision has now started its game once again by projecting Ms Arundhati Bhattacharya, the current SBI Chair person to the post of the RBI Governor. Media would love to have the “First Female Governor of RBI” as if it is a special qualification for a person to be female. This criteria is insulting even to Ms Arundhati and should never be advanced.

I however, consider the attempt of the media to project Ms Arundhati as faulty for a different reason.

We must understand that she is now the head of the biggest Commercial Bank in India and if there is any problem with the Banking industry including NPAs and Frauds, the biggest share of the same is with SBI.

The role of RBI Governor is one of the “Regulator” of Banks and therefore it is completely illogical that the current Chair person of one of the commercial Banks is made the regulator.

It is highly objectionable in principle and should be avoided at all costs.

Even if she is otherwise eligible for the responsibility, it can be considered only after a cooling off period of upto 3 years after she demits the current office.  Otherwise there would be a serious conflict of interest in her role.

Further, in Personnel Management, we all know the problem of “Role Fixation” that arises in a person when he is elevated to a higher position in the hierarchy. An SBI Chairperson will remain an SBI Chairperson mentally,  for some time even if she is made the RBI Governor and immediate switch over is not advisable from managerial principles.

Further, it should be understood that the RBI Governor’s position is that of a “Regulator”. One of the problems with Raghuram Rajan was that he had a “Role Fix” as an “Economist” and was weak in discharging his other functions as a “Regulator”. It is for this reason that on issues of security, fraud management etc, his contribution appeared wanting.

Any person who has watched the E Banking and Credit Card scenario in India will recognize that SBI was one of the problem Banks. It was operating its credit card operations through an outsource partners and fraud attempts and phishing was most rampant in SBI cards. There have been many E-Banking frauds indicating a weak information security position in SBI though its past image has endured in giving a picture of a sound Bank.

The recent incident where SBI was caught transferring Rs 720 crores in Cash (as claimed by them in certain press reports) in Tamil Nadu during elections cast a doubt on the integrity of SBI just as the old Nagarwala Case had proved how SBI was acting as a private Banker of Indira Gandhi. Ms Arundhati owes an explanation to the country on this incident which she is yet to come up with.

I wish Mr Subramanya Swamy raises this question in the Parliament.

There is no doubt that ex-Bankers like us hold SBI with lot of respect for their systems and procedures as well as their manpower training systems. However, in the generation of E-Banking, the same efficiency does not seem to have been carried through. Now that SBI will be saddled with the “Subsidiary Merger Issues”, there will be chaos in the Bank in the next three years and it would be best if Ms Arundhati is left to handle the challenges of merger rather than be moved out.

If Ms Arundhati is made the RBI Governor, I see the possibility that many of the frauds in SBI will be suppressed and there will be a greater mess to deal with on a later date. Even issues such as the Vijay Mallya issue will become complicated if the SBI Chair person becomes the referee.

I therefore request media to stop speculations and supporting any one person for the job of the RBI Governor. Let this be handled professionally. More the media tries to support a person, it will be seen as a PR exercise and there will be many who will oppose. This is not good even for the incumbent candidate.

If Ms Arundhati is intelligent, she should immediately issue a statement that she would not like to be considered for the post at this point of time. This will prevent further embarrassment to her.

My personal view is that  the RBI Governor’s position is best managed by one of the current Deputy Governors, the best of whom can be elevated. We donot need a Noble Laureate and an economist  but a hard nosed regulator to manage RBI. Then the Governor will focus on Bank regulation rather than poking his nose into the Financial Minister’s work.

Certainly it is wrong to think of  current Chair persons of SBI or ICICI Bank or Axis Bank for the post even if they have been efficient in their past assignments and they all would create history of being the First Female RBI Governor of India, if it is a desirable thing. If such a decision is taken, remember “Peter’s Principle” and pray for the welfare of the  Indian Banking Customer.

Naavi

Also Read Old articles on NBFC policy issues (These are 1998 articles and to be seen in that context)

 

Share Button
Print Friendly

Lessons from China to Indian Bankers and RBI

China Banking Regulations Commission (CBRC) has notified guidelines to the Banking industry to use “Secure and Controllable Technology” to strengthen the Internet based Banking system. This guideline has the potential to bring significant changes to the IT industry in China and also the vendors from outside China.

According to the guideline it would be mandatory for Banks in China to use “Secure and Controllable IT Products at a minimum rate of 15% increase each year and to reach 75%  by 2019. The criteria for determining the status of a product as  “Secure and Controllable” have been detailed in the guideline and includes the following.

1. IT Vendors are required to establish own R&D service cetners in China

2. Source code should be filed with CBRC

3. Risk of Product supply chain should be controllable. (i.o.w. there could be a need for more local production in the entire supply chain)

4.The IP rights in respect of certain products could be subordinated to the local requirements. (i.o.w. provisions similar to compulsory licensing may be used)

As a result of these regulations, it would be necessary for the following:

1.Supplier/Service Contracts will have to incorporate necessary compliance clauses.

2. Banks will have to deploy 5% of their R&D budget on deployment of Secure and Controllable IT products

3. Banks need to subject themselves to an annual audit by CBRC  to determine compliance.

As a result of these changes, Indian IT companies having operations in China with exposure to Banking industry need to be prepared for a compliance related modification of their business contracts.  If they fail to adapt, the supply contracts may be terminated.

I think RBI needs to pick up a few lessons from these guidelines since they have mindlessly allowed domination of Chinese products in the Indian Banking industry exposing the country to a great disadvantage in the event of a Cyber War. Banks should also understand that there is national interest beyond the need to increase their bottom line.

 We remember that during the UPA regime, a Security Certification Center was established under the guidance of IISC Bangalore to test IT products from China in particular which were suspected to have OEM-back doors, but was actually sponsored by Huawaei !

I hope the National Cyber Security team in India takes note of these developments and initiate appropriate actions.

REFER:

China Banking IT Regulation Tightened Up

China Issues new CBRC guidelines

CBRC issues clarifications

CBRC makes life difficult for MNC vendors

Naavi

Share Button
Print Friendly

Will Axis Bank Explain?

Naavi.org recently was informed of a bizarre instance involving Axis bank and ATM transactions. This incident is a matter of serious concern to all Axis Bank customers and hence we would like to bring this to the notice of all including Reserve Bank of India.

I am reproducing verbatim a comment posted by one Mr Sharad Updhyay about his experience in an ATM in Gurgaon for one of our earlier articles titled “Axis Bank ATM license should be cancelled by RBI

“Recently I tried withdrawing Rs. 2000 using my IDBI Debit card from an AXIS BANK ATM based at Sahara Mall, Gurgaon. The ATM asked me if I want a receipt for the transaction. I opted yes, the transaction was automatically aborted. Wondering what happened to the ATM, I tried again and again (with option “Yes” for transaction receipt) – a total of 5 times, but encountered the same problem everytime.

Meanwhile I noticed that another person who opted “No” for printed receipt was able to withdraw money from the same machine. I followed him – went ahead for withdrawal without transaction receipt, and this time machine dispensed the desired amount i.e. Rs. 2000.

Next day I noticed that my IDBI account was debited twice: first for a sum of Rs. 10000, and once again for Rs. 2000 (which I actually withdrew there). I was wondering what made the ATM cause a debit of Rs. 10000 in a single go – while I never entered this amount at ATM console.

I raised an official complaint with my bank (IDBI), and they escalated the case on my behalf with Axis Bank, however, Axis Bank rejected my claim – stating that their ATM balancing reports, switch files, and other transaction logs show that Rs. 10000 transaction was carried out successfully, and they do not owe me anything.

At this stage my bank i.e. IDBI has been helpless, and I’m just wondering whom to report this fraudster in order to get my money back. It appears that something fishy is going on there in Axis Bank ATMs with help of CMS (the agency which replenishes cash in ATMs) and the Axis Bank staff itself. How is it possible that there was no surplus sum recovered from ATM for my failed transactions, and how is it possible that an ATM automatically converts 5 subsequent transactions of Rs. 2000 each in to a single transaction of Rs. 10000?

Please let me know what can be done in this case, and how can I get my money back. Also, isn’t there any authority to punish the bank owning such malicious ATMs and ripping off the customers like this?”

First comment I would like to make on this incident is that there is apparent fraudulent mis-management by Axis Bank. It is clear that the ATM has been deliberately tweaked to ensure that fraudulent transactions donot come to the notice of the customer when he is withdrawing the amount.

The responsibility for this fraud lies squarely on the management of Axis Bank all the way up to the Chair person.

The reported incident is a report of possible hacking of a critical computer resource belonging to the Banking system. It represents a cognizable offence under ITA 2008. Mumbai police who closely monitor even facebook “likes”  and go the extent of arresting persons, must be considered as being aware of the occurrence of this crime. They should therefore take suomotu action and register a Cyber  Crime under Section 66 of ITA 2008 making unknown Axis Bank employees as suspects. It should also investigate “Negligence” from Axis bank ATM division and the Chair person for not taking adequate information security measures to protect the ATM transactions.

The Reserve Bank of India at the same time initiate its own investigation and take penal action against the officials of the Bank.

Now coming back to the customer and what he can do.

1. Normally  money fraudulently debited to the account should have been reversed immediately on filing of a complaint with the Bank.

2. IDBI Bank cannot absolve itself of its responsibility since they have used Axis Bank as it’s agent and hence they are responsible for their client’s loss.

3. Customer need not go to the Banking Ombudsman since that is a sham run by RBI and most Ombudsman are biased in favour of the banks and simply reject the claim with a further proviso that you cannot appeal to RBI.

RBI is aware that the scheme is a sham and yet has not shown any interest in correcting the same. This is not a reflection on the Banking Ombudsman in Mumbai but a general reflection on the scheme and how it is run.

 If possible I advise the customer to personally meet Mr Raghuraman Rajan, the Governor of RBI and check why he is not considering himself responsible for running a secure banking system.

 4.The customer is fortunate to be in Mumbai where the IT Secretary is one Mr Rajesh Aggarwal. He is also the “Adjudicator” under ITA 2008. For any financial loss arising due to contravention of any of the provisions of ITA 2008, in Mumbai, he is the sole authority having judicial powers to conduct an enquiry and award a compensation.

I advise the customer to make an adjudication complaint to him immediately. If he remains in office for some more time, he will definitely give him justice.

However, since Maharashtra is likely to have a change of Government soon and it is customary to shuffle secretaries if a new Government comes, it is possible that this great officer who is upholding justice under ITA 2008 like no other IT Secretary in India may be shifted out.  Hence the customer should at least get his complaint registered before any such change occurs.

5. It would also be better if a complaint is filed with the commissioner of Police, Mumbai against the officials of IDBI Bank and Axis Bank  for running a fraudulent ATM system and causing loss to you. The customer should not fall into the trap of filing the complaint against the unknown fraudster who might have drawn the money. That person will never be traced since IDBI bank is unlikely to have maintained the CCTV footage or other evidence that may be required for this purpose. Police and Banks will try to hold that only that unknown person is responsible and no body in the Bank is responsible. This is a way of driving the complaint to a dead end. For the customer it is always a transaction with the Bank and hence should hold the Bank alone responsible.

The Police complaint should also mention that RBI has been negligent in enforcing ATM security and is also responsible for pushing customers to such frauds.

If necessary, the customer may take the assistance of a Consumer activist to pursue the complaint.

It may appear that  the money lost may not be substantial and hence may not be worthy of the trouble of complaining. It is this attitude of most of us that emboldens criminals to resort to this type of small ticket frauds which we refer to as “Salami” attacks. It is our duty to bring this to public knowledge and wake up regulators like RBI to remind them of their responsibilities.

In the meantime, I demand that Axis Bank makes an official statement about this incident.

Naavi

Share Button
Print Friendly

Does Nachiket Mor Committee report impress to deceive?

One of the first initiatives that the new RBI Governor Mr Raghuram Rajan took after assuming office a few months back was the formation of the Nachiket Mor committee on “Comprehensive Financial Services for Small Businesses and Low Income Households”.

Now the committee which was set up only in September 2013 has submitted its report at the same speed with which Raghuram Rajan displayed on the licensing of new banks. RBI released a copy of the report on january 7th for public comments. The Comments may be emailed or sent by post to the Principal Chief General Manager, Rural Planning and Credit Department, Reserve Bank of India, Central Office, 10th floor, Shahid Bhagat Singh Marg, Mumbai 400 001 on or before January 24, 2014.

The committee has made several radical recommendations and while laying down its vision statement for financial inclusion and deepening, has suggested providing a universal bank account to all Indians above the age of eighteen years and has recommended a Vertically Differentiated Banking System with Payments Banks for Deposits & Payments and Wholesale Banks for credit outreach with relaxed entry point norms of ` 50 crore.

On priority sector, the Committee has recommended Adjusted Priority Sector Lending Target of 50 per cent against the current requirement of 40 per cent with sectoral and regional weightages based on the level of difficulty in lending. The Committee has also recommended risks and liquidity transfers through markets.

The Committee has advocated regulatory convergence between banks and NBFCs based on the principle of neutrality with regard to classification of non-performing assets and the Securitisation and Reconstruction of Financial Assets and Enforcement of Security Interest (SARFAESI) Act, 2002 eligibility.

The Committee has suggested that a State Finance Regulatory Commission (SFRC) be created into which all the existing State Government-level regulators could be merged and functions like the regulation of Non-Government Organisations-Micro Finance Institutions and local Money Services Business could be added on.

The Committee has desired that the Reserve Bank should issue regulations on suitability, applicable specifically for individuals and small businesses, to all regulated entities within its purview so that the violation of such regulations would result in penal action for the institution as contemplated under the relevant statutes through a variety of measures, including fines, cease-and-desist orders, and modification and cancellation of licences.

The recommendations are radical and will have significant impact on the Banking and Financial sector in India and will also significantly affect the stock markets. It will also affect the proposed new Banking licensee aspirants.

In view of the nature of some of the recommendations that may also affect security of public money, it is essential for experts in the field to study the report and submit their comments to RBI in time.

Mr M.S.Sriram, a former professor of IIM Ahmedabad opines has published an interesting article titled “Why the Nachiket Mor committee report on financial inclusion disappoints” in livemint.com which makes a good reading to begin your exploration of the report.

Naavi

Copy of the report is available here.: 

Additional comments of two of the members can be found here:

aap_subsidies

Share Button
Print Friendly

Bitcoin Regulation.. Where should the focus be?

We have been watching Bitcoin exchange rates growing exponentially at MtGox attracting the attention of regulators both from the point of view of the possible effect on the monetary controls of the Sovereign States and loss of Tax revenue besides the money laundering.

Regulators should also recognize another aspect of the market that could be a cause of worry. That is the growing number of Bitcoin clones in the market. A few days back only 9 bitcoin clones were visible. Yesterday the report was about 53 clones. Today the number of Bitcoin clones appear to have grown to about 142 as this report suggests. (Complete Directory of Crypto Coins)

Since Bitcoin protocol is an open source protocol, we can expect more Crypto currencies to emerge as we go on. In fact many of the “Reward Schemes” operated in the markets can overnight convert themselves into crypto currencies and provide a capital appreciation prospect to the reward points.

Regulators now have to therefore worry not only on Bitcoins, but on all other Crypto Currencies and the dynamics of the issue is is changing so fast that it is difficult for regulators to keep watching any more.

Let’s us now look at some of the major concerns of the regulators.

1. Use of Bitcoins (and all other Crypto currencies) for criminal activities:

Cyber Crimes is an important concern of the community. Today, the Cyber Crime related money laundering transactions is said to be bigger than Drug related transactions. There is therefore a legitimate concern that any system that assists in holding of assets in anonymous and liquid form, movable across the globe in minutes (like BTC) is an obvious choice of the crime mafia.

However the real concern of the society on Cyber Crimes is when money from the physical society is stolen via the Internet. Infact, if a virtual asset of one Netizen is stolen  or lost, the physical society would not be much bothered.  It is only when a person loses his Rupee or dollar balances in his Bank account that the physical society is really concerned.

Hence If Bitcoins are lost by a holder, it is only some body elese in the Bitcoin community who may be bothered and not the physical society regulators.

If the crime syndicate wants to use Bitcoins as the currency for rewarding crimes, they still need to transfer their crime income in Dollars or Rupees to BTCs and vice versa. The concern should therefore be about the “Conversion Point”.

IOW, BTC is not a threat to the society but it is only the convertibility of physical currency to BTC and vice versa which is a matter of concern to the physical society. 

2. Taxing of the Revenue

Governments everywhere are interested in “Taxing” the population and appropriating their wealth so that the Governance can be financed. Whenever they see people making profits in business, they therefore think of how to tax them. If they feel that the profits are earned relatively easily then the urge to tax on a higher tax bracket is more.

Currently the regulators can understand the part of the Bitcoin business which involves buying and selling of BTCs. This is no different from stock market or property transactions. Investors will make either trading profit or loss in the short term or long term. As long as such profits or losses are realized in local currency terms, they can be brought under tax net.

When the stocks remain in BTC form, the regulators need to arrive at a valuation scheme and they may either take the value as prevailing in MtGox or have a system of weighted valuation across a few top Exchanges.

Regulators will however have some difficulty on understanding the nature of wealth creation that occurs in the “Mining Activity”. The value created in the mining activity accumulates in bitcoin wallets which are difficult to trace and it is only when a person declares his holding will the IRS/IT department come to know of the existence of the BTC wealth of the citizen.

However once declared by the miner, it is possible for the tax authorities to value it in terms of the exchange rates and consider it as a property.

The cost of acquisition of the BTC is however not easy to ascertain. The cost of hardware and electricity as well as any other fees paid need to be taken into account just as in any other business. However there is a reasonable way of estimating this based on the calculators that are available. Some uncertainty may still be there when miners adopt innovative strategies to cool the processors and thereby save electricity.

However it would not be difficult for the tax officials to agree upon a cost declaration and allow it as a deduction from the value of the coins created and also agree to tax the holdings on the basis of holdings or on conversion to physical society currency at some point of time in the future.

They may also introduce a condition that unless the costs are declared during the year of operation, they will not be allowed as a deduction on sale in the subsequent years.

Hence taxing of BTC related operations is well withing the grasp of the regulators and can be easily managed.

3. Impact on the Economy

There is one more concern among regulators about whether holding of monetary assets by people as a parallel currency affect the money circulation in the economy and affect monetary policies such as interest rates etc.

This is unfounded since at present the vale of BTC wealth is too small in comparison with the physical currencies floating around.

Even when the BTC holding in an economy goes upto a significant level of say 10 to 20%, what it means is that there would be some “pseudo wealthy persons” in the society who can feel proud that they are millionaires. But their status would be like some property owners who may be sitting on prime property but may not have cash to meet their wealth tax obligations itself.

The wealth has value only when converted into domestic currency and when BTC is sold and coverted to local currency. The wealth then becomes part of the local currency and neither causes inflation or deflation on its own.

I therefore consider that the regulators need not have any worry about the adverse effect of BTC on the economy.

However, I  concede and strongly contend that there is a need to ensure that BTCs are not used as the currency of the Cyber Crime underworld or as the Currency of the criminals for laundering their crime money or for politicians to hoard their ill gotten wealth in BTCs instead of Swiss Banks.

In order to achieve this objective there is a need to regulate the “Exchanges”.  It is necessary for the Governments to ensure that conversion of BTC (Or any other Crypto Currency) to legacy currency of the land or vice versa has to be through a regulated process.

This means that the exchanges have to be “Authorized” and there has to be a proper “Record Keeping including an effective Know Your Customer norm” and “Record Submission to authorities”.

I suggest regulators to start thinking in this direction but otherwise let the crypto currency system to thrive on its own steam.

In fact if more Indians can start BTC mining, then ISPs would be happy with the higher bandwidth usage. Power sellers would be happy with higher capacity utilization ( I assume that power shortage is not an issue at the place of mining). IT hardware industry would be happy since it creates a market for more computers and specialized mining equipments. (Hope this would give a fillip to  computer hardware industry in India!).

More mining in India means more global wealth flow to India and more tax collection by the authorities.

Hope RBI is watching the developments in the right perspective.

There could be a concern however for the environmentalists and those who would like conservation of resources and prioritizing productive uses. The debate could be whether the amount of computing power that is getting diverted into BTC activity is worth the effort. (See the report here). May be this is left to a later point of time when the activity is more significant.

Naavi

Share Button
Print Friendly

Negligence of Export Promotion Councils, ECGC and Banks lead to Rs 2.35 crore fraud

In what has now become a routine type of fraud, a tobacco exporter  in Andhra has been defrauded to the extent of Rs 2.35 crtores.  Naavi.org recalls its open letter  to RBI and ECGC in its post on July 14, 2013 about the increasing nature of such frauds.

Way back on October 30, 2011, writing in Exim Matters, Naavi in his article “The Law of Internet For Exporters” had highlighted the dangers of relying on unauthenticated e-mails and the possibility of exporters becoming victims of frauds. This was followed up in the next article on the use of Digital Signatures. Had the contents of these articles been properly assimilated by exporters, some of the frauds which we are now facing could perhaps have been prevented.

Again in the July 14, 2013, Naavi.org had highlighted the responsibility of RBI and ECGC on educating Exporters and also black listing some of the destination countries to which fraud remittances are usually sent. No action came forth from these regulators and the problems continued.

In the latest fraud incident the money has been sent not to Nigeria or China or Hong Kong but to USA and Turkey. It therefore appears that these fraudsters have now spread their net across other countries as well. In all these cases the original remittance instructions of an Export or Import order had been altered through fraudulent e-mails. Obviously the original contracts were in the knowledge of banks and therefore they were also privy to the fact that the terms of payment had been changed before the final remittance. This is an easily recognizable modus operandi of these fraudsters and if the Bankers had a reasonable knowledge of such cyber frauds, these could have been prevented.

I therefore place the responsibility for these frauds at the doors of irresponsible and ignorant bankers. The regulators such as RBI and ECGC also has to share the blame for not properly educating the Bankers in this regard.

I therefore suggest that just as the Police in Bangalore have recently pulled up Banks for their lack of security in ATMs, Police in Andhra should pull up Banks in this case by invoking their vicarious responsibility in this regard.

In the meantime ECGC may have to absorb the loss since the Exporter here is also a victim of a Cyber Crime.

Naavi

 

Share Button
Print Friendly