Banking Licenses and Public Sector aspirants

Posted on July 2, 2013 by Vijayashankar Na

The list of 26 new Banking license aspirants provide an interesting contrast and a challenge to RBI to ensure that the long term Banking policies set by RBI will be adequately served by the right choice of licensees. Initially, it was indicated that RBI may not be keen to issue more than 6 licenses. However, the Finance Minister has clarified during the day that there may not be any artificial limit to the number of licenses to be granted. This has opened up the possibility of a number of aspirants to be able to obtain the provisional license.

Amongst the applicants we can identify three distinct categories of organizations namely the Private Sector Corporate Groups, Private Sector NBFCs and the Public Sector.

The Four Public Sector organizations that have sought licenses are

1. Department of Posts.

2. LIC Housing Finance Ltd

3. Tourism Finance Corporation of India Limited

4. IFCI Limited

After ICICI and IDBI entered Banking, it was natural for IFCI to also consider entering the Banking sphere. Unfortunately, both ICICI and IDBI lost their character as “Providers of Long term financiers” in the country and turned more into short term retail financing. IFCI is also likely to follow the same route.

It is however interesting to note the entry of Department of Posts which is perhaps one organization in India with the largest network of offices and the ability to serve the nooks and corner in the Country. Post offices already maintain savings and term deposits and hence the organization is well equipped to take on the new responsibility. However it is not clear if the make over is beneficial to the economy in general since Post office already exploits its rural presence in providing Banking services and in the semi urban and urban areas it is not possible for the department to compete with other Banks effectively at least in the near future.

LIC Housing and  Finance and Tourism Finance Corporation may opt to convert themselves into Banks. It is unclear how they will fare as retail bankers.

It appears that some of these organizations want to be in the Banking domain more for the sake of prestige rather than any specific expertise beyond their current operation. Despite their one strength namely “Trustworthiness”, there is no specific indication that they will succeed as “Bankers” whose main business is to “Mobilize Deposits from the Public” and “Lend”.

RBI needs to think if the process of licensing will create organizations which will struggle managing the transformation from their current successful operations in a niche area to an unknown area where their expertise will have to be built on large scale poaching of banking personnel from other established Banks.

Naavi

Related Article in Live Mint

Related Article in Moneycontrol

Posted in Bank, RBI | Leave a comment

New Banking License-Let’s Remember Gandhian Principles of Banking

Posted on July 2, 2013 by Vijayashankar Na

Reserve Bank of India has released the list of 26 Banking license applicants who have sought licences under the new licenses to be released.

The list of aspirants is as follows.

1. Aditya Birla Nuvo Ltd., Mumbai.
2. Bajaj Finserv Ltd., Pune.
3. Bandhan Financial Services Pvt. Ltd., Kolkata.
4. Department of Posts, New Delhi.
5. Edelweiss Financial Services Limited, Mumbai.
6. IDFC Limited, Mumbai.
7. IFCI Limited, New Delhi.
8. Indiabulls Housing Finance Limited, New Delhi.
9. India Infoline Ltd., Mumbai.
10. INMACS Management Services Limited, Gurgaon.
11. Janalakshmi Financial Services Pvt. Ltd., Bangalore.
12. J M Financial Limited, Mumbai.
13. LIC Housing Finance Ltd., Mumbai.
14. L & T Finance Holdings Limited, Mumbai.
15. Magma Fincorp Limited, Kolkata.
16. Muthoot Finance Limited, Kochi.
17. Reliance Capital Limited, Mumbai.
18. Religare Enterprises Limited, New Delhi.
19. Shriram Capital Limited, Chennai.
20. Smart Global Ventures Pvt. Ltd., Noida.
21. SREI Infrastructure Finance Limited, Kolkata.
22. Suryamani Financing Company Limited, Kolkata.
23. TATA Sons Limited, Mumbai.
24. Tourism Finance Corporation of India Limited, New Delhi.
25. UAE Exchange & Financial Services Ltd., Kochi.
26. Value Industries Limited, Aurangabad.

RBI appears to be indicating that only 5 or 6 licenses are likely to be granted. The list contains several large corporates as well as Government owned and public sector organizations. It would therefore be a tough time for RBI to prune the list of 26 to around 6.

From the days of Bank nationalization in 1969 and subsequent partial de-regulation, Indian Banking industry has undergone a significant change of character and the new licenses are likely to be another mile stone in the history of Banking in India. The earlier Banks were born in the era where human interface was predominant and “Service” was a virtue. But the present environment is different. We are today living in a digital world where Bankers would not like to see and interact with its customers face to face and rather prefer to deal with them as “Numbers” or “Log in IDs”. Also “Service” is only a “Tool to make profit”. The new licensees will be born in an era where “Profit” is likely to be the only goal. This could seriously destabilize the Banking system as we know in India.

Naavi.org has time and again emphasized that RBI should not allow distortion of “Banking” as a concept of business developed over time with a focus on “Channelizing public savings fro productive use” and use “E-Money Shop” license as a separate category to feed the desires of the modern day “profit at any cost” Bankers. It is such a “Profit First Customer Next” approach which has made current Banking system extremely unsafe for common Bank customers and forced Naavi to take up a crusade for “Safe E Banking”

At a time when the Indian Banking system is reeling under the pressures of an in-secure technology system entry of several new entities will pose further risks to the Indian Banking consumers. Unless RBI ensures that new licenses are issued strictly on “Public Welfare Criteria”, Indian Banking is likely to permanently lose its character as a “Preferred Destination of Small Savings”.

The approach of the new generation banks have been to cater to the “Elite” category of customers and neglect the needs of the common man. Cost of Banking has been n the increase despite large scale automation. There is widespread “Money Laundering” and “Fake Currency Exchange” occurring within the banking system. The “Commercial” nature of the Banks have made them “Greedy” Banks and the customer has been bullied into accepting services at a cost and security level that are unreasonable from the user’s perspective. “Service to community” is no longer an objective of Banking.

In fact going by the arguments I have personally heard in many of the Bank fraud cases, most Banks consider themselves as “Money Shops” and they donot even appreciate the meaning of “Banking” as an institution to channelize public savings to productive areas.

In recent days, RBI is losing control of the industry and has become a pawn in the hands of influential commercial Bankers. The fact that recently most Banks have reverted to levying extra charges for SMS alerts of transactions, use of Cheques, Drawing of Cash from Banks, and also charge usurious penalties for unintended delays in loan or credit card repayments, use draconian methods of recovery of loans, associate themselves with property mafias and underground criminals in black money transactions and property seizures etc makes one wonder if the Indian Banking system has become a huge extortion racket where depositors are driven out of the system to other more risky investment channels.

The list of aspirants contain some names which are bound to evoke a fear that managements which are already thriving in black money wealth are interested in Banking license so as to convert their own black money into Bank deposits rather than mobilize savings from the public.

RBI should therefore consider “Ability to mobilize savings from grass roots” as the basic criteria for selection.

Secondly, large corporates already have many banks wedded to them and hence another criteria for selection should be “Ability and Orientation” to engage in “Retail Productive Banking”. Retail Banking does not only mean financing Luxury Cars and real estate but financing small trade and entrepreneurial activities.

Above all, “Commitment to Serve” as embodied by the Gandhian principles encapsulated in the following statements is to be considered as the key determinant for selecting the successful licensees.

“A customer is the most important visitor on our premises.
He is not dependent on us. We are dependent on him.
He is not an interruption in our work. He is the purpose of it.
He is not an outsider in our business. He is part of it.
We are not doing him a favor by serving him. He is doing us a favor by giving us an opportunity to do

……………………………………………………………………..Mohandas Karamchand Gandhi

I wish RBI adopts the right approach to new Bank licensing and uses this opportunity to correct some of the imbalances that have crept into the Banking system in recent days and ensures that “Safe and economic Banking for the Common man” is the key goal of the new Bankers. There is need to look for managements which are “People Oriented” rather than focusing only on “Profit at any cost”. 

Naavi

Posted in Bank, RBI, Uncategorized | Leave a comment

Norton Estimate 4.2 crore cyber crime victims in India each year

Posted on June 24, 2013 by Vijayashankar Na

According to Norton’s “Internet Security Threat” report, India has 4.2 crore Cyber Crime victims in 2012. (Report in Business Standard).

According to the report, the total cost of Cyber Crimes globally is US$110 billion( approx: Rs 6,60,000 crores) of which the cost of crimes in India is around us$ 8 billion (Rs 48,000 crores).

The report reveals a 58 per cent increase in mobile malware. Fifty percent of mobile malware created in 2012 attempted to steal our information or track our movements.

Thirty-two per cent of mobile threats are attempts to steal e-mail IDs and telephone numbers and 61 per cent of malicious web sites are legitimate and are compromised and infected with a malicious code.

The top five web sites hosting infections include business, technology and shopping web sites. Sixteen gangs are active in ransomeware.

Detailed reports can be accessed here.

Another important observation is that  50 percent of all targeted attacks were aimed at businesses with fewer than 2,500 employees. In fact, the largest growth area for targeted attacks in 2012 was businesses with fewer than 250 employees; 31 percent of all attacks targeted them. This indicates that “Small Businesses” are increasingly targetted by criminals.

It is also interesting to note that within an organization, the most frequently targeted job role was in R&D, which accounted for 27 percent of attacks probably indicating that IPR theft as a target or espionage by competitors.

The total number of new vulnerabilities reported in 2012 stood at 5,291. This figure works out to approximately 101 new vulnerabilities a week. Compared with the number from 2011, which was 4,989, it represents an increase of 6 percent from that of 2011. All of the top five vulnerabilities were several years old with patches available. 12 Zero day vulnerabilities including 3 browser based vulnerabilities were identified during the year.

Corporates may take note that “Watering hole based  attack” has grown as a strategy of targetted attacks. In this strategy, genuine websites expected to be visited by targeted members are infected with trojans which automatically download themselves to the visitors. We may recall that Bank of India website, Deccan Herald websites were among such compromised websites that Indians have come across in the past. This underscrores the need for all website managers to tighten the security at hosting level to mitigate such risks.

Naavi

Posted in Cyber Law | Leave a comment

Hong Kong Government accuses US Government of hacking

Posted on June 23, 2013 by Vijayashankar Na

The controversy surrounding the PRISM program of US Government under which the US intelligence agency intercepted the communication of billions of foreigners assumed a twist today with the Hong Kong Government accusing the US Government virtually of hacking.

The whistleblower Mr Snowden who had first made public the US program was known to be in Hong Kong and the US Government had issued a request for his arrest. However it is now learnt that he has been allowed to move out of Hong Kong to a safer country and the Hihg Kong Government has issued a press release that he was allowed to move out since the US request for arrest did not meet its legal requirements.

Copy of the press release issued by the Hong Kong Government in this connection is available here.

What is interesting is that the Hong Kong Government has stated in the press release as follows.

” Meanwhile, the HKSAR Government has formally written to the US Government requesting clarification on earlier reports about the hacking of computer systems in Hong Kong by US government agencies. The HKSAR Government will continue to follow up on the matter so as to protect the legal rights of the people of Hong Kong.”

This appears to be a veiled threat that international legal action may be initiated on the US Government if necessary. This should indicate the stand some other Governments may also take. In India perhaps the Government will await for the Supreme Court judgement on the related PIL before taking any stand.

Naavi

Posted in Cyber Crime, Cyber Law, Privacy, Uncategorized | Leave a comment

IT Secretary Maharashtra creates history

Posted on June 21, 2013 by Vijayashankar Na

Mr Rajesh Aggarwal, IT Secretary of Maharashtra has created a history by his landmark judgement in a case of an ex-employee hacking into his former employer’s systems to provide a wrongful gain to his new employer. Such cases are common in IT industry and earlier such cases have been registered in Tamil Nadu and other places.

In this case decided by Mr Aggarwal as the Adjudicator of Maharashtra, he has found a Japanese Company liable to compensate the aggrived ex-employer of an employee who had joined the Japanese Company.

More information on the case is available here

In the above article in Indian Express it is reported that a apanese Company namely Endo Kogyo nd its employee, Mr Ashish Kalmegh were ordered to compensate a Pune based firm by name Arhan Technologies in a case recognized as “industrial Espionage”. It was alleged that the ex-employee had used his formal credentials to hack into the former employer’s systems and forward certain emails to himself. The accused were also reported to have deleted evidence and threatened the Pune company by spreading false rumours.

The adjudicator has awarded a compensation of Rs 20 lakhs. Since there is also a police complaint filed in the case it is possibel that the police may also initiate criminal proceedings against the Japanese Company as well as the offending employee under various sections of ITA 2008.

Copy of the two orders are available here:

Order 1 on admission:

Order 2 on final award

This should be considered as a landmark judgement which will enhance the reputation of the Adjudication system in general.

In contrast the Adjudication system in Karnataka is accumulating negative reputation with another kind of landmark judgement which the IT Secretary, Mr M.N.Vidyashankar rleased on 27th December 2011 holding in effect that “No Company can seek protection for hacking under ITA 2008”. If this judgement is considered operative, the Pune company or the Maharashtra police could not have proceeded in the above case.

I would like Karnataka High Court also to take note of the above judgement of the Adjudicator of Maharashtra since it has in effect endorsed the judgement of Mr M.N. Vidyashankar through its own judgement of May 27, 2013 creating a situation where Karnataka can be called a “Hacker’s Haven”.

Naavi

Posted in Cyber Crime, ITA 2008 | Tagged , , , | Leave a comment

Cyber Crime Insurance getting attention

Posted on June 20, 2013 by Vijayashankar Na

Naavi has been highlighting the need for Indian Banks to obtain Cyber Crime Insurance as suggested by RBI in 2001 and ensure that customers are spared from the phishing liabilities. However Banks have been generally reluctant under the ground that such covers are not available.

However it appears that more and more Insurance Companies have started offering Cyber Crime Insurance policies which has changed the scenario. Perhaps the first company which was heard of issuing Cyber Crime Insurance in India was HDFC Ergo.

The latest report in Business Standard indicates that Bajaj Allianz General Insurance and ICICI Lombard are also in the fray with some policies which may address the needs of the market. According to Bajaj Allianz General Insurance, Cyber Liability can be covered under the “Professional Indemnity Policy” as an extension and such policies would cover third party claims arising due to negligent transmission of a computer virus, misrepresentation, defamation,confidentiality breach, intellectual property infringement and elated exposures.

ICICI Lombard states that their policy covers “Privacy Breach Liability”, “Cyber Extortion”, “Business Interruption Losses”, “Liability from multimedia and public relations costs”,”Legal expenses”and “data Theft liability”.  The premiums are said to be around 0.5 to 1.5% of the amount insured.

Tata AIG Insurance covers the liability of a Director or an officer against risks of negligence resulting in liabilities in Cyber Crime incidents under the “Director’s Officer’s policy”. A more comprehensive cover is also said to be available under “it-internet liability coverage” which protects the insured from damages arising from a breach of duty in the operation of an internet, intranet or extranet site, transmission of electronic mail or documents by electronic means or the unintentional transmission of a computer virus.

Reliance General Insurance indicates a preference for customized extension of Director and Officer’s liability policies rather than standard policies.

According to Bharti AXA General Insurance,apart from companies, even government of India is quite serious on this matter and is working with various industry bodies like NASSCOM. on a proposal to mandate hardware vendors to provide cyber security awareness brochures along with the products they sell in India, which will go a long way in creating awareness on cyber threat. May be they consider such moves to increase the demand for Cyber Crime services in the future.

It is a good sign to observe that at least three or four choices are now available to Banks to cover their Cyber Crime losses. RBI should therefore ensure that all Banks confirm if they have obtained necessary cover as directed by RBI in its Internet Banking Guidelines of June 14, 2001. Failure to comply with this important regulation should be considered as a serious negligence inviting disciplinary action by way of penalties from the regulator.

According to  KPMG’s annual electronic crime report of 2011, cyber liability insurance is still to gain currency with businesses, despite the rising risk. It indicated that 78 per cent of the 200 senior security managers from global businesses indicated that their companies either did not have insurance or that they were not aware if their companies had any cyber insurance, despite more than half seeing an increase in cyber crime risk over the past 12 months.

May be the situation appears to have improved in the last two years as indicated by the recent news report of Business Standard cited here.

Wide availability of Cyber Crime insurance will make a huge difference to the life of Netizens who are today forced to accept technology intrusion into their life. It is also likely to provide a boost to the Information Assurance industry in India. We can therefore look forward to some interesting developments in this area in the coming days.

Naavi

Posted in Bank, Cyber Crime, Cyber Law, Information Assurance, RBI | Leave a comment