The Reserve Bank of India (RBI) advised banks to — with the approval of their respective boards — frame internal policy for fraud risk management and fraud investigation function. It also stated that these must be owned by the bank’s chief executive officers (CEO), its audit committee and the special committee of the board.
In a notification to chairmen and chief executives of all scheduled commercial banks the RBI stated that the incidence of frauds in the banks has been showing an increasing trend over the recent years, both in terms of number of frauds and the amounts involved.
It has been observed that the trend is more disquieting in retail segment especially in housing and mortgage loans, credit card dues, internet banking and the like. Moreover, it is a matter of concern that instances of frauds in the traditional areas of banking such as cash credit, export finance, guarantees and letters of credit remain unabated.
Citing reasons for frauds in banks, the RBI stated that while certain structural factors in the banks’ operating environment could account for this rising trend in general, “adoption of aggressive business strategies and processes by the banks for quick growth and expansion without ensuring that adequate and appropriate internal controls are in place could, in specific, incentivise operating staff to lower the standards of control while attempting to meet business targets.”
Also, a continuously rising trend in the cases of frauds is indicative of the fact that the steps taken by banks in investigating the frauds and identifying the fraudsters for eventual criminal prosecution and appropriate internal punitive action for the staff members involved in the frauds have not been adequate.
“While discussing certain cases of frauds of exceptionally large amounts, the Board for Financial Supervision (BFS) has expressed grave concern that fraudsters with the involvement of bank officials could engineer system wide break down of controls across months while putting through fraudulent transactions,” the RBI noted.
The board has observed that in terms of higher governance standards, the fraud risk management and fraud investigation function must be owned by the bank’s CEO, its audit committee of the board and the special committee of the board, at least in respect of high value frauds. And accordingly, they should own responsibility for systemic failure of controls or absence of key controls or severe weaknesses in existing controls which facilitate exceptionally large value frauds and sharp rises in frauds in specific business segments leading to large losses for the bank.