Banking frauds rising, becoming more sophisticated has been saved
Banking frauds rising, becoming more sophisticated
Deloitte India Banking Fraud Survey
• Over 50 percent of respondents indicate at least 10 percent increase in fraud incidents in the last 2 years • Average loss of INR 10 lakh per incident in retail banking; INR 2 crore per incident in non-retail • Less than 25 percent of the reported fraud loss value recovered, indicated by majority of respondents • Forensic data analytics emerging as the new frontier to detect fraud
Mumbai, April 23, 2015: The number of frauds in the banking sector as well as the level of sophistication of frauds have increased over the last two years, according to the findings of the Deloitte India Banking Fraud Survey Report, Edition II. Around 93 percent of the respondents pointed out a substantial rise in fraud incidents, with more than half of the respondents having witnessed more than a 10 percent increase (in fraud incidents) within their respective institutions.
Retail banking was identified as the major contributor to fraud incidents, with a majority of respondents indicating that they had experienced more than 50 fraud incidents in the retail banking segment in the last two years, with an average fraud loss of approx. INR 10 lakh per incident. In contrast, the non-retail segment saw an average of 10 fraud incidents with an approximate loss of INR 2 crore per incident, survey respondents indicated. A majority of respondents also said they were able to recover less than 25 percent of the reported fraud loss occurred.
“While the banking sector has been amongst the first sectors in India to adopt technology for business expansion and ease, they have not yet leveraged technology to the maximum extent, as part of their fraud risk mitigation efforts. This is possibly one of the reasons why the sector continues to see a rise in fraud as well as delays in detection and recovery. Institutions therefore need to step up, understand and tackle any challenges they face in fraud mitigation, before the magnitude of fraud becomes unmanageable.”said KV Karthik,Senior Director, Deloitte Forensic.
Some of the reasons that have been identified for the increase in fraud incidents include lack of oversight by line managers or senior management on deviations from existing processes, business pressures to meet unreasonable targets, lack of tools to identify potential red flags, and collusion between employees and external parties. Further, the common causes of frauds observed in Corporate Banking included diversion and siphoning of funds; whereas fraudulent documentation and absence/ overvaluation of collateral were cited as the main reasons for fraud in Retail Banking.
Detecting and responding to fraud
Approximately 30 percent of the survey respondents indicated that it took them 6- 24 months to detect fraud, relying largely on customer complaints, anonymous tips received through whistleblowers and/ or during account audit/ reconciliation. The action taken by a majority of the respondents, upon the detection of fraud, was to carry out an internal investigation, while some others also chose to report the incident to a law enforcement agency.
Adopting anti-fraud measures
Only half of the survey respondents indicated having an effective fraud risk assessment program; however, more than two-thirds of the survey respondents indicated that they had effective fraud control strategies and policies in place.“Traditionally banks have relied on guidance from the RBI to develop its fraud control policies. However, in light of the changing fraud landscape – such as rise in technology facilitated frauds – it is important that banks also focus on periodically assessing fraud risks and tweaking their fraud control policies to cover these fraud risks. For instance, only few banks appear to have a robust policy on combating phishing and identity theft”, Mr. Karthik said.
In addition to conducting periodic fraud risk assessments, banks can also focus on investing in an intelligence gathering mechanism and using dedicated forensic tools during an investigation process, the survey report stated. Interestingly, about 83 percent of the survey respondents indicated that they foresaw an increase in their investments in adopting anti-fraud measures, especially in the areas of fraud detection and monitoring systems, upgradation of technology to combat cybercrime, and fraud risk assessments and investigations.
Forensic data analytics emerging as the new frontier to prevent/ detect fraud
Survey respondents indicated that the top three challenges faced by banks in preventing fraud were the lack of customer/staff awareness about the impact of fraud; integration of data from various banking systems; and inadequate fraud detection tools.Most of these challenges can be addressed by implementing a dedicated proactive fraud detection/ analytics solution, as one in every three survey respondents were not entirely satisfied with their existing fraud detection/ analytics solution.
There has been a substantialincrease in the dependence on technology in the banking sector. With cybercrime continuing to increase in volume, frequency and sophistication, it is not surprising that the top three areas giving sleepless nights to the survey respondents were Internet Banking/ ATM fraud, E-Banking fraud and Identity fraud. In addition, mortgage portfolioalso appeared to be increasingly vulnerable to the risk of fraud, survey respondents indicated.
“While fraud is not a subject that any organization wants to deal with, the reality is that most organizations experience fraud to some degree. The important thing to note is that dealing with fraud can be constructive, and forward-thinking, and can position an organization in a leadership role within its industry or business segment”, said Mr.Karthik.
Notes to the editor for reference purposes only:
This press release has been given by Deloitte Touche Tohmatsu India Private Limited
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients.
Please see www.deloitte.com/about for a more detailed description of DTTL and its member firms.