Since 2005
Welcome to IndiaMoz.org! You can find India information and resources on Indian business, finance, education, economy, trade, construction and maintenance, arts and entertainment, import and export.

Archive for August 2nd, 2012

Financial Services Security Frauds In India

Thursday, August 2nd, 2012

What is the nature of threat?

Recent survey by KPMG says that there is a digression in the Industry nature which is facing security threats .Some four years back it was the IT outsourcing industry and retail industry which were most prone to data theft. But now the nature has changed. Most of the frauds uncovered recently have been faced by companies dealing in financial services. Banking/Insurance/mutual funds/AMCs are the first category of company facing threats. The next is NBFCs, Investment Banks, Venture Capitalists, Private Equity.the other categories mentioned in the survey are – Media/Software, Retail/Consumer products, Foods/Beverages, transportation, Power/energy.
The threat perception of these sectors is generally higher mainly on account of the nature of their businesses and high growth rates achieved by these sectors in the last few years.

Why are the Organizations threatened by fraud?

According to a survey lack of ethical values has been identified as one of the main reasons for frauds in organizations. Some of the other reasons can be enumerated as follows:

– dissatisfaction among employees

– poor internal controls

– lack of ethical values

– collusion between vendors and employees

– inadequate background checks on prospective employees

management override of control

How were these frauds detected?

Majority of these frauds were detected by a company’s own internal audit or by a third party. Some of the other ways in which an organization lost its revenue and it came to light has been through:

– expense accounts

– false or incorrect information

– personal use of official assets

– forged documents

– secret commissions / kickbacks

– cheque forgery

– forged documents

– false financial statements

– IP infringement

What is the attitude of organizations towards frauds?

Earlier the trend was that the organizations seemed to be more reactive when these frauds occurred. But over the years there has been a shift in the attitude of organizations towards fraud. Now they are becoming increasingly proactive in their approach.
Most of these companies now have either a code of conduct or an ethics policy in place as a proactive measure to mitigate risk of fraud.

How can the frauds risks be mitigated?

Most of the companies in India are now undertaking strict steps in ensuring the minimum occurrence of fraud in outsourcing financial services. Some of them are:

– Pre- employment background check

– Regular fraud risks assessment

– Data analysis tools

– Fraud management systems

– Data mining tool

In addition all the individual employees are now being provided with proper systems to inform any kind of fraud threat at the right earnest. Some of them are:

– Emails

– Direct approach

– Anonymous letter/call

– Hotlines

– Grapevine

What is the outcome of the frauds -real as well as perceived?

Outsourcing to India, China, Russia, etc is really no different from sending data to what were once called service bureaus or what we now call application service providers. It’s been done for years and the onus has always been on the financial services firm to make sure it does its due diligence before choosing a partner. The security threats, these vendors face abroad are the same threats securities firms themselves face when data is housed on site. As a result, strong firewalls and a formal data security strategy must be in place to prevent hacking, viruses or misappropriation of data. The primary concern, we found is that executives don’t like the idea of sending their data to a location where their competitors’ data is also being stored. This is an understandable concern, but again, it is no different from sending your back-office data to ADP, which processes a good deal of Industry’s trades, or to Sun Gard for data storage and back-up.

The real fear revolves around the mistrust of people and what they might do with the data -such as selling it to a competitor. There are certainly unscrupulous people everywhere-and quite a few in the US securities industry. Anyone can steal information or data and sell it to competitors or use it for their own personal advantage. However, it’s no more or less likely to happen overseas. The concerns around outsourcing security have been exaggerated. This issue revolves more around the anger of losing American jobs, fear of the unknown, and, unfortunately, slight prejudice.

How is India fighting back?

Recent sting operation in UK done by Channel4 has exposed the seamier side of doing outsourcing business with India. However in India there were mixed reactions.

The Indian outsourcing trade body, Nasscom, and some senior company executives in India were worried that the program, and sting operations in past, would damage the country’s reputation as a location with an abundant supply of low-cost, skilled labor that delivers quality service to overseas customers. Nasscom said that it had asked the Channel 4 to provide details of the allegations but that the request had so far been refused. “We are concerned about the verifiability of such stories, especially sting operations where monetary inducements were provided,” said Kiran Karnik, president of Nasscom.

Industry executives in India are suggesting that repeated sting operations are being undertaken against the Indian Industry with the express intention of maligning its reputation. The fear among the Indian companies is that western customers will hesitate to outsource after India is repeatedly projected as an unsafe outsourcing destination. Much to its embarrassment the Industry has been hit lately by a series of security breaches.

The industry is scrambling to combat the perception of fraud. Companies have joined in setting up a national skills registry, an online registry for industry workers that would contain information about individual worker’s professional, educational and personal backgrounds. The information is validated by an independent agency but owned by an individual. So far, 25000 workers have registered for independent checks and biometric identification established earlier this year.