Financial Crime Risk Management

Frauds, scams, financial crime have become so common, they are used almost everyday and happening around us constantly They  fill pages in newspapers globally. It is also correct  to mention that digital innovation has speeded up  the financial crime multiple times and also innovation in carrying out the financial crimes.  People are finding new ways to swindle information and money online, which thankfully, also leads to people finding new ways to protect themselves from such online scams. But initiating action  to a financial crime after the its happening rarely helps the victims. Which is why, it is better to prepare ourselves  for and prevent such attacks.

This concept applies not only to individuals but also  to  organizations and large corporations, as these financial crimes against them could cost  in millions.  Hence  they focus more on preventing and protecting from financial scam, using various pre-planned strategies. Every organization has a set of strategies and even have  formed separate teams to combat them. This process is called Financial Crime Risk Management (FCRM).

WHAT IS FCRM?

Financial crime risk management (FCRM) is the practice of proactively looking for financial crime, by investigating and analyzing suspicious activity, rooting out vulnerabilities in software and manual processes, and taking any and all steps to lower an organization’s risk of becoming a victim. The proliferation of financial crimes has led to increased government legislation, which now makes it the organization’s responsibility to protect their data  as well as their clients data from both external and internal threats and be compliant with regulatory laws. If organizations fail to take the necessary steps to identify and combat financial crime, they could face stiff penalties that may run into the millions and even billions of dollars. This is especially true if the crime affects the public.

TAKING A LOOK AT FCRM INTERNATIONALLY

Financial crime is global, and no organization is spared. Several large digital organizations have been victims to financial crime like data leaks, scams, and other frauds. Big Companies like Pepsi Co and Volkswagen too have had their incidents of cyber criminals hacking them. With digital avenues for financial crime growing, small and large firms are becoming easy targets of these crimes, which is why governments around the world have regulations and laws in place. These regulations may vary from region to region, but essentially they direct companies to have a well structured internal system to guard against financial crimes to best of their ability. This system should have specific guidelines in place that stonewall all vulnerabilities or potential entryways for criminals, while not curtailing the growth of digitalization and  technology. Most international organizations have a well laid down FCRM policy so that they are compliant with international standards and regulations of their Regulators and Governments. In the United States, the Financial Crimes Enforcement Network (FinCEN) lays the principles for financial crime compliance:

The Bank Secrecy Act (BSA), that requires financial institutions to work with the U.S. government in cases of suspected money laundering and fraud.

The U.S. Patriot Act puts helps “to prevent, detect, and prosecute international money laundering and financing of terrorism.”

Know Your Customer (KYC) is a part of the Patriot Act that requires businesses to verify the identity of customers and understand the nature of their activities.

FCRM IN INDIA

While there are several laws and regulations in place most organizations also have their own FCRM policies to suit their business type. These policies may have specific guidelines for the company’s processes, but some policies are common across the organizations. These policies help protect from basic vulnerabilities, while also ensuring  to meet the new avenues for financial crime. The policies usually include,

Adaptation of Critical Processes for All Situations: Businesses should review their processes to adapt to the changing technological, social and economic environment. The continuance of critical risk assessment, such as monitoring and sanctions screening, is crucial to maintain the financial system’s integrity and protect institutions from potential breach.

Practicing Centralized Governance: It is crucial to ensure that consistent and centralized governance decisioning is maintained, for example, by creating a compliance supervisory board committee. Decisions by members should be justified and documented as action plans that address any deviation from normal operating standards.

Improvement of Financial Compliance Capabilities: Connect with regulators of law enforcement, as well as representatives of other industry participants who are continuously monitoring the financial risk landscape of the particular industry. They can offer insights on emerging threats, their impacts observed locally or globally, and prioritization of risk-based countermeasures.

Creating Awareness of Emerging Financial Risks: Use internal communications and training to create awareness to their employees on various risks and possible countermeasures to avoid or limit its impact.

Implementation of Quick Risk Assessment: Ensure assessment protocols reflect the volatility of current conditions, can stand against the potential impact of known vulnerabilities, and operate within the level of reasonable control your organization can exert over those risks. Frequent Risk Assessments and its monitoring the level is essential.

Know Your Customer Policies: Ensure the KYC policies meticulously follow up thorough multiple verification techniques to compensate for lack of face-to-face contact. Also ensure the data collection process is transparent and compliant to related government regulations.

Constant Updation of Transaction Monitoring Programmes: One of the important implementation is Transaction monitoring for financial organizations. These should cover all possible scenarios to identify red flags applicable to the organisations / individual activities, and its threshold levels to be updated or validated appropriately depending on their Risk Appetite. Data analytical tools to be used to enhance monitoring capabilities and quality assurance of output.

Keeping Compliance Records: Ensure maintenance of compliance records wherever necessary that are in consistent with the regulatory guidelines.

Preservation of Privacy and Data Security: Ensure all applications in every process are updated with latest security patches. Data access requires multi-factor authentication and need to know basis. All employees are to be made aware of the principles of customer privacy and data security.

Planning for All possible Scenarios: With Work-From-Home and other remote work options becoming normal, it is essential to ensure all related vulnerabilities in those scenarios including network related are also accounted for.

Updation of Regulators on Challenges: Keep updating Regulators for challenges in meeting regulatory requirements, while also ensuring the necessary guidance and support or exemptions are provided.

Continuous Monitoring and Testing: It is imperative that continuous monitoring and testing the scenarios happens so that programme gaps are identified and addressed effectively

These elements ensure that any company is sufficiently protected in the current financial crime scenario.

NEED FOR FCRM POLICIES

As the Financial fraud / Financial Crimes are constantly increasing, and the loss to the organisations in millions it is that a well laid down  FCRM policies and monitoring of its follow up may reduce the loss to the organisation. These policies protect the  organisations from internal and external threats, and being created by compiled by experts It is to be noted that these policies requires periodical review and updation to ensure continued protection.

Proper control of access, monitoring the employees activities may result in curtailing the internal fraud by the internal employees.

Author’s profile

Sruthi Murthy who is very talented, headstrong, has an eye for details and keen on reaching great heights, wrote this wonderful article on Financial crime for us. Worked with Sun tv, Production houses and now being a freelance writer she wrote this article to give us more insights on financial crime.

READ MORE

New Normal – Enabled Work From Home

“The new normal is great. The way of doing work from home is great because it has many advantages, such as zero hours of travel, less pressure, and more time for everything you enjoy which invariably enhances the quality of life.”

The COVID-19 pandemic situation has changed the workplace ecosystem across the globe and the changes are here to stay. Believe it or not, half of the uncertain behavior and stress has been reduced when one doesn’t have to face the traffic, pollution, and time management etc. With this on, we are trying to empower our employees by giving them a choice to work remotely from home or another location and we strongly believe that this enhances employee efficiency and business output manifold.

Working from home is no longer a choice but a new normal that every tech talent expects from their employer. As observed by many studies, employers who are not willing to adapt this hybrid work atmosphere will face challenges in hiring good talent and retaining those who are already employed.

It’s good to have flexible work hours. As working for nine to five isn’t a realistic model for most employees because of differing energy levels, task durations, and personal schedules such as childcare and health or wellness days. Work from home allows employees to remain productive within the hours when they feel the most innovative, so they can plan for the right amount of task time and accommodate their basic needs.

Added to that while your work hours go by sitting in front of the laptop most of the time which could result in some side effects and impact your posture or health, WFH helps us take break in between, wherein you can take a walk in your balcony, terrace or inside your room which you love. Where at office sitting in the same spot for long hours tires body and mind and does not help in offering creative and collaborative solution.

Challenges Faced In Work From Home

Every employee has different situations at home. Most face high level of physical and psychological discomfort owing to WFH. Employees are experiencing the strain on emotional and physical health due to distractions from other members of the family, absence of a work environment along with commitment to household chores.

The highest challenge faced by employees who opt to work from home is establishing continuous communication. When employees are in the same workplace, the understanding and communication between them is better and relatively simple, which allows them to support each other better. When seniors are working remotely, it becomes harder to identify those who are having difficulties.

For example, during WFH even for a small confirmation from the concerned employee one will have to wait for hours. Usually, people say applications like Google chat and Microsoft teams help to have that continuous channel of communication. But in many organizations, it is yet to be implemented or they are struggling to train their employees on new applications as they lack in communication.

Work from home employees have more difficulties with singing off as they work beyond their normal working hours. In many cases there is an increase in productivity level among remote employees, but this is not applicable for every WFH employees.

Statistics show that most people who are opting for WFH will never look back. They’re also more than happy to recommend the same lifestyle to others. Having a choice of work environment and location is now a key factor for many job seekers when searching for a better work-life balance and evaluating new career opportunities. It is time to prepare for the future of work as every company will make WFH as a part of their work culture.

Author’s profile

Arun M – Junior Software Engineer

Arun M is a graduate in Information Technology who is working with us as Junior Software Engineer. He has a unique view on the latest work culture and has shared his view point here in this article titled ‘New Normal-Enabled Work From Home’.

READ MORE

Understanding Web Application Security!

Understanding Web Application Security!

The growth of internet and its development increases in a daily basis. Though technology makes our life easy there is always the question of security. We like to have our data and personal information secured but as technology develops the risk of being attacked by hackers also increases. That’s where our web application security place an important role.

Web application security is to protect data, customers, and organizations from data theft, interruptions in business continuity, or other harmful results of cybercrime.

Importance of web application security

Effective security is important to any web application for various reasons like,

  • Reduces risk from both internal and third-party sources.
  • Keeps client’s data secure and builds confidence.
  • Protects sensitive data from leaks.
  • Improves trust from crucial clients and lenders.

Basic Website Security


  • SSL Certificate

SSL stands for Secure Sockets Layer. It is the most basic web application security but the most important security measure in web application, it’s the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems. Website without SSL security are labelled as insecure by popular search engines.

  • Web Application Firewall

Web Application Firewall WAF is another measure for web application security as it protects web applications from a variety of application layer attacks such as cross-site scripting (XSS), SQL injection, and cookie poisoning etc.,

  • Security Token Service (STS)

Security Token Service (STS), it secures the validation process by acting as an entity that develops a series of trust between the user verifying their login details, credentials and the application using the STS Service. All authentications must verify the trustworthiness of the token between the two parties to complete the authentication process.

  • Website Scanner 

Website Scanner is used to scan for Vulnerability that are automated tools that scan web applications to look for security vulnerabilities. They test web applications for common security problems such as cross-site scripting (XSS), SQL injection, and cross-site request forgery (CSRF). These website scanners will remove some of the known malware that are harmful for the website and will also look for threats.

In conclusion any business in modern world depends on internet. So, it is important that it is secured and continuously monitored 24/7 to protect form the threats. Furthermore, we must understand the importance of web application security and improve security of the application.

Author’s profile

     Anirudh – Junior Software Developer

     Anirudh is our junior software developer who is an expert in web application security

     here in this blog he Volunteered to share the basic and importance of web application

     security.

READ MORE

Future Life On Earth

This Article is all about “Our Planet. Our Future” for good reason.

Do you agree that the health of our planet and humanity’s future are inseparable?

Also do you agree that every substance has an interconnect?

As mentioned in Newton’s law – every action has an equal and opposite reaction. Whether it is a simple meme or a career, everything is interconnected to our day-to-day personal life.

But the question is what are the outcomes related to this interconnect? Undoubtedly occurring things will be either causal or non-causal.

Similarly, Future – Life – Earth are interconnected with everything. We are all curious about our future predictions.

80’s generation had a lack of benefits, to overcome it – new technology and gadgets were emerging, so that 90’s generation didn’t have to face difficulties in life. Now, current generation (2K) are more advanced & hassle-free in benefits. Well, current generation (2K) didn’t face the difficulties which were faced by the ’80s & ’90s.

Even though there is advancement in technology, the old good virtues are missing. The development in technology has been both boon & curse to the entire world. Well, the communication and transportation have been so easy, there is a lot of exposure and normal household things have been simplified, but still good old (generation) attributes are missing in the present world.

Generation X had a cordial relationship with nature. It was all eco-friendly. The old cranking (Wired) phones didn’t harm the flora and fauna. No junk foods and cloth-based carry bags didn’t cause damage. As the people were close to the nature, life was not a cob-web.

The advancement in technology with the environment should be sustainable development. Whether a person or a family or society, the livelihood base is the earth. Flora, fauna, humans, technology are interrelated with everything. Hence entire functioning of the ecosystem matters a lot.

The evolution of human beings is the base of classification from Domain, Kingdom, Phylum, Class, Order, Sub-order, Animal families, Genus, and species. Hence interconnected with the earth.
The classic example of advancement in technology with nature is the IT industry. The entire IT Industry is the ruling power of the future. Developers do advanced research in software development right from coding to executing. Right from online shopping, bank transaction, and ticket booking, IT Industry is the backbone of all. It has simplified the everyday tasks of our life. The computer parts are all derived from Silicon. Without the basic Silicon, there is no – IT industry. These Silicon are found in rocks, sand, clays, and soils and combined with oxygen. Silicon makes up 27.7% of the earth’s crust by mass.

Hence everything is directly proportional to earth. There should be sustainable development and resources should not get depleted. There should be a meaning for the future life on earth for all the earthlings.

Author’s profile

RAMESH K

Our junior software engineer Mr. K.Ramesh is an Aeronautical Engineer who is very much interested in sustainable future. Here are his thoughts about “Our Planet, Our Future”.

READ MORE

Catch The Crypto Craze

Catch The Crypto Craze – Fascinating Cryptocurrency Facts & Marketing Tricks You Need To Know!

The word crypto is an ever-expanding one. You can now not find a person who hasn’t heard about cryptocurrency. More people are joining the fold, while some come as investors, some as casual owners or traders, and finally many enthusiasts want to learn more about crypto. Want to know more about Cryptocurrency? We’re here to show you some must-known facts and marketing techniques about cryptocurrency.

Cryptocurrency which is also known as digital or virtual currency. Cryptocurrency enables online payments without any use of intermediaries. Bitcoin is the world’s first cryptocurrency developed by Satoshi Nakamoto in early 2009 and cryptocurrencies are transparency or distributed ledger technology.

Apart from bitcoin, there are alternative coin terms as altcoins. These cryptocurrencies can be mined with massive computational power. Mining crypto is not easy. Each coin transaction required computers in the network to complete and solve the math puzzles. The first computer which solves the puzzle will receive a fraction of bitcoin or an alternative coin.

The global cryptocurrency market capitalization hits around 3 trillion dollars and now the market cap is around 1.8 trillion dollars. Cryptocurrency is also known as a risker asset but also extremely profitable for long term investment.

cryptocurrency-NCS

Interesting Facts of Cryptocurrency!

Bitcoin

Bitcoin is often referred to as Digital gold. Bitcoin can provide a store of value like gold. Bitcoin only has 21 million coins and over 18 million bitcoins are in circulation. Where gold is a precious metal, its supply is unknown and hard to verify according to data almost 90% of bitcoin is already mined not only bitcoin, Altcoins also can be mined.
Because of the limited supply and demand of bitcoin a new technology called block chain growth of bitcoin and adoption is becoming greater day by day. Bitcoin price was 5.27 dollar in 2012 coming forward in ten years bitcoin price hits all time high 69800 dollar and now trading around 42500 dollars.

Ethereum

Ethereum is a decentralized and open source blockchain with smart contract. This Ethereum coin is native cryptocurrency platform. Ethereum built and runs decentralized application without any fraud, control, or interference from third party.
With smart wedding contract on Ethereum. People are getting married on blockchain technology with digital marriage certificate program. Couples can now receive digitally married certificate within 24 hours via mail. Where in traditional process marriage certificates duration are 15 days. Certificates which are written using blockchain is known as “Proof of marriage”.
Users can register wedding contract, divorce contract, buy and sell real estate and properties on smart contract.

Axis Infinity

axisinfi

The Axis infinity is the top play to earn cryptocurrency video game. Its non-fungible token (NFT) based video game .For entering into game you need three axis infinity in crypto wallet .According to our game performance we start earning with (SLP) Smooth love potions coins .by selling (SLP) coins in crypto exchange you turn (SLP) into Native currency or US dollar.

Theta

theta

The Theta blockchain is a decentralized video streaming network platform. Theta is also open-source software to create new application and service on top of it. This theta network trying to provide new infrastructure and decentralized platform. You earn Tfuel for every minute you watch streams on theta tv that are powered by theta network. Theta network is not trying to replace YouTube but providing a new infrastructure.

Bat

bat

Basic Attention Token (Bat) is a blockchain based system for tracking media consumers. This bat crypto is built on Ethereum. Brave browsers decentralize it by preventing data collection and blocking ads. This feature allows you to control your own data and by browsing on Brave web browser you earn bat token for each pop-up ad the user is credited with bat token. It’s easy for a user to protect their privacy and data control. Built-in feature invasive ads blocked, cookies blocked and many feature makes this crypto and browser special.

Mana Decentraland

mana

Mana is an online space virtual reality with blockchain technology built on Ethereum. This crypto is famous for virtual land, estates, avatar wearable and this also an online game. Users may buy and sell virtual plots of land in the platform as NFT (non-fungible token). User can create clothes and sell wearable on decentraland to earn money. Job opportunities like 3D modelling, creating wearable, coding, making videos, art and marketing are ways to make money in decentraland

Status

status

Status is an open-source messaging platform and mobile application runs on Ethereum. This decentralized application designed to use on both desktops and mobiles. This status crypto is available on both android and iOS. Status users can send, receive, and store bitcoin and other cryptocurrency on their phone.

Audius

Audius (Audio) is fully decentralized music streaming platform. Audius hits 6 million monthly active users. Audius recently announced a partnership with Tik-Tok, which is one of the largest social media platforms for music.
A music on the platform available to users

Cryptocurrency Marketing

SOCIAL MEDIA

Social media marketing is an effective way of marketing for cryptocurrency. Twitter, medium, telegram and other social media platform has around 80 percentage of crypto enthusiast. By running social media campaigns blockchain companies create awareness. These social media platforms constantly discuss new cryptocurrency opportunities for crypto users.

WEB DESIGN

Most important thing for any cryptocurrency is websites. By creating websites companies give potential information on websites and attract crypto users to their project. Web design plays an important role on crypto market many crypto users start their investment research with websites. So, designing a wonderful website is a necessary step for attracting crypto users

AIRDROPS

Airdrops are marketing strategy used by blockchain companies to promote coins to public. It distributes free sample coins for creating awareness and to attract more people. Companies send coins or tokens to establish their cryptocurrency. When you sign up for a newsletter or follow them on social media platforms like twitter, telegram, discord or when you create an account to receive updates, crypto airdrop might be given as a reward.

WHITEPAPER

Most important thing for any cryptocurrency is websites. By creating websites companies give potential information on websites and attract crypto users to their project. Web design plays an important role on crypto market many crypto users start their investment research with websites. So, designing a wonderful website is a necessary step for attracting crypto users

CRYPTO INFLUENCER MARKETING

Crypto influencers appear as an expert, trustworthy and experienced in crypto market. Crypto influencer has engaging content on social media. Influencer support blockchain companies promote coins and influencer share content on socials media like, Instagram, telegram, reddit, twitter, YouTube and raise awareness about new crypto coins. These crypto influencers promote crypto coins by free giveaways to their followers.
As the world of cryptocurrency is vast and ever-changing; it is expected to grow even further once there is mass adoption. Who knows what surprises we’re about to witness? So, this will help you to know the facts and marketing tricks of cryptocurrency.

Author’s profile

Yuvan Raj R

Our Junior Software Engineer is a fresher with expertise in Java Development. Being a graduate in B.Com (CS) his interest in learning new things and improvising himself on the work front helps in the organisational growth.

READ MORE

Enhanced Role of Internal Audit in Fraud Risk Management

I. Current Status of Role of Internal Audit in Fraud Risk Management

1. As per a RBI Report, Indian banking system detected Rs 71,500 Cr worth of frauds in financial year 2018-19. The report also said that the average lag between the date of occurrence and its detection by banks was 22 months. Further, in reply to a RTI query RBI had disclosed that in 2019-20, Scheduled Banks and select FI’s reported 84,545 fraud cases, involving about Rs 1.85 lac Cr. As per information available, bulk of the amounts involved in these frauds has come under ‘loan related’ frauds. The fraud in Punjab National Bank involving Mehul Choksi and Nirav Modi, will be known to all with an interest in the Indian Financial System.

2. Against this background, the role of Internal Audit in Fraud Risk Management has come under intense scrutiny. In case of PNB scam, the Internal Audit executives had to face penal action too.

3. Internal Audit often comes under criticism for not being able to detect frauds during on-site audit or at the least flag the risk of frauds in branches, where eventually instances of frauds come to light. Even in the case of the PNB scam, the concerned branch would have been subjected to a few onsite Audits during the period the fraud unfolded as well as regular Concurrent Audit would have been in place. Yet, the fraud had remained undetected for long. RBI says clearly that bulk of the amounts of frauds are related to loans and also there is considerable delay in detection and reporting. It follows that Credit Audits and periodical Onsite Branch Audits have been unable to detect/ deter loan frauds.

4. As regards other frauds related to operational risk and cyber risk, there is no material available in public domain on the effectiveness of Internal Audit in either detecting or preventing such frauds. Our Banking Advisors opine that currently with Internal Audit mainly depending on periodical onsite audits, its efficacy in contributing to Fraud Risk Management is limited.

II. Identifying the Factors that Currently Impede Internal Audit From Playing a More Effective Role in Fraud Risk Management.

Impeding FactorsRemarks

Limited Coverage of issues in Credit Audit and Periodical Audit of Loans. Also even in this Digital Age, Audit still remains only a ‘Point in Time Exercise’

  • Currently, Credit Audit largely looks at various compliances and documentation issues. There is no in-depth audit of the appraisal, internal rating exercise or checking the credentials of the promoters. In some Banks, Credit Audit is not even under the control of Internal Audit.
  • Other than Credit Audit, loans are audited only during onsite branch audits or Concurrent Audits. in both these audits, focus seems to be on Documentation issues or operational matters like revenue leakage.
  • Our Banking Advisors feel in most Indian Banks, there is a reluctance on the part of Internal Audit to be assertive in the Audit of high value loans.
  • As against this, a leading PSB does loan Origination Audit online very close to origination. Also, high value loans are subjected to continuous off-site audit. The bank’s IA also gets specialised borrower-wise reports from Credit Rating agencies.

Limited scope of Offsite and Concurrent Audit

  • Onsite Concurrent Audit is seen more as regulatory compliance rather than an effective component of IA.
  • Unfortunately Banks still subject only a tiny proportion of branches to Concurrent Audit. With extensive digitisation, banks could easily have opted for digitisation of CA with a much higher coverage in terms of branches and issues covered.
  • Although many Banks have introduced Offsite Transaction Monitoring System, its coverage is patchy and it is far from evolving into a component of Concurrent Audit across all branches, which is its real potential.

Not aligning Audit Checklists to Fraud Risk on a continuous basis.

Banks have a wealth information on frauds occurring across the Banking system. RBI, circulates not only data as also the ‘modus operandi’ followed in perpetration of frauds in various Banks. This will enable Banks to identify the control breaches that led to such frauds. Strengthening audit checklist to in relation to the controls the breaches of which led to frauds, will make Internal Audit contribute effectively to ‘Fraud Risk Management’

III. Way Forward for an Enhanced and More Effective Role for Internal Audit in Fraud Risk Management.

5. Based on the NCS team’s experience in automating Internal Audit and the domain knowledge of our Banking Advisors, we suggest the way forward as follows for an “Enhanced Role of Internal Audit in Fraud Risk Management”

Moving Loan Review Mechanism (applicable to loans above Rs 5 cr) , which is a regulatory prescription, totally online. Increasing the intensity of LRM. In any Loan related fraud, the warning signals start from the origination stage itself.

  • We know that SBI has been running an online LRM for over 6 years now. One of our Banking Advisors who was then in SBI, had conceived and implemented the project.
  • Warning signals in loans which turn out to be frauds are often discernible at the loan origination stage itself.
  • Internal Audit has to be given the tools available for verification of credentials of customer, financial data of similar units, industry profiles etc. All such data points are available from various sources.
  • As it is an existing compliance requirement, what a Bank will be doing is realigning LRM to suit today’s needs. In fact, going online will reduce costs.

Off-site Audit of Post Sanction of High Value Loans

  • RBI has often commented adversely on quality of Post Sanction Monitoring of Loans in Banks.
  • An Off-site Audit model for Post Sanction will definitely put the necessary pressure on operations to improve in this critical area.
  • It is generally accepted that weak Post Sanction encourages fraudsters and also frauds remain undetected for long.
  • Off-site Audit of Post Sanction is also the best industry practice.

Upgrading OTMS

  • Based on the information on frauds both within the Bank and frauds reported in other banks will identify the controls in which breaches have to be eliminated.
  • Designing OTMS alerts for these controls will help the Bank track compliance which by itself will improve compliance.
  • OTMS data will also help collaborate with Risk and Operations to strengthen critical controls to mitigate fraud risk.

“We are illustrating this with an example. Frauds relating to fraudulent ‘Ware house receipts for Agri products’ have happened in Banks in many States. The usual modus operandi is for a a fraudster in rural/ semi urban centre to get fake warehouse receipts issued in connivance with ware house owners/ authorities without actually putting any produce inside’. Branch Managers fall prey as they see opportunity for bulk business. Also, normally such loans are safe if all the controls are adhered to. The critical control breach which takes place is not verifying that the borrower tendering the ware house receipt, actually has the landholding required for growing the produce he is warehousing. Such documents are available with all genuine farmers. Having an OTMS alert for new warehouse receipt loans for checking borrower capacity will help mitigate the fraud risk”

Aligning Audit Check Lists to Fraud Risk

  • As a one-time measure, IA can review the various audit checklists to make changes/ enhancements to cover the control risks, breach of which, could have contributed to the frauds (a list of current frauds in the Bank and in other Banks needs to be made) being perpetrated.
  • Any breach of these controls need to be tracked regularly. The regular branch audits say in a month, provides a convenient sample to form a conclusion of the effectiveness of the control across the Bank. If the control breaches are significant, warning signals to be conveyed to Operations & Risk Management.

Root Cause Analysis of New Frauds.

Whenever any new fraud is reported in the Bank or in the Banking system, IA can take up a root cause analysis (small value frauds due to human error can be excluded) to identify the control breaches which contributed to the fraud. Wherever needed modifying/ enhancing audit checklist can be done so that such breaches are identified by IA.

As cyber frauds are on the rise, the scope of Internal audit of IT needs considerable enhancement.

A Dash board can be constructed to keep the Top Management informed about the findings/ developments relating to the above points.

READ MORE

Discovering Oneself

Need for Self-Confidence

Confidence is a feeling that is developed over a period of time through numerous experiences. However, for most people, confidence is something that fluctuates based on the situations faced, its travels to its peak and hits the rock-bottom too.

When one is cherishing their success and accomplishments however trivial they may be, it makes them feel confident and strong. But when one is mentally agonized or feeling low they may be recollecting, drawing more focus on their failures and may feel low self-confidence or even defeat. The good news is my dear friends, understand that you are not alone, as everyone struggles in maintaining self-confidence and it’s natural that one fumbles every now and then.

So why is Self Confidence so important?

To Almost every one, the aspiration is to have as many as possible successes, admirable achievements in journey of Life. To start with, one may not possess all the ingredients needed to attain their desired success, mostly they are acquired on the way. But the fundamental component needed to obtain all the other abilities/ talents need to succeed in journey is undoubtedly Self Confidence!

When one is Self-Confident, one feels and believes that he can successfully do something by applying one’s knowledge, skills and prior experiences. Self Confidence, enables one to accept and act on more challenges, provides clarity, increases ones potential and more improves ones Self-esteem.

When one starts proving to oneself, it builds more trust and belief, instils further Confidence.

So how does one build and maintain the Self Confidence?

It’s more like a continuous exercise. When one wishes have a physic that the onlookers envy, one would achieve it only by continuous planned efforts by building on the body with many types of exercises and regulated food patterns.

Similarly, one can build Self Confidence by the following the simple steps. These are from my own experience.

  • Understanding ones strengths and building on it
  • Planning and being prepared for any activity; improves on success rate which boosts the morale.
  • Meditating on a daily basics helps to focus on inner self and helps in taping the hidden potentials
  • Thinking logically than emotionally; gives room to carve out what the next action is – thus helps to channelize energy on the progress
  • Accepting the weaknesses and working on it to improve that they don’t become impediments

Author’s profile


Asir Roy Dinesh

Dinesh is a result Oriented Techno Functional expert with two decades of experience handling the entire gamut of IT services ranging from Strategic planning, Presales, Products Design, Development and Implementation. Had played a pivotal role in enabling Digitalized Audit Solutions including Compliance Handling across most Banks in India.With rich experience in product and architecture design, is currently focused on building Risk and Governance solutions specifically for the BFSI sector with AI and Predictive capabilities.Excellent Functional & Technical Knowledge in Newspaper / Print Media, Web- elearning, Retail , Banking Verticals.

READ MORE

Why are Trainings Backbone of any Organization?

Let me start with famous quote

The CFO of a company asks the CEO, “What happens if we invest in developing our people and then leave us?” The CEO responds, “What happens if we don’t and they stay?”

Training is one of the pillars in any organisation, well-structured training helps the individuals/organizations move from lower branch to higher branch in the right way. Eventually training will transform individual and organization one level to an another level.

Unfortunately, most of the mid-level organizations do not understand the importance and benefits to the quality training programmes.

Let us see how the trainings help the Individual or Organisation

Training of Business Process

  1. Provides the basic Knowledge
  2. Assists in applying the Knowledge
  3. Provides the perspective to understand the requirements
  4. Enhances the Quality Output
  5. Improves the Efficiency
  6. Improve the Confidence
  7. Builds the Right Relationships

Every Organization is different on this own; first step in creating an organizational training plan is to identify the kind of trainings that are required and structure of the training. Different types of trainings will be required for different type of teams and persons. Once the organisations have identified the training needs, the execution is a crucial aspect. It is essential to have the trainings done by a trainer who can impart knowledge effectively.

Few benefits that the trainings can

  1. Training provides the knowledge and more importantly how to apply the knowledge
  2. Will improve the productivity and efficiency
  3. Increasing the value
  4. Exceeding the standards
  5. Increase the Relationships internal and external

Trainings bring the strength within the people and most of importantly confidence to individuals and in turn lift organisation.

Training is a continuous process and there is a need to upgrade the training method continuously. Upon training the individuals and constantly understanding the need of what is required to uplift, Organisations improve their performance and will able to achieve the ultimate purpose.

To conclude, a right training not only transforms the individuals from one level to a greater level, this eventually will transform the organizations.

Author’s profile


Shanmugavel P

Shanmugavel (Vel) (Founder, & CEO) is an IT professional, and brings deep technical and domain expertise to the table. Vel has over two two decade’s experience in System Architecture, Product Design, and Innovation. He has supervised, and carried out multiple implementations of enterprise software products across platforms. His technical skills, have been appreciated very much by CTOs in the BFSI space.

READ MORE

Expert Audit Consulting for Uncertain Times

NCS a ‘Technology Product Company’ with eTHIC as the market leader in Internal Audit automation, in India. Currently, eTHIC is running successfully in 30+ Banks in India. At NCS, we have always had in-house Banking experts, for guidance in development of eTHIC, as well as in its implementation in various banks. Having implemented eTHIC in many Banks, we had a felt a strong need for building in-house ‘Consulting Capability’, to prepare ourselves to the emerging needs of Banks in Internal Audit. It was felt necessary to know of the latest trends in Internal Audit in India as well as Overseas. The latest trends show that the traditional role of Internal Audit is sought to be enhanced, so that it contributes towards improving the controls as well as move towards auditing key controls real time.

To build Consulting capabilities, we have with us two retired Bankers who have been Audit heads in their respective banks. They have both strategised and overseen transformational change in Internal Audit, in their respective Banks. We have also inducted a retired Senior Banker, with experience both in Internal Audit and Technology. One of our Senior Banking Experts shared with us an experience of his, on how a control which was prone to high level of breaches could be addressed and compliance improved dramatically:

“We had built up Analytics to let us know the instances as well as level of breaches of individual controls in the Audit universe. One of the Controls which showed breaches across nearly all branches, was ‘Insurance of Stocks’. The level of breaches had continued unchanged for years. At the intervention of Audit, the Credit Operations Deptt of the Bank was able to take up the issue with the Insurance subsidiary of the Bank. This eventually led to development of a Group Insurance Product for SMEs (with a cap on the limits up to Rs 50lacs). Being a group insurance product, the premium was much cheaper and for bank’s customers Insurance could be bought online. The compliance of the control improved dramatically as the ‘Control’ was more or less automated, with very few dependencies. IA was consulted right through the development of the product”.

We felt that having implemented Audit automation through eTHIC, our clients can move towards a quantum jump in the efficacy of Internal Audit. Besides, there could soon be some pressure on Banks from Regulators on this subject. RBI has recently circulated a ‘Discussion paper on Governance in Commercial Banks’ in India. The paper takes about a much enhanced role and profile for Internal Audit than at present. The importance of RBI’s move can be known from the fact that RBI’s paper is modeled on a BIS document on Governance in Banks. As the Discussion paper will lead to issue of regular instructions by RBI, banks will soon have to work on enhancing the capabilities of their Internal Audit function in a big way.

Our experts have been guiding us for over two years now and we have been in the process of developing various innovative products like:

  • Usage of Analytics to study the trend of Control breaches at the enterprise level, do a root cause analysis when beaches are high and suggest possible remedies. We already have a working model of this named as ‘Previse’.
  • Audit bots for Automating Audit.
  • “Remote Audit” so that Internal Audit is done offsite and on a continuous basis. This has many advantages like knowing control breaches real time and fixing the same. Over time this can lead to a significant improvement in the Compliance culture in the Bank. It will also substantially reduce the role of on- site Auditors. We already have an order for ‘Remote Audit Solution’ from a mid-sized bank and are in the process of implementing our solution.

The innovations described above can be of great use to Banks to handle the emerging risks due to impact of Covid. Clearly, with RBI guidelines on Moratorium and guidelines on handling post moratorium scenario places a lot of ‘Regulatory Compliance’ responsibilities on Banks. Expectedly, Covid has brought in its wake business distress impacting credit quality in Banks. Suggestions on how our innovations discussed above can be tailored to suit the needs of the Banks, to handle the emerging scenario are given below:

  • In the post Covid scenario with pressure on credit quality, it is important to scrupulously adhere to the credit controls. In actual practice, this may prove difficult due to distress faced by credit customers and the work pressure on the staff. In such a scenario, ‘Previse’ our analytics based predictive tool, can identify the credit controls prone to higher level of breaches. A Root cause analysis of the breaches will reveal the underlying causes as also help frame responses to not only address the risks but also evolve appropriate response in terms of improving internal control. Our experts can work with the Bank’s Internal Audit team in the initial stages in streamlining identifying critical control breaches and framing responses. Previse can also automate reporting to Senior Management/ ACB.
  • Previse plays another important role in making Audit Plans dynamic. Based on emerging risks Thematic Audits can be planned. If the risks pertain to specific geographies cluster audits can be planned too.
  • The best Industry practice is Offsite (Remote) and continuous Audit. We know of Banks who have totally moved to offsite audit (barring checking documents) for Credit. Many operational Risk Controls are being audited off-site too. We have already built a working model for Remote Audit of Credit and are now working with a Bank to actually implement a Remote Audit solution covering both Credit and Operational Controls. Moving to Remote Audit would be an ideal response to Covid. Firstly. Audit will be real-time in a situation when risk profile is increasing and secondly movements of Auditors can be restricted enhancing their personal safety.

The technology products discussed above are generic will suit most banks. We can customize these products as per the requirements of individual Banks. Also, new solutions can be developed in a short time frame if any Bank expresses a need for the same

Reach out to us for a demo on the products. We are ready to offer our expert guidance on Internal Audit, Governance and your Risk Management needs.

Explore MoreREAD MORE

Stairway to a Successful Start-up

The entrepreneurial journey is a multitude experiences and roadblocks. Finding the golden egg is not easy, but is the most rewarding.  It can be so challenging to launch a business that it may make you wonder why anyone willingly sets out on such a path. On the bright side, being an entrepreneur allows you to channel your passion into a successful business. The founders of various successful businesses started just as an individual at home, who was struck by an idea that they believed, could make a difference to the world.  

“At the end, entrepreneurship is not about wearing expensive suits and earning a lot of money. It is all about being true to yourself, to your values in life. Your dreams” – Richard Branson

Many of today’s entrepreneurs have followed different pathways—sometimes conventional, sometimes not—that have led to the creation of various business structures matched to each entrepreneur’s spirit. Despite the different paths that a person may choose, it is important to keep a few points in mind. It’s not all about money, more important is vision and passion you have for your company. What really matters is that you determine your goals and live them out, whatever that it looks like.

Considering all that is said, the journey, is not all sunshine and rainbows. It would be detrimental to dive head first into anything without a plan. An entrepreneur tends to bite off a little more than he can chew hoping he’ll quickly learn how to chew it. During the initial stage you must determine if your business is scalable and frame a blueprint of how you will work. It’s easier to succeed if you revolutionize only one thing at a time.

If you want to be an entrepreneur someday, here’s an equation you should print out and attach to your mirror, computer screen, smart phone, or wherever your eyeballs spend most of their time:

Entrepreneur + Capital = Products + Customers = Business

The key to successful start-up is to find the right problem and solution. Success comes from opportunities not ideas. If you want to become an entrepreneur but worry you don’t have the money for it, your finances don’t have to stop you from achieving your goals due to the existence of various means of obtaining capital.

And above all, as Steve Jobs wonderfully puts it, “I’m convinced that about half of what separates successful entrepreneurs from the non-successful ones is pure perseverance”

An entrepreneur is a thinker, believer and a change maker and change is the need of the hour, so you must remember :

Working for money will make you a SLAVE,
Working for success will make you a MASTER,
Working for satisfaction will make you a LEGEND.

Choice is yours. Believe in yourself. Take the risk and change the world.

READ MORE