Banking as a sector has always been an attractive target of fraud and embezzlement due to the abundance of cash resources it controls. With rapid automation of banking services, frauds in bank accounts and transaction have increased manifold.

According to data of the Reserve Bank of India, the amount involved in fraudulent activities reported by banks in India was $1.5 billion during 2012-2013, which quadrupled from 2009-2010. Again, 65 percent of the frauds have been done through technology-driven services such as ATM (automated teller machine), credit card and internet banking.

There have been reports of credit card and ATM frauds in a number of banks in Bangladesh, including a foreign bank. There has also been an incident when a large amount (around Tk 1.50 billion) was transferred during the process for software update of a large third generation bank.

Banking frauds are mostly done through deposit accounts, loan accounts and various banking transactions through fraudulent papers, data or IT hardware/software.

Frauds are usually committed by a group who are either bank employees (internal fraud) or a group at the customer's office or third parties such as IT service providers (external fraud).

Reported frauds can generally be divided into three categories:

1. Technology related: Bangladesh's banking market witnessed a paradigm shift during the last 25 years with the entry of 30 plus new private sector banks and two global banks. All the private banks, including earlier licensed ones, started using technology extensively starting from the automation of the bank's general ledger to installing new ATMs, PoS (point of sales), internet and mobile device-based banking etc.

Customers have become more tech-savvy when a similar group of fraudsters has also emerged who are taking advantage of the loopholes in the technology. Arrest of credit card fraudsters few years back is a glaring example. All the members were IT educated and some had education/training overseas.

There is another kind of fraud, under which emails and SMS are sent to people with a call to deposit or top-up certain amount of money against a fraudulent lottery programme locally or overseas.

2. Deposit account related frauds: Inadequate KYC (know your client), lack of due diligence by banks and poor monitoring by the customers are major factors here. Dormant accounts, accounts of high-net-worth individuals without proper reconciliation process and the ones that belong to overseas residents are more vulnerable.

 In a recently committed fraud, colleagues of the IT department at a bank got hold of the list of dormant accounts and the accountholders residing outside Bangladesh. Money was transferred from those accounts to fictitious ones during the software update and ultimately withdrawn and siphoned off Bangladesh. It is believed that these fraudsters have managed permanent residency under investor category in a North American country.

3. Loan account related fraud: These are the most common frauds that have been taking place for a long time, although amounts involved have increased manifold in recent times. The miscreants took advantage of the weak loan appraisal system, poor post-disbursement supervision and inadequate follow-up.

In many cases, such crimes are committed with active/tacit support of the bank officials, sometimes under pressure from a very strong group, fraudulent security documents, lending against non-existent properties, transactions against false papers, etc. Recent examples of multi-billion taka Hall-Mark, Bismillah case or a number of lending by state-owned and private sector banks are glaring examples of such frauds. Unfortunately, the banks' top management and even board members were involved in most of the cases.

How can we combat the increasing banking fraud, which is becoming sophisticated by the day? People with superior knowledge and skills are getting involved in such scams. It is impossible to eliminate banking frauds fully. Rather, it can be minimised through various mitigating initiatives/process control.

At first, the boards should be committed to deploy the right resources in the right place for proper fraud risk management.

An enterprise-wide strategy for risk mitigation is essential which will include: a) higher investment for building IT infrastructure, b) higher spending to form the policies and procedures for prevention and speedy detection, c) effective performance appraisal system and adequate compensation for employees and d) an accountability system.

Strong information security process: Generally, banks' boards approve spending on IT-enabled services without thinking too much. Surprisingly, the same boards cut the budget to protect the IT system from frauds or the efforts to establish an information security system.

Precautions should be taken while purchasing any banking software, which has certification/ratings based on their vulnerabilities. Periodic audit of physical IT assets and software by competent auditors is a must. This is a requirement under the core risk management guidelines put into action by the Bangladesh Bank as well.

Strong corporate governance process: Well-functioning corporate governance is a very important factor to fight frauds. A separate internal control and compliance department with adequate resources (both human and logistics) is essential. The board must empower the department with adequate authority to perform their duties freely.

Staff accountability: Frauds committed by the employees significantly contributed to the rise of such scams. An employee with the knowledge of the loopholes or inadequacies in the system can easily act even before the person at the next desk can understand what is going on. In many cases, top-level officials knowingly arrange disbursement against fake documents and stop the post-transaction monitoring. The Hall-Mark is a recent example of such frauds. It is still a neglected area. In many instances, internal investigation reports are delayed or these fail to identify the right person and often single out a not-so-senior official who may have only executed the orders from his superior(s). There is a need to probe staff accountability in a fair and objective manner.

Investment in resources to ensure enterprise-wide system of fraud management is important to the banks' boards as it is often said: "Any house is only as strong as its foundation and as weather proof as its insulation".

The writer is a banker and economic analyst.