From the day money was introduced as a mode of appraising wealth, the peril of losing and the threat of raiding it became key avenues of risk. This was the case even in the creation of formal banking by commercial domains - in par with transacting standards by then. As centuries passed by - corresponding to the modernization and momentum of banking - the risks too have become complex and multifaceted.
Whether it is a head office complex, or a teller point, the operational risks in banking begin from the point of selecting business locations itself. |
What is baffling though is the idle way that these serious issues are understood by the risk portfolios in wealth management. The Madoff fiasco in USA and Golden Key debacle in Sri Lanka - although they are dissimilar to classical banking by design - are some real life bleak illustrations of our time.
Bank groups too - like other business conglomerates - automatically embrace the primary corporate risk grids such as regulatory constricts, ownership and stake raiding, share value declines, institutional security, fire hazards, staff radicalism, procuring malpractice, pilferage of inventory, data link outage, climatic turbulence, etc. The fiscal risk portfolios eventually make its burdening entry to the fray on top of those generic enterprise challenges.
Strategic risks
The high elevation of the strategic risk contours in banking is due to the association of colossally widespread funds that are within the technical control of a bank group - be it in the form of deposits or credits. The disarray in achieving revenue objectives and harvest timelines of the re-investing initiatives form a critical strategic banking risk. Another example of risk is the mass demand for swift withdrawals by panicking depositors. When a bank is slow to react and activates effective crisis fund recovery strategies, the situation could result in a volcanic liquidity mishap and rapid loss of public confidence.
In relation to the realm of consumer credit the bank group holds a better grip in managing and controlling credit liabilities. They can set its limitations, define creditworthiness of the prospects and formulate flexible debt recovery methodologies to cater for - both in ideality and adversity. The consciousness on the cyclic revision of interest rates which happens through internal needs and state actions is another factor of reflection in risk managing.
The market risk and forex flux forecasts too are vital in managing risks in banking. The incorporation of proper tools in risk comprehension, mitigation, disaster recovery and business continuity planning - BCP efforts, helps making a robust risk resistance posture for bank groups - or even for financial institutes of other formats.
Frontline risks
Whether it is a head office complex, a corporate banking hub, a mini service centre or a teller point, the operational risks in banking begin from the point of selecting business locations itself. Scores of bank sites are not purpose built or entirely process designed owing to a combination of constrains. Yet, these risks could be mitigated by sensible risk reduction planning and synergized protective drives.
The risks generated by liquid funds - be it in vaults, at service desks, at ATM feeders or in transit - are critical frontline concerns.
The interior cash hold up potentialities or transit robbery impulses calls for cohesive counter managing by proficiently structured security designs and chapter sensitive response dynamics. In relation to life risk factor, we require both rational and emotional answers beyond the recovery feasibility of asset loss via insurance.
When we manage extensive capital in rollercoaster swirling, the growth of forgery and fraud risk gaps - in solid and electronic format - is inevitable. It is just a matter of time before they strike hard. It alarms us on the persistent need for motive interpreting, action vs data log auditing and possibility interlocking. The fraud planning could happen out there at some shadowy corner, even while you are reading this.
Electronic risks
A veteran hacker may open up a savings account on a forged or stolen identity - and externally penetrate the master database to trace 10,000 most active accounts. He may well create a filter evasive software command to suck-up a mere Rs. 5 from each transaction of the day (from the chosen accounts cluster) to the zombie account roaming in the same network. If he succeeds by deploying a planned hiding tactic, he then subtly swindles an accumulation around Rs. 15 million within a fiscal year - in one bank group. That’s why it is essential to execute penetration tests and raise the layer based fire-wall intensity - even capable of defying the undercurrent risks created by conniving (former and) serving staff of the same or other bank groups.
Another modern risk by e-criminals is the deceptive creation of analogous of bank websites. Such illusorily authentic websites can trick the bank staff and customers (at online admin or electronic banking) to a blend of electronic thievery such as Phishing, ID theft, password spoofing, VoIP Vishing, SMiShing and other social engineering scams. All these are aimed at stealing data to gain covertly intrusive access and to activate fraudulent e-capital transactions. If unprotected at the right depth of defence, the end loser of the toxic game is the bank group.
As an unsigned verse enlightens us, “The risks do not disappear on its own unless we drive them far and away”. The million dollar question is how passionate are we to accomplish it in near perfection or better still - at the excellence of it.
(The writer is an enterprise risk management and BCP specialist and a pragmatic corporate trainer. He can be reached
at solutions@sltnet). |
E-mail
