Chapter II.

Looking at the above rising frauds the fraud monitoring function of RBI has assumed greater

significance in the recent years. The complexities of the cases are noticed to be increasing

exposing banks to higher operational risk. Reserve Bank of India as a part of its supervisory

function has been intimating banks with intervals about common fraud-prone areas, modus

operandi of frauds and the necessary measure to be taken to prevent or to reduce the

incidences of frauds (The Financial Express, 2009).

Loan Frauds

Back in the year 2003 looking at increasing frauds in home loan sector RBI had issued some

guidelines to lending banks. RBI had increased their supervision over the banks falling under

the home loan business, and almost all the banks were under the radar of the central bank.

Officials of RBI confessed that the vigilance needed to be increased in the home loan system.

The central bank has cautioned banks to be transparent in their lending practices. Looking at

the increasing cases in the banking industry the RBI as a regulator had pushed banks towards

proper documentation of home loan. RBI had also directed banks to be aware while checking

property documents before granting loan, because it was noticed that many banks issue loan

without even inspecting the building premises. RBI had also suggested banks to have a single

prime lending rate (PLR) rather than keeping varying PLRs depending on tenures. In the

same process the central banks had rejected the SBI’s request for separate PRL for home

loans products and had also asked banks to not to exceed the interest rates on home loans

below the cost of the funds (Vidyasagar, 2003). In the year 2006 the then governor general of

RBI Mr. Y. Y. Reddy made a statement by saying that banks should be more fair and

transparent while signing their loan agreements with the consumers. He also added that while

giving loans banks should not tie their loans with their own PRL which are more often in
interest of the banks and against the borrowers. As per him the banks should get an

independent PRL from outside rather than to impose their own PRL while issuing home loan

(Chatterjee, 2006). In the event to control home loan frauds by the way of raising loan twice

for the same property or raise loan using the forged documents the RBI has come up with a

solution in the form of central registry. Numerous instances were noted where borrowers

have presented counterfeit title deeds, fake documents for security on housing loans and

borrowed money from multiple banks. This results on many banks making a claim on the

same house in circumstances of loan default by the borrower. For e.g. even if the loan amount

is as small as Rs 3 million, the borrowers would have raised multiples of that amount. There

have been instances of builders selling under constructed flats to multiple parties by forging

the documents. Once the registry is formed under the proposed system all the banks and

house financing companies will be expected to provide data on title deeds and the home loan

borrowers to the central registry. So every time before processing a home loan proposal

banks will first have to verify with the central registry if the title deed and clear and

unregistered under any others body’s name or if any other bank had taken it as security

against any loan (The Economic Times, 2010). In year 2006 by the guidelines issued by RBI

in their master yearly circular it had specifically mentioned that banks should have proper

risk management system in place to handle the risks arising. It also advised banks to maintain

a system for ensuring proper checking and documentation of related documents before

issuing or disbursing any loan (RBI, 2006). Similar recommendations were passed by RBI

repeatedly over the following years. In year 2009 RBI additionally advised banks to report all

suspicious transactions reports even if the application process is left incomplete by the

customer irrespective of the amount of the transaction. Such transactions include the cases

which are abandoned or aborted by customers after being asked to provide some additional

information or document (RBI, 2009a).

On the other hand while dealing with the problem of multiple banking, RBI has requested

banks to have more united and dextral approach. The regulator advised all banks indulged in

multiple banking arrangements to share details with other banks so that it helps all banks in

early detection of delinquencies. As per the regulator this combined arrangement would allow

the lending banks to allocate necessary information about the customer with respect to their

personal and financial details, their modus operandi before making any advances. This will

allow banks to take combined action against any case of detected frauds, and will also allow

easier follow-ups for recovery leading to reduction in chances of loan defaults (SiliconIndia,

2009).

Internet Frauds

The task of handling internet crime is proving to be an uphill battle. Ever since the

establishment of first computer crime law, the Counterfeit Access Device and Computer

fraud and abuse Act of 1984, the government has been trying really hard to track down and

stop online criminals. The reality in internet frauds is that the criminals are rarely caught.

And the reason behind that is the hackers mostly use computer in one country to hack

systems in another country (Cberlawsindia, 2008). Looking at the increasing numbers of

phishing scams in India being reported throughout the India, the Reserve Bank of India has

decided to take strict actions against all online phishers connected with these scams

irrespective of their nationality. Basically RBI has warned general public to stay away from

emails promising them generous sum in the UK pounds or US dollars. The senior RBI

official informed the Times of India that an warning has been issued to all banks that any

person or individual found transferring money online would be prosecuted and charged under

the Foreign Exchange Management Act 1999 (FEMA) and these persons will be liable for

punishment which can be a fine or even imprisonment. RBI has indicated that anyone caught

up in phishing fraud in any way would be prosecuted and punished (SPANFighter, 2008).
Banks in order to fight phishing should implement anti-phishing programmes on the grounds

of HSBC in Hong Kong. There are numerous security firms like Symantec and McAfee

which have introduced anti-phishing software’s. There are many other companies developing

and marketing anti-phishing solutions. It is expected that these solutions can safeguard

financial institutions against phishing. Banks should also monitor every online transaction,

not only in the beginning while logging in but throughout the online banking session. In year

2004 – 05 RBI passed few guidelines on internet banking which enforced that all banks have

to adopt internationally accepted state-of-the-art minimum technology standards for access

and control, encrypt or decrypt (minimum key length), firewalls, verification of digital

signature and Public Key Infrastructure (PKI) (Singh, 2007).

In year 2001 there were some basic guidelines published by RBI which said that every banks

internet banking policy should fit into the brackets of banks overall Information Technology

and Information Security Policy and should ensure confidentiality of records and security

systems. It also added that all banks should take into account operational risk with their net

banking policy. The policy clearly says that the banks should follow the laid down procedure

regarding “Knowing Your Customer”. Banks should have their security policy duly approved

by the Board of Directors. There should ever be segregation of duty of Security Officer and a

Group Dealing exclusively with information systems security and Information Technology

Division which actually implements the computer system. Unwanted services on the

application server should be disabled and removed. RBI recommended that all computer

accesses and messages received should be properly logged inn. Any kind of security breach

should be reported and corresponding follow up action should be kept in mind during the

process of framing future policies. Banks are even expected to review their security

infrastructure and security policies on regular basis and enhance and change them depending
on their own experiences and technological changes. The security personals and the end users

should also be educated on continuous basis (Shrinivasan, 2001).

Credit Cards

Looking at the rise in credit card frauds in Indian banking industry RBI on August 1, 2009

urged banks to increase their online security measures. RBI directed that banks should make

additional authentication compulsory for credit or debit card holders from onwards August 1.

Banks will have to issue a PIN code also called as Verified by Visa or MasterCard Secure

Code which will only be known by the customer. And in this case the customers will have to

use this second verification PIN code apart from the Card Verification Value Number (CVV),

for making any transaction or purchases. RBI also clearly declared that any bank not

following the procedure will be liable to attract a penalty under the Payment and Settlement

Systems Act 2007 (Gupta, 2009).

In the guidelines issued by RBI in year 2008, RBI said that while issuing cards to any

individual the banks should independently access the credit risk before doing so. It is

expected from banks to follow the procedure before issuing cards. Then RBI also highlighted

that before issuing card to any individual customer his consent should be taken. Consent

should be clearly asked for the card and also for other products offered along with the card.

RBI guideline stated that in cases of misuse of unsolicited credit cards the responsibility will

be on the issuing bank and not on the customer on whose name the card was issued. RBI also

added that to reduce instances of misuse of stolen or lost cards, Credit cards should have

photographs of the card holder, signature laminated card along with the cards with PIN

(Bhaskar, 2008).

RBI also recommended banks to clear and transparent in their terms and conditions. There

should be no undue delay in sending the card statement. Customers should be charged with
fair interest rate and the interest rate should be calculated favourably from onwards a valid

date. Banks should be quick enough to block the lost cards. Banks should also follow a

proper procedure in authentication of documents offered by individuals to bank. As per RBI

all these procedure are necessary to avoid or reduce credit card frauds or defaults (Bhaskar,

2008a).

Conclusion

As seen in the above chapter it can be seen that from time to time RBI as the regulator over

Indian banks have been passing necessary guidelines. RBI has been framing a working group

on each individual problem to find a solution to reduce frauds in Indian banking sector

putting in efforts to reduce loss to Indian financial system. RBI has time to time passed

recommendations on Loan Frauds which even include housing loans, multiple banking and

even for internet banking frauds and credit card frauds which are rise in Indian banking sector

over the years.