ManagementParadise.com - Your MBA Online Degree Program and Management Students Forum for MBA,BMS, MMS, BMM, BBA, students & aspirants. - View Single Post

ronnierules

B. Risk & Rewards:-

a) Operational Risk: -

• ‘Operational Risk’, also referred to as ‘Transactional Risk’ is the most common form of risk associated with I-banking.

• It takes them from of inaccurate processing of transactions, non-enforceability of contracts, compromises in data integrity, data privacy and confidentiality, unauthorized access / intrusion to bank’s systems and transaction, etc.

• Such risks can arise out of weaknesses in design, implementation and monitoring of banks information system.

• Besides inadequacies in technology, human factors like negligence by customers and employees, fraudulent activity of employees and crackers/ hackers, etc. can become potential source of operational risk.

b) Security Risk: -

• Security Risk arises on account of unauthorized access to a bank’s critical information stores like accounting system, risk management system, portfolio management system, etc.

• Other related risks are loss of reputation, infringing customers’ privacy and its legal implications, etc.

• Attackers could be hackers, unscrupulous vendors, disgruntled employee or even pure thrill seekers.

• In addition to external attacks banks are exposed to security risk from internal sources e.g. employee fraud. Employee being familiar with different systems and their weaknesses become potential security threats in a loosely controlled environment. They can manage to acquire the authentication data in order to access the customer accounts causing losses to the bank.

• Unless specifically protected, all data/ information transfer over the internet can be monitored or read by unauthorized persons.

c) System Architecture and Design: -

• Banks face the risk of wrong choice of technology, improper system design and inadequate control processes.

• Numerous protocols are used for communication across internet. Each protocol is designed for specific types of data transfer.

• A system allowing communications with all protocols, say HTTP (Hyper Text Transfer Protocol), FTP (File Transfer Protocol), Telnet, etc. is more prone to attack than one designed to permit say, only HTTP.

• Security related operational risk include access control, use of firewalls, cryptographic techniques, public key encryption, digital signature, etc.
d) Reputational Risk: -

• Reputational Risk is the risk of getting significant negative public opinion, which may result in a critical loss of funding or customers. Such risks arise from actions which cause major loss of the public confidence in the banks’ ability to perform critical functions or impair bank-customer relationship. It may be due to banks’ own action or due to third parties action.

• The main reasons for this risk may be system or product not working to the expectations of the customers, significant security breach (both due to internal and external attack), inadequate information to customers about product use and problem resolution procedures, significant problems with communication networks that impair customers’ access to their funds or account information especially if, there are, no alternative means of account access.

e) Legal Risk: -

• Legal risk arises from violation of, or non-conformance with laws, rules, regulations, or prescribed practices, or when the legal rights and obligations of parties to a transaction are not well established.

• A customer inadequately informed about his rights and obligations, may not take proper precautions in using Internet banking products or services, leading to disputed transactions, unwanted suits against the bank or other regulatory sanctions.

f) Cross-Border Risks: -

• Internet banking is based on technology that, by its very nature, is designed to extend the geographic reach of banks and customers. Such market expansion can extend beyond national borders. This causes various risks.

• Such considerations may expose banks to legal risks associated with non-compliance of different national laws and regulations, including consumer protection laws, record keeping and reporting requirements, privacy rules and money laundering laws.

• The foreign-based service provider or foreign participants in internet banking are sources of country risk to the extent that foreign parties become unable to fulfill their obligations due to economic, social or political factors.

g) Strategic Risk: -

• Strategic risk is the current and prospective impact on earnings or capital arising from adverse business decisions, improper implementation of decisions, or lack of responsiveness to industry changes.

• This risk is a function of the compatibility of an organization’s strategic goals, the business strategies developed to achieve those goals, the resources deployed against these goals, and the quality of implementation.

• For reducing such risk, banks need to conduct proper survey, consult experts from various fields, establish achievable goals and monitor performance.

• Also they need to analyze the availability and cost of additional resources, provision of adequate supporting staff, proper training of staff and adequate insurance coverage.

h) Other Risk: -

• Traditional banking risks such as credit risk, liquidity risk, interest rate risk and market risk are also present in internet banking.

• These risks get intensified due to the very nature of internet banking on account of use of electronic channels as well as absence of geographical limits.

• Credit risk: Is the risk that a counterparty will not settle an obligation for full value, either when due or at any time thereafter. Banks may not be able to properly evaluate the creditworthiness of the customer while extending credit through remote banking procedures, which could enhance the credit risk.

• Another facility of internet banking is electronic money. It brings various types of risks associated with it. If a bank purchases e-money from an issuer in order to resell it to a customer, it exposes itself to credit risk in the event of the issuer defaulting on its obligation to redeem electronic money.

• Liquidity risk: It is important for a bank engaged in electronic money transfer activities that it ensures that funds are adequate to cover redemption and settlement demands at any particular time. Failure to do so, besides exposing the bank to liquidity risk, may even give rise to legal action and reputational risk.

i) Risk of Unfair Completion: -

• Internet banking is going to intensify the competition among various banks. The open nature of internet may induce a few banks to use unfair practices to take advantage over rivals. Any leaks at network connection or operating system, etc. may allow them to interfere in a rival bank’s system.

Thus, one can find that along with the benefits internet banking carries various risks for bank itself as well as banking system as a whole.

	(#3 (permalink))
ronnierules ronnierules Active Manager Institute: Kishinchand Chellaram College Status: Offline Posts: 105 Management Paradise Rupees.: 1,127 Join Date: Jun 2007	Re: Internet Banking - December 4th, 2008 B. Risk & Rewards:- a) Operational Risk: - • ‘Operational Risk’, also referred to as ‘Transactional Risk’ is the most common form of risk associated with I-banking. • It takes them from of inaccurate processing of transactions, non-enforceability of contracts, compromises in data integrity, data privacy and confidentiality, unauthorized access / intrusion to bank’s systems and transaction, etc. • Such risks can arise out of weaknesses in design, implementation and monitoring of banks information system. • Besides inadequacies in technology, human factors like negligence by customers and employees, fraudulent activity of employees and crackers/ hackers, etc. can become potential source of operational risk. b) Security Risk: - • Security Risk arises on account of unauthorized access to a bank’s critical information stores like accounting system, risk management system, portfolio management system, etc. • Other related risks are loss of reputation, infringing customers’ privacy and its legal implications, etc. • Attackers could be hackers, unscrupulous vendors, disgruntled employee or even pure thrill seekers. • In addition to external attacks banks are exposed to security risk from internal sources e.g. employee fraud. Employee being familiar with different systems and their weaknesses become potential security threats in a loosely controlled environment. They can manage to acquire the authentication data in order to access the customer accounts causing losses to the bank. • Unless specifically protected, all data/ information transfer over the internet can be monitored or read by unauthorized persons. c) System Architecture and Design: - • Banks face the risk of wrong choice of technology, improper system design and inadequate control processes. • Numerous protocols are used for communication across internet. Each protocol is designed for specific types of data transfer. • A system allowing communications with all protocols, say HTTP (Hyper Text Transfer Protocol), FTP (File Transfer Protocol), Telnet, etc. is more prone to attack than one designed to permit say, only HTTP. • Security related operational risk include access control, use of firewalls, cryptographic techniques, public key encryption, digital signature, etc. d) Reputational Risk: - • Reputational Risk is the risk of getting significant negative public opinion, which may result in a critical loss of funding or customers. Such risks arise from actions which cause major loss of the public confidence in the banks’ ability to perform critical functions or impair bank-customer relationship. It may be due to banks’ own action or due to third parties action. • The main reasons for this risk may be system or product not working to the expectations of the customers, significant security breach (both due to internal and external attack), inadequate information to customers about product use and problem resolution procedures, significant problems with communication networks that impair customers’ access to their funds or account information especially if, there are, no alternative means of account access. e) Legal Risk: - • Legal risk arises from violation of, or non-conformance with laws, rules, regulations, or prescribed practices, or when the legal rights and obligations of parties to a transaction are not well established. • A customer inadequately informed about his rights and obligations, may not take proper precautions in using Internet banking products or services, leading to disputed transactions, unwanted suits against the bank or other regulatory sanctions. f) Cross-Border Risks: - • Internet banking is based on technology that, by its very nature, is designed to extend the geographic reach of banks and customers. Such market expansion can extend beyond national borders. This causes various risks. • Such considerations may expose banks to legal risks associated with non-compliance of different national laws and regulations, including consumer protection laws, record keeping and reporting requirements, privacy rules and money laundering laws. • The foreign-based service provider or foreign participants in internet banking are sources of country risk to the extent that foreign parties become unable to fulfill their obligations due to economic, social or political factors. g) Strategic Risk: - • Strategic risk is the current and prospective impact on earnings or capital arising from adverse business decisions, improper implementation of decisions, or lack of responsiveness to industry changes. • This risk is a function of the compatibility of an organization’s strategic goals, the business strategies developed to achieve those goals, the resources deployed against these goals, and the quality of implementation. • For reducing such risk, banks need to conduct proper survey, consult experts from various fields, establish achievable goals and monitor performance. • Also they need to analyze the availability and cost of additional resources, provision of adequate supporting staff, proper training of staff and adequate insurance coverage. h) Other Risk: - • Traditional banking risks such as credit risk, liquidity risk, interest rate risk and market risk are also present in internet banking. • These risks get intensified due to the very nature of internet banking on account of use of electronic channels as well as absence of geographical limits. • Credit risk: Is the risk that a counterparty will not settle an obligation for full value, either when due or at any time thereafter. Banks may not be able to properly evaluate the creditworthiness of the customer while extending credit through remote banking procedures, which could enhance the credit risk. • Another facility of internet banking is electronic money. It brings various types of risks associated with it. If a bank purchases e-money from an issuer in order to resell it to a customer, it exposes itself to credit risk in the event of the issuer defaulting on its obligation to redeem electronic money. • Liquidity risk: It is important for a bank engaged in electronic money transfer activities that it ensures that funds are adequate to cover redemption and settlement demands at any particular time. Failure to do so, besides exposing the bank to liquidity risk, may even give rise to legal action and reputational risk. i) Risk of Unfair Completion: - • Internet banking is going to intensify the competition among various banks. The open nature of internet may induce a few banks to use unfair practices to take advantage over rivals. Any leaks at network connection or operating system, etc. may allow them to interfere in a rival bank’s system. Thus, one can find that along with the benefits internet banking carries various risks for bank itself as well as banking system as a whole.
Friends: (1)