Are the Payments System and e-Banking in India Safer than in other SAARC Members?

Background

The onset of electronic banking (e-banking) in India dates back to 2001 after five years of commencement of electronic clearing service in 1995. Different innovations in this field include RTGS (Real Time Gross Settlement System), NEFTS (National Electronic Fund Transfer System), CTS (Cheque Truncation System), NECS (National Electronic Clearing Service), mobile banking and satellite banking. In the current decade by and large all commercial banks in India are offering internet banking, mobile banking and ATM facilities. In any Indian commercial bank (henceforth ‘bank’) governance of IT is a part and parcel of its corporate governance. Every such bank has an independent IT Committee with professionally qualified members. This Committee participates in the Board of Directors and manages all the risks related to IT at the enterprise level.

The needs for mitigation of credit risk in securities settlements and reduction in interest cost of slow speed in physical payments gave birth to the electronic payment and settlement systems. The second benefit of these systems is that they facilitate better management of operational and liquidity risks. The third benefit is that they help faster operations in cross border financial markets. But in the context of exposure to these markets one important lesson learnt from the history of financial crises is that the payment and settlement systems work as a channel through which business risk transmits and in the process, on many occasions, there is conversion of one category of risk to another, e.g. operational risk may change into market risk. A corollary of the above lesson is that through payment and settlement systems a single category of risk at the point of origin is distributed as multiple categories among the receivers. Other related lessons are that (i) categorization of business risk depends on the types of system design and settlement method, and (ii) it varies from case to case whether the settlement system alone has to bear the risk, share it with clients or bounce back to clients.

In India the banking regulator the RBI is at present in the process of addressing the following risks of payment systems - concentration risk, counter-party risk, credit risk, legal risk, liquidity risk, operational risk, regulatory risk, settlement risk and systemic risk. But during the last one year the Deputy Governors of the RBI expressed more concern about operational risk than other risks in their lectures on online banking and electronic payments. Because of the factors typical to emerging economies, like financial exclusion of a sizeable chunk of households, existence of informal sector, a massive parallel economy and availability of education on IT to a tiny privileged section of the population, other risks could not yet attract attention in the Indian context while online frauds like hacking, leaking database and phishing mostly having been engineered offshore, but involving onshore agents, have been receiving attention.