• Investment World
• eWorld
• Brand Line
• Mentor
• Life
• Brand Quest
• The New Manager
• Smartbuy

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Cross Currency

• Rates
  
  

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources
• In Focus
• In Depth
• Events 2007

Group Sites

• The Hindu
• The Hindu ePaper
• Business Line
• Business Line ePaper
• Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

Srinivasan Sundar

Tall chairs, people precariously perched on them, perusing ledgers almost half their weight; stoic manual operations; cheerful long night hours to balance the day book; great calligraphy of ledger keepers, their fingers skimming over several debits and credits simultaneously, and arriving at balances. The old familiar bank branch scenario is now history, nostalgic.

Technology has changed it all, not ambience alone but the very manner in which banks conduct business. The transition — from manual to the advance ledger posting machines, to branch computerisation, and then on to “CBS” — has been a significant stride.

“Total Branch Automation”, an important stepping stone, computerised branch transactions. The day’s operations were copied on to a floppy and sent to a processing centre for consolidation and reports.

CBS — “Core Banking Solutions” — zapped this to further realms. It integrated all offices. There are no servers at branches; systems are now connected to a Data Centre. Servers with different functionalities are centrally located and connected to it through dedicated lines (or V-SAT).

The Data Centre processes all transactions, real time, on a 24x7 basis, generating consolidated data and all desired outputs. CBS offers multiple delivery channels such as ATMs, the Internet and the cell phone. It enables parallel processing, integration of several banking business modules.

To the customer, this means access to account any time, from anywhere — home, office or even a train or an aeroplane. Corporates derive benefit through fast processing, cash management, loan processing, trade finance and so on.

To the bank — a great relief from the drudgery of routine, of long days of ‘balancing’ and returns, crowd at branch, and release of human intelligence for better customer service, new products and processes, and marketing.

Concomitantly, there is high sensitisation for competent control and audit. The book focuses on this critical need.

The authors quote several instances of frauds due to control inadequacy. For e.g. Equity Funding, a Californian insurance company, where control vulnerability was exploited by the company’s directors themselves, faking insurance policies, igniting business growths and share value. When the bubble burst, the investigators pointed out system weaknesses and also those in the company’s auditors – some fraudulent, many plainly ignorant of audits in a computerised environ. That was in 1973. We are still witnessing audit hassles. Remember Enron and the closure of a leading audit company?

The case studies portray protocol weaknesses in user ID, access, checking of audit trails, account mapping, access to inoperative and suspense accounts, parameterisation, and so on; all seen, sadly, in today’s CBS environ too.

The book has astute observations and suggestions on wide ranging topics by three authors with excellent credentials in academic qualification and experience. It is lucid and unshackled by complex technological description.

Divided into two parts, the book’s Part ‘A’, describes CBS, its relevance, and functionalities. Part B focuses on audit functions. It discusses the evaluation of security systems, standards, review of the implementation of security policies, disaster management, risks in programs developed in-house or bought outside. Network security, audit of controls in operating system and in application modules, ATMs, Internet banking, audit of operations in CBS branches (with detailed check lists), audit reviews of system logs and audit tools.

There is an underscoring of security escalation, with customers themselves logging on to the system, and, also on how no security system can brook compromise. This is critical, as laxity is sometimes permitted for “practical reasons”.

An important inclusion is that of ISACA Standards (Information Systems Audit Control Association, USA) as also RBI notifications.

The book is timely. With CBS confidence, banks have commenced initiatives to revise products and processes. This is welcome and inevitable. Concomitantly, it is imperative to ensure a zero-defect system, as any deficiency, however minute, can boomerang with substantial risks. In this, the role of auditors and regulators is critical. Basel II has strong guidelines on operational risks and supervision, which need careful implementation.

Addressed primarily to auditors, the book is also appropriate for non-technical persons involved in internal and statutory audits, officials in inspection and audit departments, as also senior bank officials for whom a technical exposure of CBS would help. To optimise its advantage, it will be good if the related institutions can organise talks by the authors, in special seminars.

(Publisher: Prentice Hall of India; Price: Rs 275)

(The writer is former Chief General Manager, State Bank of India.)

More Stories on : Books

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section ‘Convergence with IFRS may impact banks’ financial performance’ ‘Budget deficit starving pvt sector of resources’ Bond yields stable amid tight liquidity, rising oil prices ‘Rising interest rate a dampener’ Co-operative staff body hails Govt order Banks entering private equity space to increase fee income An insight into complexities in core banking, audit functions SBI launches first biometric ATM