The questions raised recently by Finance Minister Arun Jaitley over the role of bank management in detecting frauds have found an echo in former bankers, government officials and experts, who have also flagged poor risk management and weak corporate governance norms in public sector banks.

While the Finance Ministry had just a month ago unveiled a ₹2.1 lakh crore bank recapitalisation plan along with a six-point reform package, the ₹11,400-crore fraud perpetrated by jeweller Nirav Modi at Punjab National Bank has raised calls for a more stringent overhaul of PSBs.

For PSBs, the main problem on adherence to corporate governance norms stems from the fact that these are not pure play corporate entities, while most of them at the same time are listed entities.

While remaining nationalised banks, they also want to be be market-focussed entities without taking the form of corporate entities, say banking industry observers. There is just one or two state-owned banks which have corporate legal structure in India.

So, quite often the nationalised banks seek regulatory exemptions for adherence to governance norms, which are a must if you are in the private sector, they say.

Also, a point of concern is how policy-makers and those at the helm in government departments respond to banking frauds and whether there is sufficient expertise within departments — like the Department of Financial Services — to handle sophisticated technology-intensive frauds in the banking system. So, the moot question is, could the PNB fraud have been handled in a mature way so as not to hurt the market value of other banks or affect the confidence in the banking system?

“The PNB incident is a one-off event. But the question is why was it not detected by senior management and internal and external auditors,” noted a former government official.

Legacy issues from large-scale lending that resulted in non-performing loans are another challenge that former bankers say have made PSU managements more cautious.

“Although the Finance Ministry wants bank managements to be more autonomous, no one is keen on taking tough decisions at most times. Also, the kind of checks and curbs exercised by top bank officials over the functioning have, over the years, been significantly diluted,” noted a former PSB chief.

Former bank officials also questioned why employees were not being transferred on a regular basis. “Generally, employees are transferred every three years, but in some departments they can remain up five years. Is this happening on a regular basis across banks?” he questioned.

Experts also raised similar concerns and said that bank boards must focus more on risk management.

Pankaj Dutt, Managing Partner-India and South Asia, Alexander Hughes, said the problem with Indian state-owned banks stems from the relative negligence of the risk-management function by their boards and management.

“The RBI seems to have been found lacking in enforcing a very standard practice of keeping risk management on top of the agenda for Indian banks, rather than making them more compliant with its regulations,” he added.

He pointed out that having a Chief Risk Officer (CRO), who is a member of the bank’s leadership team, is a standard practice worldwide. “With the recent PNB incident, hopefully RBI would re-visit how banks treat their risk management function and place less reliance on multiple layers of audits, which can detect such frauds only post-facto,” he said.

The PNB fraud seems to have taken place through a series of transactions which took place between 2011 to 2017 and suggest that the systems and processes within the bank (and maybe other banks too) were tweaked and suitably managed to carry out unauthorised transactions, Tarun Bhatia, Managing Director, Investigations and Disputes, Asia Pacific, Kroll, a global risk consulting firm, observed.

“This is reflective of the risks brewing across the banking system. While increasingly importance has been given to KYC, much more needs to be done by banks to monitor customer transactions and review changes in transaction pattern or customer behaviour. Sophisticated IT tools and systems are only as good as the people and processes,” he said.

Related Topics
comment COMMENT NOW