Sources said that such frauds occurred a couple of times before involving some other public sector banks but went largely unnoticed as the amount involved was small
Photo: Shutterstock
The finance ministry will meet chief executives of public sector banks next week to discuss issues related to cybersecurity in the wake of the Rs 820-crore fraud that hit Kolkata-based UCO Bank earlier this month.
According to sources aware of the development, the finance ministry had already asked banks to review their digital systems and cybersecurity-related measures. The ministry will now meet the MD & CEOs of public sector banks to take stock of the situation.
Click here to follow our WhatsApp channel
During the Diwali week, UCO Bank was hit by an IMPS fraud in which Rs 820 crore was credited to some account holders of UCO Bank, without any debit from any other bank. While UCO has been able to recover Rs 649 crore or 79% of the amount, the remaining amount was withdrawn by the account holders. The bank said between 10 November and 13 November, due to technical issues in Immediate Payment Service (IMPS), certain transactions initiated by holders of other banks have resulted in credit to account holders in UCO Bank without actual receipt of money from those banks.
As a precautionary measure, UCO took the IMPS channel offline.
UCO Bank approached the Central Bureau of Investigation (CBI) to investigate any attempt, including cyberattacks, aiming to manipulate the lender and disrupt the functioning of Immediate Payment Service (IMPS).
Sources said that such frauds occurred a couple of times before involving some other public sector banks but went largely unnoticed as the amount involved was small.
The regulator has been telling banks on the need to develop appropriate business strategies, strengthen their governance framework, and implement cybersecurity measures to mitigate concerns related to fraud. RBI had said that a minimum common framework for cybersecurity needs to be devised that outlines best practices and standards for financial institutions to follow which can help ensure that all institutions are taking the necessary steps to protect themselves from cyber threats.
Reserve Bank of India has mandated that banks have a board-approved cybersecurity policy explaining the strategy containing an appropriate approach to combat cyber threats given the level of complexity of business and acceptable levels of risk. The regulator has emphasised that the Cyber Security Policy needs to be distinct from the broader IT policy.
On Thursday, RBI deputy governor M Rajeshwar also raised the issue of cybersecurity measures of banks while asking the lenders to fortify cybersecurity and prevention of cyber frauds in a hyper-personalised and tech-banking environment. He also emphasised that the efforts of the banks to provide timely solutions to customer grievances have not kept pace with the explosion in technology and products.
Earlier in June, former RBI deputy governor Mk Jain had warned that cyber-attacks can disrupt critical financial operations within banks, rendering them unable to process transactions, access customer accounts, or execute essential functions.
RBI had said such disruptions can result in a loss of confidence in the banking system, as customers and businesses may face difficulties in accessing their funds or conducting normal financial activities. Such disruptions can lead to financial instability, especially if they affect multiple banks or are prolonged, Jain had said.
aniltikotekar4sme.com 