The paper jointly brought out by Assocham and Resurgent India says since the concept of e-banking is relatively new and profiles of the e-banking customers will be different from that of the traditional banking customers, there is a threat to render existing score card models inappropriate, resulting in either higher rejection rates or inappropriate pricing to cover the risk. Banks may not be able to assess credit quality at a distance as effectively as they do in face to face circumstances.
Additionally, it would be more difficult to assess the nature and quality of collateral offered at a distance, especially if it is located in an area the bank is unfamiliar. Furthermore as it is difficult to predict customer volumes and the stickiness of e-deposits that would lead either to rapid flows in or out of the bank and will be very difficult to manage liquidity.
Therefore, the RBI and the banking institution should evaluate the risk associated with E-banking services and resulting risk management costs against the potential return on investment prior to offering e-banking services. Poor e-banking planning and investment decisions can increase a financial institution?s strategic risk.
People with technological, but not banking, skills can end up driving the initiatives and risk management initiatives can spring up in an incoherent and piecemeal manner as they can be expensive and may fail to recoup their cost, said D S Rawat, Secretary General Assocham.
The industry body has cautioned that Transaction/Operations risk may result from fraud, processing errors, system disruptions, or other unanticipated events resulting in the institution?s inability to deliver products or services. The level of transaction risk is affected by the structure of the institution's processing environment that comprises of services offered and the complexity of the processes and supporting technology.
In some situations, e-banking activities will increase the complexity of the activities and the quantity of its transaction/operations risk, especially if the Bank is offering innovative services that are not standardized. Since customers expect e-banking services to be available 24X7 the banks should ensure their e-banking infrastructures contain sufficient capacity and redundancy to ensure reliable service availability.
The key to controlling this kind of risks, Rawat added, lies in adapting effective policies, procedures, and controls to meet the new risk exposures introduced by e-banking. Basic internal controls including segregation of duties, dual controls, and reconciliations remain important. Information security control, in particular is more important that requires additional processes, tools, expertise, and testing.
Banks should determine the appropriate level of security controls based on their assessment of the sensitivity of the information to the customer and to the institution and on the institution's established risk tolerance level.
Though, a bank's credit risk is not increased by the mere fact that a loan is originated through an e-banking channel. But, the bank should consider additional precautions when originating and approving loans electronically, including ensuring management information systems effectively track the performance of portfolios originated through e-banking channels, adds the paper.