Page 33 - Banking Finance April 2019
P. 33

ARTICLE

             monitor the progress of remedial measures. More than    decision support systems that would present the
             30 major banks are slated to be covered under detailed  decision maker with clear and probable scenarios.
             IT examination during 2016-17 and all banks by 2017-    Particular attention need to be given to the input
             18. RBI’s IT subsidiary (the Reserve Bank Information   bias in such decision-making models, wherein the
             Technology (ReBIT) Pvt Ltd has also become operational  scope of subjectivity in the data sets required may
             with a mandate to focus on issues around IT systems     left the barrel open for sinking the ship.
             and cyber security (including related research) of the  •  This process essentially gels into a cohesive risk
             financial sector and to also assist in the audit and
                                                                     structure and decision-making system. However,
             assessment of the entities regulated by the Reserve     we must also guard against too much objectivity
             Bank.
                                                                     and inflexibility. The best systems are those which
         34. In November 2016, RBI advised all banks to carry out a  despite being objective contains the scope of
             special audit by the empaneled auditors of Indian       flexibility within them.
             Computer Emergency Response Team (CERT-In) on a     •   This dwells down to the issue of talent and skills
             priority basis and take immediate steps thereafter to   required to maintain this fine balance between
             comply with the findings of the audit report and also to
                                                                     objectivity and flexibility. What is required here is
             take appropriate measures on mitigating phishing
                                                                     being risk sensitive and developing risk sensitivity
             attacks considering that the new customers are likely
                                                                     among the employees.
             to be first time users of the digital channels. Safety
             and security best practices may be disseminated to  •   The propagation of risk sensitiveness in the
             the customers periodically. Also, the Legal Entity      employees paves the way towards development of
             Identifier (LEI) is a 20-digit unique code to identify  risk culture within an organization. This should be
             parties to financial transactions is conceived as a key  the ultimate objective of all the risk management
             measure to improve the quality and accuracy of financial  systems in place.
             data systems for better risk management post the
             Global Financial Crisis. The banks were encouraged to  Conclusion
             ensure that their large borrowers may obtain LEI for
                                                              36. Everyone will eventually move where the money is. No
             their parent entity as well as all subsidiaries and  institution will be able to compete without embracing
             associates.
                                                                 automation and digitization. The innovations will bring
         35. Managing Risk in a Digital World – The Building     to fore additional risks. Only regulations will not be able
             Blocks, The Path and the Desired Outcome.           to ensure that we realise true potential of digitization.
             Crystal gazing at the future of managing risk shows  Coordination among bankers and regulators though will
             some basic building blocks that are needed. These blocks  be able to achieve this. If together we get it right, it
             will lead us to the ultimate objective of the risk  will lead to higher growth in the digital age.
             management systems in an organisation which is
             development of risk culture. Digitisation will play a  “I really think that if we change our own approach and
             crucial role to this attainment. Let’s look at some of the  thinking about what we have available to us, that is what
             desired path.                                    will unlock our ability to truly excel in security. It’s a
             •   Data management to be the fulcrum of the risk  perspectives exercise. What would it look like if abundance
                 management in the digital world. The more    were the reality and not resource constraint?”
                 organized, secured and correct the data is, the       —Greg York, Vice President, Tribune Media, at
                 better risk management decision making may be                               SecureWorld Chicago
                 done on these.

             •   This essentially means eliminating the manual  The views expressed are personal and not necessarily the
                 processes and also making the decision-making  views of the Reserve Bank of India.
                 process subjective where essentially required.  Assistance provided in the preparation of this paper by Shri
             •   The subjectivity of the decision-making process may  Ashish Gupta, Manager, RMD, RBI is lovingly
                 be reduced further with better analytics and  acknowledged. T

            BANKING FINANCE |                                                                APRIL | 2019 | 33
   28   29   30   31   32   33   34   35   36   37   38