EXECUTIVE SUMMARY
E-banking usage has seen an explosive growth in most
of the Asian economies like India, China and Korea. In fact
Korea boasts about a 70% e-banking penetration rate and
with its tech-savvy populace has seen one of the most
aggressive rollouts of e-banking services.
Still, the main reason that E-banking scores over
Internet Banking is that it enables ‘Anywhere Banking'.
Customers now don't need access to a computer terminal to
access their banks, they can now do so on the go – when
they are waiting for their bus to work, when they are
traveling or when they are waiting for their orders to come
through in a restaurant.
The scale at which E-banking has the potential to grow
can be gauged by looking at the pace users are getting e-
banking in these big Asian economies. According to the
Cellular Operators' Association of India (COAI) the e-
banking subscriber base in India hit 40.6 million in the
August 2004. In September 2004 it added about 1.85 million
more. The explosion as most analysts say, is yet to come as
India has about one of the biggest untapped markets. China,
which already witnessed the e-banking boom, is expected to
have about 300 million e-banking users by the end of 2004.
South Korea is targeted to reach about 42 million e-banking
users by the end of 2005. All three of these countries have
seen gradual roll-out of e-banking services, the most
aggressive being Korea which is now witnessing the roll-out
of some of the most advanced services like using e-banking
to pay bills in shops and restaurants.
E-banking nowadays is the common trend here in our
country. No more falling in line in banks, no more waiting
tons of hours in the bank, no more days and weeks of
waiting. All can be done with one card, one gadget. It’s
easy, it works, and most importantly, people like it. But still,
some people are having a hard time using this kind of
technology mostly people who are used to do things the old
traditional way. With the use of advertising, people are now
motivated to use E-banking because again, it eliminates the
hassle encountered when using the old process of banking.
In this paper, the group will cover security issues and
different impacts regarding the traditional banking method.
The group is concerned about the issues presented because
the group thinks that these issues are very important and
relevant today, a lot of people save money and really trust
banks with their money. In addition, the group wants this
research paper to be read by many students who are in no
knowledge about certain issues about banking. Lastly, the
2
group will provide and recommend different solutions about
the issues regarding E-Banking.
In order for customers to use their banks online
services they need to have a personal computer and
Internet connection. Their personal computer becomes their
virtual banker who will assist them in their banking errands.
Attaining information about accounts and loans,
Conducting transfers amongst different accounts, even
between external banks, Paying bills, Buying and selling
stocks and bonds by depot, Buying and selling fund
shares39 These services that are offered by e-banking are
changing and being improved because of the intense
competition between the banks online. Banking industry
must adapt to the electronics age, which in its turn is
changing all the time. EFT transactions require
authorization and a method to authenticate the card and the
card holder. Whereas a merchant may manually verify the
card holder's signature, EFT transactions require the card
holder's PIN to be sent online in an encrypted form for
validation by the card issuer. Other information may be
included in the transaction, some of which is not visible to
the card holder for instance magnetic stripe data and some
of which may be requested from the card holder for
instance the card holder's address or the CVV2 security
3
value printed on the card. EFT transactions are activated
during e-banking procedures. Various methods of e-banking
include: Telephone banking Online banking Short Message
Service SMS banking Mobile banking Interactive-TV
banking. Independent of location or time, you can execute
your payments and stock market orders and you get
detailed information on your accounts and custody
accounts.
INTRODUCTION
The last time that technology had a major impact in
helping banks service their customers was with the
introduction of the Internet banking. Internet Banking
helped give the customer's anytime access to their banks.
Customer's could check out their account details, get their
bank statements, perform transactions like transferring
money to other accounts and pay their bills sitting in the
comfort of their homes and offices.
However the biggest limitation of Internet banking is
the requirement of a PC with an Internet connection, not a
big obstacle if we look at the US and the European
4
countries, but definitely a big barrier if we consider most of
the developing countries of Asia like China and India. E-
banking addresses this fundamental limitation of Internet
Banking, as it reduces the customer requirement to just a e-
banking phone.
E-banking usage has seen an explosive growth in most
of the Asian economies like India, China and Korea. In fact
Korea boasts about a 70% e-banking penetration rate and
with its tech-savvy populace has seen one of the most
aggressive rollouts of e-banking services.
Still, the main reason that E-banking scores over
Internet Banking is that it enables ‘Anywhere Banking'.
Customers now don't need access to a computer terminal to
access their banks, they can now do so on the go – when
they are waiting for their bus to work, when they are
traveling or when they are waiting for their orders to come
through in a restaurant.
The scale at which E-banking has the potential to grow
can be gauged by looking at the pace users are getting e-
banking in these big Asian economies. According to the
Cellular Operators' Association of India (COAI) the e-
banking subscriber base in India hit 40.6 million in the
August 2004. In September 2004 it added about 1.85 million
5
more. The explosion as most analysts say, is yet to come as
India has about one of the biggest untapped markets. China,
which already witnessed the e-banking boom, is expected to
have about 300 million e-banking users by the end of 2004.
South Korea is targeted to reach about 42 million e-banking
users by the end of 2005. All three of these countries have
seen gradual roll-out of e-banking services, the most
aggressive being Korea which is now witnessing the roll-out
of some of the most advanced services like using e-banking
to pay bills in shops and restaurants.
E-banking nowadays is the common trend here in our
country. No more falling in line in banks, no more waiting
tons of hours in the bank, no more days and weeks of
waiting. All can be done with one card, one gadget. It’s
easy, it works, and most importantly, people like it. But still,
some people are having a hard time using this kind of
technology mostly people who are used to do things the old
traditional way. With the use of advertising, people are now
motivated to use E-banking because again, it eliminates the
hassle encountered when using the old process of banking.
In this paper, the group will cover security issues and
different impacts regarding the traditional banking method.
The group is concerned about the issues presented because
the group thinks that these issues are very important and
6
relevant today, a lot of people save money and really trust
banks with their money. In addition, the group wants this
research paper to be read by many students who are in no
knowledge about certain issues about banking. Lastly, the
group will provide and recommend different solutions about
the issues regarding E-Banking.
In order for customers to use their banks online
services they need to have a personal computer and
Internet connection. Their personal computer becomes their
virtual banker who will assist them in their banking errands.
Attaining information about accounts and loans,
Conducting transfers amongst different accounts, even
between external banks, Paying bills, Buying and selling
stocks and bonds by depot, Buying and selling fund
shares39 These services that are offered by e-banking are
changing and being improved because of the intense
competition between the banks online. Banking industry
must adapt to the electronics age, which in its turn is
changing all the time. EFT transactions require
authorization and a method to authenticate the card and the
card holder. Whereas a merchant may manually verify the
card holder's signature, EFT transactions require the card
holder's PIN to be sent online in an encrypted form for
validation by the card issuer. Other information may be
7
included in the transaction, some of which is not visible to
the card holder for instance magnetic stripe data and some
of which may be requested from the card holder for
instance the card holder's address or the CVV2 security
value printed on the card. EFT transactions are activated
during e-banking procedures. Various methods of e-banking
include: Telephone banking Online banking Short Message
Service SMS banking Mobile banking Interactive-TV
banking. Independent of location or time, you can execute
your payments and stock market orders and you get
detailed information on your accounts and custody
accounts.
Financial Regulators are generally viewed as the
professional party poopers at any upbeat conference like
this, warning of dire consequences ahead for any who stray
from the virtuous path of prudence and regulatory
compliance. I will do my best to meet your possibly
reasonable but miserable expectations later on. But before I
do please allow me to dwell briefly on what we in the FSA
consider being the potentially very positive aspects of E
Commerce for firms, consumers – and even for regulators!
A few examples:
For Firms E Commerce brings:
different and arguably lower barriers to entry;
8
opportunities for significant cost reduction;
the capacity to rapidly re-engineer business processes;
greater opportunities to sell cross border.
Each and all of these potential benefits provides for
increased competition and the ability to wrest market
leadership from established players.
For consumers the potential benefits are:
more choice;
greater competition and better value for money;
more information;
better tools to manage and compare information;
faster service.
And there are potential benefits even for regulators:
better, more flexible, user friendly information for
consumers and others on our own web-site;
better, almost indestructible audit trails;
potential to monitor advertising and advice activity
more easily;
more cost effective and efficient use of regulatory tools
(for example the use of our extra net over the Y2K
period).
But of course there are also risks. The risks to firms –
specifically banks I will cover later. For consumers the
9
biggest risks are probably information overload and not
understanding whom they are dealing with and on what
terms. This can range from dealing with a perfectly
respectable company from another jurisdiction, but not
understanding for example the different legal environment,
compensation schemes and ombudsman arrangements,
through to being vulnerable to scams and frauds.
For regulators one key danger is a failure to
understand changing risk profiles and vulnerabilities of
individual firms and also changes to market structures and
interactions. Another very important risk is that our own
regulatory framework could somehow inhibit desirable
innovations by not adapting quickly enough.
We are very conscious of this in the FSA and are trying
very hard to be E-neutral (a recent example of this is the
proposed Conduct of Business Sourcebook). We have also
selected E-commerce as one of our regulatory themes for
this year and are very active in international fore – but more
of that later.
India is marching towards m-commerce - a world
where you can make all payments by keying in instructions
on your e-banking. In India, however, there is a limitation
on the availability of functions that can be deployed by
banking customers.
10
Most e-banking transactions today are ‘information-
based’ -- customers engage in m-banking services like
balance enquiry, last three transactions, "alerts" for strange
activities in bank accounts etc. Some banks like IDBI Bank
are also offering bill-payment services to customers through
m-banking.
However, actual cash transactions like fund-transfer,
payment of bills at a restaurant among others have not yet
been introduced in India. There are many reasons for this.
Firstly, as m-banking is currently SMS-based, the
transaction delivery time is not guaranteed since it is
dependent on factors like SMSC (short message service
centre) congestion and network strength in the area where
the customer is located. Secondly, there is an issue of
repudiation as till date there are no clear guidelines on
wireless payments.
In the very near future, one can see m-banking leaping
into a new phase. With the advent of Java-enabled e-
bankingdevices, the shape of m-banking services is in for a
change. One would also be ensured the same amount of
security and comfort as one would be when using internet
banking.
11
DEFINITIONS
Definition of E-banking
(I) "E-banking" is a banking service for customer to
make enquiry, transfer, remittance, donation, and
spending and bill payment according to the
customer's short message instructions sent through
mobile. Result will be sent back to customer by
short message.
(II) "Registered Customer" refers to customers who
have registered E-banking Service through
www.icbc.com.cn or at ICBC business offices.
(III) "Non-registered Customer" refers to customers who
have not registered E-banking service.
(IV) "Registered E-banking Number" is the e-banking
number given and confirmed by customer when
registering E-banking Service.
(V) "Default Payment Card" is a registered card
designated by customer when registering E-banking
Service. Customers do not need to input card
number when making enquiry or transfer of this
default payment card.
12
(VI) "Payment Password" is the password set up and
confirmed by customer when registering E-banking
Service. Customer must enter this payment
password when making enquiry, remittance, bill
payment, consumption and cancellation.
E-banking Services applied through registering e-banking
number or through registering e-banking number and
payment password are all considered as customers' actions.
Customers held responsible for the banking transactions
through the above-mentioned number and password. For
security purpose, customers should safely keep the e-
banking and payment password. Timely stop the e-banking
or cancel E-banking Service once the e-banking is lost.
Customers should delete the payment password from the e-
banking after making transactions through E-banking. It is
recommended that payment password should be different
from the payment password of Internet Banking.
13
HISTORY OF E-BANKING
In countries like Korea, two SIM Card is used in e-
banking. One for the telephonic purpose and the other for
banking. Bank account data is encrypted on a smart-card
chip. About 3.3 million transactions were reported by Bank
of Korea in 2004. In a move that will take the frontiers of
banking transactions beyond the ATM and internet, full-
fledged banking transactions through e-banking have been
introduced by ICICI Bank. The bank has now kicked off a e-
14
banking service, where a customer can replicate all
transactions through e-banking similar to an internet
banking transaction. Till now, customers were only able to
get all information like balance in the account and e-
banking alerts through e-banking.
The past few years have seen customers migrating
from branch banking to a host of non-branch channels like
ATMs, call centre and internet banking. In case of ICICI
Bank, around 55% of the transactions now happen through
ATMs, 22% through the internet, 12% through call centre
and the remaining through branches. Incidentally, around
five years ago, transactions through internet banking was a
minuscule 2%. Through the new platform Mobile, all
internet banking transactions can now be done on e-
banking. Customers can now transfer funds to ICICI Bank
and non-ICICI Bank accounts, pay their utility bills and
insurance premium and do a host of other operations. The
application covers savings accounts, demat, credit card and
loan accounts.
According to ICICI Bank ED V Vaidyanathan said, the
new service will help to give more power to the customer.
They can now transact from practically anywhere. He
expects the new service to see transactions of over 40%
over a period of time.
15
Both GPRS and non-GPRS customers would be able to
use the service. Customers will be required to enter four-
digit PIN to enter the e-banking application, which will
prevent unauthorized use of the service.
Currently, ICICI Bank has 13 million customers, Of
which, there are 2.5-million active customers. It also has 7-
million registered customers for SMS alerts. The bank
currently sends around 20 million alerts a month. Citi and
HSBC have this service in other parts of the world. Some of
these banks are now looking at launching these services
here. Until now, e-banking services, which were provided by
banks, have been SMS-enabled. Moreover, these were
push-services like SMS alerts and balance enquiries. There
have also been security concerns plaguing the introduction
of such services since the SMS route, through which the
information travels, is totally unsecured.
Aditya Menon, Chief IT officer of Obopay India — a e-
bankingpayments solutions company — said many banks
have been working on a mobile-payment solution. Obopay is
working with six other banks to provide a service that will
enable bank customers to transfer funds to anyone who has
a e-bankingphone and a bank account. In fact, banks like
Corporation Bank and Union Bank of India also have similar
products in the pipeline.
16
The first e-banking and payment initiative was
announced during 1999. The first major deployment was
made by a company called Pay box (largely supported
financially by Deutsche Bank). The company was founded by
two young German's (Mathias Entemann and Eckart
Ortwein) and successfully deployed the solution in
Germany, Austria, Sweden, Spain and the UK. At about
2003 more than a million people were registered on Pay box
and the company was rated by Gartner as the leader in the
field. Unfortunately Deutsche Bank withdraws their
financial support and the company had to reorganize
quickly. All but the operations in Austria closed down.
Another early starter and also identified as a leader in
the field was a Spanish initiative (backed by BBVA and
Telephonica), called Mobi Pago. The name was later
changed to Mobi Pay and all banks and e-banking operators
in Spain were invited to join. The product was launched in
2003 and many retailers were acquired to accept the special
USSD payment confirmation. Because of the complex
shareholding and the constant political challenges of the
different owners, the product never fulfilled the promise
that it had. With no marketing support and no compelling
reason for adoption, this initiative is floundering at the
moment.
17
Many other large players announced initiatives and ran
pilots with big fanfare, but never showed traction and all
initiatives were ultimately discontinued. Some of the early
examples are the famous vending machines at the Helsinki
airport supported by a system from Nokia. Siemens made
announcements in conjunction with listed and high-flying
German e-commerce company, Brocket. Brocket also won
the lucrative Vodafone contract in 2002, but crashed soon
afterwards when it runs out of funds. Israel (as can be
expected) produced a large number of e-banking payment
start-ups. Of the many, only one survived - Trivet. Others
like Advantech and Patty disappeared after a number of
pilots but without any successful production deployments.
Initiatives in Norway, Sweden and France never got
traction. France Telecom launched an ambitious product
based on a special e-banking with an integrated card
reader. The solution worked well, but never became popular
because of the unattractive, special phone that participants
needed in order to perform these payments. Since 2004, e-
banking and payment industry has come of age. Successful
deployments with positive business cases and big strategic
impact have been seen recently.
18
ADVANTAGES AND DISADVANTAGES
Advantages
The biggest advantage that e-banking offers to banks is
that it significantly cuts down the costs of providing
service to the customers.
For example: An average teller or phone transaction
costs about $2.36 each, whereas an electronic
transaction costs only about $0.10 each. Additionally,
this new channel gives the bank ability to cross-sell up-
sell their other complex banking products and services
such as vehicle loans, credit cards etc.
For service providers, E-banking offers the next surest
way to achieve growth.
19
Countries like Korea where e-banking penetration is
nearing saturation, e-banking is helping service
providers increase revenues from the now static
subscriber base. Also service providers are
increasingly using the complexity of their supported e-
banking services to attract new customers and retain
old ones.
Disadvantages
Back in days when Internet was introduced, it was a
boon to the financial industry as it reduced all volumes
by opening another self service channel for servicing
customers.
With e-banking that advantage is not there as already
investments are made to reduce call volumes using
Internet and Internet is one of the technologies that is
ever spreading in customer community. Almost 80% of
the people in US already have internet connection. E-
banking would be another value added service that can
be provided by financial institutions, it may only bring
good will.
20
Depending on the technological direction for enabling
E-banking companies either has to spend enormous
amount of money in matching customers' expectation
or maintaining another stream of technology
applications.
Technology still has security issues and software
distribution issues.
The Federal Trade Commission received 301,835 fraud
complaints and 214,905 identity theft complaints in 2003.
Bank fraud accounted for 17 percent — more than 36,000 —
of the identity theft complaints. That represents just the
victims who actually filed a complaint with the agency. The
FTC estimate there was 10 million identity theft victims that
year. Already lot of banks are either providing e-banking
services or getting ready to provide e-banking services.
Second we would like to evaluate what are the real
potential opportunities for the bank, in spite of the
negativity around the technology and business value, For
sure US is yet to catch up with the number of users using e-
banking. Data at customers fingertips is still a potential
opportunity, not even most of the Internet banking sites are
able to provide one customer view Intelligent applications
21
that enable customers to bank, trade, make intelligent
credit/investment decisions is still a sector unexplored.
More than Customers bank workforce itself can benefit a lot
from developing productivity applications.
DEVELOPMENT OF E-BANKING
So, these are some of the particular risks arising in E-
banking that we have hitherto identified in the UK domestic
environment – though I suspect that many of my regulator
colleagues outside the UK would share many of these views.
I would like to move on to the international side.
Supervision in today’s global environment can only
ever be effective if it has an international dimension. This is
22
especially the case with e-banking because of its non-
territorial nature, the ease with which customers outside
the home country can access the site and the opportunity to
buy several types of product. Of course, regulators have
long had to deal with the regulatory problems of
international banking. They had set up mechanisms for
cross-border supervision; agreements over home/host
responsibilities (especially within the Community), bilateral
agreement for information sharing and general standards
by which they expect all banks, including those offshore
territories, to abide. In principle, the expectation is that this
general mechanism for international supervision will be
robust enough to work just as well in the e-banking as the
physical environment.
Nevertheless, it will not be quite as easy as that!
Inevitably the nature of e-banking raises particular issues in
the application of the general approach outlined here. E-
banking makes it even more necessary to develop a
cohesive international approach to regulation – not only in
the field of prudential regulation where Basel has made
much progress, but also in the areas of conduct of business
for consumer protection.
The Basel Committee E-Banking Group believes that
Basel "should provide the international supervisory
community with a broad set of advisory guidance with
23
respect to electronic banking," thereby providing a basis for
domestic regulation and supporting consumer and industry
education. Globally, such guidance would assist
international co-operation and act as a foundation for a
coherent approach to supervising e-banking. It could
facilitate international e-banking by creating consumer
confidence in sound banks based in different, possibly less
satisfactory, regimes and might dissuade host supervisors
from imposing additional, potentially draconian, regulation
on such banks. The Group identified:
Authorization,
prudential standards,
transparency,
privacy,
money laundering, and
cross border supervision
as issues on which they felt that there is need for further
work, both at the analytical and policy level before any such
guidance could be developed. The FSA is involved in the
Basel Group and will be contributing to the work,
participating in the drafting of papers and hosting both the
group’s next meeting and a roundtable for its members and
a number of European banks and service providers. We
welcome any contributions from the industry to this debate;
and have indeed been actively soliciting them.
24
Cross-border issues
There are also significant cross-border issues.
We foresee difficulties for depositors identifying the
jurisdiction within which e-banks offering services in the UK
are based, given the potential absence of physical presence
and the ability for e-banks to move to a new jurisdiction
relatively rapidly. These concerns have prompted a
considerable amount of debate and analysis in the
international supervisory community. Within Europe home v
host state supervision is a particularly important issue.
Banks may tend to seek authorization wherever the tax,
compliance and costs are lowest, as location will become
less of a critical issue since services may easily be provided
on a cross-border basis. E-banking is likely therefore to
significantly increase the usage of the 2BCD passport (that
is the Community equivalent of your passport, but for a
bank), thereby making it even more crucial that all
European regulators undertake supervision in a satisfactory
(and harmonised) manner and that communication between
regulators is adequate.
A number of initiatives with implications for home and
host state supervision are being discussed, for example the
draft e-commerce and distance marketing directives and the
Rome and Brussels conventions. The debate is far from
25
being resolved and a considerable degree of uncertainty
remains. For example within the e-commerce Directive
‘home’ and ‘host’ have been replaced with ‘home’ and
‘country of origin’, the implications of which are as yet
unclear. The current drafting (agreed at Council) is
sufficiently vague to potentially allow numerous regulators
to assert jurisdiction over an Internet service, thereby
nullifying the main advantage of the Directive, home state
regulation. However we would expect that a suitable
compromise on the point will be worked out so as to avoid
this outcome. Certainly this is what we at the FSA are
working towards.
26
CHALLENGES AND OPPORTUNITIES
E-banking is a generic term for delivery of banking
services and products through electronic channels, such as
the telephone, the internet, the cell phone, etc. The concept
and scope of E-banking is still evolving. It facilitates an
effective payment and accounting system thereby enhancing
the speed of delivery of banking services considerably.
While E-banking has improved efficiency and convenience,
it has also posed several challenges to the regulators and
supervisors. Several initiatives taken by the government of
India, as well as the Reserve Bank of India (RBI), have
facilitated the development of E-banking in India. The
government of India enacted the IT Act, 2000, which
provides legal recognition to electronic transactions and
other means of electronic commerce. The RBI has been
preparing to upgrade itself as a regulator and supervisor of
the technologically dominated financial system. It issued
guidelines on risks and control in computer and
telecommunication system to all banks, advising them to
evaluate the risks inherent in the systems and put in place
adequate control mechanisms to address these risks. The
existing regulatory framework over banks has also been
27
extended to E-banking. It covers various issues that fall
within the framework of technology, security standards, and
legal and regulatory issues. This book — containing 12
scholarly articles — will benefit those interested in the
technological developments of E-banking in India
Electronic banking is the wave of the future. It
provides enormous benefits to consumers in terms of the
ease and cost of transactions. But it also poses new
challenges for country authorities in regulating and
supervising the financial system and in designing and
implementing macroeconomic policy.
Electronic banking has been around for some time in
the form of automatic teller machines and telephone
transactions. More recently, it has been transformed by the
Internet, a new delivery channel for banking services that
benefits both customers and banks. Access is fast,
convenient, and available around the clock, whatever the
customer's location (see illustration above). Plus, banks can
provide services more efficiently and at substantially lower
costs. For example, a typical customer transaction costing
about $1 in a traditional "brick and mortar" bank branch or
$0.60 through a phone call costs only about $0.02 online.
Electronic banking also makes it easier for customers
to compare banks' services and products, can increase
28
competition among banks, and allows banks to penetrate
new markets and thus expand their geographical reach.
Some even see electronic banking as an opportunity for
countries with underdeveloped financial systems to leapfrog
developmental stages. Customers in such countries can
access services more easily from banks abroad and through
wireless communication systems, which are developing
more rapidly than traditional "wired" communication
networks.
The flip side of this technological boom is that
electronic banking is not only susceptible to, but may
exacerbate, some of the same risks-particularly governance,
Legal, operational, and reputational-inherent in traditional
banking. In addition, it poses new challenges. In response,
many national regulators have already modified their
regulations to achieve their main objectives: ensuring the
safety and soundness of the domestic banking system,
promoting market discipline, and protecting customer
rights and the public trust in the banking system.
Policymakers are also becoming increasingly aware of the
greater potential impact of macroeconomic policy on capital
movements.
MACROECONOMIC CHALLENGES
But the challenges are not limited to regulators. As the
advent of e-banking quickly changes the financial landscape
29
and increases the potential for quick ross-border capital
movements, macroeconomic policymakers face several
cdifficult questions.
If electronic banking does make national
boundaries irrelevant by facilitating capital
movements, what does this imply for
macroeconomic management?
How is monetary policy affected when, for
example, the use of electronic means makes it
easier for banks to avoid reserve requirements, or
when business can be conducted in foreign
currencies as easily as in domestic currency?
When offshore banking and capital flight are
potentially only a few mouse clicks away, does a
government have any leeway for independent
monetary or fiscal policy?
How will the choice of the exchange rate regime
be affected, and how will e-banking influence the
targeted level of international reserves of a
central bank
Can a government afford to make any mistakes? Will
the spread of electronic banking impose harsh market
discipline on governments as well as on businesses?
The answers to these questions fall into two emerging
strands of thought. First, the technological revolution--
30
particularly the expansion of electronic money but also,
more broadly, electronic advances in banking practices--
could result in a decoupling of households' and firms'
decisions from the purely financial operations of the central
bank. Thus, the ability of monetary policy to influence
inflation and economic activity would be threatened.
Second, as electronic banking expands, financial
transaction costs can decline significantly. The result would
be tantamount to a reduction in the "sand in the wheels" of
the financial sector machinery, making capital flows even
easier to effect, with a potential erosion of the effectiveness
of domestic monetary policy. In this regard, proponents of
the Tobin tax--which would tax short-term capital flows to
increase their cost and, thereby, the sand in the wheels--
would feel that electronic banking makes an even more
compelling case for introducing such a tax.
CHALLENGES
Key challenges in developing a sophisticated e-banking
application
1. Interoperability
There is a lack of common technology standards for e-
banking. Many protocols are being used for e-banking –
HTML, WAP, SOAP, XML to name a few. It would be a
wise idea for the vendor to develop a e-banking
31
application that can connect multiple banks. It would
require either the application to support multiple
protocols or use of a common and widely acceptable set
of protocols for data exchange.
There are a large number of different e-bankingphone
devices and it is a big challenge for banks to offer e-
banking solution on any type of device. Some of these
devices support J2ME and others support WAP browser
or only SMS.
Overcoming interoperability issues however have been
localized, with countries like India using portals like R-
World to enable the limitations of low end java based
phones, while focus on areas such as South Africa have
defaulted to the USSD as a basis of communication
achievable with any phone.
The desire for interoperability is largely dependent on
the banks themselves, where installed applications (Java
based or native) provide better security, are easier to use
and allow development of more complex capabilities
similar to those of internet banking while SMS can
provide the basics but becomes difficult to operate with
more complex transactions.
2. Security
32
Security of financial transactions, being executed from
some remote location and transmission of financial
information over the air, are the most complicated
challenges that need to be addressed jointly by e-banking
application developers, wireless network service
providers and the banks' IT departments.
The following aspects need to be addressed to offer a
secure infrastructure for financial transaction over
wireless network:
Physical part of the hand-held device. If the bank is
offering smart-card based security, the physical
security of the device is more important.
Security of any thick-client application running on
the device. In case the device is stolen, the hacker
should require at least an ID/Password to access the
application.
Authentication of the device with service provider
before initiating a transaction. This would ensure
that unauthorized devices are not connected to
perform financial transactions.
User ID / Password authentication of bank’s
customer.
Encryption of the data being transmitted over the
air.
33
Encryption of the data that will be stored in device
for later / off-line analysis by the customer.
3. Scalability & Reliability
Another challenge for the CIOs and CTOs of the banks is
to scale-up the e-banking infrastructure to handle
exponential growth of the customer base. With e-banking,
the customer may be sitting in any part of the world (true
anytime, anywhere banking) and hence banks need to
ensure that the systems are up and running in a true 24
x 7 fashion. As customers will find e-banking more and
more useful, their expectations from the solution will
increase. Banks unable to meet the performance and
reliability expectations may lose customer confidence.
4. Application distribution
Due to the nature of the connectivity between bank and
its customers, it would be impractical to expect
customers to regularly visit banks or connect to a web
site for regular upgrade of their e-banking application. It
will be expected that the e-banking application itself
check the upgrades and updates and download necessary
patches (so called Over the Air updates). However, there
could be many issues to implement this approach such as
34
upgrade / synchronization of other dependent
components.
5. Personalization
It would be expected from the e-banking application to
support personalization such as:
Preferred Language
Date / Time format
Amount format
Default transactions
Standard Beneficiary list
Alert.
35
IMPACT OF E-BANKING ON
TRADITIONAL SERVICES
One of the issues currently being addressed is the
impact of e-banking on traditional banking players. After all,
if there are risks inherent in going into e-banking there are
other risks in not doing so. It is too early to have a firm view
on this yet. Even to practitioners the future of e-banking
and its implications are unclear. It might be convenient
nevertheless to outline briefly two views that are prevalent
in the market. The view that the Internet is a revolution that
will sweep away the old order holds much sway. Arguments
in favor are as follows:
E-banking transactions are much cheaper than branch
or even phone transactions. This could turn yesterday’s
competitive advantage - a large branch network, into a
comparative disadvantage, allowing e-banks to
36
undercut bricks-and-mortar banks. This is commonly
known as the "beached dinosaur" theory.
E-banks are easy to set up so lots of new entrants will
arrive. ‘Old-world’ systems, cultures and structures
will not encumber these new entrants. Instead, they
will be adaptable and responsive. E-banking gives
consumers much more choice. Consumers will be less
inclined to remain loyal.
E-banking will lead to an erosion of the ‘endowment
effect’ currently enjoyed by the major UK banks.
Deposits will go elsewhere with the consequence that
these banks will have to fight to regain and retain their
customer base. This will increase their cost of funds,
possibly making their business less viable. Lost revenue
may even result in these banks taking more risks to breach
the gap. Portal providers, are likely to attract the most
significant share of banking profits. Indeed banks could
become glorified marriage brokers. They would simply bring
two parties together – e.g. buyer and seller, payer and
payee. The products will be provided by monoclines, experts
in their field. Traditional banks may simply be left with
payment and settlement business – even this could be cast
into doubt. Traditional banks will find it difficult to evolve.
37
Not only will they be unable to make acquisitions for cash
as opposed to being able to offer shares, they will be unable
to obtain additional capital from the stock market. This is in
contrast to the situation for Internet firms for whom it
seems relatively easy to attract investment.
There is of course another view which sees e-banking more
as an evolution than a revolution. E-banking is just banking
offered via a new delivery channel. It simply gives
consumers another service (just as ATMs did). Like ATMs,
e-banking will impact on the nature of branches but will not
remove their value. Traditional banks are starting to fight
back.
The start-up costs of an e-bank are high. Establishing a
trusted brand is very costly as it requires significant
advertising expenditure in addition to the purchase of
expensive technology (as security and privacy are key to
gaining customer approval). E-banks have already found
that retail banking only becomes profitable once a large
critical mass is achieved. Consequently many e-banks are
limiting themselves to providing a tailored service to the
better off.
Nobody really knows which of these versions will triumph.
This is something that the market will determine. However,
supervisors will need to pay close attention to the impact of
e-banks on the traditional banks, for example by
38
surveillance of: strategy customer levels earnings and costs
advertising spending margins funding costs merger
opportunities and threats.
Before talking about the issues of risks and responses
to E banking, I would like to spend a little time considering
the wider question of what the e-banking revolution might
mean for the future. I take "E" to mean anything electronic
whether it be Internet, television, telephone or all three.
One of the issues currently being addressed is the
impact of e-banking on traditional banking players. After all,
if there are risks inherent in going into e-banking there are
other risks in not doing so. It is too early to have a firm view
on this yet. Even to practitioners the future of e-banking
and its implications are unclear. It might be convenient
nevertheless to outline briefly two views that are prevalent
in the market.
The view that the Internet is a revolution that will
sweep away the old order holds much sway. Arguments in
favor are as follows E-banking transactions are much
cheaper than branch or even phone transactions. This could
turn yesterday’s competitive advantage - a large branch
network - into a comparative disadvantage, allowing e-
banks to undercut bricks-and-mortar banks. This is
commonly known as the "beached dinosaur" theory. E-banks
are easy to set up so lots of new entrants will arrive. ‘Old-
39
world’ systems, cultures and structures will not encumber
these new entrants. Instead, they will be adaptable and
responsive. E-banking gives consumers much more choice.
Consumers will be less inclined to remain loyal. E-banking
will lead to an erosion of the ‘endowment effect’ currently
enjoyed by the major UK banks. Deposits will go elsewhere
with the consequence that these banks will have to fight to
regain and retain their customer base. This will increase
their cost of funds, possibly making their business less
viable. Lost revenue may even result in these banks taking
more risks to breach the gap.
Portal providers are likely to attract the most
significant share of banking profits. Indeed banks could
become glorified marriage brokers. They would simply bring
two parties together – e.g. buyer and seller, payer and
payee. The products will be provided by monoclines, experts
in their field. Traditional banks may simply be left with
payment and settlement business – even this could be cast
into doubt.
Traditional banks will find it difficult to evolve. Not
only will they be unable to make acquisitions for cash as
opposed to being able to offer shares, they will be unable to
obtain additional capital from the stock market. This is in
contrast to the situation for Internet firms for whom it
seems relatively easy to attract investment. There is of
40
course another view which sees e-banking more as an
evolution than a revolution. E-banking is just banking
offered via a new delivery channel. It simply gives
consumers another service (just as ATMs did). Like ATMs,
e-banking will impact on the nature of branches but will not
remove their value.
Experience in Scandinavia (arguably the most
advanced e-banking area in the world) appears to confirm
that the future is ‘clicks and mortar’ banking. Customers
want full service banking via a number of delivery channels.
The future is therefore ‘Martini Banking’ (any time, any
place, anywhere, anyhow).
Traditional banks are starting to fight back.
The start-up costs of an e-bank are high. Establishing a
trusted brand is very costly as it requires significant
advertising expenditure in addition to the purchase of
expensive technology (as security and privacy are key to
gaining customer approval).
E-banks have already found that retail banking only
becomes profitable once a large critical mass is achieved.
Consequently many e-banks are limiting themselves to
providing a tailored service to the better off.
41
Nobody really knows which of these versions will
triumph. This is something that the market will determine.
However, supervisors will need to pay close attention to the
impact of e-banks on the traditional banks, for example by
surveillance of:
strategy
customer levels
earnings and costs
advertising spending
margins
funding costs
Merger opportunities and threats, both in the UK and
abroad.
42
RISKS IN E-BANKING
There are risks involved in e-banking. They are as follows:
1)Strategic Risk –
A financial institution’s board and management should
understand the risks associated with e-banking services and
evaluate the resulting risk management costs against the
potential return on investment prior to offering e-banking
services. Poor e-banking planning and investment decisions
can increase a financial institution’s strategic risk. On
strategic risk E-banking is relatively new and, as a result,
there can be a lack of understanding among senior
management about its potential and implications. People
with technological, but not banking, skills can end up
driving the initiatives. E-initiatives can spring up in an
incoherent and piecemeal manner in firms. They can be
expensive and can fail to recoup their cost. Furthermore,
they are often positioned as loss leaders (to capture market
share), but may not attract the types of customers that
43
banks want or expect and may have unexpected
implications on existing business lines.
Banks should respond to these risks by having a clear
strategy driven from the top and should ensure that this
strategy takes account of the effects of e-banking, wherever
relevant. Such a strategy should be clearly disseminated
across the business, and supported by a clear business plan
with an effective means of monitoring performance against
it. On strategic risk E-banking is relatively new and, as a
result, there can be a lack of understanding among senior
management about its potential and implications. People
with technological, but not banking, skills can end up
driving the initiatives. E-initiatives can spring up in an
incoherent and piecemeal manner in firms. They can be
expensive and can fail to recoup their cost. Furthermore,
they are often positioned as loss leaders (to capture market
share), but may not attract the types of customers that
banks want or expect and may have unexpected
implications on existing business lines.
Banks should respond to these risks by having a clear
strategy driven from the top and should ensure that this
strategy takes account of the effects of e-banking, wherever
relevant. Such a strategy should be clearly disseminated
across the business, and supported by a clear business plan
44
with an effective means of monitoring performance against
it.
2)Business risks –
Business risks are also significant. Given the newness of
e-banking, nobody knows much about whether e-banking
customers will have different characteristics from the
traditional banking customers. They may well have different
characteristics. This could render existing score card
models inappropriate, this resulting in either higher
rejection rates or inappropriate pricing to cover the risk.
Banks may not be able to assess credit quality at a distance
as effectively as they do in face to face circumstances.
It could be more difficult to assess the nature and quality
of collateral offered at a distance, especially if it is located
in an area the bank is unfamiliar with (particularly if this is
overseas). Furthermore as it is difficult to predict customer
volumes and the stickiness of e-deposits (things which could
lead either to rapid flows in or out of the bank) it could be
very difficult to manage liquidity.
Of course, these are old risks with which banks and
supervisors have considerable experience but they need to
be watchful of old risks in new guises. In particular risk
models and even processes designed for traditional banking
may not be appropriate. Transaction/operations risk -
45
Transaction/Operations risk arises from fraud, processing
errors, system disruptions, or other unanticipated events
resulting in the institution’s inability to deliver products or
services. This risk exists in each product and service
offered. The level of transaction risk is affected by the
structure of the institution’s processing environment,
including the types of services offered and the complexity of
the processes and supporting technology. In most instances,
e-banking activities will increase the complexity of the
institution’s activities and the quantity of its
transaction/operations risk, especially if the institution is
offering innovative services that have not been
standardized. Since customers expect e-banking services to
be available 24 hours a day, 7 days a week, financial
institutions should ensure their e-banking infrastructures
contain sufficient capacity and redundancy to ensure
reliable service availability. Even institutions that do not
consider e-banking a critical financial service due to the
availability of alternate processing channels, should
carefully consider customer expectations and the potential
impact of service disruptions on customer satisfaction and
loyalty.
The key to controlling transaction risk lies in adapting
effective polices, procedures, and controls to meet the new
risk exposures introduced by e-banking. Basic internal
controls including segregation of duties, dual controls, and
46
reconcilements remain important. Information security
controls, in particular, become more significant requiring
additional processes, tools, expertise, and testing.
Institutions should determine the appropriate level of
security controls based on their assessment of the
sensitivity of the information to the customer and to the
institution and on the institution’s established risk tolerance
level. Business risks are also significant. Given the newness
of e-banking, nobody knows much about whether e-banking
customers will have different characteristics from the
traditional banking customers. They may well have different
characteristics – eg I want it all and I want it now. This
could render existing score card models inappropriate, thus
resulting in either higher rejection rates or inappropriate
pricing to cover the risk. Banks may not be able to assess
credit quality at a distance as effectively as they do in face
to face circumstances. It could be more difficult to assess
the nature and quality of collateral offered at a distance,
especially if it is located in an area the bank is unfamiliar
with (particularly if this is overseas). Furthermore as it is
difficult to predict customer volumes and the stickiness of e-
deposits (things which could lead either to rapid flows in or
out of the bank) it could be very difficult to manage
liquidity.
3)Credit risk –
47
Generally, a financial institution’s credit risk is not
increased by the mere fact that a loan is originated through
an e-banking channel. However, management should
consider additional precautions when originating and
approving loans electronically, including assuring
management information systems effectively track the
performance of portfolios originated through e-banking
channels. The following aspects of on-line loan origination
and approval tend to make risk management of the lending
process more challenging. If not properly managed, these
aspects can significantly increase credit risk. Verifying the
customer’s identity for on-line credit applications and
executing an enforceable contract; Monitoring and
controlling the growth, pricing, underwriting standards, and
ongoing credit quality of loans originated through e-banking
channels; Monitoring and oversight of third-parties doing
business as agents or on behalf of the financial institution
(for example, an Internet loan origination site or electronic
payments processor); Valuing collateral and perfecting liens
over a potentially wider geographic area; Collecting loans
from individuals over a potentially wider geographic area;
Monitoring any increased volume of, and possible
concentration in, out-of-area lending. Liquidity, interest
rate, price/market risks - Funding and investment-related
risks could increase with an institution’s e-banking
initiatives depending on the volatility and pricing of the
48
acquired deposits. The Internet provides institutions with
the ability to market their products and services globally.
Internet-based advertising programs can effectively match
yield-focused investors with potentially high-yielding
deposits. But Internet-originated deposits have the potential
to attract customers who focus exclusively on rates and may
provide a funding source with risk characteristics similar to
brokered deposits. An institution can control this potential
volatility and expanded geographic reach through its
deposit contract and account opening practices, which
might involve face-to-face meetings or the exchange of
paper correspondence. The institution should modify its
policies as necessary to address the following e-banking
funding issues:
Potential increase in dependence on brokered funds or
other highly rate-sensitive deposits;
Potential acquisition of funds from markets where the
institution is not licensed to engage in banking,
particularly if the institution does not establish,
disclose, and enforce geographic restrictions;
Potential impact of loan or deposit growth from an
expanded Internet market, including the impact of
such growth on capital ratios;
49
Potential increase in volatility of funds should e-
banking security problems negatively impact customer
confidence or the market’s perception of the
institution.
This changing financial landscape brings with it new
challenges for bank management and regulatory and
supervisory authorities. The major ones stem from
increased cross-border transactions resulting from
drastically lower transaction costs and the greater ease of
banking activities, and from the reliance on technology to
provide banking services with the necessary security.
4)Operations risk-
The reliance on new technology to provide services
makes security and system availability the central
operational risk of electronic banking. Security threats can
come from inside or outside the system, so banking
regulators and supervisors must ensure that banks have
appropriate practices in place to guarantee the
confidentiality of data, as well as the integrity of the system
and the data. Banks' security practices should be regularly
tested and reviewed by outside experts to analyze network
vulnerabilities and recovery preparedness. Capacity
planning to address increasing transaction volumes and
new technological developments should take account of the
budgetary impact of new investments, the ability to attract
50
staff with the necessary expertise, and potential
dependence on external service providers. Managing
heightened operational risks needs to become an integral
part of banks' overall management of risk, and supervisors
need to include operational risks in their safety and
soundness evaluations.
There are three types of operation risks. They are as
follows:
volume forecasts
management information systems and
Outsourcing.
Accurate volume forecasts have proved difficult - One
of the key challenges encountered by banks in the Internet
environment is how to predict and manage the volume of
customers that they will obtain. Many banks going on-line
have significantly misjudged volumes. When a bank has
inadequate systems to cope with demand it may suffer
reputational and financial damage, and even compromises
in security if extra systems that are inadequately configured
or tested are brought on-line to deal with the capacity
problems.
As a way of addressing this risk, banks should:
undertake market research,
51
adopt systems with adequate capacity and scalability,
undertake proportionate advertising campaigns, and
Ensure that they have adequate staff coverage and
develop a suitable business continuity plan.
In brief, this is a new area, nobody knows all the answers,
and banks need to exercise particular caution.
The second type of operations risk concerns management
information systems. Again this is not unique to E-banking. I
have seen many banks venture into new areas without
having addressed management information issues. Banks
may have difficulties in obtaining adequate management
information to monitor their e-service, as it can be difficult
to establish/configure new systems to ensure that sufficient,
meaningful and clear information is generated. Such
information is particularly important in a new field like e-
banking. Banks are being encouraged by the FSA to ensure
that management have all the information that they require
in a format that they understand and that does not cloud the
key information with superfluous details.
Finally, a significant number of banks offering e-banking
services outsource related business functions, e.g. security,
either for reasons of cost reduction or, as is often the case
in this field, because they do not have the relevant expertise
in-house. Outsourcing a significant function can create
material risks by potentially reducing a bank’s control over
52
that function. Outsourcing is of course neither new nor
unmanageable but banks should be mindful of the FSA’s
guidance on outsourcing, which addresses these risks.
5)Regulatory risk-
Because the Internet allows services to be provided from
anywhere in the world, there is a danger that banks will try
to avoid regulation and supervision. What can regulators
do? They can require even banks that provide their services
from a remote location through the Internet to be licensed.
Licensing would be particularly appropriate where
supervision is weak and cooperation between a virtual bank
and the home supervisor is not adequate. Licensing is the
norm, for example, in the United States and most of the
countries of the European Union. A virtual bank licensed
outside these jurisdictions that wishes to offer electronic
banking services and take deposits in these countries must
first establish a licensed branch.
Determining when a bank's electronic services trigger
the need for a license can be difficult, but indicators
showing where banking services originate and where they
are provided can help. For example, a virtual bank licensed
in country X is not seen as taking deposits in country Y if
customers make their deposits by posting checks to an
address in country X. If a customer makes a deposit at an
automatic teller machine in country Y, however, that
53
transaction would most likely be considered deposit taking
in country. Regulators need to establish guidelines to clarify
the gray areas between these two cases.
6)Legal risk-
Electronic banking carries heightened legal risks for
banks. Banks can potentially expand the geographical scope
of their services faster through electronic banking than
through traditional banks. In some cases, however, they
might not be fully versed in a jurisdiction's local laws and
regulations before they begin to offer services there, either
with a license or without a license if one is not required.
When a license is not required, a virtual bank--lacking
contact with its host country supervisor--may find it even
more difficult to stay abreast of regulatory changes. As a
consequence, virtual banks could unknowingly violate
customer protection laws, including on data collection and
privacy, and regulations on soliciting. In doing so, they
expose themselves to losses through lawsuits or crimes that
are not prosecuted because of jurisdictional disputes.
Money laundering is an age-old criminal activity that has
been greatly facilitated by electronic banking because of the
anonymity it affords. Once a customer opens an account, it
is impossible for banks to identify whether the nominal
account holder is conducting a transaction or even where
the transaction is taking place. To combat money
54
laundering, many countries have issued specific guidelines
on identifying customers. They typically comprise
recommendations for verifying an individual's identity and
address before a customer account is opened and for
monitoring online transactions, which requires great
vigilance.
In a report issued in 2000, the Organization for Economic
Cooperation and Development's Financial Action Task Force
raised another concern. With electronic banking crossing
national boundaries, whose regulatory authorities will
investigate and pursue money laundering violations? The
answer, according to the task force, lies in coordinating
legislation and regulation internationally to avoid the
creation of safe havens for criminal activities.
7)Reputational risk-
Breaches of security and disruptions to the system's
availability can damage a bank's reputation. The more a
bank relies on electronic delivery channels, the greater the
potential for reputational risks. If one electronic bank
encounters problems that cause customers to lose
confidence in electronic delivery channels as a whole or to
view bank failures as system wide supervisory deficiencies,
these problems can potentially affect other providers of
electronic banking services. In many countries where
55
electronic banking is becoming the trend, bank supervisors
have put in place internal guidance notes for examiners,
and many have released risk-management guidelines for
banks. This is considerably heightened for banks using the
Internet. For example the Internet allows for the rapid
dissemination of information which means that any incident,
either good or bad, is common knowledge within a short
space of time. The speed of the Internet considerably cuts
the optimal response times for both banks and regulators to
any incident.
Any problems encountered by one firm in this new
environment may affect the business of another, as it may
affect confidence in the Internet as a whole. There is
therefore a risk that one rogue e-bank could cause
significant problems for all banks providing services via the
Internet. This is a new type of systemic risk and is causing
concern to e-banking providers. Overall, the Internet puts
an emphasis on reputational risks. Banks need to be sure
that customers’ rights and information needs are
adequately safeguarded and provided for. Breaches of
security and disruptions to the system's availability can
damage a bank's reputation. The more a bank relies on
electronic delivery channels, the greater the potential for
reputational risks. If one electronic bank encounters
problems that cause customers to lose confidence in
electronic delivery channels as a whole or to view bank
56
failures as system wide supervisory deficiencies, these
problems can potentially affect other providers of electronic
banking services. In many countries where electronic
banking is becoming the trend, bank supervisors have put in
place internal guidance notes for examiners, and many have
released risk-management guidelines for banks.
Reputational risks also stem from customer misuse of
security precautions or ignorance about the need for such
precautions. Security risks can be amplified and may result
in a loss of confidence in electronic delivery channels. The
solution is consumer education--a process in which
regulators and supervisors can assist. For example, some
bank supervisors provide links on their websites allowing
customers to identify online banks with legitimate charters
and deposit insurance. They also issue tips on Internet
banking, offer consumer help lines, and issue warnings
about specific entities that may be conducting unauthorized
banking operations in the country.
Money laundering is an age-old criminal activity that
has been greatly facilitated by electronic banking because
of the anonymity it affords. Once a customer opens an
account, it is impossible for banks to identify whether the
nominal account holder is conducting a transaction or even
where the transaction is taking place. To combat money
laundering, many countries have issued specific guidelines
57
on identifying customers. They typically comprise
recommendations for verifying an individual's identity and
address before a customer account is opened and for
monitoring online transactions, which requires great
vigilance.
REGULATORY TOOLS AND SECURITY
There are four key tools that regulators need to focus on to
address the new challenges posed by the arrival of e-
banking.
Adaptation-
In light of how rapidly technology is changing and
what the changes mean for banking activities, keeping
regulations up to date has been, and continues to be, a
far-reaching, time-consuming, and complex task. In
May 2001, the Bank for International Settlements
issued its "Risk Management Principles for Electronic
Banking," which discusses how to extend, adapt, and
tailor the existing risk-management framework to the
electronic banking setting. For example, it
recommends that a bank's board of directors and
senior management review and approve the key
58
aspects of the security control process, which should
include measures to authenticate the identity and
authorization of customers, promote non repudiation of
transactions, protect data integrity, and ensure
segregation of duties within e-banking systems,
databases, and applications. Regulators and
supervisors must also ensure that their staffs have the
relevant technological expertise to assess potential
changes in risks, which may require significant
investment in training and in hardware and software.
Legalization-
New methods for conducting transactions, new
instruments, and new service providers will require
legal definition, recognition, and permission. For
example, it will be essential to define an electronic
signature and give it the same legal status as the
handwritten signature. Existing legal definitions and
permissions--such as the legal definition of a bank and
the concept of a national border--will also need to be
rethought.
Harmonization-
59
International harmonization of electronic banking
regulation must be a top priority. This means
intensifying cross-border cooperation between
supervisors and coordinating laws and regulatory
practices internationally and domestically across
different regulatory agencies. The problem of
jurisdiction that arises from "borderless" transactions
is, as of this writing, in limbo. For now, each country
must decide who has jurisdiction over electronic
banking involving its citizens. The task of international
harmonization and cooperation can be viewed as the
most daunting in addressing the challenges of
electronic banking.
Integration-
This is the process of including information
technology issues and their accompanying operational
risks in bank supervisors' safety and soundness
evaluations. In addition to the issues of privacy and
security, for example, bank examiners will want to
know how well the bank's management has elaborated
its business plan for electronic banking. A special
challenge for regulators will be supervising the
functions that are outsourced to third-party vendors.
Security is one of the most discussed issues around e-
banking. E-banking increases security risks, potentially
60
exposing hitherto isolated systems to open and risky
environments. Security breaches essentially fall into three
categories; breaches with serious criminal intent (fraud,
theft of commercially sensitive or financial information),
breaches by ‘casual hackers’ (defacement of web sites or
‘denial of service’ - causing web sites to crash), and flaws in
systems design and/or set up leading to security breaches
(genuine users seeing / being able to transact on other
users’ accounts). All of these threats have potentially
serious financial, legal and reputational implications.
Many banks are finding that their systems are being
probed for weaknesses hundreds of times a day but
damage/losses arising from security breaches have so far
tended to be minor. However some banks could develop
more sensitive "burglar alarms", so that they are better
aware of the nature and frequency of unsuccessful attempts
to break into their system. The most sensitive computer
systems, such as those used for high value payments or
those storing highly confidential information, tend to be the
most comprehensively secured. One could therefore imply
that the greater the potential loss to a bank the less likely it
is to occur, and in general this is the case. However, while
banks tend to have reasonable perimeter security, there is
sometimes insufficient segregation between internal
systems and poor internal security. It may be that someone
61
could breach the lighter security around a low value system.
It is easy to overemphasize the security risks in e-banking.
It must be remembered that the Internet could remove
some errors introduced by manual processing (by
increasing the degree of straight through processing from
the customer through banks’ systems). This reduces risks to
the integrity of transaction data (although the risk of
customers incorrectly inputting data remains). As e-banking
advances, focusing general attention on security risks, there
could be large security gains. Financial institutions need as
a minimum to have:
a strategic approach to information security,
building best practice security controls into
systems and networks as they are developed
a proactive approach to information security,
involving active testing of system security
controls (e.g. penetration testing), rapid response
to new threats and vulnerabilities and regular
review of market place developments
sufficient staff with information security expertise
active use of system based security management
and monitoring tools
62
strong business information security controls.
These are the issues line supervisors will be raising with
their banks as part of their on-going supervision. Security
issues are a major source of concern for everyone both
inside and outside the banking industry. E-banking
increases security risks, potentially exposing hitherto
isolated systems to open and risky environments. Both the
FSA and banks need to be proactive in monitoring and
managing the security threat.
Security breaches essentially fall into three categories;
breaches with serious criminal intent (e.g. fraud, theft of
commercially sensitive or financial information), breaches
by ‘casual hackers’ (e.g. defacement of web sites or ‘denial
of service’ - causing web sites to crash), and flaws in
systems design and/or set up leading to security breaches
(e.g. genuine users seeing / being able to transact on other
users’ accounts). All of these threats have potentially
serious financial, legal and reputational implications. Many
banks are finding that their systems are being probed for
weaknesses hundreds of times a day but damage/losses
arising from security breaches have so far tended to be
minor. However some banks could develop more sensitive
"burglar alarms", so that they are better aware of the
63
nature and frequency of unsuccessful attempts to break into
their system.
The most sensitive computer systems, such as those used
for high value payments or those storing highly confidential
information, tend to be the most comprehensively secured.
One could therefore imply that the greater the potential loss
to a bank the less likely it is to occur, and in general this is
the case. However, while banks tend to have reasonable
perimeter security, there is sometimes insufficient
segregation between internal systems and poor internal
security. It may be that someone could breach the lighter
security around a low value system, e.g. a bank’s retail web
site, and gain entry to a high value system via the bank’s
internal network. We are encouraging banks to look at the
firewalls between their different systems to ensure
adequate damage limitation should an external breach
occur. As ever though, the greatest threat so far has been
from the enemy within – i.e. your own employees,
contractors and so on.
It is easy to overemphasize the security risks in e-
banking. It must be remembered that the Internet could
remove some errors introduced by manual processing (by
increasing the degree of straight through processing from
the customer through banks’ systems). This reduces risks to
the integrity of transaction data (although the risk of
64
customer’s incorrectly inputting data remains). As e-
banking advances, focusing general attention on security
risks, there could be large security gains.
So what should banks be doing? Our view is that to deal
with these emerging threats effectively, financial
institutions need as a minimum to have:
a strategic approach to information security,
building best practice security controls into
systems and networks as they are developed
a proactive approach to information security,
involving active testing of system security
controls (e.g. penetration testing), rapid response
to new threats and vulnerabilities and regular
review of market place developments
sufficient staff with information security expertise
active use of system based security management
and monitoring tools
strong business information security controls
These are the issues line supervisors will be
raising with their banks as part of their on-going
supervision; or, for new applicants, will need to
be given adequate assurances about.
65
TYPES OF E-BANKING:
Following are the types of e-banking
Internet banking
Mobile banking
ATM
Telephone banking
Internet Banking:
Internet banking refers to the use of the Internet as a
remote delivery channel for banking services. Such services
include traditional ones, such as opening a deposit account
or transferring funds, among different accounts, and new
banking services, such as electronic bill payment, allowing
customers to receive and pay bills via a bank’s website.
Banks offer Internet banking in two main ways. An
established bank with physical offices can establish a
website and offer Internet banking to its customers in
addition to its traditional delivery channels. A second
alternative is to establish a “virtual,” “branchless,” or
66
“Internet-only” bank. The computer server that lies at the
heart of a virtual bank may be located in an office that
serves as the legal address of such a bank, or at some other
location. Virtual banks may offer their customers the ability
to make deposits and withdraw funds via ATMs or other
remote delivery channels owned by other institutions.
Features:
Internet banking has following features
1) Time and Space-
By eliminating the limitations of time and distance,
electronic financial transactions can make cross-border
transactions easier and thus make it possible to provide
services to customers on a global scale. In effect, online
finance may eventually lead to complete globalization of
financial services, making the national borders
irrelevant.
2) Electronic financial transactions-
Electronic financial transactions have helped create
new services such as the “virtual financial site” that
includes services crossing the traditional borders
between financial services as well as “aggregation” that
allows consumers to obtain consolidated information
about their financial accounts in one place.
67
Electronic bill presentment and payment - EBPP
Funds transfer between a customer's own
checking and savings accounts, or to another
customer's account
Investment purchase or sale
Loan applications and transactions, such as
repayments
3) Security-
Since electronic financial transactions, especially
those in online retail banking, are being conducted on
open networks centered on the Internet, many
challenges arise in terms of transaction security,
consumer protection and privacy. The existing
systems of financial regulation and supervision are
being amended to reflect the changes in technology.
Online banking user interfaces are secure sites and
traffic of all information - including the password - is
encrypted, making it next to impossible for a third party
to obtain or modify information after it is sent.
However, encryption alone does not rule out the
possibility of hackers gaining access to vulnerable home
PCs and intercepting the password as it is typed in
(keystroke logging). There is also the danger of
password cracking and physical theft of passwords
written down by careless users.
68
Many online banking services therefore impose a
second layer of security. Strategies vary, but a common
method is the use of transaction numbers, or TANs,
which are essentially single use passwords. Another
strategy is the use of two passwords, only random parts
of which are entered at the start of every online banking
session. This is however slightly less secure than the
TAN alternative and more inconvenient for the user. A
third option is providing customers with security token
devices capable of generating single use passwords
unique to the customer's token (this is called two-factor
authentication or 2FA). Another option is using digital
certificates, which digitally sign or authenticate the
transactions, by linking them to the physical device (e.g.
computer, mobile phone, etc). Other banks have
responded not with security tokens or digital
certificates, but by setting up a combination of controls
that recognize a customer's computer, ask additional
challenge questions for risky behavior, and monitor for
fraud lucent behavior
4) Electronic Fund Transfer-
Electronic funds transfer or EFT refers to the
computer-based systems used to perform financial
transactions electronically. The term is used for a number of
different concepts:
69
cardholder-initiated transactions, where a cardholder
makes use of a payment card
electronic payments by businesses, including salary
payments
electronic check (or cheque) clearing
5) Card Based EFT-
EFT may be initiated by a cardholder when a payment
card such as a credit card or debit card is used. This may
take place at an automated teller machine (ATM) or point of
sale (EFTPOS), or when the card is not present, which
covers cards used for mail order, telephone order and
internet purchases.
Transaction types
A number of transaction types may be performed,
including the following:
Sale: where the cardholder pays for goods or service.
Refund: where a merchant refunds an earlier payment
made by a cardholder.
Withdrawal: the cardholder withdraws funds from
their account, e.g. from an ATM. The term Cash
Advance may also be used, typically when the funds
are advanced by a merchant rather than at an ATM.
Deposit: where a cardholder deposits funds to their
own account (typically at an ATM).
70
Cashback: where a cardholder withdraws funds from
their own account at the same time as making a
purchase.
Inter-account transfer: transferring funds between
linked accounts belonging to the same cardholder
Payment: transferring funds to a third party account
Inquiry: a transaction without financial impact, for
instance balance inquiry, available funds inquiry,
linked accounts inquiry, or request for a statement of
recent transactions on the account.
Administrative: this covers a variety of non-financial
transactions including PIN change. The transaction
types offered depend on the terminal. An ATM would
offer different transactions from a POS terminal, for
instance
Online banking puts the power of banking into the
hands of the customer and allows the customers to self-
service themselves with all their banking needs, just as
customers have become used to getting money from an
ATM instead of going to the cash desk in the bank. With
this online service, customers can view their account
details, review their account history, transfer funds,
order checks, pay bills, re-order checks and get in touch
with the customer care department of the bank. In most
cases, there is no special software to install other than a
71
web browser and many banks do not charge for this
service
Mobile Banking:
Mobile banking is a term used for performing
balance checks, account transactions, payments etc. via a
mobile device such as a mobile phone. Mobile banking
today (2008) is most often performed via SMS or the Mobile
Internet but can also use special programs downloaded to
the mobile device.
Mobile Banking can be said to consist of three inter-related
concepts:
Mobile Accounting
Mobile Brokerage
Mobile Financial Information Services
Most services in the categories designated Accounting
and Brokerage are transaction-based. The non-transaction-
based services of an informational nature are however
essential for conducting transactions The accounting and
brokerage services are therefore offered invariably in
combination with information services. Information
services, on the other hand, may be offered as an
independent module.
72
Trends in mobile banking:
The advent of the Internet has revolutionized the
way the financial services industry conducts business,
empowering organizations with new business models and
new ways to offer 24x7 accessibility to their customers. The
ability to offer financial transactions online has also created
new players in the financial services industry, such as online
banks, online brokers and wealth managers who offer
personalized services, although such players still account
for a tiny percentage of the industry. Over the last few
years, the mobile and wireless market has been one of the
fastest growing markets in the world and it is still growing
at a rapid pace. According to the GSM Association and
Ovum, the number of mobile subscribers exceeded 2 billion
in September 2005, and now exceeds 2.5 billion (of which
more than 2 billion are GSM).According to a study by
financial consultancy Clement, 35% of online banking
households will be using mobile banking by 2010, up from
less than 1% today. Upwards of 70% of bank center call
volume is projected to come from mobile phones. Mobile
banking will eventually allow users to make payments at the
physical point of sale. "Mobile contact less payments” will
make up 10% of the contact less market by 2010.Many
believe that mobile users have just started to fully utilize
the data capabilities in their mobile phones. In Asian
countries like India, China, Indonesia and Philippines,
73
where mobile infrastructure is comparatively better than
the fixed-line infrastructure, and in European countries,
where mobile phone penetration is very high (at least 80%
of consumers use a mobile phone), mobile banking is likely
to appeal even more. This opens up huge markets for
financial institutions interested in offering value added
services. .Mobile devices, especially smart phones, are the
most promising way to reach the masses and to create
“stickiness” among current customers, due to their ability to
provide services anytime, anywhere, high rate of
penetration and potential to grow.
Features:
Mobile banking can offer services such as the following:
Account Information
Alerts on account activity or passing of set thresholds
1. Monitoring of term deposits
2. Access to loan statements
3. Access to card statements
4. Mutual funds / equity statements
5. Insurance policy management
6. Pension plan management
7. Status on cheque, stop payment on cheque
74
Payments & Transfers
1. Domestic and international fund transfers
2. Micro-payment handling
3. Mobile recharging
4. Commercial payment processing
5. Bill payment processing
6. Peer to Peer payments
Investments
1. Portfolio management services
2. Real-time stock quotes
3. Personalized alerts and notifications on security prices
Support
1. Status of requests for credit, including mortgage
approval, and insurance coverage
2. Check (cheque) book and card requests
3. Exchange of data messages and email, including
complaint submission and tracking
4. ATM Location
Content Services
1. General information such as weather updates, news
2. Loyalty-related offers
3. Location-based services
Based on a survey conducted by Forrester, mobile
banking will be attractive mainly to the younger, more
75
"tech-savvy" customer segment. A third of mobile phone
users say that they may consider performing some kind of
financial transaction through their mobile phone. But most
of the users are interested in performing basic transactions
such as querying for account balance and making bill
payment.
ATM:
An automated teller machine (ATM) is a
computerized telecommunications device that provides the
customers of a financial institution with access to financial
transactions in a public space without the need for a human
clerk or bank teller. On most modern ATMs, the customer is
identified by inserting a plastic ATM card with a magnetic
stripe or a plastic smartcard with a chip, that contains a
unique card number and some security information.
Security is provided by the customer entering a personal
identification number (PIN).
Mechanical cash dispenser was developed and built by
Luther George Simian and installed in 1939 in New York
City by the City Bank of New York, but removed after 6
months due to the lack of customer acceptance.
The ATM got smaller, faster and easier over the years.
Thereafter, the history of ATMs paused for over 25 years,
76
until De La Rue developed the first electronic ATM, which
was installed first in Enfield Town in North London on 27
June 1967 by Barclays Bank.. This instance of the invention
is credited to John Shepherd-Barron, although various other
engineers were awarded patents for related technologies at
the time. Shepherd-Barron was awarded an OBE in the
2005 New Year's Honors List. The first person to use the
machine was Rag Varney of "On the Buses" fame, a British
Television programmed from the 1960s. The first ATMs
accepted only a single-use token or voucher, which was
retained by the machine. These worked on various
principles including radiation and low-coercively magnetism
that was wiped by the card reader to make fraud more
difficult. The idea of a PIN stored on the card was developed
by the British engineer John Rose in 1965.
ATMs first came into wide UK use in 1973; the
IBM 2984 was designed at the request of Lloyds Bank. The
2984 CIT (Cash Issuing Terminal) was the first true Cash
point, similar in function to today's machines; Cash point is
still a registered trademark of Lloyds TSB in the U.K. All
were online and issued a variable amount which was
immediately deducted from the account. A small number of
2984s were supplied to a USA bank.
77
Using an ATM, customers can access their bank accounts in
order to make cash withdrawals (or credit card cash
advances) and check their account balances. ATMs are
known by various casual terms including automated
banking machine, money machine, cash machine, hole-in-
the-wall.
Telephone banking:
The Enhanced Telephone is a telephone developed by
Citibank in the late 1980s for customers to do banking and
other financial transactions from their home. The official
launch date was February 26-27, 1990.The first version of
the Enhanced Telephone, the 99A model, was beige and
featured a monochrome CRT screen. Because of its chunky
appearance, several developers dubbed it the "sawed-off ski
boot. The physical hardware was manufactured by
Transaction Technologies Incorporated (TTI).The second
version of the Enhanced Telephone, the P100 model, was
manufactured by Philips Electronics and featured an LCD
78
screen and sleeker styling. The font was developed by Bit
stream Inc. Software for the Enhanced Telephone was
written in a proprietary language called HAL (Home
Application Language).The Enhanced Telephone ultimately
failed to become a viable product because by the time it was
introduced, home banking via PCs was becoming more
common. As the World Wide Web became popular in the
early 1990s, the Enhanced Telephone was rendered
obsolete. The Philips P100 phone lived on and to this day
variations of it are used for other applications
Online lenders make loans to consumers via
computer websites, online. Online lenders generally provide
loan information, application forms, email or instant
message assistance right on their website. The online
applications are generally transmitted over an encrypted
web page for security. Ideally an online lender will provide
a telephone number prominently offering offline assistance
to consumers also
Telephone banking is a service provided by a
financial institution which allows its customers to perform
transactions over the telephone. Most telephone banking
uses an automated phone answering system with phone
keypad response or voice recognition capability. To
guarantee security, the customer must first authenticate
through a numeric or verbal password or through security
79
questions asked by a live representative (see below). With
the obvious exception of cash withdrawals and deposits, it
offers virtually all the features of an automated teller
machine: account balance information and list of latest
transactions, electronic bill payments, funds transfers
between a customer's accounts, etc. Usually, customers can
also speak to a live representative located in a call centre or
a branch, although this feature is not guaranteed to be
offered 24/7. In addition to the self-service transactions
listed earlier, telephone banking representatives are usually
trained to do what was traditionally available only at the
branch: loan applications, investment purchases and
redemptions, cheque book orders, debit card replacements,
change of address, etc. Banks which operate mostly or
exclusively by telephone are known as phone bank.
MARKETING FOR E-BANKING
80
E-banking is poised to become the big killer e-banking
application arena. However, Banks going e-banking the first
time need to tread the path cautiously. The biggest decision
that Banks need to make is the channel that they will
support their services on.
E-banking through an SMS based service would
require the lowest amount of effort, in terms of cost and
time, but will not be able to support the full breath of
transaction-based services. However, in markets like India
where a bulk of the e-banking population users' phones can
only support SMS based services, this might be the only
option left.
On the other hand a market heavily segmented by the
type and complexity of e-banking usage might be good place
to roll of WAP based e-banking applications. A WAP based
service can let go of the need to customize usability to the
profile of each e-banking, the trade-off being that it cannot
take advantage of the full breadth of features that a e-
banking might offer.
E-banking application standalone clients bring along
the burden of supporting multiple e-banking device profiles.
According to the Gartner Group, a leading wireless
computing consulting organization, e-banking services will
81
have to support a minimum of 50 different device profiles in
the near future. However, currently the best user
experience, depending on the capabilities of a e-banking, is
possible only by using a Standalone client.
E-banking has the potential to do to the e-banking
what E-mail did to the Internet. E-banking Application
based banking is poised to be a big m-commerce feature,
and if South Korea's foray into mass e-banking is any
indication, e-banking could well be the driving factor to
increase sales of high-end e-banking. Nevertheless, Bank's
need to take a hard and deep look into the e-banking usage
patterns among their target customers and enable their e-
banking services on a technology with reaches out to the
majority of their customers.
82
DIFFERENCE BETWEEN
TRADITIONAL AND E BANKING:
Internet banking works much like traditional
banking. The primary difference is you are accessing your
account and information, making payments and reconciling
statements using your computer rather than paper or the
phone to complete transactions. Instead of going down to
your local branch office when you bank online you can
accomplish multiple tasks at once with the click of a button.
Online banking is rapidly becoming more and more popular
as consumers recognize the advantages online banking has
to offer. For one most banks charge fewer fees if you take
advantage of their online banking services. You can also
stop receiving paper statements if you like in many cases
and conduct 95% of your business over the Web when you
take advantage of Internet banking
The E-banking-Service will only be available for e-
banking and data connections which meet the required
specifications and configurations as may be specified by the
Bank from time to time and you agree to procure and
83
maintain a e-banking and data connection which meet these
requirements at your own expense.
User Guidance on the operation of the E-banking-Service
will be made available to you. You must follow all relevant
User Guidance whenever you access or operate the E-
banking-Service. The Bank may inform you from time to
time about changes to the way you should access or operate
the E-banking-Service. You must observe all such changes
when accessing or operating the E-banking-Service.
The E-banking Services are intended to be available 7
days a week, 24 hours a day but there is no warranty that
the same will be available at all times. You further agree
that the Bank shall be entitled at any time, at the Bank's
sole discretion and without prior notice, to temporarily
suspend the operation of the E-banking-Service for
updating, maintenance and upgrading purposes, or any
other purpose whatsoever that the Bank deems fit, and in
such event, the Bank shall not be liable for any loss, liability
or damage which may be incurred as a result.
84
TRENDS IN E-BANKING
The advent of the Internet has revolutionized the way
the financial services industry conducts business,
empowering organizations with new business models and
new ways to offer 24x7 accessibility to their customers.
The ability to offer financial transactions online has
also created new players in the financial services industry,
such as online banks, online brokers and wealth managers
who offer personalized services, although such players still
account for a tiny percentage of the industry.
Over the last few years, the e-banking and wireless
market has been one of the fastest growing markets in the
world and it is still growing at a rapid pace. According to
the GSM Association and Ovum, the number of e-banking
subscribers exceeded 2 billion in September 2005, and now
exceeds 2.5 billion (of which more than 2 billion are GSM).
85
According to a study by financial consultancy Clement,
35% of online banking households will be using e-banking
by 2010, up from less than 1% today. Upwards of 70% of
bank center call volume is projected to come from e-
banking. E-banking will eventually allow users to make
payments at the physical point of sale. "E-banking contact
less payments” will make up 10% of the contact less market
by 2010.[2]
Many believe that e-banking users have just started to
fully utilize the data capabilities in their e-banking. In Asian
countries like India, China, Bangladesh, Indonesia and
Philippines, where e-banking infrastructure is comparatively
better than the fixed-line infrastructure, and in European
countries, where e-banking penetration is very high (at least
80% of consumers use a e-banking), e-banking is likely to
appeal even more.
This opens up huge markets for financial institutions
interested in offering value added services. With e-banking
technology, banks can offer a wide range of services to their
customers such as doing funds transfer while traveling,
receiving online updates of stock price or even performing
stock trading while being stuck in traffic. According to the
German e-banking operator Mobilcom, e-banking will be the
"killer application" for the next generation of e-banking
technology.
86
E-banking devices, especially smart phones, are the
most promising way to reach the masses and to create
“stickiness” among current customers, due to their ability to
provide services anytime, anywhere, high rate of
penetration and potential to grow. According to Gartner,
shipment of smart phones is growing fast, and should top 20
million units (of over 800 million sold) in 2006 alone.
In the last 4 years, banks across the globe have
invested billions of dollars to build sophisticated internet
banking capabilities. As the trend is shifting to e-banking,
there is a challenge for CIOs and CTOs of these banks to
decide on how to leverage their investment in internet
banking and offer e-banking, in the shortest possible time.
The proliferation of the 3G (third generation of
wireless) and widespread implementation expected for
2003–2007 will generate the development of more
sophisticated services such as multimedia and links to m-
commerce services.
Internet banking is gaining ground. Banks increasingly
operate websites through which customers are able not only
to inquire about account balances and interest and
exchange rates but also to conduct a range of transactions.
Unfortunately, data on Internet banking are scarce, and
differences in definitions make cross-country comparisons
difficult. Even so, one finds that Internet banking is
87
particularly widespread in Austria, Korea, the Scandinavian
countries, Singapore, Spain, and Switzerland, where more
than 75 percent of all banks offer such services (see chart).
The Scandinavian countries have the largest number of
Internet users, with up to one-third of bank customers in
Finland and Sweden taking advantage of e-banking.
In the United States, Internet banking is still
concentrated in the largest banks. In mid-2001, 44 percent
of national banks maintained transactional websites, almost
double the number in the third quarter of 1999. These
banks account for over 90 percent of national banking
system assets. The larger banks tend to offer a wider array
of electronic banking services, including loan applications
and brokerage services. While most U.S. consumers have
accounts with banks that offer Internet services, only about
6 percent of them use these services.
To date, most banks have combined the new electronic
delivery channels with traditional brick and mortar
branches ("brick and click" banks), but a small number have
emerged that offer their products and services
predominantly, or only, through electronic distribution
channels. These "virtual" or Internet-only banks do not have
a branch network but might have a physical presence, for
example, an administrative office or nonbranch facilities like
kiosks or automatic teller machines. The United States has
88
about 30 virtual banks; Asia has 2, launched in 2000 and
2001; and the European Union has several-either as
separately licensed entities or as subsidiaries or branches of
brick and mortar banks
E-BANKING, BENEFIT FOR RURAL
INDIA
Thousands of people from rural areas across 12 states
are likely to get their social security pension and wages paid
89
under the National Rural Employment Guarantee Act
(NREGA) scheme with the help of mobiles over the coming
few months.
In Andhra Pradesh alone, for instance, 250,000 people
have registered for e-banking services. The state
government is rolling out a programmed to enroll three
million people by the end of 2008.
E-banking pilots and full-scale operations are being
conducted across 12 states, and the entire ecosystem is
being managed by the government with the help of the
Reserve Bank of India, banks, leading telecom operators
and technology implementation partners.
The ecosystem is important since banking regulations
in India currently do not allow cash for exchange of another
'unit' such as 'airtime' in the case of mobiles. Only banks
and the Indian Post (through money orders) are currently
allowed such transfers.
E-banking, which is catching up fast in the cities and
hinterland, is not only helping the government to take a
step forward towards fulfilling its aim of having one bank
account for every household, but also saving it crores of
rupees by way of reduced transaction costs.
90
While the government incurs a transaction cost of Rs
12-13 for every Rs 100 it shells out, e-banking helps it
reduce the cost to a mere Rs 2. RBI estimates that around
40 per cent of Indians lack access to formal financial
services and is largely 'unbanked'.
For instance, the AP government has tied up with
banks like the State Bank of [Get Quote] India [Get Quote],
Union Bank of India [Get Quote], Axis Bank, Andhra Bank
[Get Quote], State Bank of Hyderabad, Andhra Pradesh
Garmin Vikas Bank, and Punjab National Bank [Get Quote].
A Little World (ALW), a technology implementation
partner, has collaborated with NXP Semiconductors to
design a e-banking for the AP government that encloses an
RFID card, and works with ALW's micro-banking platform
ZERO.
The e-banking acts as a branch of the bank by storing a
database of customers. It also has a smartcard, which
biometrically stores the identity of the customer such as
name, address, photograph, fingerprint templates and
relevant details of the savings or loan accounts held by the
issuing bank.
91
Customers get a secure electronic identity via phone or
smartcard, while agents take deposits and dispense cash.
ALW works with the banks on a revenue-sharing basis.
Anurag Gupta, founder director & CEO of ALW, says:
"We have carried out pilot projects with SBI in villages
located in some of the most inaccessible and difficult
terrains of the country such as Pithoragarh in Uttarakhand,
Mizoram, Meghalaya, and remote villages in Andhra
Pradesh."
Lokanath Panda, director, ALW, also pointed out that
SBI had tied up with the Indian Post to extend banking
services especially in unbanked/under-banked areas. "Select
post offices will make available to the public SBI's deposit
and loan products, and ALW is the technology partner."
ALW is also conducting a pilot programme with SKS
Microfinance and the Bank of India to provide a e-banking
service that works on BSNL SIM cards.
New Delhi-based Ekgaon Technologies too has
developed a system for tracking transactions made by self-
help groups. It has partnered with the likes of CARE, World
Vision and the World Bank to conduct a pilot, which it plans
to extend to 14 Indian states.
92
Bharti Airtel [Get Quote], too, is in the process of tying
up with two leading banks to extend its e-
bankingremittance services to rural areas, according to its
president (E-bankingServices), Sanjay Kapoor.
Airtel has already partnered with the Indian Farmers'
Fertilizers Cooperative Limited (IFFCO) to set up IFFCO
Kisan Sanchar Limited in Rajasthan.
Under this initiative, the cooperative department will
provide e-bankinghandsets to farmers at marginal price
through its outlets in the rural areas. These handsets would
be loaded with green SIM cards, which will flash daily
updates on agricultural practices and weather forecast free
of cost.
While he did not provide details, Kapoor hinted that
the partnership deal would be extended to e-banking
services too. Kapoor reasons that with 55 per cent of the
mobiles being internet-enabled, e-banking would help
bridge the digital divide.
Reliance Communications [Get Quote], on its part,
allows ICICI Bank [Get Quote] account holders with
Reliance handsets (even the low-end Rs 1,000 ones - with or
93
without Internet connectivity) to make intra-bank (to ICICI
account holders) money transfers. It has already tied up
with HDFC [Get Quote] to offer Reliance mPay - a virtual
credit card.
E-BANKING SUGGESTION
Micro payments
In the more affluent economies, a good infrastructure
for a cashless environment is already prevalent and most
people have bank accounts and access to both debit and
credit facilities. These factors are incentives in the
developing countries to move the population at large
away from cash with introductions of low cost solutions
such as micro-payments to further efficiency gains.
SMART Money
The service was launched in December 2000 in co-
operation with First E-Bank, which has since been
acquired by Banco de Oro, and MasterCard, one of the
world’s leading payment services providers. According to
SMART, SMART Money was the world’s first re-loadable
electronic cash wallet, linked together by their cellular
94
network. Once cash has been transferred to the SMART
Money account, it can be used in thousands of shops and
restaurants. The cash value can also be used to load
airtime, pay utility bills, or transfer money from one
SMART Money card to another.
G-Cash
The service was launched in October 2004, with an
initial set of three anchors services; international and
domestic remittance, P2P (phone-to-phone or person-
toperson) transfers and payments for retail purchases.
With G-Cash, all of Globe’s subscribers are m-Commerce-
enabled. As users do not need to have a card or bank
account to be part of the service, G-Cash is able to
provide M-Commerce capability to a previously
underserved segment of the market, including those who
currently do not do banking. Unlike Smarts approach
whereby it operates the service jointly with BDO, GLOBE
on its own maintains records of all transactions and
arranges settlement between the retailers and the G-
Cash customers. G-Cash provides services through close
95
to 4,900 retail outlets nationwide and more than 500 G-
Cash partners.
E-banking Remittance
Migrant remittances, which are personal flows from
migrants to their friends and families, have become a
major source of external development finance, and in the
process, play an effective role in reducing poverty.
Capitalizing on the benefits of such a system, remittance
services can become cheaper and more convenient, thus
improving financial access of migrants, their beneficiaries
and the financial intermediaries in the origin countries.
Microfinance through E-banking Technology
Currently, a major constraint to microfinance is the
high cost of operating in remote areas. Many institutions
are now working toward low-cost delivery options such as
Internet banking and cashless transactions to help the
rural poor. The e-bankingdevices that could be a more
efficient tool for such transactions. For people in such
rural areas, using computers is often a problem due to
faulty Internet connections and frequent power failures.
Hence, providing micro credits through a e-
96
bankingplatform (SMS-based) could be the best way to
reach out to the poor.
RBI GUIDELINES FOR E-BANKING
The Reserve Bank of India on Friday released its final
operative guidelines for e-banking. The central bank has
decided to keep the limit on the ticket-size for e-banking
at Rs 2,500 per transaction, and Rs 5,000 per day. Banks
have also been allowed to put in place a monthly
97
transaction limit, depending on the bank’s risk perception
of the customer. While the guidelines will enable lenders
such as State Bank of India and Axis Bank to go ahead
with their launch of mobile-banking services, the central
bank has decided to restrict the services only to holders
of debit and credit cards. The card user base in the
country is 80 million, with 55 million debit card users and
25 million credit card users. Only Indian rupee-based
domestic services shall be provided on the mobile-
payment platform, and the use of mobile-banking for
cross-border transactions have been strictly prohibited.
Banks which are based, licensed and supervised in India
will be allowed to offer such services. Further, only banks
which have implemented the core banking platform will
be allowed to offer e-banking. At the same time, the RBI
has recommended that all e-banking transactions are
validated through a two-factor authentication system,
thereby complying with the latest security and encryption
standards.
PROGRESS OF E-BANKING
98
If technological revolution is at its peak, One of the
important sectors of the economy where technology is at
it helm of affairs with respect to customer service is
banking. Over the years has banking rise above from a
traditional brick-and mortar model of customers queuing
for services in the banks to modern day banking where
banks can reach at any point for their services.
In today’s business, technology has been on the
predominant indicators of growth and competitiveness.
Entry of new banks resulted in a paradigm shift in the
ways of banking. The banking industry today is in the
midst of an IT revolution. The combination of regulatory
and competitive reasons have led to increasing
importance of total banking automation in the banking
Industry. . Information Technology has basically been
used under two different avenues in banking.
One is Communication and Connectivity and other is
Business Process Reengineering, both basically focusing
on increasing its customer reach. Information technology
enables sophisticated product development, better
99
market infrastructure, implementation of reliable
techniques for control of risks and helps the financial
intermediaries to reach geographically distant and
diversified markets The latest revolution seems to happen
with respect to e-banking an attempt to leverage on the
synergies of e-banking technology in telecom and
information technology in the banking services.
Today, Banks have welcomed wireless and e-banking
technology into their boardroom to offer their customers
the freedom of paying bills, planning payments while
stuck in traffic jams, to receive updates on the various
marketing efforts while present at a party to provide
more personal and intimate relationships. E-banking can
be classified as Push vs. Pull and Transaction vs. Enquiry
that is briefly given below Push Based, Pull Based o
Transaction some of the other features where e-banking
has lent its hand are Fund Transfer & Bill Payment where
the customers have the freedom of maintaining account
through mobile. E-banking has also welcomed other
financial services like share trading.
The latest Information technology revolution enables
sophisticated Enquiry Based banking services for
Credit/Debit Alerts. Some of the other outcomes of the
Revolution in the banking industry are Minimum Balance
100
Alerts, Account Balance Enquiry, Account Statement
Enquiry, Cheque Status Enquiry, Cheque Book Requests
and Bill Payment Alerts. The last time that technology
had a major impact in helping banks service their
customers was with the introduction of the Internet
banking.
However the biggest limitation of Internet banking is the
requirement of a PC with an Internet connection, not a
big obstacle if we look at the US and the European
countries, but definitely a big barrier if we consider most
of the developing countries of Asia like China and India.
E-banking addresses this fundamental limitation of
Internet banking, as it reduces the customer
Requirement to just a e-banking. E-banking usage has
seen an explosive growth in most of the Asian economies
like India, China and Korea. The main reason that E-
banking scores over Internet banking is that it enables
‘Anywhere Banking'.
Customers now don't need access to a computer
terminal to access their banks, they can now do so on the
go – when they are waiting for their bus to work, when
they are traveling or when they are waiting for their
orders to come through in a restaurant. The scale at
which E-banking has the potential to grow can be gauged
by looking at the pace users are getting e-banking in
101
these big Asian economies. Revolution of E-banking
phones in banking service. According to the Cellular
Operators’ Association of India (COAI) the e-banking
subscriber base in India crossed the 50 million mark in
October 2005, which stood at 50.87 million. The
explosion as most analysts say, the worldwide number of
cellular subscribers will surpass 2 billion in 2005—up
from 11M in 1990 and 750M in 2000. Worldwide cellular
subscribers are forecasted to reach 3.2B by the end of
2010.Among the leaders in e-banking technologies, most
aggressive being Korea which is now witnessing the roll-
out of some of the most advanced services using 3G
technologies, like using e-banking phones to pay bills in
shops and restaurants. The growth of e-banking
technology over the last few years has enriched the
progress of the e-banking services. Technologies like IVR,
SMS, WAP, J2ME, and J2EE & BREW have revolutionized
the use the e-banking phones in banking services. Though
all the above predictions on cellular base, the Use of e-
banking technology with respect to banking services is at
a very infant stage.
There are a lot of challenges and issues relating to
content, security, coverage, technology and connectivity
speed are to be sorted out with respect to e-banking
technologies. Objectives of the Report:1. To study the
102
technological readiness in relation to the challenges
faced by the players particularly the banks with respect
to e-banking in order to enhance global competitiveness
by embracing technology and banking services.2. To
study and awareness, expectation and acceptance levels
of the Customers with respect to its use and effectiveness
of e-banking
E-BANKING STATUS IN INDIA
Today there are a lot of financial institutions providing
various financial services: banks, internet banks, payment
systems and so on. But competition always existed and
today it is more than just existing: it's fierce as never
before. In view of this fact, new and new services are
appearing. Some of them are good, while other ones are
not. But there is one service that hit the bull's eye: e-
banking. So today this industry is developing in a fly
pace.
103
In India e-banking also found its admirers and develops
greatly. Two important yet quite unrelated events in the
evolution of e-banking payments in India occurred in
2008.
First, the new credit policy of the RBI came along with
guidelines for facilitating e-banking payments. Second,
Dr Raghu Raghuraman's CSFR report states that ''E-
banking is the most promising front end technology'' for
broadening the access of finance in the country.
These two taken together are defining moments in the
(a) recognition of e-banking now as an accepted channel
for banking & commerce, and (b) clearing the way for its
rapid and mass deployment across the country by the
Financial sector.
Technology related regulations can never keep up with
the fast pace nature of tech innovations and progress, nor
fully define it. Regulation here has to have a light touch,
so as not to throttle innovation, yet which serves public
interest.
The use of e-banking for financial and non financial
transactions has had a chequered past. Several initiatives
over the last ten years (overseas) have come and gone,
104
and as we speak several more initiatives into the future
related to NFC, contact less are emerging. The difference
between now and then is that mobiles have come along
way. They find themselves in the hands of a third of
humanity, and have pipped the internet in penetration!
Several initiatives in Sub Saharan Africa, Eastern Europe
and Far East have been popular and working well for the
last few years. So its time has come, and the RBI
guidelines are the recognition of homegrown initiatives
over the last year or so which have pioneered the new
paradigm.
E-banking payments are a wireless consumer product
or service. In short a benefit - convenience, as is, search,
escalators, ATM's, etc. Methods and approaches for e-
banking commerce will differ across region, country and
even service providers. As each stakeholder has its own
assessment of what works best and what value
proposition appeals to the consumer.
The key takeaways from the guidelines are that
appropriate levels of security and safeguards need to be
adopted. Those already have been done by all banks
which do deploy these services. So, whether it be a SMS,
USSD, GPRS, Smart phone, WAP - all such delivery
mediums are acceptable.
105
Basic principles of PIN management, customer
confidentiality, KYC, ALM, customer registration, risk
mitigation, consumer protection, etc are applicable. Just
as they would apply to credit cards, ATM cards, ATM's,
collection boxes, internet banking, internet e commerce,
telephone banking, cheque books, bank web site, etc.
Which is not to say that there is a fool proof system for
any of these, but they are as 'safe' as long they generate
enough 'trust' and convenience to offset perception (and
actual) of risk so as to be pervasive in the financial
system. After all a wallet with cash is only as safe as you
keep it. Neither cash nor wallet can be pilfer (tamper)
proof!
Indian banks and payment service providers have been
by and large dovetailing their e-banking payment
initiatives under the umbrella of e-banking even before
the guidelines were out. The banking system has already
been in conformity with these suggested guidelines,
which now have the sanction of the Reserve Bank.
Banks' own operating experience and other payments a
system prevalent have provided the necessary grist for
the RBI mill, and as time goes on hopefully these will
evolve and become far more enabling for stakeholders,
106
rather than favor one approach or another or cripple
themselves in strangulated regulations.
On the financial inclusion side if we go strictly by Dr
Raghuraman's recommendations of creating a 'national
electronic financial inclusion system' (NEFIS) then the
backbone of such a system would be its is ability to carry
out small value transactions (Rs100) at limited
transaction cost (sub Re1). And the only way that can be
done on a mass acceptable basis is via SMS, which is the
single most pervasive feature in e-banking technology
revolution, cutting across all SEC's, geographies, handset
vendors, MNO;s etc.
.
107
CORPORATE EXAMPLE OF E-
BANKING IN INDIA
Barclay Bank launched Hello Money
Barclays Bank recently launched ‘Hello Money’, a e-
banking service that enables one to do an entire range
of things — enquiry, funds transfer, bill payments and
requests for financial statements. Until this product arrived,
the best ‘e-banking’ one could do was to check bank balance
or phone-in instructions to the banker. But with Hello
Money, a customer of Barclays can, for example, pay his
electricity bills via the e-banking. Click a few keys and the
account is debited, the bill is paid — all without any human
interface. Over time, Barclays intends to enlarge the scope
of this service to include payments to a whole lot of other
things, such as for purchase of an air ticket.
ANZ Bank has launched a new e-banking
108
ANZ Bank has launched a new Java- based e-banking
application to give ANZ customers the opportunity to
perform a selection of banking transactions from their e-
banking.
Registered ANZ customers will be able to make
payments and transfer money from their accounts using M-
Banking and request statements as SMS messages. To
ensure the security of its customers' accounts, ANZ have
implemented SSL (Secure Sockets Layer) encryption similar
to regular Internet banking, and transactions from an
account can only be performed on a single pre- registered e-
banking handset and only after password authentication.
109
CASE STUDIES
LG Telecom, South Korea
In terms of the evolution of services being offered on e-
banking applications, South Korea is showing the way.
The big push came when LG Telecom Ltd., the smallest of
Korea's three e-banking service providers teamed up with
the Kookmin bank to launch the ‘Bank on' service. Under
this scheme e-banking users were able to use smart chips
embedded in cell phones for accessing all of the transaction
and enquiry based services. The chip-based service
automated the authentication of users when they accessed
their bank's financial services to make the whole process
much faster and convenient. The icing on the cake came
110
with the ability of these chip enabled cell phones to be used
simultaneously as cash cards. By October 2004 there were
already about 100,000 infrared readers adapted to take
payment directly from e-banking handsets in Korea.
Users can now use their cell phones to pay for
everything, from restaurant bills, travel tickets,
merchandise and even haircuts.
Reliance Infocomm, India
When Reliance Infocomm, India rolled out its CDMA
network, (at the time the e-banking market in India was still
in its infancy, and data services were almost never heard
off) it made sure that all handsets supported Java. The
Reliance application platform, also known as R-World
brought Java compatibility even to the lower end phones.
Reliance used a novel way to overcome the memory
limitations of lower-end e-banking which hampered
deploying of multiple standalone J2ME based clients.
Instead of storing applications statically on their cell
phones, users access a single menu based application called
R-World, which connects them to the Reliance servers.
Using the menu based user interface, e-banking users select
111
the application, which they want to run and download them
over-the-air to their cell phones. These applications are then
executed locally on the mobiles.
From mid-2004 Reliance tied up with two of the
popular private sector banks, HDFC and ICICI, to provide a
host of their enquiry and transaction based e-banking
services through its R-World environment.
CONCLUSION
For service providers, E-banking offers the next surest
way to achieve growth. Countries like Korea where e-
banking penetration is nearing saturation, e-banking is
helping service providers increase revenues from the now
static subscriber base. Also service providers are
increasingly using the complexity of their supported e-
banking services to attract new customers and retain old
112
ones. For the fact is that one day, in most of the world
emerging markets, more people will use e-banking
telephones than use fixed telephone lines. Businesses that
are based on e-banking financial serviced will thus be a
natural fit for these economies. What is more, there is no
need to wait for the next generation e-banking networks;
these businesses can be built using today's technology. But
to capture this significant opportunity, financial firms and
telecommunications companies will have to forge
partnerships with one another and, possibly, with
merchants and retail chains as well.
While electronic banking can provide a number of
benefits for customers and new business opportunities for
banks, it exacerbates traditional banking risks. Even though
considerable work has been done in some countries in
adapting banking and supervision regulations, continuous
vigilance and revisions will be essential as the scope of e-
banking increases. In particular, there is still a need to
establish greater harmonization and coordination at the
international level. Moreover, the ease with which capital
can potentially be moved between banks and across borders
in an electronic environment creates a greater sensitivity to
economic policy management. To understand the impact of
e-banking on the conduct of economic policy, policymakers
need a solid analytical foundation. Without one, the markets
113
will provide the answer, possibly at a high economic cost.
Further research on policy-related issues in the period
ahead is therefore critical.
In conclusion e-banking creates issues for banks and
regulators alike. For their part, banks should: Have a clear
and widely disseminated strategy that is driven from the top
and takes into account the effects of e-banking, together
with an effective process for measuring performance
against it. Take into account the effect that e-provision will
have upon their business risk exposures and manage these
accordingly. Undertake market research, adopt systems
with adequate capacity and scalability, undertake
proportional advertising campaigns and ensure that they
have adequate staff coverage and a suitable business
continuity plan. Ensure they have adequate management
information in a clear and comprehensible format. Take a
strategic and proactive approach to information security,
maintaining adequate staff expertise, building in best
practice controls and testing and updating these as the
market develops. Make active use of system based security
management and monitoring tools. Ensure that crisis
management processes are able to cope with Internet
related incidents. One of the benefits that banks experience
when using e-banking is increased customer satisfaction.
114
This due to that customers may access their accounts
whenever, from anywhere, and they get involved more, this
creating relationships with banks. Banks should provide
their customers with convenience, meaning offering service
through several distribution channels (ATM, Internet,
physical branches) and have more functions available
online. Other benefits are expanded product offerings and
extended geographic reach. This means that banks can offer
a wider range and newer services online to even more
customers than possible before. The benefit which is driving
most of the banks toward e-banking is the reduction of
overall costs. With e-banking banks can reduce their overall
costs in two ways: cost of processing transactions is
minimized and the numbers of branches that are required to
service an equivalent number of customers are reduced.
With all these benefits banks can obtain success on the
financial market. But e-banking is a difficult business and
banks face a lot of challenges. And so in conclusion e-
banking creates issues for banks and regulators alike. For
our part we will continue our work, both national and
international, to identify and remove any unnecessary
barriers to e-banking. For their part, banks should: Have a
clear and widely disseminated strategy that is driven from
the top and takes into account the effects of e-banking,
together with an effective process for measuring
performance against it. Take into account the effect that e-
115
provision will have upon their business risk exposures and
manage these accordingly. Undertake market research,
adopt systems with adequate capacity and scalability,
undertake proportional advertising campaigns and ensure
that they have adequate staff coverage and a suitable
business continuity plan. Ensure they have adequate
management information in a clear and comprehensible
format. Take a strategic and proactive approach to
information security, maintaining adequate staff expertise,
building in best practice controls and testing and updating
these as the market develops. Make active use of system
based security management and monitoring tools. Ensure
that crisis management processes are able to cope with
Internet related incidents. I started my talk today by noting
potential benefits as well as the risks in e-banking. I end in
the same way. Certainly there are risks. But there are also
opportunities, and significant potential benefits for
consumers, banks and regulators. We see no problems in
principle with mitigating and managing the risks both for
new entrants and existing players. As regulators we need to
ensure that our approaches are adequate to deal with the
risks without getting in the way of the innovations and
benefits that E-banking brings to firms and consumers. We
are very mindful of this as we develop our rules and
guidance but will be looking also to you in the industry to
help us to achieve the right balance
116
BIBLIOGRAPHY
http:/www.bis.org/pub/bcbs76.htm
http:/www.allbusiness.com/technology/technology-
service/278931-1.html
E-banking in India – challenges and opportunities by
Uppal, R.K and Jantana, Rimpi
Business objects learning solution to power e-
business intelligence, editura business object 2001
117