RISK MANAGEMENT IN ELECTRONIC BANKING: Concepts and Best Practices

The book is about risk management in an electronic banking environment written by a professional with more than thirty years experience in banking and IT sectors. He has seen the transformation of banking from the manual processes of 1975 to the electronic global banking of 2006 from close quarters. Much of his professional experience and practical approach has gone into the writing of the book. Banks traditionally built on the branch banking model now have to provide a variety of delivery channels from ATMs and Internet Services to Mobile Banking. The competition in the banking sector is determining the success of a bank by its ability to deliver innovative products and services in a technologically advanced way that meets the changing needs of the customer. The fundamental characteristics of traditional banking have been changed by the introduction of electronic banking in many ways, which include: " Unprecedented speed of change related to technological and customer service innovation; " The ubiquitous and global nature of open electronic networks; " Integration of e-banking applications with legacy computer systems; " Increasing dependence of banks on third parties that provide the necessary information technology. However this has carried risks as well as benefits. Some of the traditional risks associated with banking activities like strategic, operational, legal and reputational risks have increased and influenced the overall risk profile of banking. There is an international convergence of initiatives to adopt uniform and sound risk management practices globally mainly led by the Basel Committee of Banking Supervision. The Basel committee and other international bodies connected with the financial sector have issued guidelines on risk management in an electronic banking environment including areas such as outsourcing, business continuity and information security. These recommendations are being adopted by more than a hundred countries across the world. These high level principles are generally recommendations only and one not put forth as absolute requirements or even best practice. It has been left to the individual banks to adopt a risk management framework depending on their individual risk profile. Many banks are facing a serious information gap as to how to adopt these principles in practice. This book, based on international standards, is an attempt to fill the gap by providing a one stop reference to all aspects of risk management in an electronic banking environment. With Basel II Capital Adequacy norms due for implementation across the world (different countries have set different deadlines starting from this year), there is a worldwide convergence of activity and increasing interest especially in operational risk management. As electronic banking forms a major component of operational risk, in the absence any relevant books in the area, this book is presented at the most appropriate time. The evolution of electronic banking, associated risks and the management of these risks are covered in the two introductory chapters of the book. A detailed discussion of best practices in respect of the supporting pillars like board and management oversight, managing outsourcing relationships, management of operational risk, security controls and business continuity management follows in the next five chapters. The last chapter deals with the legal and regulatory compliance requirements applicable for an electronic banking environment. The book, a pioneering work, is written with banking professionals in mind. The technical jargon has been kept to the bare minimum. The presentation of the topics has been made brief and to the point without compromising on the coverage, keeping in mind the demands on the time of today's banking professionals. The high level review checklist provided in

Jayaram Kondabagil is a management consultant based in Bangalore, India, with more than three decades of professional experience. His specialization includes risk management, information assurance, security management, business continuity planning and banking technology.
He has held positions in two major Indian banks for over 20 years in various capacities. He had a varied exposure during this tenure including retail and corporate banking, managing the development of banking applications, facilitating and conducting training and seminars, software quality assurance and system audit.
He then moved over to a company which provides technology and consultancy services to the banking sector, where he was vice-president for five years. He started his independent consultancy practice in 2002.