Every year, the public sector banks (PSBs) celebrate Vigilance Awareness Week between 26th October and 1st November. Oaths of integrity and honesty are administered to the staff at the corporate offices by a high dignitary of each PSB in the presence of some local high-ranking police officials and homilies about upholding uprightness in professional life are sent down from the pulpits. After the celebration, PSBs send reports to the Central Vigilance Commission (CVC). This year the ritual will be performed with greater publicity because CVC has recently put up a report of 100 top frauds in the banking industry. And in the next 51 weeks it will be business as usual!
CVC’s report is quite informative and gives us a ringside view of the modus operandi of frauds in certain sectors listed in the said report. At the end of its report, the CVC also lists out the lessons. Those lessons are worth imbibing by the bankers. The question is, will they?
To find the answer to this question, we need to refer to three important sources, which are in the public domain. They hold a mirror to the wide gulf between what is said and what is practiced in PSBs.
The annual reports of PSBs
PSBs’ annual reports (ARs) provide considerable information on the measures they have been taking in making the internal vigilance machinery effective. A study of a sample of ARs of six PSBs (Corporation Bank, Syndicate Bank, Indian Overseas Bank, UCO Bank, Dena Bank and IDBI Bank Ltd) reveals a standardised approach to the issue. All of them claim that vigilance machinery follows a twin strategy in addressing it. One aims at prevention and the other on detection, investigation and imposition of penalty on those found guilty.
Corporation Bank in its AR 2014 said this: ‘The vigilance machinery plays the role of a watchdog so as to ensure that the laid down systems and procedures are not tampered with for any personal gain or benefit (emphasis added) (Pp. 62-63).
UCO Bank claimed this: ‘Surprise inspection of 396 branches to ensure the staff working in these branches are vigilant in following the Bank’s guidelines in their daily routine’ (AR, 2016, P43).
It further claimed in the same report: ‘A number of preventive vigilance programmes were conducted at different centres to increase the awareness of staff on various aspects of misconduct and pitfalls associated with non-adherence to rules and regulations of the Bank.’
Similar preventive vigilance inspections were conducted by Syndicate Bank in 196 branches during 2015-16 (pp. 74-75 of AR, 2016).
IDBI Bank’s claim is equally interesting (AR, 2016, P.46): ‘Full-fledged vigilance department… (carries) out investigation into vigilance related complaints and suggests corrective measures for reducing deficiencies in the control systems and laid down procedures.’ (Quite interestingly, what is published in one AR is faithfully reproduced in the next report!)
As part of the activities, many banks bring out internal newsletters, issue circulars and conduct debates, essay writing competitions and workshops for the staff (and the student communities as well). All are praiseworthy measures.
The risk management architecture in banks
The second reference point is the system of risk management in banks. A major theme of the reforms during the last 25 years has been to build an effective risk management architecture in banks in conformity with the Basel norms. In fact, internal and external frauds were among the seven operational risks listed by the Basel Committee. The Reserve Bank of India (RBI) had set up in 1994, the Board for Financial Supervision (BFS) to evolve, guide and monitor risk based supervision in banks. The banks were in turn mandated to strengthen their risk management techniques and to enhance the skillsi.
The reality is already documented
Let me juxtapose the mandate given and monitored by the regulator and the claims made by the banks with the observations made by high-ranking officials of the RBI in the recent years.
In 2013, Dr KC Chakraborty, as deputy governor of RBI had this to say about the state of affairs on vigilance mechanism in PSBs. “Our observation is that preventive vigilance does not get the desired focus while surveillance and detective vigilance function is almost non- existent. The punitive vigilance aspect is also not implemented with the required objectivity and alacrity”.
He corroborated his statement by referring to an analysis of large value frauds (above Rs50 crore in value) conducted by RBI and disclosed the tendency to focus on the lower level functionaries (emphasis added). He had suggested corrective actions to be taken by the banksii.
We move on to 2017. Another deputy governor, SS Mundraiii expressed his concerns about the prevalent status and, hopes for the future in these words: “Each time I speak on the issue I do so with a fervent hope that each participant in these seminars develops greater commitment and sensitivity to mitigating and managing fraud risk in his/her respective organisation.”
He conceded that he was speaking on the issue for the third time in less than two years!
CVC’s latest Report
Triggered by the rising trend in frauds, which is alarming, CVC in its October 2018 report claims that a study has been done of top 100 frauds. The analysis focuses on the modus-operandi, amount involved, type of lending, anomalies observed, loopholes in the system and systemic improvements required to plug the loopholes. Although the recommendations are neither new nor path-breaking, the effort is worthy of appreciation.
There are certain common features that cannot be missed as they recur with alarming frequency in every sector identified in the report. These can broadly be grouped under four heads:
a. Failure of internal controls and oversight (Pp.11, 15, 22,25 and 42)
b. Failure of controllers to pick up alert signals (Pp.11,15,22, 25, 26 and 42)
c. Inadequate standards of corporate governance (P.29)
d. Poor credit and risk management (Pp.36, 37)
There are innumerable illustrations in the report coming under each of these groups. They are damning indictment of the claims made by the PSBs in their annual reports and ineffectiveness of the risk management system in the banks.
That the CVC has, though late in the day, realised the need to do it is a reflection on the collective failure of top managements of banks, the regulator and the government. In the meantime, scapegoats will continue to be found at the lower level with hardly any accountability for the policy makers and those entrusted with oversight and governance.
What is to be done?
What is to be done is a million dollar question. On p.26 of the report, I find these words: It requires changes in mindsets. A pre-requirement of this change of mindset, it further says, is the emphasis on integrity, honesty and administrative skills in selecting branch heads, regional heads, zonal heads and inspection and monitoring officials. It is indeed a tall order.
Yet to facilitate a discussion, I venture upon a few suggestions starting from the top:
1. The selection and posting of managing directors and executive directors has to be through a rigorous process related to their background, varied experience, track-record of integrity and HR skills. Their term should be for a minimum of three years with an independent appraisal of performance after one year in office.
2. The selection of field level functionaries should be preceded by a transparent process of identifying their competence through past performance, administrative skills and leadership potential.
3. At the entry level of officers, a sustained effort at shaping their attitude, promoting the skills and enhancing knowledge through both in-company and on-the job training and regular rotation to gain versatility has to be worked out. The exercise has to be long-drawn, spread over the first five to ten years of service of a new entrant to enable him/her to imbibe the values and emerge as a competent leader.
The long-term goal of these measures should be to evolve a self-regulating organisational culture in each bank.
In 2013, UK’s Parliamentary Commission on Banking Standards had identified five themes to enable restoration of trust in banks. Among them, two are of particular relevance to us:
a. making individual responsibility in banking a reality, especially at the most senior levels;
b. reforming governance within banks to reinforce each bank’s responsibility for its own safety and soundness and for the maintenance of standards;
The process has to begin from the government level as the major stakeholder and it should percolate down to the grass roots so that rituals are replaced by enduring actions.