– By Prof Neelam Rani and Jatinder Handoo
The volume of financial crimes reported in the financial year 2020-21 was 2.62 lakh, which has gone up to 6.94 lakhs in 2022. The domestic payments fraud reported by the regulated entities in India in FY 2021 was Rs 542.7 crore which has risen to Rs 2537.35 crore In FY 2023. Digital loan Apps related frauds for the year 2022 were 26844 and for the year 2023 are 9926. As per data published by National Crime Record Bureau in 2021, the conviction rate was 3.6 per cent. As per data available in the year 2022 out of 6,94,424 complaints related to financial fraud, merely in 2.6 per cent of cases, FIR was issued.
Cybercrimes and cyber security are the topmost concerns in a digitalized economy. It has pronounced implications for financial service providers, regulators, policymakers, and end customers in both developed and developing economies. The fiduciary nature of the relationship between financial services providers (fintech and techfins) and customers makes financial service providers onerous and a conduit through which systemic trust flows. Any dent in that conduit could destabilize end users’ trust in the entire financial ecosystem. This is probably the reason why financial banking regulators and policymakers globally and particularly in India are laying a greater emphasis on the identification, mitigation, and management of such risks. It is in this background, recently released RBI
Besides other points, the standing committee’s report aptly identifies challenges and mentions the relevance and useful role of Industry Self-Regulatory Organizations (SROs) dedicated to addressing cybercrimes in financial services and supporting Law Enforcement Agencies (LEAs). This is a welcome suggestion. Digital Lending industry associations can very well play such a role and work along with law enforcement and other agencies including end customers in generating client-level awareness and mitigating cyber frauds in the digital financial services sector.
The Severity and Fragile Trust
Widespread cybercrime and cyber insecurity consistently finds a place in the list of top ten global risks ranked by severity in the World Economic Forum’s The Global Risks Report 2023. Cybercrime is now a proven lucrative industry with significant financial implications. According to a study by Cybersecurity Ventures, the collective financial losses resulting from various forms of cybercrime, including the expenses associated with recovery and mitigation, amounted to USD 3 trillion in 2015. This figure rose to USD 6 trillion in 2021 and is projected to potentially reach USD 10 trillion annually by 2025.
Coming back to trust issues, financial inclusion in developing countries as per the World Bank’s FINDEX 2021 data tells us that bank account ownership has reached 76 per cent of the global population (71 per cent in developing countries). To a large extent, these bank accounts have been kept active and are being used by customers due to money transfer programs like MGNREGA wage transfers and other Direct Benefit Transfers (DBTs) in India. For new banking customers in developing economies, even once, if they experience an episode of cybercrime and lose money, the fragile trust rarely recoups back and thus it becomes very difficult to bring such low-income segment populations back to the ambit of formal financial services.
The Standing Committee Report – Key Observations and Recommendations
The observations and recommendations of the standing committee are welcome. The report aptly talks about Grievances Redressal and compensatory mechanism for victims of cybercrimes and acknowledges challenges in exerting sufficient controls on third-party service providers on matters of cyber security. From a relief point of view, the committee strongly believes there should be an automatic compensation system as devised by RBI and it should be the sole responsibility of the financial institution to immediately compensate the customer, pending further investigation. The report highlights that the top 10 districts account for 81 per cent of cybercrime in India. Thus, the need for enhanced cyber literacy, awareness of the general public, and training is a must. Since cyber crimes often have international jurisdictions, laws to combat cyber crimes also must be international with a universally accepted framework among countries. Within India, the committee recommends the formation of a centralized Cyber Protection Authority to tackle such crimes effectively. While intent and energies are in the right place, it needs to be seen how soon observations and recommendations of the standing committee are executed on the ground by the Government.
(Prof Neelam Rani is an Associate Professor and Jatinder Handoo is a scholar at Indian Institute of Management, Shillong)
(Disclaimer: Views expressed are personal and do not reflect the official position or policy of Financial Express Online. Reproducing this content without permission is prohibited.)