List of Contents
- What are the modern threats to Indian Financial System?
- What are the negative effects of these modern threats to Indian financial system?
- What are the challenges in countering these modern threats to Indian Financial System?
- What initiatives have been taken to counter these threats to Indian financial systems?
- What should be the way forward in countering these modern threats to Indian financial system?
|For 7PM Editorial Archives click HERE →|
At the Global Fintech Fest (GFF) 2023, Union Finance & Corporate Affairs Minister Nirmala Sitharaman on Tuesday said that cryptocurrencies (crypto) and cyber intrusions pose major threats to the Indian financial system and financial systems across the world.
Christine Lagarde, president of the European Central Bank and former head of the International Monetary Fund (IMF) has also warned that a cyberattack could trigger a serious financial crisis. Cyberattack on Bangladesh Central Bank trying to steal $1 bn by exploiting vulnerabilities in SWIFT payment system has also drawn our attention to these threats to our financial systems. In this regard, we are going to discuss the modern threats that Indian Financial System is facing, in the recent times.
What are the modern threats to Indian Financial System?
Indian Financial System- Indian Financial system consists of financial institutions such as banks, insurance companies, NBFCs, mutual funds, stock exchanges and pension funds. These institutions are regulated by the Reserve Bank of India (RBI) and other regulatory bodies such as the Securities and Exchange Board of India (SEBI), the Insurance Regulatory and Development Authority of India (IRDAI) and the Pension Fund Regulatory and Development Authority (PFRDA).
Modern Threats to Indian Financial system- Modern threats to Indian Financial system emanate are mentioned below-
|Cyberhacking||According to the Bank for International Settlements the financial sector is experiencing second largest share of cyberhacking attacks after health sector.|
Ex-Cyberhacking of Juspay systems which resulted in the theft of masked card data and card fingerprint data.
|Ransomware attacks||Ransomware attack is the act of encrypting the computer systems with malware and locking the victims out of their systems. Financial services organizations are forced to comply with ransom demands as they are threatened of data leakages on the dark web.|
Ex-WannaCry malware attack on Indian Banks.
|Phishing||Phishing is act of tricking users into divulging login credentials to gain access to an internal network. According to Akamai’s 2019 State of the Internet report, almost 50% of observed phishing attacks were linked to the financial services sector.|
Ex- Credit card scams by getting access to OTP.
|Cryptocurrencies||Cryptocurrencies are used to commit 2 types of crimes: 1) it is becoming medium of money laundering which are posing major threats to Indian financial system. Wider proliferation of cryptocurrencies has the potential to diminish the regulatory powers of Indian financial authorities. 2) Cryptocurrency related frauds.|
Ex-Bitcoins increased usage in India forced RBI to bring Central Bank Digital Currency (CBDC). Crypto investors lost over $2.8 billion globally to various crypto scams in 2021.
|Data Thefts||Mining of customer data which results in leakage of customer information, results of product surveys, and generic market information.|
Ex-Airtel payment bank data was mined like name,DoB,phone numbers, address were put up for sale for $35000 on Bitcoins. In 2022, it was reported that the data of 9 million cardholders of several banks, including SBI, was leaked.
What are the negative effects of these modern threats to Indian financial system?
Negative Economic effects
Destabilisation of economy- Cyberattacks can disrupt financial intermediation and undermine monetary policy. They can have large fiscal costs that come from rescuing troubled financial institutions. As financial institutions and countries are increasingly connected, financial shocks in one area can quickly spill across financial sectors and national borders.
Impact on financial sector- Cyberattacks on financial systems discourage foreign investors from long term investments in the financial markets. FPIs pull out money in the wake of such attacks from the Indian markets resulting in exchange rates and interest rates volatility in the financial market.
Transfers of economic power from the right people to the criminals– Cybercrimes of Indian financial system results in the transfer of economic power from the honest people to the criminals. The good citizens and the government are dispossessed from their right making the criminals take the benefit to flourish in their criminality.
Negative social effects
‘Demographic Dividend’ turns into ‘Demographic Disaster’- Attacks on Indian financial systems increases unemployment in the country as legitimate business companies fail due to these attacks. It also devoid the individuals of their hard earned money by making false promises of high returns in short amount of time.
Increase criminal activities – It also increases criminal activities as more youth get attracted due to higher returns. At present, many criminal activities go untraced and unpunished, giving an additional motivation to cyber criminals.
Decline of Social and Political morality of the society-Money Laundering leads to decline in the moral and social position of the society by exposing it to activities such as cyberattacks, money laundering by cryptocurrencies.
Policy Paralysis- Legislative bodies are unable to quantify the negative economic effects of attacks on financial systems on economic development and their linkages with other crimes like trafficking and terrorism.
What are the challenges in countering these modern threats to Indian Financial System?
Lack of specialists – Globally India ranks 2nd in terms of the number of Internet users after China (Internet World Stats, 2017). However, India has a negligible base of cyber-security specialists when compared to internet user base.
Lack of robust law enforcement mechanisms – India’s approach to cyber security has so far been ad hoc and unsystematic. Despite a number of agencies, policies and initiatives, their implementation has been far from satisfactory.
Lack of Coordination between multiple agencies-Due to the existence of too many agencies with overlapping functions like the Serious Fraud Investigation committee (SFIO), Regulatory bodies like RBI, SEBI and National Critical Information Infrastructure Protection Centre (NCPIIC)in the field of cyber security, there is lack of proper coordination between these agencies.
Lack of awareness- Digital illiteracy and lack of awareness about cybersecurity is a challenge. This results in financial scams like stealing from debit cards through OTP.
Increased use of social media- With the advent of social media and its increased adoption hackers have learned to exploit the medium.
Weak identity and access management – Issues such as one hacked credential can give a hacker access to the entire enterprise network. Example- Airtel database hacking through one account.
Inadequate budget and lack of management – Budgetary allocations to cybersecurity is often neglected with the cost associated with the loss being very high.
What initiatives have been taken to counter these threats to Indian financial systems?
Passage of Information Act 2000-The Information Act 2000 (amended in 2008) is the primary law for dealing with cybercrime and digital commerce in India.
National Cyber Security Policy 2013- The policy provides the vision and strategic direction to protect the national cyberspace.
Cyber Emergency Response Team India (CERT-In)- CERT-In has been operational since 2004. It is the national nodal agency for responding to computer security incidents as and when they occur.
Cyber Swachhta Kendra-Launched in early 2017 the Cyber Swachhta Kendra provides a platform for users to analyse and clean their systems of various viruses, bots/ malware, Trojans.
Cyber Surakshit Bharat- Ministry of Electronics and Information Technology launched the Cyber Surakshit Bharat initiative to spread awareness about cybercrime and building capacity for safety measures for Chief Information Security Officers (CISOs) and frontline IT staff across all government departments.
Cyber Warrior Police Force-In 2018 the government announced its plans to introduce CWPF. It is proposed to be raised on lines of the Central Armed Police Force (CAPF).
Indian Cyber Crime Coordination Centre (I4C)-The Union Government has decided to set up 14C. It will be apex coordination centre to deal with cybercrimes.
National Critical Information Infrastructure Protection Centre (NCIIPC)– Established for protection of critical infrastructure of the country like the financial sector information.
The Basel Committee on Banking Supervision (BCBS)- The Basel Committee on Banking Supervision constituted in 1974 by the central bank governors of the G10 countries responding to the financial market disturbances was established as a platform where members could discuss banking matters including cyberthreats.
International Monetary Fund (IMF) and Financial Stability Board (FSB)– Synthesis papers regularly released on cryptocurrencies.
Use of G-20 presidency- India’s G20 Presidency calls for a framework for handling issues relating to crypto assets and guarding fintech industry against these threats.
What should be the way forward in countering these modern threats to Indian financial system?
Investment in security systems-Fintech companies must invest heavily in robust security measures utilising advanced encryption to protect user data and financial transactions. A secured system will build trust and therefore it is a must for the financial ecosystem.
Strengthening of state cyber resilience-Governments and industry should strengthen security by sharing information on threats and by creating financial computer emergency response teams (CERTs) modelled on Israel’s FinCERT.
Building capabilities-There is an urgent need to build capabilities and capacity for application, equipment and infrastructure testing.
Increase in cyber security experts- Immediate attention must be given to human resource development which would increase the number of experts who can effectively manage the cyber security of the country.
Increase expenditure on Research & Development- Investments should be made on R&D to develop more innovative technologies to address increasing cyber security threats.
Increase of Public Awareness-A periodic awareness campaign by the government and big private organizations should be conducted to aware people about cyber security threats. Usual practice of digital hygiene like keeping the phone up to date, rebooting regularly can be done and doing financial transactions on secured VPNs.
Strengthening Private Partnership-It is important to strengthen the public- private partnership on cyber security threats to Indian Financial systems.
Protection of financial systems is the need of the hour if India is aiming to become the 3rd largest economy of the world. Hence our focus must be on countering these modern threats which may disrupt our financial system and dissuade us from our goal.