Evaluation of Security and Controls in Core Banking

You might be hearing in the news about some XYZ bank has set up Core Banking solution (CBS) or some ABC bank executing Core Banking System and left wondering what exactly is Core Banking?

CBS is networking of bank branches. This networking allows customers to handle their respective accounts and utilize banking facilities from any corner of the world. In layman terms you don’t need to visit your own branch for any bank transaction. It can be done from any part of the world, any time. You can perform banking transactions from any branch on CBS network and not necessarily go to the branch where you opened the account. A bank which has adopted CBS treats customers as customers of the bank and not of any particular branch. Implementing CBS helps speed up transactions, provides hassle free banking experience to customers and saves cost for the bank.

As volumes of transactions grow exponentially in a CBS system, the bank gets exposed to a number of technological risks. The task of mitigating the risks lies with the IT managers. The key points to consider are identifying critical issues, enhancing the skills to tackle crisis and adopt best practices to make CBS fully effective. From a system point the IT managers need to ensure that the services are running at 100 percent, systems and data integrity is maintained at all times and customer data is secured. New product launch should be seamless. Integrating new products with the CBS system without glitches is important to ensure customer trust. Banks are easy targets for hackers. IT managers need to devise firewalls to keep them at bay. CBS carries a lot of data. The responsibility of ensuring such large volumes of data are handled and saved securely lies with the IT managers. This data also needs to be backed up daily and be prepared for a BCP scenario.

Now that we have understood the risks, let’s also look at few controls which banks can put in place to mitigate these risks. Ensure that Information Security policy is adhered at all times. This includes password policy, email policy, data storage policy, patching and endpoint security policy, physical and software access policy. Ensure that bank is compliant with SOX, OSHA, PCI and other regional financial and data security policies. Ensure that vendors are also complaint with these policies. Monitor vendors for their performance, SLA obligations and regulatory compliances.

While periodic audits carried by the regulatory authorities help in identifying any non conformities, these audits are inadequate to highlight issues in a CBS environment. Since CBS deals with real time data, challenges have to be responded in real time. The best way to handle challenges is to have a robust in built security mechanism which can respond to any threat instantaneously be it fraud, identity theft or hacking.

CBS has proven advantageous to both; banks and customers. In order to retain customer trust, along with implementing CBS system, banks should also invest in creating safeguards for Core Banking.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s