As per the RBI, bank frauds can be classified into three broad categories: deposit related frauds advances related frauds and services related to frauds.

Deposit related frauds, which used to be significant in terms of numbers but not in size, have come down significantly in recent years, owing to a new system of payment, and introduction of cheque truncation system (CTS) by commercial banks, use of electronic transfer of fund,
etc. Advances related fraud continue to be a major challenge in terms of the amount involved (nearly 67 per cent of the total amount involved in frauds over last 4 years), posing a direct threat to the financial stability of banks. With the ever-increasing use of technology in the banking system, cyber frauds have proliferated and are becoming even more sophisticated in terms of
the use of novel methods. Also, documentary credit (letter of credit) related frauds have surfaced
causing a grave concern due to their implications on trade and related activities.

The data reveals that more than 95 per cent of a number of fraud cases and the amount involved in fraud comes from commercial banks. Among the commercial banks, public sector banks account for just about 18 per cent of the total number of fraud cases, whereas in terms of the amount involved, the proportion goes as high as 83 percent.
This is in stark contrast with private sector banks, with around 55 percent of the number of fraud cases, but just about 13 per cent of the total amount involved in such cases (Figure 1). The PSBs are more vulnerable in case of big-ticket advance related frauds (1 crore or above) in terms of both the number of fraud cases reported and the total amount involved (Figure 2).

The correlation between the rising level of NPAs of public sector banks and frauds probably indicates lack of requisite standards of corporate governance leading to more instances of high-value bank loan default and possible collusion between corporate entities and high echelon bank officials. Also, in case of private banks, a high number of fraud cases with relatively low
cost of fraud indicates the very nature of fraud – online/cyber/technology related frauds with a high frequency of occurrence and relatively low associated cost.

According to the findings of Deloitte (2015), the number and sophistication of frauds in the banking sector have increased over the last two years. Around 93 percent of respondents suggested an increase in fraud incidents and more than half said that they had witnessed it in their own organizations.

Retail banking was identified as the major contributor to fraud incidents, with many respondents saying that they had experienced close to 50 fraudulent incidents in the last 24 months and had lost, on an average of Rupees ten lakhs per fraud. In contrast, survey respondents indicated that the non-retail segment saw an average of 10 fraud incidents with an
approximate loss of Rupees two crore per incident. Many respondents could not recover more than 25 percent of the loss.

The risks undertaken by banks are still a cause of worry although it has moderated a bit. This is indicated by the bank stability indicator. Similarly, banks were worried by poor asset quality. System-level credit risk is determined by gross NPA ratio which is expected to be around 5.4 percent by September 2016 and 5.2 percent in March 2017 as per RBI (2015c).

Further, the ratio of stressed assets has increased significantly in the last few years. As of September 2015, stressed and written off assets (SWA)4 are at 14.1 percent. The trends, however, are divergent, with public sector banks having an SWA of 17 percent and private sector banks having an SWA of 6.7 percent according to Mundra (2016).

As far as credit risk is concerned, 16 out of 60 banks (26.5 percent market share) were not able to cover their expected losses from their current framework.

RBI states that NPAs from retail banking is just 2 percent, whereas NPAs from corporate banking is 36 percent. Given the size of transactions in corporate banking, it is important that banks implement a robust monitoring mechanism post-sanction and disbursement of facilities,
and be vigilant to early signs of stress in the borrower accounts.

5 India has witnessed a massive surge in cybercrime incidents in the last ten years – from just 23 in 2004 to 72,000 in 2014-15 (Figures 3 and 4). As per the government’s cybersecurity arm,
computer emergency response team-India (CERT-In), 62,189 cybersecurity incidents were reported in just the first five months of 2015-16.