Jawahar Mulraj is an MBA from my own alma mater, IIM Calcutta. In his own words he is “a stock marker columnist and observer of long standing.” A member of the Bombay Stock Exchange, he has been writing a weekly column on the stock markets for over 25 years. A friend recently forwarded one of his blogs “We are not responsible!” to me. Mulraj’s blog is called “Straight from the Hip.” This particular article appeared on 24th August, 2013. The blog can be accessed at his website http://www.equitymaster.com/sfth.
Jawahar recounts the various scams the UPA government has been involved in, and laments that “each time various government functionaries absolve themselves of all responsibility.” According to him, the UPA is an “irresponsible government.” Apart from the Prime Minister who is perhaps the most “irresponsible” of them all, one is nauseated by the amount of excuses the other ministries come up with when a large scam comes to the notice of the public. The expertise with which the buck gets passed around would do credit to a Pele or a Dhyan Chand. Not only the ministers, but even the bureaucrats have learnt how to dodge uncomfortable questions and shirk responsibility for all inconvenient events.
The latest scam he writes about is the Rs. 5500 crores National Spot Exchange Limited (NSEL) scam. The Ministry of Finance predictably refused to take responsibility, and passed the buck to the Ministry of Consumer Affairs under whose jurisdiction the Forward Markets Commission (FMC) is supposed to operate. But, the FMC Chairman complained that he had been appointed as a regulator but without any powers.
Mulraj then proceeds to ask the question: “Imagine the chaos that would ensue if each regulator took a similar stance? What if the RBI shirked responsibility of a banking fraud and claimed it was not responsible?” Well, here I am going to recount an example where not only banks, but even the RBI shirked responsibility and passed the buck to the persons whose savings account with ICICI Bank was fraudulently cleaned out.
While routinely checking, on line, my savings bank account with ICICI Bank, Coonoor Branch, I discovered to my horror that a NEFT transaction of Rs. 3,47,500 (Three Lakhs Forty Seven Thousand Five Hundred) had been made on 21st November 2012 leaving a mere Rs. 800 in the account. My entire savings had been cleaned out in one stroke. When I checked the details of the transfer, I found that the funds had been sent to the account of one Suresh P. Tiwari, who had an account with IndusInd Bank, Aminabad Branch in Lucknow (UP). Immediately, I contacted my Branch Manager who advised me to send an email to the Bank’s Head of Service Quality, giving all the details of the fraud, which I promptly did. I also sent a copy of the mail to the Managing Director of the Bank, Ms. Chanda Kochhar. The Branch Manager also called his counterpart in the IndusInd Bank Branch in Lucknow and verified that the funds had been received in the account of Suresh Tiwari, but the same had already been withdrawn. I was advised to lodge a complaint with the local Police Station where a formal FIR was registered on 28th November 2012. I also wrote to the MD of IndusInd Bank requesting for his bank’s cooperation in apprehending the account holder and recovering the stolen amount.
During investigations the modus operandi adopted by the cyber thieves came to light. They first obtained a duplicate SIM card of my registered mobile number from BSNL saying that the cell phone with the SIM card had been lost. The application was made at some BSNL office in Coimbatore who promptly issued a duplicate SIM on very obviously fraudulent ID papers. The SIM in my phone was automatically disabled. The thieves then logged into my bank account (obviously they were aware of my login and transaction passwords) and registered Suresh P. Tiwari as a “payee.” The resultant One Time Password (OTP) from the bank landed on the mobile that had the duplicate SIM card. With the OTP Suresh Tiwari became a payee in my account. The next step was to transfer the amount. However, ICICI Bank has another security filter at this stage. All account holders have been issued a Debit card at the back of which is an alphanumeric grid, which I presume is unique to each card. Before a transaction is made, the system pops up three letters from the grid and the account holder must enter the corresponding numbers from his Debit card. The thieves had this information too, as otherwise the transaction could not have gone through. The Police and the internal investigation department of ICICI Bank have also zeroed in on the computer that was used for the crime and obtained the papers on the strength of which BSNL had issued the duplicate SIM card. However, despite knowing everything the Police is unable to go any further for want of “manpower.” Coonoor happens to be close to Kotagiri where the Chief Minister of Tamil Nadu has her retreat. To my bad luck, the CM has twice spent over a month at her retreat during which time practically the entire police force of the Nilgiris was stationed around her estate, leaving hardly any force to deal with day-to-day matters, let alone send teams to different parts of the country to apprehend cyber criminals. All that I hear from the Police are their regrets.
When it comes to ICICI Bank, it has washed its hands of any responsibility by repeatedly asking me to follow up with the law enforcement agencies. They tried to suggest that the hacking must have happened due to my carelessness as I could have accessed my account from an “insecure” internet connection in a cyber cafe or “hotspot.” I also told them that I had never used the Debit card for any purchases or for withdrawal of cash from an ATM, and therefore the card had never left my hands or seen the inside of any machine where its grid could have been copied. This information was easily verifiable on their transaction records. Obviously, their so-called fool-proof security system was not so secure after all. But all these arguments have fallen on deaf ears and the Bank continues to tell me that I should follow up only with the law enforcement agencies. It has not even occurred to them to start internal investigations to check if there were any leakages of sensitive information from within the bank.
I also sent a complete set of documents to the RBI Ombudsman in Chennai. The address that Suresh P. Tiwari had given in his account opening form with IndusInd Bank in Lucknow was a false address as subsequent investigations revealed. The RBI should have taken up the matter with the Bank under its KYC (Know Your Customer) rules. But the RBI also just forwarded my dossier to ICICI Bank and appeared satisfied with the same answers that the Bank had been giving to me. Disowning any responsibility, the RBI treated my complaint as “closed.”
The newspapers are full of reports of cyber criminals siphoning off huge amounts from almost all the banks and yet there seems to be no thinking by either the regulators or the banks themselves of strengthening the security of on line transactions. The same systems continue to be in place. The entire onus is placed on the customer to safeguard monies that he has kept in the custody of a bank. When I brought up this matter with one of their officials and told them that they were responsible for the deposits their clients had with the bank, I got the answer that while the money was in the custody of the bank, the key had been handed over to me. With an insecure on line system they have invited cyber criminals to come and loot their clients. How do they expect a customer to know if a cyber café or an internet site is insecure? The banks have guards at all their branches and ATM sites, yet they seem to have no guards to secure their on line branches. Most of the banks today encourage you to transact all business on line and discourage the customers from visiting their branches. But with such a frequency of cyber frauds most clients I know have disabled their internet transactions and prefer to do business manually.
Which brings me back to Jawahar Mulraj’s “We are not responsible!” blog. The mess in the economy, the steep depreciation of the Rupee, the gargantuan Current Account Deficit, the runaway inflation of food and energy items, the stagnation and decline in the mining industry, the negative growth in iron ore exports, the flight of foreign as well as Indian capital to safer havens abroad, added to the “a-scam-a-day” performance of this government is only possible when authority without responsibility is invested in carpetbaggers masquerading as political leaders, administrators, regulators, and czars of industry. The “moral deficit” in the character of the nation finds an excuse for every failure, small or large. When there is no one ready to shoulder responsibility, the country can only find itself on a one-way street to HELL.