Presentation made at the 1st Fraud Conference by ACFE Bangalore

1. Frauds making Financial Services Companies uncompetitive BANGALORE CHAPTER 1st Annual Fraud Conference 17 June 2011 ParagDeodhar

2. Financial Services Companies Uncompetitive FRAUD Business Losses Shutdown

3. Extent of fraud Source: Kroll Survey Oct 2010

4. 48% 36% Fear of fraud is dissuading a significant number of companies from going global Fraud has deterred them from engaging in business in at least one foreign country. name a country or region where their experience or perception of fraud had deterred them from operating.

5. Extent of fraud Source: Kroll Survey Oct 2010

6. Extent of fraud Source: Kroll Survey Oct 2010

7. …Hits where it hurts the most Top line Share prices Business Relationships Employee Morale Bottom-line

8. Cost of fraud – Banks in India Source: CBI / RBI Reports `Cr Top 2 Cities – 1. Mumbai 2. Delhi 225 Cases > `1 Cr

9. Cost of fraud – Banks in India Top of the Charts… Source: CBI / RBI Reports 3000 Average Cases reported annually by public sector banks x 5 Average Cases reported annually by private sector banks

10. Insurance sector seems to be the most vulnerable to frauds `15,171 Cr. per annum 1 in every 2 persons exaggerate their insurance claims. 10%-15% of total health claims processed by TPAs are estimated to be fraudulent. `600 Cr.false health claims every year. Revenues lost to the frauds 8.57% Insurance Frauds in India Hit on bottom line Frauds are driving up overall costs to insurers – reducing profitability and threatening viability 5%

12. Escalating frauds Greater professionalization of fraud practices. “Crash for Cash” scams – professional car crashers Cheque discounting Hackers on hire Parallel companies Increased “sharing” of fraud practices between fraudsters “Fraud Recipes” available online Underground sites - Password crackers / Credit card number generators Smarter attacks, especially online, result in bigger payoffs, in turn attracting more talented criminals Techies involved in crimes Phishing scams Techie held for Rs 29-lakh ATM theft Bangalore-based computer hardware professional, was arrested for allegedly stealing Rs 29 lakh from an SBI – ATM. With a sound knowledge of computer software, opened the lid of the machine, downloaded the programme and withdrew cash on many occasions.

13. Latest Phishing attack From: RBI <saftyalert@rbi.org.in>To:Sent: Thursday, June 16, 2011 3:53 AMSubject: Alert: One Time Password (OTP) Registration Dear CustomerStarting from June 30, 2011 all Internet Based transactions made via Online Web Interface will require an additional One Time Password (OTP).This requirement has been made mandatory by the Reserve Bank of India (RBI). Introduction of OTP is intended to reduce the possibility of fraudulent transactions and would safeguard you, the customer.Kindly submit the form attached to this email in order to enroll your Online Account in the new online protection System.If you are using Internet Explorer please allow ActiveX for scripts to perform all datatransfers securely. Some E-mail Account users like gmail and sify might view a warning signal at the header of this message. Kindly note that this is normal. RBI Netbanking team Beware of Phishing

14. Escalating frauds More fraud perpetrated from offshore locations and through organized crime Nigerian Fraud Calls from our neighboring country (+92) More brazen activities Fraudsters taking over the bank accounts of legitimate customers or visiting a branch in person to open their own fraudulent accounts ATM scams More collusion: between merchants, fraudsters and INSIDERS

15. Other Drivers for increasing fraud & cyber crime Volumes growing – fraud increasing High growth in financial services Multiple accounts, multiple credit cards Technology adoption Making our lives complex, so many cards, passwords, PINs, to remember. Internet Banking, Mobile Banking, Wireless Networks Social Networking Casual Approach Passwords sharing Sharing “information” over social networking sites – leaking answers to your secret questions Transactions from open / free wi-fi networks Crime syndicates Lucrative profession to join Work from home / part time option available!!! Laws not strong enough – law enforcement yet playing catch up

16. Ammunition to fight fraud INSIDERS Background Checks Information sharing – fraudsters getting new jobs Checks and Balances TRAINING – employees and customers Regulations RBI Guidelines – mandatory leave, job rotation, vigilance department Insurance – not as advanced Technology Use of data analytics tools to flag suspicious cases – prevention and detection Invest in technology - Implement and update tools – allocate adequate budgets and teams Governance Who owns fraud? Enterprise approach to fighting fraud Dedicated Fraud Investigation Teams - working closely with Risk, Information Security teams, Law enforcement, Industry Groups – Data sharing 3rd Layer of Defence – Internal Audit

17. Fraud – a parasite Fraud starts off as harmless parasite If unchecked, it can strangle the organization

18. THANK YOU BANGALORE CHAPTER 1st Annual Fraud Conference 17 June 2011