METHODOLOGICAL ASPECTS OF BANKING RISK MANAGEMENT
Abstract
Today, banking is one of the areas in which the use of digital technology is implemented most effectively. The article highlights the substantive and essential advantages of digitalization of services for commercial banks and their clients.
At the same time, it should be noted that the digitalization of services has contributed to the formation of a significant number of risks of various natures for all economic entities, including banking institutions and their clients. The article provides a list of possible potential threats to banks and their clients in the process of providing financial services using digital technology and digital channels of access to financial resources. The author classifies the entire set of such risks into two groups, which are client risks and banking risks, and provides a detailed assessment of each of the risk groups.
The destructive consequences of the use of digital technology by banks and their clients in the process of using financial services are examined in detail, in particular, incidents of gaining unauthorized access to clients’ personal data are examined, namely, the general dynamics of operations without customer consent, the dynamics of incidents in the context of types and vectors of attacks are analyzed (phishing, social engineering, malware), as well as the dynamics of telephone fraud in the banking environment.
Some measures to counter unauthorized access to customer data were identified, and general trends in the transformation of the banking sector in the context of digitalization of services were highlighted.
Keywords: digitalization, digital technology, commercial banks, banking services, digital ser-vices, banking risks, financial fraud
Introduction
The advancement of science and technology has promoted the innovation of traditional industries; digital transformation has gradually become a trend [Zhu Y., Jin S., 2023]. The modern economy requires the introduction of digital technology in various fields of activity, including financial and credit sphere, which allows all market participants to receive benefits. However, when introducing new technology, certain difficulties and negative consequences from total digitalization arise.
To a large extent, the introduction of modern technology into the activities of the banking sector of the economy is conditioned by the desire of financial institutions to improve the quality of service delivery and thereby increase their own competitiveness. With the help of digital services, the principles change and the quality of services provided to customers improves, and the volume of online transactions accelerates and increases [Vaganova O.V., Gordya D.V., Sidibe M., Golubotskikh V.N., Pryadko E.A., 2023]. This will ensure conditions for strategic and long-term development. However, for banks and their clients, digitalization carries certain threats and risks, the occurrence of which could negatively affect their financial condition, maintaining confidential personal, individual and financial information.
That is why the significant effort of the Central Bank of Russia and commercial banks directly, is aimed at providing maximum protection of their own activities and information about customers. However, periodic cases observed in this area, losses of funds by clients of banking and non-banking institutions indicate the presence of quite complex and systemic problems in this area. This predetermines the need to conduct additional research for the purpose of applied description of the main threats of digitalization, primarily for banks and their clients in the process of providing/receiving financial services. However, periodic cases observed in this area, as well as losses of funds by clients of banking and non-banking institutions indicate the presence of quite complex and systemic problems in this regard. This predetermines the need to conduct additional research for the purpose of applied description of the main threats of digitalization, primarily for banks and their clients in the process of providing and receiving financial services.
Discussion
Digital technology today really pierces virtually every sphere of social relations. Its influence is especially felt in the economic sphere, where the use of advanced information technology allows economic entities to increase their own efficiency and level of competitiveness. Accordingly, in the banking sector, the use of the potential of such technology is a very important tool of financial activity for banking institutions, given the fairly high level of competition between them. It is the active role of banks in the development, adaptation, modernization and use of digital technology in their own work that has ensured a sufficiently high digitalization of the entire sphere of banking services. The overall impact of the extensive development of digital services and the use of information and communication technology currently includes the following benefits for banking institutions and for their clients (Fig. 1).
However, in addition to the obvious advantages for the banking industry, digital technology also contributes to the emergence of new threats for both banks and their clients. Security issues are becoming especially important in the area of banking services, where the level of fraud and losses can be quite high, and solving problems can take a significant period of time. Also, ensuring the reliability of financial transactions and protecting information for banks and their clients is one of the components of building a bank’s reputation [Tan J., 2023], which in any case affects the quality of its work and the formation of conditions for long-term development in the future.
Fig. 2 presents potential threats to banks and their customers in the process of using financial services through digital technology and digital channels of access to financial resources.
Thus, it can be stated that the digitalization of services has contributed to the formation of a significant number of risks of different nature for all economic agents, including banking institutions themselves and their clients. We will conduct a more detailed consideration of the threats and risks of digital transformation of the financial services market for banks and their clients. According to the author, it is advisable to divide them into two groups: client risks and bank risks.
Client risks represent potential threats of loss of financial resources from credit, deposit and current accounts, which may arise in the process of using digital technologies, taking into account specific personal characteristics of the person. These include the following:
- Insufficient level of digital literacy (Fig. 3).
- Digital inequality in society and different access to information and communication technology, as defined by household areas (Fig. 4).
The banking risks of using digital technology, which can lead to destructive consequences in the process of using financial services, include the following:
1) hacking, loss of individual financial information;
2) dissemination of fake information about the functioning of financial institutions, using the names of banks and non-banking institutions to send fraudulent messages;
3) manipulation of human consciousness, which can be carried out through the use of the latest digital technology to influence human behavior (contextual advertising, manipulation of facts, statistical information);
4) cyber-attacks against the operation of financial institutions that result in the loss of individual information that may spread in the future;
5) psychological influence to induce households to irrational behavior in the sphere of financial decision-making as a result of the use of modern digital technology (chat bots, calls, etc.).
Massive data leaks in 2021-2023 have affected many organizations and individuals both in Russia and around the world. In several incidents, such well-known companies and services as Gemotest, SDEK, Yandex.Eda, DOM.RF, Sovkombank, MTS-Bank, etc. have suffered [Current Cyber Threats ... , 2023]. Statistical data on the total number of destructive effects of the use of digital technology by banks and their customers in the use of financial services are presented in Tables 1-3:
We also note that digital technology significantly complicates the process of detecting and identifying fraudsters, which requires large financial resources and time from banking institutions. Therefore, clients will wait a long time for a decision on the return of their lost funds.
Despite the advantages of introducing digital services, banks are exposed to high risks of gaining unauthorized access to clients’ personal data. For example, according to official statistics of the Ministry of Internal Affairs of Russia, the total number of registered crimes under Article 159 of the Criminal Code of the Russian Federation “Fraud Committed Using Information and Telecommunication Technology or in the Field of Computer Information” haws increased by 13.3% in 2022 and has reached 238,560 criminal attacks, which is 46.1% of the total number of all crimes of the designated category [Madatova O. V., Pisarenko K. V., 2022]. Abroad, the customer data protection system is being revised to address this issue. As recommended by the Basel Committee, the acceptance of payments online includes the following requirements:
- Bank must identify and monitor clients represented by natural and legal persons.
- Each bank should develop measures to neutralize the threats of obtaining unauthorized access to personal data of customers.
In order to minimize the risks of fraud associated with the introduction of digital technology, the bank should develop regulations, recommendations and instructions, documentation with clear key performance indicators, as well as training materials for professional development of employees, which should be available for review by all bank personnel.
The following instruments, presented in Fig. 5, may be used by banks to offset these risks.
We must not forget that the basic asset in the digital space is information, and data security is one of the components of the foundation of the digital economy, while potential losses from cyber-attacks on the financial system can reach about 5% of GDP [Central banks and cybersecurity risks …, 2022]. In order to ensure information interaction and coordination of work to combat crimes in the IT sector, the Bank of Russia created the Center for Monitoring and Response to Computer Attacks in the Credit and Financial Sphere (Financial CERT of the Bank of Russia). Recognizing the need for consolidation on the issue of information security, the Association of Russian Banks launched a platform for exchanging data on cyber threats. The platform allows participants to automatically receive verified and relevant information online. The platform is based on a REST API, which makes it possible to automate security settings without human intervention. If necessary, credit institutions can receive support from technical specialists who will help set up the credit institution’s security measures for subsequent use and integration with the platform. The advantages of the platform are the aggregation of more than 26 sources of threat data (Financial CERT, telecom operators, BI.ZONE), uploading only useful information to protect the bank and automating the process of applying this information. The functionality of the platform can be used in both large and small organizations that do not have advanced security tools and highly qualified personnel.
Thus, it is possible to distinguish some general trends of transformation of the banking sector in terms of digitalization of services (Fig. 6).
When analyzing the activities of Russian banks in the field of cybersecurity, it is necessary to note the contribution of PJSC Sberbank, which, developing its own development strategy, takes into account the regularity of cyber-attacks and seeks to increase the security of data, reducing time and money losses to zero. As for B2B-marketplaces, PJSC Sberbank launched SberB2B (a platform for the sale of goods and services of any customers and sellers) in 2018. The main reason was the negative dynamics of the B2B sector in the country, which had led to significant losses of time and money. In the field of digitalization of public services, it is worth noting, for example, the system created in March 2019 that provides remote issuance of certificates for housing property in Moscow [Khakimova., G.R., Konstantinov, P.S., Khaliullin, T.I., Shchipletsova, N.I., 2021]. The “Interreg Baltic Sea Region” proyect is a good example in the area of cross-border cooperation. It is focused on innovation, modern transport and natural resource management. Common IT platforms include the ERA, the 3rd generation DATACHAINS.world blockchain platform.
В области трансграничного сотрудничества ярким примером стал проект «Интерег. Регион Балтийского моря», нацеленный на развитие по таким направлениям, как инновации, современный транспорт и управление природными ресурсами. Среди общих IT-платформ можно отметить ERA – блокчейн-платформу 3-го поколения DATACHAINS.world [Priority directions of digital transformation …, 2020], which has become a solution not only for individuals, but also for commercial companies, as well as government agencies.
Conclusion
In conclusion, the study found that modern information and communication technology and digital services have had a powerful impact on the functioning of banking financial institutions, which is fundamentally changing the basis of their activities. The use of the significant potential of information and communication technology in the process of operation of commercial banks has significantly influenced the processes of their interaction with their own clients. The article highlights the main consequences of the digitalization of financial relations, which includes formation of a significant number of risks of different nature for all economic agents, including banking institutions themselves and their clients. The threats and risks that banks and their clients receive as a result of further digital transformation of banking services are analyzed and a number of instruments are proposed to neutralize them.
Reference lists
Р. 1884-1888.
15. Tan J. The Importance of Cybersecurity in the Era of Digital Banking, Medium (2023), available at: https://medium.com/@iam.jeksen/the-importance-of-cybersecurity-in-the-era-of-digital-banking-9c79637cd2fa (Accessed 22 Aaugust 2023).