HDFC Bank may introduce credit scores for third-party vendors

HDFC Bank is in preliminary talks with leading cyber-security companies to introduce cyber-security scores for its third-party vendors and minimise the incidence of fraud, Chief Information Security Officer Sameer Ratolikar said.

Some of the companies the bank is in discussion with include Bitsight, Upguard and RiskRecon, all of which are in the cyber-security rating space.

“We are in the process of hiring leading cyber-security rating companies whereby you give the third-party service providers’ URL/website address and then the third-party rating services basically calculate their cyber-security score, something like a Trans Union CIBIL score or Equifax score,” Ratolikar told Business Standard.

HDFC Bank will take a final decision by December and then correspondingly decide on how to create corresponding structures and their categorisation, Ratolikar said.

The bank, which will inform its third-party vendors about the exercise and bring them on board, is looking at the process as one that would provide independent validation regarding potential cyber-security risks from third-party entities.

Given that there are issues concerning data privacy, the bank will take permission from its third-party service providers, he said.

Typically, third-party vendors provide a host of services to banks, including those related to mobile payment services in conjunction with card issuers.

“There is a whole laundry list of due diligence before the vendor gets on-boarded. Within the life cycle, we manage the cyber-security aspects or the potential cyber-security risk emanating out of the relationship with these vendors,” Ratolikar said.

At present, HDFC Bank has contractual agreements with its third-party service providers and periodical audits are carried out, he said.

Latest Reserve Bank of India data showed that in 2021-22, frauds to the tune of Rs 60,414 crore were reported, down 56.28 per cent from Rs 1.38 trillion in 2020-21.

However, in terms of number of frauds, these entities reported 23.69 per cent higher frauds at 9,103 in 2021-22 as against 7,359 in 2020-21. The RBI data considers frauds of Rs 1 lakh and above.

HDFC Bank’s annual report for the previous financial year showed a similar picture, with the bank saying that while the number of frauds increased to 6,543 from 5,232, the quantum registered a decline from Rs 1,640.8 crore to Rs 505.9 crore.

According to Ratolikar, both the banking regulator and HDFC Bank’s top management have expressed concern about the growing incidence of frauds within the banking space.

Amid a slew of measures that HDFC Bank has taken, including two-factor authentication involving SMS and OTP, Ratolikar believes that the lender’s large-scale community awareness programme ‘Vigil Aunty’ could act as a silver bullet.

The bank’s new mobile banking application includes protection against fraudulent activities that stem from remote access applications on an individual’s mobile device, he said.

“We are into that journey like every other competitor bank and are trying to be more innovative,” he said.

On the recent government data that showed the incidence of frauds in private sector banks far outstripping that in state-owned banks, Ratolikar said this was likely owing to the fact that private lenders’ digital strategies were much more focused and aggressive. “On one side when the frauds are increasing, on the other, we cannot be complacent at all. This journey has to continue — about how we can take a leap forward, understand the fraud patterns and then put countermeasures quickly,” he said.

Bank of Baroda raises Rs 1,000 crore via 7-year infra bonds at 7.39%

Bank of Baroda on Wednesday said it had raised Rs 1,000 crore through the issuance of long-term bonds for funding infrastructure and affordable housing projects. The bank received Rs 4,717.4-crore bids and priced the bonds at 7.39 per cent, the state-owned lender stated (BS Reporter).