摘要:
互联网的出现给银行提供了一个超越现有的边界的前所未有的机会,因此,国际银行业面临着具有革命性的翻天覆地的变化。越来越多的国际银行开始关注针对电子银行,尝试着勉强进入并占领电子商务的新领域。随着网络的技术变革,各种因素的综合影响和不确定性自由化的金融监管法律、监管环境形成了电子银行对银行风险控制的挑战。 关键词: 电子银行;风险控制;国际银行;互联网 前言 什么是权威性的国际组织发展电子银行业务的游戏规则? 巴塞尔银行监管委员会电子银行集团(EBG)十月发布了2000本“银行业监管机构面临的电子银行风险管理问题,”白皮书。本文试图把这作为一个参考, 并讨论和分析电子银行的风险与控制问题, 来作为中国电子银行发展的启示。EBG基本险电子银行分为两类:一是随着电子银行的发展相关联的新的风险,另一种是传统的银行电子银行的固有风险。 Abstract: The emergence of the Internet to the bank to provide an unprecedented opportunity to go beyond existing boundaries, thus the face of international banking has revolutionized the earth-shaking changes. A growing number of international banks started to pay attention and targeting electronic banking and tried scraped into and occupation of new areas of e-commerce. By the network of technological change, the combined effects of various factors and uncertainties liberalization of financial regulation laws, regulatory environment, electronic banking to bank risk control challenges. Keywords: electronic banking; risk control; international banks; Internet
Foreword
Authoritative international organizations to develop electronic banking rules of the game? Basel Committee on Banking Supervision Electronic Banking Group (EBG) in October 2000 issued a "electronic banking risk management issues faced by banking regulators," the white paper. This paper attempts to take this as a reference, discuss, analyze the risks of electronic banking and control issues, with a view of the development of China's electronic banking Bank of inspiration. EBG basic risks of electronic banking division into two categories: one is the new risks associated with the development of e-banking, the other is the traditional banking risks inherent in electronic banking.[1]
Strategic and operational risks
Strategic and operational risk is the wrong business decisions, improper implementation of decisions or changes in the industry do nothing, realistic and long-term effects of the formation of the bank's earnings or capital. Strategic risk is one of the most significant risks facing the bank's conduct electronic banking. More widespread and broad strategic risks on the property. Bank board of directors and executive management have taken the strategic decision will have an impact on other risk categories. If the planning and execution of the Bank's strategy appeared to be invalid or improper, rapid technological change, nature will expose the huge risk of a competitive banking industry and the strategies. Similarly, if you take an overly cautious management technology will also enable the bank to track strategy in a rapidly consolidating saturated market or markets without the slightest foothold.
Operational Risk
Operational risk is a system of technical risk. As electronic bank's high dependence on technology, so that operational risks becoming one of the most significant risks. Operational risk is derived from the following six aspects: First, the technical framework of rationality. If multiple electronic banking system can not be properly integrated business system, then the bank will handle the transaction due to an error occurred while exposing significant operational risk issues. Second, the system security. Open electronic delivery channels so that banks exposed to new security risks, the formation of a new security risks. Third, data integrity. Data integrity is an important part of system security. If the bank does not establish an effective control program, data transmission and receiving process may occur lost or converted deformation, resulting in incomplete data. Fourth, the effectiveness of the system. If the bank does not provide an effective operational continuity and emergency planning, system overload and loss may affect the operation of the bank is accurate, reliable, and consistently provide appropriate ancillary products and services, causing potentially significant reputational risk. Fifth, internal control and internal audit. If the bank does not have adequate internal controls in place, and these control measures can not be independently audited, then the bank can not effectively prevent fraud from both internal and external. Six is outsourcing. Many banking institutions are too dependent on a small number of contract manufacturers, which focused on a small number of contract manufacturers may produce systemic effects dependency. Secondly, many outsourcing providers lack knowledge of bank control environment requires. Again, outsourcing can also be caused by exposure associated with additional privacy protection.[2]
Reputational risk
Reputation risk is the reality of negative public opinion on bank earnings and capital arising from long-term impact. Hinder the effectiveness of e-banking delivery channel any negative developments are likely to affect the reputation of the bank. Network capabilities to support a dependable electronic banking is essential. If Internet banking operations mismanagement; If the bank does not provide a consistent basis in reliable, accurate and timely electronic banking services;? If banks can not respond promptly to customer inquiries via E AIL release, do not provide adequate information disclosure or violations the customer's privacy, reputation of the bank are likely to lead to negative effects. Major security flaw on the Web would weaken the bank customer or market confidence in the banks to provide appropriate management of Internet transaction capabilities.
Legal Risk
Legal risks arising from electronic banking is another concern risks. Currently, governments, laws and regulations for electronic banking transactions online multi not clear, there are many ambiguities and lack of specialized electronic banking norms of relevant laws and regulations, existing national laws and regulatory framework and there are many conflicts. Develop relationships with customers via the Internet in a country banks may not be familiar with some country-specific banking law and consumer protection law, thereby increasing the legal risks.
Unauthorized use or misuse of the data collected on the Internet is another source of potential legal risks. Unauthorized individuals can have on banks and outsourcer customers 'data warehouse' attack or infiltration. For example, hackers or others may penetrate into the bank or go outsourcers database, or create their own database, use customer information for fraudulent and criminal activities. Authorized personnel may also deliberate misuse of data, which will bring legal risk to the bank.
Credit Risk
Credit risk refers to the bank because the debtor fails to follow the terms of the contract or agreement to act, and the risk to earnings or capital arising from a bank. Credit risk can be subject to many banking institutions impact of electronic banking. Use Internet delivery channels enable the rapid expansion of banks, especially smaller banks, which will lead to improved asset quality, increasing the risk of internal control. Internet use has expanded the geographic scope of the bank, beyond the traditional business areas, which also increases the risk of the local market dynamics and understand the difficulty, we must verify the borrower's secured outside the region and improve security lien. In addition, the Internet also makes it difficult identification of a potential bank customer's identity and credibility. The customer's identity and credibility are essential components of reasonable credit decisions.
Liquidity risk
Liquidity risk refers to the bank at the time of its commitments expire, do not assume it difficult to accept the loss can not fulfill these commitments, thus the risks caused by banks or capital gains. On the Internet, the speed of the fast flow of information and lies can have an impact on the liquidity risk of banks. Market risk is the risk arising from changes in demand brought about by the financial markets. Impact of the recent development of online trading of securities issued by banks and market risks arising from the complex. From a market point of view, on the one hand to increase the amount of online securities trading will lead to increased volatility, it also led to increased mobility. From the perspective of individual banks to see if the bank carried out or extended by the online bank deposit brokers brought, loan sales or securitization business, they might increase market risk.
Risk Control
Despite these basic types of risks associated with e-banking is not new, but in a particular way and the extent of the impact of these risk arising from bank management and supervision for people who is new. Compared with traditional banking risks, risks of electronic banking will be assumed even greater. For the electronic banking risk, consider taking the following control strategies:
Establishment of good corporate governance structure
Because of good corporate governance is the bank to make the right strategic platform. To get Internet banking strategy and successful business must have a sound and effective corporate governance structure, which is needed for a healthy dragon board. The bank's board of directors as the brain, the brain healthy, online strategy and operations of the question. And this is precisely the country, especially state-owned banks are lacking. Banks should have one kind of rigorous analysis procedures to identify, measure, monitor and control electronic banking risks. Electronic banking risk management and control with "planning → implementation → measure" and other basic aspects. In these areas, the need for banking organizations to fulfill different roles. First, risk planning undertaken by the Bank Board. The Board shall give a significant impact on the bank's risk management projects on e-banking technology research, approval and oversight, and to determine whether the relevant technologies and products consistent with the strategic objectives of the bank, whether it can meet the market demand, the bank is able to maintain competitiveness and profitability. Secondly, the technical implementation of the responsibility of the managers. This requires managers with relevant skills to effectively evaluate electronic banking technologies and products for the bank to choose the right combination, and to ensure that the selected technology is installed correctly. Once again, the responsibility of measuring and monitoring risk oversight system. Oversight system should have the relevant skills to effectively identify, measure, monitor and control the risks involved in electronic banking. The Board should receive regular reports on the technology used, what the risks and how to manage these risks. As a part of the design process, the electronic banking system contains an effective quality assurance and audit procedures. By the auditors for electronic banking technologies and products to help independent evaluation board and senior management to complete their responsibilities.
Design and implementation of electronic banking risk internal control system to adapt
E-banking has changed the traditional bank internal controls, clear division of labor and the post audit trail, so that banks in operating and auditing are extremely lack of specialized techniques and skills. Banking institutions must have adequate control measures in place, by an independent audit department of internal control system for periodic testing and evaluation. Electronic banking system of internal control objectives should include: Consistency technology planning and strategic objectives; availability of data; integrity of the data; data confidentiality and privacy protection measures; reliability of management information systems.
Elements of the electronic banking system of internal control includes three aspects: First, internal accounting controls, in order to guarantee the reliability of financial records and assets. Second, operational control, to ensure the achievement of business objectives. Third, management control, to protect the operational efficiency of the implementation of policies and procedures. These three elements in the following three levels: First, preventive controls; Second, detection control; Third corrective control.
Safeguards the security of electronic banking system
EBG's survey showed that most banks regarded as a major security risk risks associated with electronic banking. Safety is always the electronic banking system is an important issue, but rather for the safe operation of electronic banking, technology had to use the method to solve the problems brought about by technology. Safeguard the security of electronic banking system may take a firewall, coding, authorization certificate etc. technical measures.
Focus on the effectiveness and continued availability of electronic banking system
In addition to ensuring a safe conduct internal electronic banking network outside, the development of effective capacity planning is also key to ensuring electronic banking products and services continued effectiveness. In order to compete effectively, avoid potentially significant reputational risk due to system losses caused by conduct electronic banking services must be accurate, reliable, and consistently provide appropriate ancillary products and services. These factors suggest that the development of an effective operational continuity, defense and emergency response plan is extremely important. Moreover, the trend commissioned an external development system also enables banks need to ensure that a similar plan must be in place external service providers, and regularly test its effectiveness.
Maintain the ability of the technology to assess and monitor the outsourcing
Banks should periodically re-evaluate its technical support sources to determine whether to continue existing programs suited to their business, whether there is sufficient flexibility to meet anticipated future needs.
Reputation and legal risk control
To prevent damage to the reputation of the bank could lead to a negative situation, banking institutions should develop and supervise the operation of electronic banking standards. Other important means of protecting the reputation of the bank as well as periodic review and testing of business continuity, protect against accidents reflect plans and communication strategies. Strengthen international coordination and cooperation network of bank risk control. Open network environment, financial services, fast information transfer transaction strengthens the international financial risks contagious. Supervision of the bank's network requires close cooperation and coordination of financial regulatory authorities in different countries to form a network system of banking supervision worldwide. Supervision of the network of banks, including Bank of borrowing by way of regulatory networks of illegal tax evasion, money laundering and other acts; way to use the Internet banking transnational smuggling, illegal arms and drug trafficking, arms trafficking and other regulatory activities; party to unlawful attacks using the Internet banking other national network of computer hackers bank websites and other international criminal activities supervision; transmitted on the use of Internet banking is not conducive to the national culture and ethical concepts of information regulation and so on.
Other traditional banking risk management
Banks should implement reasonable credit insurance policies, credit monitoring and management conduct. According to the amount of electronic banking size, liquidity and strengthen the monitoring of customer deposits and loans changes, but also the need for electronic banking on the impact of the market turmoil of the monitoring results.
Conclusion
As the network of highly educated and professional technology, or for lower operating cost considerations, online banking services often have to rely on external support to resolve the internal market technical or management problems. This approach adapted to the requirements of Internet banking development, but due to external technical supporters may not have sufficient capacity to meet the requirements of network banks can not provide high-quality financial services.
Such risks may come from a design flaw online banking security systems and their products and operational errors, can also result from the negligence of online banking customers, commercial bank staff misuse in the business, but also may lead to serious online banking business risks. Operating risk relates primarily to authorize the use of a network of bank accounts, online banking risk management system, information exchange network between banks and their customers, true and false identification in the field of electronic money. For example, online banking has changed the traditional stamp for the payment instruction to the settlement means, using digital signatures to confirm the validity of the payment instruction. As the "virtual nature" of the network, the digital signature depends entirely on the bank's strict safety control system or not.
Conduct financial business network must choose a mature technology solutions to support. Technology options exist in the technology selection mistakes risk. Transmission of information and poor compatibility client terminal software such risks resulting from the choice of both technical systems interruptions or slowdowns may also be selected from the technological changes eliminated by technical solutions, resulting in relatively backward technology, outdated network conditions, resulting in the loss of huge technical and commercial opportunities. Network of financial risk control business and a lot of the work are done by computer programs and software systems, so the technical and administrative security of electronic information systems has become the most important technology runs the risk of financial networks. Although banks are designed with multi-layered network security systems and the emergence of new security technologies and solutions to protect the smooth running virtual financial counters, but the bank's security system network online banking services is still the weakest link . This risk both from the computer system down, disk arrays and other uncertainties destruction, but also digital attacks from outside the network, as well as computer virus damage and other factors. According to the survey of different industries in developed countries, the loss of system downtime caused by the financial industry's largest. Range of online hacker attacks increasing, means increasingly renovation, attacks are 10 times more energy per year, which can be used in any illegal online vulnerabilities and defects into the host, to steal information, send fake e-mail. Computer network virus can be transmitted through the network diffusion and propagation speed is several times alone, once a program is infected, then the whole machine, the entire network will soon be infected, devastating. Security risk not only disturbs or interrupts to provide normal services to the bank to bring direct economic losses, but also affect the image of the bank's network and customer confidence levels on the network banks.
Timely adjust and change the traditional concept of the regulatory and supervisory ideas. Should clearly understand the challenges of the birth of Internet banking central bank brought the traditional regulatory approach: first, the development of a network of banks to break the traditional boundaries of the area of finance and industry boundaries, making the comprehensive development of financial business trends continue to strengthen. Second, the opening of unbounded make a financial business network will rapidly spread to all branches of a bank (network terminal), which will declare the traditional regulatory approach of market access of financial services to implement subregional, one by one strictly by industry Approval of the traditional regulatory approach of the past, financial regulators will be facing financial business, "one-hundred-" situation.
Strict market access online banking. Stage in the approval process should take: (1) a strict system construction. Internet banking publicity, information disclosure, internal controls and system design institutional arrangements, must be strictly approval. But the bank's network hardware equipment, technology investment, staffing should not interfere too much, should be given adequate flexibility for banks to be planning to make investments according to their actual situation, to avoid administrative intervention unnecessary waste of resources. (2) heavy risk prevention, resolution mechanisms, to carry out online banking establishment or a new business, you must have a sound risk identification, appraisal, management, and disposal program to cover the risks, plan.
Reference
1. Albuquerque, Martim (1855). Notes and Queries. London: George Bell. p. 431.
2. Matyszak, Philip (2007). Ancient Rome on Five Denarii a Day. New York: Thames & Hudson. p. 144. ISBN 0-500-05147-X.
|