Channels

10:27 AM
Connect Directly
RSS
E-Mail
50%
50%

E-Banking Is Board-Level Issue, Says Basel Committee

Boards of directors and senior management at banks should take a closer look at e-banking projects and security initiatives.

Unprecedented speed of change, increased dependence on systems architecture, more complex operations, and magnified importance of security -- such are the fruits of e-banking in financial services.

While it does not bring "inherently new risks," electronic banking has changed the overall industry risk profile, according to the Basel Committee on Banking Supervision in a July 2003 report. Therefore, the Committee recommends, banks' senior management and boards of directors should review and modify existing risk policies where necessary, and take a more active role in setting the strategic direction of e-commerce initiatives.

The Basel Committee recently published its "Risk Management Principles for Electronic Banking." Much like the principles-based approach in accounting (versus the rules-based approach as exemplified by GAAP), the principles-based approach in risk management offers "supervisory expectations and guidance" rather than "absolute requirements" or "specific technical solutions or standards relating to e-banking."

The 14 principles fall into three categories: board and management oversight; security controls; and legal and reputational risk management.

Notable among them is the principle that the board of directors and senior management should have joint involvement in technology deployment decisions. The Committee writes: "An explicit strategic decision should be made as to whether the Board wishes the bank to provide e-banking transactional services before beginning to offer such services."

This places corporate leadership, rather than managers in the IT department, squarely in the middle of the decision-making process. The Committee writes: "In light of the unique characteristics of e-banking, new e-banking projects that may have a significant impact on the bank's risk profile and strategy should be reviewed by the Board of Directors and senior management and undergo appropriate strategic and cost/reward analysis."

The responsibility for ensuring a secure enterprise should also escalate into the boardroom. "The Board of Directors and senior management should oversee the development and continued maintenance of a security control infrastructure that properly safeguards e-banking systems and data from both internal and external threats," the Committee writes.

The full report is available at: http://www.bis.org/publ/bcbs98.htm

Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology Oct. 14, 2014
Bank Systems & Technology's new Must Reads is a compendium of our best recent coverage of customer analytics. Learn what big data means for banks, meet Wells Fargo CDO Charles Thomas, find out how to connect with your Gen Y customers, and more.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.