Around 30 percent of the banks carry 'very high' risks of online fraud and security threats, found a study by the Bangladesh Institute of Bank Management.
ATM and plastic card transactions account for 43 percent of the frauds, the highest, followed by mobile banking at 25 percent, according to the study based on 50 fraud cases that took place in the country.
“The banking sector now contains a significant threat of online frauds due to poor investment in IT professional development,” said Md Mahbubur Rahman Alam, co-author of the study, Online Frauds and Security Issues in Banks.
He said that only 2 percent of the total IT budget was for security, training and audit last year.
“Ignorance of these banks may pose serious security threats for the entire sector,” said Alam, also an assistant professor of BIBM.
The study, based on a total of 14 banks that have been offering centralised online banking through data centre (DC) and disaster recovery site (DRS) over the last two years, found that around 60 percent of the IT budget in 2012 was used to procure hardware and 18 percent in networks.
It found that about 66 percent of the DCs and 44 percent of the DRSs were located in high-rise buildings, meaning they are vulnerable to earthquakes and fire.
Around 40 percent of the surveyed banks believe that they have high risk of information loss at any moment, while 65 percent of the chief technology officers said they were not satisfied with the size of the DC and DRS.
The study also found that most banks do not conduct IT auditing by qualified professionals, due to which most of the security threats go unnoticed.
Over the last 12 years, Tk 9,108 crore has been spent on IT by the banking sector. As much as Tk 823 crore was spent in 2012 alone by the sector, excluding the central bank. Mohammed Nurul Amin, chairman of the Association of Bankers, Bangladesh, a platform of banks' chief executives, also agreed that the banking sector has a deficiency of IT risk management.
“We have already seen a number of disasters in the banking sector due to poor security systems,” he said at the seminar on Saturday to share a part of the study.
He, however, added that the sector has stepped up its efforts of late. Khondkar Ibrahim Khaled, a former deputy governor of the central bank, called for an increase in IT budget to ensure risk-free transaction.
“This study is an eye opener for the central bank, so it should create a separate wing or department to monitor the IT risk,” he said at the seminar.