Outsourcing of IT systems - Fraud involving a Software Supplier - RBI - Reserve Bank of India
Outsourcing of IT systems - Fraud involving a Software Supplier
RBI/2004-05/405
DIT(CO). 2403 /09.63.99/2005
March 29, 2005
The Chairmen and CEOs of all banks
Dear Sir,
OUTSOURCING OF IT SYSTEMS – FRAUD INVOLVING A SOFTWARE SUPPLIER
It has been brought to the notice of the Reserve Bank of India that a fraud has been perpetuated by the following sole proprietor firm, in a co-operative bank in Tamil Nadu:
M/s Ahaana Computers, Dharmapuri, Tamil Nadu.
2. The fraud was perpetuated on account of unfettered access given to the firm by the bank as part of the Annual Maintenance Contract and total dependency of the bank on the firm for all operations on the computer system in the bank. Some of the factors which resulted in the perpetuation of the fraud included the absence of staff knowledge on the method of operating the software, inadequate controls, poor housekeeping non-conduct of periodical balancing of books, etc.
3. We advise that banks may exercise caution while dealing with the above firm. Banks are also advised to review their controls and practices relating to Outsourcing of IT projects and ensure that risks in this regard are minimised.
Yours faithfully
(A M Pedgaonkar)
Chief General Manager