Let me state at the outset that I believe the current uproar about Facebook (FB) and Cambridge Analytica (CA) is justified. Whether it leads to anything substantial or not, a public conversation about how private data is harvested and used was long overdue.
Of course, a key reason it has garnered so much attention is that it was a US election that was allegedly meddled with. Many other elections may have been manipulated in the past as this article suggests, but little notice has been taken of the matter.
With that context, here is a perspective:
As long as there is money to be made by influencing individual choices, people will try to shape those choices, both overtly and covertly. FB and CA are just recent instances. It may well have been some other firm. Even if these two firms are “dealt with”, the future will see more firms misusing our private data. To that extent, FB and CA are almost incidental. As long as there are ways to pry into our lives and manipulate us, people will attempt to do so.
Consequently, it is up to us voters and consumers to guard against it, and not take the easy option of assigning the entire blame to FB or CA. Yes, there is an urgent need for an entirely new set of standards around how private information is harvested and used. And hopefully, we will see something on that very soon.
Meanwhile, as a private individual, I have little or no ability to influence what Facebook, Google and their like do with my data. Nor can I meaningfully influence what our lawmakers will come up with. My only way forward is to look inward and reassess my own response. And be less gullible.
But first, let me take a step back.
Influencing voters is not new. It has been happening for as long as politics has been around. Be it strident TV anchors drowning our views with their clamour, or wily columnists putting out polished pieces that appear balanced and objective, or whisper-campaigners insidiously biasing us, manipulating our choices has been an established occupation for a long time. The issue under discussion is just the next chapter in the same sordid drama.
Stripped of jargon and technology, isn’t CA also doing the same old thing? They too tried to influence voters, just as some in the established media have been doing. Some have even gone to the extent of setting up fake think-tanks and trying to manipulate Wikipedia’s content to boost one person’s reputation and tarnish another’s. This is in addition to “placing” articles and op-ed in the traditional press.
Are such machinations the preserve of any one part of the political spectrum? I think not. Some employ crude methods because they know no better. Others take a nuanced and a less obvious approach, wherein they appear erudite and independent (and therefore more credible). And a few even resort to planting crass posts that have ostensibly been authored by their opponents.
At the end of the day, we, the voters and consumers, are the victims of it all. This flood of duplicity will take newer forms as time goes by. Our best defence would be to develop the ability to see through such manipulations and to erect mental defences.
The first step is to become sceptical – even cynical – about anything I receive on social media or through the traditional media. I must not accept something just because it is neatly typed out and formatted. Nor should I blindly accept opinions without first understanding the writer’s and/or the publisher’s predispositions.
Among the most virulent of campaigns are the ones executed on messaging platforms such as WhatsApp, where there is no practical way of tracing back malicious posts to their sources. Anonymity, we have seen, spawns irresponsibility.
Unfortunately, many of us knowingly abet this malice. We don’t think twice before forwarding (and thereby propagating) venomous messages that resonate in our own echo chambers. Sometimes, our conscience troubles us just enough for us to add “forwarded as received” to the message, and we hold ourselves absolved.
This deception is not the preserve of politics. A WhatsApp message has been circulating over the past year about a certain breakfast cereal brand. The message tries to malign the brand by suggesting that the manufacturer uses pork and beef gelatine in its products. Who authored such a message, is anyone’s guess. But the person who stands to gain the most would be a competitor.
In summary, this is not just about FB or CA – they are mere examples. The issue is much larger. Trust is rapidly becoming a scarce commodity in this hyper-connected world of ours. Publishers, platforms and content creators are adapting to this changed reality (and opportunity).
So should we, as voters and consumers. In this endeavour, scepticism would probably be our best ally.
The previous post made the case for banks to focus on the proverbial elephant in the room, i.e. fraudulent loans. With loan frauds touching 12% of PSU banks’ net profit, the case cannot be clearer.
Consider the following incidents:
- The stock in a warehouse is pledged for three different loans, and none of the banks knows that the stock is pledged to others.
- A loan is given to ‘ABC Cables’ for factory renovation, but the factory remains shut. The watchman says that the promoter can be found only at the newly refurbished ‘ABC Bar & Restaurant’.
- A property worth 20 crores bears a valuation certificate showing its value as 40 crores.
- An expensive new CNC machine is hypothecated to three different banks, but the machine in reality is a 25-year old fourth-hand wreck.
- The collateral for a loan is stock, but the actual stock is one-fifth of what it is on paper. And the bank doesn’t have keys to the warehouse.
- Newly supplied cartons of computers have only stones and thermocol.
- An auditor certifies the finished goods inventory to be three times the actual inventory.
None of these is of the scale of the alleged Syndicate Bank scam, but few of these, if any, would be unfamiliar to seasoned bankers. It is such frauds, along with some sophisticated ones, that have cost the banking sector Rs. 16,690 crores between 2010 and 2013.
How did this happen? The problem lies as much within banks as in the wider ecosystem, and the weaknesses are both behavioural in nature and systemic.
Basic banking tenets are ignored when operating staff view a bank’s requirements as blind procedures to be followed, or when supervisors pressurise their staff to cut corners. Some are happy to tick the boxes without doing the necessary due diligence. A good part of loan frauds is due to sheer negligence or lack of tools, but another part involves collusion.
While frauds are discovered only when repayment default occurs, their causes lie in weaknesses in the earlier stages of the loan process.
As with any malaise, prevention is better than cure. To do this, we need to improve operating effectiveness within banks, and at the same time, we must implement a central anti-fraud mechanism that can be shared by banks
Improving operational effectiveness
While processes may vary across banks, some key aspects of the loan life cycle are common, and need close attention (see graphic below).
The idea is to make bankers at all levels more accountable and less susceptible to pressure from their bosses. The operating level person who gathers information claims innocence, as he was not the person who had approved the fraudulent loan. At the same time, the bank’s management disclaims responsibility, saying that their decisions are only as good as the information they get. Who then, is responsible? Clearly, it must be both.
According to Deloitte’s Indian banking fraud survey, the top two reasons for frauds are lack of supervision (73%) and pressure to meet targets (50%). This suggests that the management is as responsible as the staff. Unless both are held accountable, provided appropriate tools, and incentivised, it is difficult to see the situation changing.
A bank afflicted by loan frauds must take several steps.
- Firstly, it must commission a fraud risk assessment of the loan process, which will help identify weak areas and take corrective measures.
- Next, it must institute a practice of conducting independent external audits on a random sample of loans. These audits must include surprise physical verification of collaterals, and independent validation of documentation and valuations.
- Third, whenever a fraud occurs, it must trace the histories of colluding employees to identify frauds they may have earlier been perpetrated.
- And finally, it needs to modify employee appraisal systems to bring frauds into focus, and make fraud management central to a bank’s balance scorecard. This must be supplemented with disciplinary action that includes criminal charges.
Even after implementing these steps, the work would only be half done. The other half involves anti-fraud tools.
Do bankers have the necessary tools to detect potential loan frauds? How do they profile loan applicants? How do they inquire into a promoter’s past loan history? How do they know that a collateral is not already pledged elsewhere? For this, we must turn to the second set of actions: implementing a centralised anti-fraud mechanism.
A central anti-fraud system
While RBI has a central fraud monitoring cell, it does not have the necessary tools to prevent frauds. RBI (or some other central agency) must build a centralised system that enables banks to catch potentially fraudulent loans in time by exchanging information on frauds, collaterals, defaults and fraudsters.
Just as a shared claims register helps insurance companies fight duplicate claims, a shared facility will help banks prevent sanctioning fraudulent loans. And if one is sanctioned, it can prevent the disbursal of funds. The central anti-fraud system should have details of all frauds, loans, defaults, defaulters, failed companies, promoters, their close associates, collaterals and fraud schemes. But it must be done in a way that doesn’t compromise the privacy of borrowers.
A promoter or an employee who hits upon a successful fraud scheme is unlikely to stop with one fraud. A shared facility will help nip it in the bud. Similarly, a valuer who overvalues collaterals can be caught sooner rather than later. Wilful defaulters can be pushed out of the banking system.
It is also important to maintain an ‘incident register’ with details of suspicious incidents that are yet to be declared fraudulent. These incidents may be under investigation or under a legal process, but it is critical that other banks are made aware of suspicious activity at the earliest. This incident register must be designed carefully to ensure that privacy and legal rights of customers are not violated. A metadata approach may prove useful in this regard.
The above graphic outlines the concept of a central anti-fraud system. The system must be adaptive, and should be able to flag high-risk promoters, companies and loan applications, after taking into consideration the linkages mentioned in the graphic. In time, it should be able to take in loan application details and give it a risk rating.
Powerful analytic tools are now available, but for them to be effective, they need to be imaginatively combined with an understanding of the fraudster’s methods and the vulnerabilities of our banking systems. Sound design will be key, and the system must have the inbuilt ability to learn on the job. With fraudsters staying a step or two ahead of banks, we will need some sharp minds to participate in this initiative.
There will be those who will seek to thwart the initiative, but the time has come for the banking sector to take some serious steps to fight fraudulent loans.
This article was published in Economic Times Corporate Dossier on 12 Sep 2014.
RV Raman, former head of KPMG’s Consulting Practice, tells five stories from his formative years.
1. Grab your chances.
The battery of tests and campus interviews had finally ended, and I had my first job offer from Tata Motors, a coveted prize for mechanical engineers in the early 80s. Just as I rose and shook hands with the panel, they popped me a question. Did I want to be a mainstream shop floor Graduate Engineer Trainees like many before me, or did I want to join the new Management Services Division (MSD)? The folks at MSD, they said, did computer programming; a new area where the waters were yet untested.
It was in an era when ‘computer science’ and ‘information technology’ hadn’t entered the Indian lexicon. I had a snap decision to make. I could take the tried and tested route to the shop floor, and take the well-treaded path up the organisational ladder. Or, I could risk striking into a new territory.
The thrill of telling a machine what to do was irresistible. I chose MSD. It was a decision I never regretted; a choice that took me into software, and then into management consulting.
Unexpected chances were thrown my way twice more in my career. I grabbed them. I’m happy I did.
2. Never stop adding skills. Reinvent yourself.
“Don’t rest on your laurels,” we were told at Tata Motors. “Opportunities will be endless if you continuously add skills.”
It was advice I took literally. Only, I didn’t limit it to software. Two years later, I realised that learning more software languages was incremental and insufficient. I got myself an MBA from IIM Bangalore and entered management consulting, where we advised clients on IT choices they needed to make. Software was a tool that made operations efficient, but to do that you had to understand all manner of processes – a whole new set of skills for me to acquire.
Gradually, I figured that process improvement was not an end in itself. Clients wanted to maximise shareholder wealth. For that, IT and processes had to blend with people, strategy and M&A. To my technical skills, I now had to add an array of soft skills. It was not easy, but the rewards were disproportionate to the effort.
In search of that elusive meaningfulness in life, I am now reinventing myself as a part-time writer and a teacher. Only time will tell how rewarding this iteration will be.
3. Culture is set at the top
When we merged Arthur Andersen’s consulting practice with KPMG’s, we figured that organisational culture was the key to our continued success. Meritocracy was one of the cornerstones. People had to be rewarded for their contribution, and not for their proximity to leaders, or to the optics of working late hours. But no amount of saying so had the required impact.
We therefore introduced a mechanism for promotions that is now an industry standard. Every six months, Partners and Managers (i.e. the people running the practice) locked ourselves away for two days, where the performance of every consultant was discussed threadbare before promotions and ratings were decided.
There were two instances where my view of a consultant’s performance was diametrically opposite to the view of their managers. Despite several iterations, the gaps couldn’t be narrowed. I was faced with a choice. I could overrule the group’s decision as Partners often do, or I could let the process I had created determine the outcome.
I chose the latter. The consultants in question – both brilliant guys – were not promoted, and left the firm. But the culture of meritocracy was firmly established.
4. The importance of humility
“The day you lose your humility, you lose your soul,” my father had said early in my life. It was philosophical advice that meant little to a young boy then, but it was to come back strongly in later years.
It is easy to let success go to the head when bright young consultants begin addressing CEOs and Boards before they hit thirty years of age. It becomes even easier at 35, when you call industry captains by their first name. It’s a heady cocktail that makes you think that you know all there is to know. You have arrived!
Nothing could be further from the truth. Once hubris sets in, you stop seeing and listening. Your glasses become coloured, and your ability to understand your client’s problems gets impaired. You can no longer advise dispassionately, and you fail as an advisor. Humility is your insurance.
Once every year, I stand in a corner at Mumbai airport’s arrival area and watch the young and the middle-aged hurrying about, wrapped in their self-importance. It helps me keep my feet on the ground.
5. There is a thin line between ambition and greed
Consulting attracts not only some of the brightest people, but some of the most ambitious ones too. Sometimes, ambition can turn into something ugly. Not very long back, a successful and respected consulting Partner crossed the line. It began with a small confidential document being shared with an outsider. One thing led to another, and soon, the Partner’s name was on the slippery slope.
While the breach was not illegal, it was unethical nevertheless. What was shocking is how the Partner, with so many years behind him, convinced himself that he was doing nothing wrong. He wanted to add a zero or two to his wealth.
This was shockingly similar to the Galleon Hedge Fund case, where highly respected executives couldn’t resist temptation. They deluded themselves into doing things that interns in their office would have no trouble seeing as illegal. They have paid a steep price.