Around 50% banks are at IT security risk as they still lack managed switch, next generation firewall and E-mail gateway, which are vital for ensuring network security in banks.
This was said in a keynote paper presented at a workshop “IT Operations of Banks” organized by Bangladesh Institute of Bank Management in the capital yesterday.
Of the banks, 35% installed next generation firewall partially while 15% were under approval process.
Deputy Governor of Bangladesh Bank and Chairman of BIBM executive committee SM Moniruzzaman was chief guest at the workshop, chaired by BIBM Director General Md Abdur Rahim.
BIBM Associate Professor Md Shihab Uddin Khan, Associate Professor Md Mahbubur Rahman Alom and review team presented the keynote paper at the workshop.
“Now, 50% banks are at IT security risk, which is not good news for our banking sector. So we have a lot to do to develop our IT security,” said Dutch-Bangla Bank Managing Director and CEO Abul Kashem Md Shirin.
He said that banks must separate IT security department from the IT department and IT security department should be controlled by the CEO.
“Besides boosting IT security, we have to build a cashless society,” he observed.
Bank Asia Managing Director and President Md Arfan Ali said bank management must have a vision about IT security, but unfortunately the banking sector had serious lacking in this regard.
“Our banks have now become shopkeepers. Without financial inclusion, the next banking system will be inaccessible. In this case, information technology is very important,” he noted.
Deputy Governor SM Moniruzzaman said, “Now, our banking sector is facing a crisis of IT expert manpower. In case of a disaster in the banking sector, a lot of manpower would be needed for data recovery.”
The keynote paper said that in 2018, a total of 3,213 employees were working in the IT departments of all banks but a common complaint of IT heads was that the total number of employees working in the departments was not sufficient and therefore they were under tremendous stress.
It said that 4% of banks have not yet started real time centralized online banking, meeting the category-1 architecture for lack of long-term vision, proper planning and initiatives, shortage of manpower, poor IT budget, weakness of business process reengineering, delay in procurement process and lack of appropriate and advanced training.
Budget for security, training and audit were very low in last five years, though it slightly increased for security in 2017 and 2018. By ignoring these three sectors, it is not possible to ensure better security for banks. Near about 3% of total IT budget toes to training purpose, also said the paper.
In 2014, about Tk1651crore was invested for IT operations in the banking sector, excluding the BB.
Total investment till 2018 was estimated at Tk38465crore since 1968 (considering the installation of computer at Agrani Bank in 1968 which was the first installation of computer in the banking sector of Bangladesh).
And in 2018, around Tk2021crore was invested on IT system in the banking sector, said BIBM Associate Professor Md Shihab Uddin Khan.
E-banking-related problems and challenges
Customers share their credentials with their relatives or friends; customization of software to introduce new features; branch employees are not aware about internet roaming service; limitation of internal application-level security etc.
Mobile banking-related problems and challenges
Customer awareness has become a very challenging task; despite repeated alerts by banks, a large number of customers share their pin leading to fraudulent transactions afterwards; proper agent selection and monitoring mechanism; distributor and agent commission is very high etc.
Agent banking-related problems and challenges
Liquidity and cash management issues; ensuring insurance facilities for the outlets; availability of electricity and network connectivity; finger print matching; transaction limit etc.
