Fraud a result of detection failure by internal auditors?
MUMBAI: While the financial world struggles to comprehend India’s second largest bank fraud in recent history, experts said the ₹11,400-crore Nirav Modi case is one of systemic failure and that it could have been detected only by concurrent or internal auditors.
Banks typically undergo four types of audits; statutory audit (which looks into bank balance sheets); internal audit (done by bank staff); concurrent audit (an audit of transactions done as they happen by internal or external auditors); and inspection by the Reserve Bank of India.
The fraud allegedly perpetrated by employees of public sector lender Punjab National Bank (PNB) involved branch officials, without authorisation, issuing so-called letters of understanding or LoUs (essentially guarantees) that helped Modi’s companies raise credit from other banks. LoUs, issued when overseas import payments are involved, basically guarantees liability payment by one bank to another on behalf of its client.
It involves an issuing bank, a receiving bank, an importer client and overseas client to who is ultimate beneficiary. The messages on the LoUs are sent through the SWIFT messaging system. SWIFT stands for the Society for Worldwide Interbank Financial Telecommunication (SWIFT). The SWIFT transactions bypassed the bank’s core banking system (CBS) which typically processes daily transactions, evading scrutiny by the bank management.
The case is related to jeweller Nirav Modi, who was already under federal investigation following a PNB complaint on 29 January about fraudulent transactions of ₹280 crore.
The bank had said at the time that it was checking if the case was actually bigger.
“Everyone is at fault as such a massive fraud does not happen over the years without getting detected,” said JN Gupta, co-founder and managing director of proxy advisory firm Stakeholder Empowerment Services (SES).
The question is who could have detected these transactions.
“A concurrent auditor or perhaps an internal auditor are the only ones who could have,” said Rakesh Nangia, founder and managing partner Nangia & Co LLP, a consulting firm which also does audit work.
“It’s a failure of systems, controls and processes. The focus should be on ensuring that PSU bank systems are updated and have adequate controls in place,” he added.
According to Deepak Bhawnani, CEO of Alea Consulting, a corporate fraud investigation consulting firm, RBI will have to investigate systemic loopholes in state-owned banks and ensure that the risk management systems are made more robust.