What if the money in your savings account vanishes?

Commercial banks must have robust IT audit and governance frameworks. Otherwise, a branch may not even come to know of aberrations in its business dealings

Photo: Indranil Bhoumik/Mint
Photo: Indranil Bhoumik/Mint

I have always believed that the money in my bank account was safe. But a recent incident shook this belief. On Friday, 1 July 2016 at 12.01pm, I received an SMS: “Your A/c 1XXXXX1480 is debited by Rs. 1,72,601. Bal after Debit is Rs. 0.00. CR.MINIMUM BAL NOT MAINTAINED. PL FUND YOUR A/C.—Name of the Bank.” 

Initially, I did not read it carefully as I receive many messages from my bank. I did not even notice the words written in capital letters. But soon, I realized that the entire amount from my savings account had disappeared, though I had not operated the account. Neither were there any pending cheques to be debited from my account balance. Had my bank account been hacked? I was dumbfounded. I took some time to recover and called my wife; she suggested checking my bank account online. To my utter surprise, I noticed that my savings account did not exist anymore! 

I had recently moved to the city and did not have the phone number of my bank branch. Finally, I got two landline numbers from the bank’s passbook. I dialled the first number, and got a fax tone after two rings. I tried the second number; finally somebody answered. The person was in no mood to listen to anything since it was lunch time and told me I should call after 2.30pm. 

At 2.30pm. I tried but just could not establish any contact with the branch. I was disgusted at the service I was getting after having been with the bank for two decades. From the Internet, I got the numbers of the administrative unit of the branch. This time, a gentleman picked up and listened to my issues. He gave me the cell phone number of the branch manager, cautioned me that the branch manager might be on tour, and also gave me the number of a junior officer. 

I spoke with the branch manager at 2.40pm and explained the problem to him. He sounded worried and promised to call back. I waited anxiously for 45 minutes and then called him back. He said that his people were still working on the issue, and informed me that a few others had faced a similar problem. I was not satisfied with the answer, but felt relieved that I was not the only one who had ostensibly lost money.  After a while, a bank representative called me to say, “There is a system error, which has resulted in auto-close of the account. This will be rectified soon.”

Think about the consequences of this error. As my cell number was registered, I got an auto-generated message and could take up the problem with the branch. What would have happened to an account holder whose cell phone had not been registered, and he had wanted to make an emergency payment? Had there been a few cheques to be honoured on that day, who would pay those liabilities? Who would bear the penalty charges for dishonouring financial instruments?

This experience led me to wonder what process financial institutions have to guard against systemic errors. With technological innovation and computer applications, we take things for granted. I doubt if anybody today checks the correctness of data reported by bank branches, particularly on the interest accrued to their accounts. Is the technical system adequately equipped to deal with the many complicated and dynamic financial products? What is the audit mechanism to ensure that bank systems are error free and not prone to such systemic errors as I experienced? In the absence of adequate safeguards, errors can have a devastating effect on the finances and lives of customers. Unfortunately, if an error occurs, the customer goes through a traumatic experience and wastes a lot of time. 

Commercial banks must have robust IT audit and governance frameworks. Otherwise, unless serendipitously pointed out by a customer, a bank branch may not even come to know of aberrations in its business dealings. At the same time, bank branches may not have the authority to question the integrity of the IT process. In many cases, bank branches lack administrative controls of the IT process. An oversight process, including audit, under an IT governance framework covering the business processes at the branch level can cover these lacunae. 

To complete my story, at 6.09pm. I received the following message: “Dear customer, the closure notification of A/c No.1XXXXX1480 would have been received by you. Please ignore SMS as the account is in open status. Always at customer service.” I smiled on reading the last sentence.

Abhiman Das teaches economics at IIM Ahmedabad.

The views expressed here are personal.