RBI/2004-05/405
DIT(CO). 2403 /09.63.99/2005
March 29, 2005
The Chairmen and CEOs of all banks
Dear Sir,
OUTSOURCING OF IT SYSTEMS
– FRAUD INVOLVING A SOFTWARE SUPPLIER
It has been brought to the notice
of the Reserve Bank of India that a fraud has been perpetuated by the following
sole proprietor firm, in a co-operative bank in Tamil Nadu:
M/s Ahaana Computers, Dharmapuri,
Tamil Nadu.
2. The fraud was perpetuated on
account of unfettered access given to the firm by the bank as part of the Annual
Maintenance Contract and total dependency of the bank on the firm for all operations
on the computer system in the bank. Some of the factors which resulted in the
perpetuation of the fraud included the absence of staff knowledge on the method
of operating the software, inadequate controls, poor housekeeping non-conduct
of periodical balancing of books, etc.
3. We advise that banks may exercise
caution while dealing with the above firm. Banks are also advised to review
their controls and practices relating to Outsourcing of IT projects and ensure
that risks in this regard are minimised.
Yours faithfully
(A M Pedgaonkar)
Chief General Manager