Risk Management in Electronic Banking : Concepts and Best Practices

Risk Management in Electronic Banking : Concepts and Best Practices

by Jayaram Kondabagil

Hardcover

$105.00

Product Details

ISBN-13: 9780470822432
Publisher: Wiley
Publication date: 10/26/2007
Series: Wiley Finance Series , #454
Pages: 288
Product dimensions: 6.44(w) x 8.98(h) x 1.13(d)

About the Author

Jayaram Kondabagil is a management consultant based in Bangalore, India, with more than three decades of professional experience. His specialization includes risk management, information assurance, security management, business continuity planning and banking technology.
He has held positions in two major Indian banks for over 20 years in various capacities. He had a varied exposure during this tenure including retail and corporate banking, managing the development of banking applications, facilitating and conducting training and seminars, software quality assurance and system audit.
He then moved over to a company which provides technology and consultancy services to the banking sector, where he was vice-president for five years. He started his independent consultancy practice in 2002.

Table of Contents

List of Figures.

List of Tables.

Preface.

Acknowledgments.

Foreword.

PART I: INTRODUCTION TO E-BANKING.

Chapter 1 E-Banking Basics.

Evolution of e-banking.

Impact on traditional banking.

E-banking components.

Regulatory approval.

Chapter 2 E-Banking Risks.

Strategic risk.

Operational risk.

Compliance risk.

Reputational risk.

Other risks.

Risk management challenges.

The five-pillar approach.

Chapter 3 Product and Service-specific Risks.

Internet banking.

Aggregation services.

Bill presentment and payment.

Mobile banking.

Weblinking.

Electronic money.

Cross-border transactions.

New products and services.

PART II: RISK MANAGEMENT.

Chapter 4 Risk Management Framework.

Policies and procedures.

Risk management process.

Operational risk management.

Governance and internal controls.

Chapter 5 Risk Management Organization.

Organization structure.

Board and senior management.

Executive risk committee.

IT management.

Internal and external audit.

Chapter 6 International Standards.

Basel Committee on banking supervision.

COBIT 4.0.

ISO 17799.

OCTAVE.

COSO – enterprise risk management.

PCI data security standard.

Financial Action Task Force.

Corporate governance codes.

Regulatory guidelines.

Part III: INFORMATION SECURITY.

Chapter 7 Information Security Management.

Security objectives.

Security controls.

Security risk assessment.

Classifi cation of controls.

Monitoring and testing.

Incident response plan.

Chapter 8 Operational Controls.

Personnel issues.

Segregation of duties.

Technical issues.

Database management.

Change management.

Backups and off-site storage.

Insurance.

Fraud management.

Chapter 9 Technical Controls.

Logical access controls.

Identifi cation and authentication.

Authentication methods.

Audit trails.

Network security.

Firewalls.

Malicious code.

Information security incidents.

PART IV: OUTSOURCING.

Chapter 10 Outsourcing in E-Banking.

Types of outsourcing.

Material outsourcing.

Supervisory approach.

Key risks of outsourcing.

Board and senior management responsibility.

Outsourcing policy.

Chapter 11 Managing Outsourced Services.

Outsourcing decisions.

Risk assessment and control.

Service provider due diligence.

Offshoring.

Contingency plans.

Customer service.

Monitoring and audit.

Chapter 12 Outsourcing Contracts.

Contractual provisions.

Right of access clauses.

Termination clause.

Offshoring contracts.

Confi dentiality and security clauses.

Business continuity clauses.

PART V: BUSINESS CONTINUITY.

Chapter 13 Business Continuity Management.

The main drivers.

Board and senior management responsibility.

Components of BCM.

Business impact analysis.

BIA methodologies.

Recovery strategy.

Chapter 14 Business Continuity Plan.

Major components of BCP.

Continuity management team.

Recovery procedures.

Resource requirements.

External communications.

Plan maintenance.

Awareness and training.

Testing of BCP.

Testing methods.

Chapter 15 Data Centers and Alternate Sites.

Evolution of data centers.

Location of the sites.

Mitigating concentration risk.

Data center design.

Logistics management.

Maintenance procedures.

Alternate site models.

External support.

Business continuity in real life.

PART VI: LEGAL AND REGULATORY COMPLIANCE.

Chapter 16 Compliance Function.

Organization of the compliance function.

Board and senior management responsibility.

Role of regulators.

Chapter 17 Major Compliance Issues.

Anti-money laundering.

Know your customer (KYC).

Suspicious activities.

Privacy of customer information.

Information disclosures.

Customer education.

High-level review checklist.

Acronyms.

Glossary.

References.

Index.

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews