A core banking system is a software that handles the basic operations of a bank such as deposit, loan disbursement, transferring money, non funded services like LC, bank guarantee and other various services. It also connects the bank’s branches and channels such as ATMs, mobile banking, internet banking, SMS banking, RTGS settlement, Fund Transfer, Teller Transaction, etc.
A core banking system is needed and important for a bank in Nepal to provide fast, reliable, and secure services to its customers being accessible despite geographical locations.
- It enables banks to offer basic depositing and lending services to their customers, such as transaction accounts, loans and payments.
- It allows customers to access banking services through multiple channels such as ATMs, internet banking, mobile banking, SMS banking, IVR services and branches.
- It facilitates real-time transactions and data sharing across the bank’s network, improving efficiency and productivity.
- It supports innovation and growth by allowing easy integration with new products, partners, and technologies in a hassle free manner.
Core banking system in Nepal has been evolving over the years, with different banks adopting different types of software and systems. Some of the core banking software used by Nepali banks are:
- NEWTON: This is a core banking solution developed by 3I Infotech, an Indian company. It was implemented by Nepal Bank Limited, the first commercial bank of Nepal, in 2006. It supports branch automation, online banking, and ATM services.
- Pumori III / Plus: It is the country’s own product and is currently maintained and owned by Infodevelopers Private Limited. It is easy, flexible and competitive product to other CBS and is widely used in Rastriya Banijya Bank and other banks in Nepal.
- Finacle: This is a core banking solution developed by Infosys, another Indian company. It was implemented by several Nepali banks, such as Nabil Bank, Nepal Investment Bank, and Himalayan Bank. It supports multiple delivery channels, financial reporting, and product innovation.
- Oracle FLEXCUBE: This is a core banking solution developed by Oracle, a US company. It was implemented by some Nepali banks, such as Standard Chartered Bank Nepal, Nepal SBI Bank, and NIC Asia Bank. It supports real-time transactions, cloud deployment, and microservice architecture.
- Temenos T24: It is also popular CBS in Nepal and have very flexibility in its services and operation. Sources revel that Agricultural Development Bank Limited (ADBL) have deployed it.
There are also other core banking software used by Nepali banks, Polaris Intellect. Each software has its own features and functionality, depending on the bank’s needs and goals.
- Cybersecurity risk: This is the risk of unauthorized access, theft, or damage to the bank’s data, systems, or networks by hackers, malware, or other malicious actors. Cybersecurity risk can compromise the confidentiality, integrity, and availability (CIA) of the bank’s information and services, and cause financial losses, reputational damage, or legal liabilities. Earlier, commercial bank like NIC Asia had an attack on its SWIFT system causes financial losses.
- Operational risk: This is the risk of loss or disruption due to failures in the bank’s processes, people, or systems. Operational risk can result from human errors, system glitches, fraud, natural disasters, or external events. Operational risk can affect the efficiency, quality, and reliability of the bank’s core banking system, and lead to customer dissatisfaction, regulatory penalties, or litigation costs.
- Compliance risk: This is the risk of non-compliance with the laws, regulations, standards, or codes of conduct that govern the bank’s core banking system. Compliance risk can arise from changes in the regulatory environment, gaps in the bank’s policies or procedures, or lack of awareness or training among the bank’s staff. Compliance risk can expose the bank to fines, sanctions, restrictions, or revocation of its license.
To manage these Core Banking System risks in Nepal, the Nepalese banks need to adopt appropriate measures, such as:
- Implementing robust cybersecurity policies and practices, such as encryption, authentication, firewalls, access control, Security Operation Center (SOC), antivirus, backup, and recovery.
- Establishing effective operational risk management frameworks and controls, such as risk identification, assessment, mitigation, monitoring, and reporting.
- Ensuring compliance with the relevant laws, regulations, standards, and codes of conduct, such as the Nepal Rastra Bank Act (NRB) , the Banking and Financial Institutions Act (BAFIA), NRB IT Guidelines Act 2012, Electronic Transaction Act, Nepal Payment Solution (NPS) guidelines and act, banks IT procedure and guidelines act, etc
Each solutions and products have been brought to ease the services and have great importance but there is always some risk in every product we use. Being a critical area of operation where finance/money comes first, have always been vulnerable to attacks by intruder for financial gain, have brought significance challenges to bank. So with complying operation rules, IT guidelines, IS Audit comments and creating robust defense mechanism would ultimately cope the risk creating a safe environment in banking services and products.