What makes frauds so avoidable
Monetary frauds are global; I mean they take place in all countries. The volume or bulk though is different depending on how serious the regulations in every country are. From a citizen’s viewpoint, frauds are undesirable but politicians, corporations and financial institutions view them with different paradigms. The result, passing the buck of frauds to different agencies, on different forums, in different times based on which political party is current. The media takes the cake by feeding us a completely distorted picture. Why? Since they too have received their quota of freebies or favors in different forms and from different people.
On the top, is the funding of political parties, and on the bottom, the recipients of pangs – we the citizens.
The motivation to circumvent frauds
If the global evils like prostitution, gambling or terrorism can be controlled or avoided when there is a will – political, economic or any other, then why not the monetary frauds. If a mysterious death, a homicide or suicide is detectable just by looking at the motive behind that unnatural death, then why not fraud. A fraudster flourishes on the variety that he or she can innovate in his actions, demanding that we should enrich our coverage and methodologies to cross over the malicious interests of all the intervening agencies. And find the culprits.
The digitization trends and efforts in India
India is going through a very critical phase, as is claimed by politicians, where poverty alleviation is perpetually on the agenda, for seven decades. Enemies of the state exist all around requiring that we must invest in high tech weapons. It is rather strange and paradoxical that political parties endorse in the same religious preachers that they now discard but we do remember that they were needed for vote. The coffers were left dry and empty when the change of the ruling party took place last. So they have very little time to focus on monetary frauds, and lesser on the corporate culture. They are all gathering money for themselves, dynasties and parties. No doubt, it is a precarious situation.
And above all, computers and the internet is causing a big turmoil in a country that boasts of illiteracy. Billions are spent to achieve negligible or unverifiable results. Digitization, Demonetization, introduction of the Goods and Services Tax (GST) with multiple levels of rates, keeping petroleum and diesel out of the ambit of GST, is really a wonderful smokescreen for the inefficiency of our systems.
The country is struggling to empower the poor and the women, and all that is happening by extracting money from the tax payer – who are less than 10 percent of the population. And on top, the politicians, the rich farmers, the advocates, the doctors and many others (the poor so to say) don’t pay taxes or pay very little compared to their combined earnings – both legitimate and illegitimate. And the diamond merchants, the liquor barons and the banks lead the way for empowering …
And the ruling party boasts about the impacts, the long ranging and far reaching impacts. Impacts that you and me may not live to see, in our lifetimes.
The financial breakdown
Can I caution you? Are we not slowly but surely preparing grounds for an inevitable financial bailout, a term so common in our lives. It denotes the watering down the balance sheets of the likes of Lehman Brothers, the Greek banks, the Cyprus bank or the Russian ruble degradation. It is now known that all of them hired crafty experts to bring the curtain down on their economy but in India there are rogues who will oblige us.
The central political party changed after a span of seven decades and the new party (for 3 years already) is struggling to make a mark with the public. Not because they need to tone up the systems, but because they look for easy targets for vote banks in the elections. Elections are perineal in our country, the States and the Centre.
All completely set for a financial breakdown of systems and breakaway of imposters and fraudsters.
Technically fraud detection and avoidance is as simple as untying a reef knot, but hundreds of arguments can be given why it cannot be done that way. If you place yourself in any situation, you could yourself logically list down various steps that could untie this knot.
Recently we had a situation where a few banks were defrauded. These frauds were all defended and argued by persons from different levels of responsibilities such as, the prime minister, finance minister, various governing boards, investigating agencies and down to the managers in the banks. The crux of all the arguments was “Not me … that other bloke was responsible.” And the arguments terminate with one conclusion, “We will take steps to avoid it, but we won’t punish anyone who matters.”
What contributed to this mess?
Let us look at what how our systems failed, and what our failings were. To do this we should stay away from the erosion of ethics and moralities of our people, which is a true given. All mortals are deemed to be immoral, as Socrates put it. So we better make fool proof systems that prevail over the corrupt people. How should we do that?
Computer systems are made up of data-capture forms, processes for the workflow, and the people responsible for the flow and approvals. All of these were converted from the manual systems into computerised systems, but with a major glitch.
The processes, transactions and the systems were never engineered for optimization. The application system creators were hard pressed for the project time and they never considered how the end-to-end processes could be optimized or streamlined. They never considered what was already captured in one system that could be easily reused by the others. A glaring example of this redundancy lies in the forms used by banks, insurance companies, mobile phone companies, and those by the government agencies.
Why should there be a need to link the Aadhaar card to every perceivable commercial or governing system, when it still fails to identify the defaulters?
Have a re-look
To reach this target of achieving non-redundancy, every system, every process, every form, every entity and every data attribute on every form should have been considered. All these should have been deeply understood and then defined afresh for their meanings in the new applications.
These are the essential and fundamental requirements of a working system. So if the foundation is weak, any amount of software cannot undo the base interpretations. A computer system has the ability to streamline the data, but a wrongly designed system proliferates data into an uncontrollable mess, and quickly at that. It makes deductions and analysis not worth the trouble of digging into the mess. So people tend to avoid it.
And all this study was required to be done before any process could be engineered and re-engineered. Only then the software writing should have been done. We still have the time to put things in perspective. We should not wait till the financial breakdown becomes a reality.
What can we do now?
We should focus on the processes that govern our actions, and guide our systems. A lot of water has flown under the bridges since we adopted digitization. Innumerable designers, project managers, and IT people have given a quality certificate to all the systems they were involved in implementing – a certificate that everything is well, it is documented well, and it meets the laid down requirements. Whereas the truth is, it does not.
An example of Aadhaar project
There are many projects we can talk about but let us take the Aadhaar project, a system designed by my Alma mater colleague from IIT Bombay.
One cannot deny the benefits that the system has delivered, perhaps the only system that meets the requirements of giving identity to people. Yet, to which people? Foreigners and immigrants too!
The details of the Aadhaar system have been claimed by media as leaked out. I am not discussing the security aspects of the system because that is not important in the context of this article. We need to elaborate on the inadequacy and insufficiency of this Aadhaar system. A system on which the entire country now depends.
We know that the Aadhaar contains just enough data for an individual’s identification, so why should there be a need to repeat that data in almost every form introduced by multiple companies or agencies in our lives. Why should there be a link to banks, insurance companies, telephone operators and other regulatory agencies. Why can’t it be automatically linked or copied? Only the legitimate companies or regulators should be permitted to link automatically our data. Why should we enter new data on forms and be subjected to errors and inconsistencies, and then to frauds?
We also know that Aadhaar has a fundamental inadequacy. The designers didn’t think it was necessary or they thought it was too cumbersome. Aadhaar data is completely quiet about residences, property and immovable property. Bringing this information in, could have rendered Aadhaar much more resiliency and reliability. It could have tackled the real estate domain. It could have helped the police, tax authorities, passport authorities and other regulatory agencies becoming more trustworthy. It could help them to track imposters, terrorists and fraudsters.
And believe me it can be done, even if only to a limited extent. The system has the potential of replacing the national population survey mechanism or even a voter list handled completely differently by an independent (state) agency. None of the three are linked between themselves, and we talk about linking Aadhaar system to banks, insurances, mobile phones and commercial systems. I am appalled at it, at our ignorance and our vested interests.
And, it should be done. I have designed and put in place a porotype of the Aadhaar + system. It will link the holdings, movable and immovable, of selected individuals. The selection of these individuals may be, from the urban areas, from the frequent foreign travellers or perpetual money borrowers. So far the proposed system is for individuals but it should be extended to corporations.
Re-engineered systems to detect frauds
We got involved in fixing attention on not so useful things like PayTm, Uber, Ola, social networks, like Flip-kart, Amazon, Google, Facebook or Twitter but we never paid a similar attention to non-web-applications and large on-line-transaction-processing systems required in governance. We needed audit of processes to focus on frauds, the systemic ones, as much as we needed the support of impenetrable security.
There are three golden attributes of a system design – the data-capturing forms, the processes and the security. The forms capture the data, so obviously these should not capture redundant data that has a possibility of imparting confusion. The processes, that should be minimal, logical and legal, as conceived by a trained mind. The security, it should be impenetrable.
If a logical person sits down to develop and use the unblemished principles of data base design he could inherently deliver the BigData and Business Analytics that we require for governance. He could enlarge the span of his work to virtually pan over multiple platforms, computers and systems and fire the SQL (Query Language) to detect frauds. It is all possible now-a-days with cloud computing and internet. There are better dividends to be derived from such systems.
AI is not just in the domain of Mark Zuckerberg or Sunder Pichai alone, and it should not be restricted to the social networks or browsers alone. It should be usefully directed to economic, financial and monetary systems that fall into the domain of governance. Do not tend to ignore them as a compartmentalized container of technology or as a web-application developer. Use the principles of Artificial Intelligence (AI) to detect frauds and defaulters.
Such a thing requires us to do what is known as Business Process Re-engineering (BPR), a concept that originated in the nineties but faded around in 2010 when the web-applications and mobile application came around. Unfortunately, the IT engineers of today are generally unaware of those principles and concepts. But we surely need it now then ever.
There should not be a loophole in the data capture that can be exploited by the fraudster, and there should be very little redundancy just to ensure that nothing falls within the cracks, and a government employee can be warned. For this a central and independent government agency is required – a one that is unanswerable to IT, Finance or Quality Control departments and therefore to those ministries.