The Basel Committee on Banking Supervision (BCBS) is a global body made up of central bank governors from 37 member states. The Committee was initially established by the Group of Ten nations in 1975 as a forum for cooperation on banking supervisory issues. However, the Committee should not be perceived as a binding regulatory body for the member states. This is because it does not have a founding treaty. Its purpose is to merely provide guidelines that help in the understanding of critical supervisory issues and to encourage the unity of purpose towards common regulatory measures in banking the banking industry.

One of the core areas that have attracted the BCBS attention is the e-banking sector. Due to the inherent risks that characterize the e-banking sector, the committee regularly provides critical guidelines that banking institutions can utilize. For instance, the committee prepared a comprehensive report in July 2003 entitled, Risk Management Principles for Electronic Banking that outlined a barrage of principles and recommendations capable of recognizing, addressing, and managing e-commerce related risks.

While outlining these principles, the Committee acknowledges that it is counterproductive to force banking institutions to implement the principles wholesale without factoring in their individual risks. This is because e-banking risks are constantly evolving with the rapid developments made in the realm of technology and customer service and that each banking system has its unique risks that can only be addressed by tailor-made regulations. As such, the Committee recommends that so as to effectively address e-banking risks, banks should tailor and adopt these principles to their individual risk profiles, corporate governance culture and their risk management traditions.

The Committee groups the principles into three core categories representing the major risk areas in the e-banking sector. These groups are: Board and management oversight comprising of principles 1 to 3; security controls comprising of principles 4 to 10; and legal and reputational risk management comprising of principles 11 to 14 (BCBS, 2003: 7-8). Overall, the Committee contends that banks management teams should develop sound risk management strategies that guarantee strong security controls to guard against legal, reputational and business risks.

The Electronic Banking Group (EBG) of the BCBS has published another report entitled Management and Supervision of Cross-Border Electronic Banking Activities to supplement the Risk Management Principles for Electronic Banking. The report by the Electronic Banking Group (EBG) of the BCBS aims at identifying the responsibilities of banks in regards to managing cross-border e-banking risks as well as creating awareness on the need for efficient supervision of all cross-border e-banking activities by home country regulators as well as the unrelenting cooperation between banking regulators across the globe. Overall, this report reiterates the need by banking institutions to link cross-border e-banking risks mitigation measures with conventional bank risk management systems.

1.2 Overview of E-Banking Risks

The e-banking sector has experienced phenomenal growth in the past years. According to Zhang, Piao, and Zhao (2008), this is because it enables persons to easily develop, market, sell, deliver, pay, and service products through open electronic systems powered by modern computer-mediated networks. Moreover, Zhao et al (2008) assert that e-banking has grown rapidly because it provides a wide array of banking products courtesy of the continuing developments made in the realms of information technology and customer service. However, these rapid developments pose immense risks to the e-commerce industry.

As a matter of fact, the BCBS 2003 report acknowledges that unlike traditional banking, e-banking is awash with risks as it is awash with benefits. The Committee clarifies that the reason why e-banking is prone to many risks is because unlike the traditional banking, e-banking is characterized by the following major traits: rapid technological and customer service innovations, ever-present open electronic networks, incorporation of e-banking functions with legacy computer systems, and the overdependence by banking institutions on third party information technology providers.

A number of authors perceive e-banking risks differently. For instance, Howcroft, Hamilton, and Hewer (2002) posit that these risks can be categorized into three broad groups. These groups are: Sabotage or defacement, unauthorized access, and degradation of performance. On its part, the BCBS categorizes e-banking risks into three major categories, that is, business, legal and reputational. In addition, e-banking risks can be classified into three core areas of electronic transfer, electronic payment, and informational. This classification is in tandem with the conventional grouping of e-banking into the areas of electronic transfer, electronic payment, and informational. According to Zhao et al (2008), e-banking risks can be grouped into four major categories: risk of losing control over the account, risk of losing face, risk of system failure, risk of system complications. Overall, like it is in the case of the traditional banking sector, risks in the e-banking sector result in losses to the banking institutions and their clients.

1.3 Overview of China’s Banking/E-banking Industry

China’s banking sector is closely regulated by the government. This is done by the State Council through the People’s Bank of China (PBOC) which also acts as the country’s central bank. Though a number of reforms have been carried out in the last two decades to align the country’s banking sector with the prevailing global standards, the Community Party-led government still maintains a close watch on the country’s banking industry. Apart from the PBOC, there are the “big four” commercial banks owned by the state. These banks are the Agricultural Bank of China, Bank of China, China Construction Bank, and the Industrial and Commercial Bank of China (Chow, 2004).

The PBOC formulates and oversees the implementation of the country’s monetary policy. This involves overseeing the payment, clearance, and settlement systems. For instance, the bank sets interest rates for commercial banks and oversees the trading of government bonds. In addition, PBOC maintains foreign exchange and gold reserves. However, PBOC was stripped of the supervisory role by the China Banking Regulatory Commission (CBRC) in 2003 as part of a broad measure by the government to enhance efficiency in banking supervision. Since then, CBRC plays a regulatory role which includes supervising all banks, investment companies, and other deposit-taking institutions in the country (Chow, 2004).

Like in other jurisdictions, China has embraced e-banking. Starting from 1996 when the Bank of China rolled out e-banking service, other banks have followed suit and launched countless electronically accessible banking products. Phenomenal growth was witnessed after the country was finally accepted by the World Trade Organization (WTO) in 2001. The acceptance opened the Chinese banks to global competition forcing them to quickly adjust their systems to accommodate the rapidly growing e-banking service in the world. There was a general feeling that to achieve strategic competitiveness in the global financial industry, Chinese banks had to enhance their electronic network capacities (Yuan, Lee, & Kim, 2010). Since then there has been an explosive growth of e-banking as financial institutions have realized that e-banking is less costly, quicker, and open to new opportunities.

Nevertheless, China’s e-banking sector is relatively small when compared to the brick and mortar banking sector in the country. For instance, figures show that the majority of banking transactions and services are still offered across the counter as a large number of China’s population is still not computer literate. Moreover, and Zhao et al (2008) offer, most customers are still skeptical on the genuineness of the e-banking services. In addition, China’s e-banking sector is relatively small, especially when compared to the case in other countries with similar socio-economic frameworks.

Even so, China’s e-banking industry has experienced numerous risks. These risks involve both the banking institutions and their clients. For instance, a substantial number of Chinese bank customers are doubtful about embracing e-banking technology. As a matter of fact, studies show that Chinese customers fear losing control of their accounts, losing face, system failure, and system complication (see for example Zhao et al, 2008). Some customer value the security of their financial information than the convenience which comes with e-banking.

1.4 Problem Statement

Though most banking systems have put in place risk prevention and control measures, sometimes it is not easy to completely eliminate risks in the e-banking sector. This argument derives its impetus from the BCBS assertion that there can never be perfect supervisory regulations capable of completely eliminating risks in the e-banking sector. The Committee posits that in the face of the rapidly changing technological innovations, banking institutions can only reduce the effects of these risks but not to completely eliminate them.

It is therefore very important to investigate how specific e-banking systems have fared in managing risks in the face of the rapidly changing technological and customer service innovations. It is also important to investigate how specific e-banking systems have fared in implementing the array of risk management guidelines outlined in the BCBS 2003 report. Moreover, it is very important to study how specific e-banking systems noted for their stringent regulations and government supervision have fared. As such, China, a country known for its stringent banking regulatory regime forms a good case to research on. Specifically, the dissertation will carry out an analysis of the country’s e-banking sector in view of establishing how it has fared in light of the recommendations by the BCBS. Though it is prudent to acknowledge that a lot of relevant information is available both online and in print sources, the depth of coverage required for the fulfillment of the aims and objectives of this study call for primary research.

1.5 Aims and Objectives

The dissertation will be centered on Basel Committee guidelines on e-banking and the applications of these guidelines to China’s e-banking sector. As such, the key aims and objectives of the dissertation are as follows:

Understand the provisions of the BCBS on banking supervision as applied to e-banking.
Understand the risk management strategies put in place by China’s e-banking sector.
Analyze the extent to which these strategies comply with the BCBS guidelines.

1.6 Definition of Terms

ABC – Agricultural Bank of China
BCBS – Basel Committee on Banking Supervision
BOC – Bank of China
CBRC – China Banking Regulation Commission
CCB – China Construction Bank
E-banking – Electronic banking
EBG – Electronic Banking Group
E-commerce – Electronic commerce
ICBC – Industrial and Commercial Bank of China
PBOC – People’s Bank of China
WTO – World Trade Organization

2.0 CHAPTER TWO: LITERATURE REVIEW

2.1 The Concept of Risk

There are various dimensions to risk. Segal (2011) provides three alternative views that can be used to understand risk. These are uncertainty, volatility and deviation from the expected. For instance, if a business plan is based on a certain rate of return as a discounting factor, there is a risk that the real rate may deviate from the projected one so that the real cash flow from the project end up being significantly lower than the projected amounts. Whether caused by uncertainty, volatility or deviation, risk also has a number of ways in which it can be manifested. Kaplan (2011) posits that risks can manifest in the form of reputational, operational, financial and regulatory aspects. This, therefore, leads to the conclusion that any act of planning and implementation of business strategies must incorporate the element of risk.

The type of risk faced by any business is dependent on its nature. For instance, banks face a diversified portfolio of risks including regulatory, operational, financial and reputational risks. For example, the 2008 financial crisis brought to the fore the inherent weaknesses in the regulatory environment in the credit sector. Consequently, governments across the world enacted stronger regulations in the credit sector. However, it is interesting to note that increased regulations put banks at the risk of not meeting the conditions under such a stringent regulatory environment. Sironi and Resti (2009), provide an analysis regarding the various sources of risks in the banking sector as contained in Appendix I. These sources are human capital, technology, processes, and external factors. Ideally, every product from the banking sector including those on the e-commerce platform is likely to face risks emanating from any of the four sources provided by Sironi and Resti.

2.2 Risks in the E-banking Sector

According to Howcroft et al (2002), the e-banking sector is prone to many risks. The author argues that just like it is with the emergence of a new technology, the e-banking sector poses a number of risks to the global financial market. On his part, Zhang et al (2008) argue that the e-banking sector is prone to risks emanating from lack of proper planning, defective deployment of resources and capabilities, inadequate system controls, weak outsourcing policies, and ambiguous strategic and regulatory measures. These factors result in more serious risks such as the vulnerability of database systems which in turn puts the integrity of the stored data at risk, reduces confidentiality threshold, and most importantly, weathers down identity authentication and authorization measures. Zhao et al (2008), argue that this is a major characteristic of most immature e-banking systems. It is interesting to note that despite the gains made in the realms of information technology, most countries in both developing and developed world are yet to fully transform their e-banking sectors into mature and robust entities. As a matter of fact, Zhao et al (2008) insist that brick and mortar banking services still occupy a large portion of the banking industry in most economies. For example, China’s e-banking sector is relatively small compared to the brick and mortar banking sector in the country. As such, economies fail to see the logic behind making huge investments in mitigating risks in a sector whose overall economic contribution is minimal at best. This explains why e-banking sectors across the world experience insurmountable risks.

On its part, the BCBS acknowledges that unlike the traditional banking sector, the e-banking sector is prone to many risks. The Committee argues that the e-banking sector is more prone to risks because it is ever-evolving and that it requires high levels of dependence between banks and information technology providing firms. Moreover, the Committee asserts that due to the realization that the e-banking sector offers an avenue for growth, most banks do not invest in proper testing procedures when rolling out new e-banking products into the markets. This, therefore, puts such products at higher levels of risk. Again, the Committee offers that the ubiquitous nature of the open electronic network makes it prone to attacks as unknown persons can access it from anywhere using phony identities. Lastly, the Committee posits that due to the inevitable integration of e-banking functions with legacy computer applications, there is an increased risk of system failure (BCBS, 2003).

Identity theft is one of the major e-banking risks. According to Zhao et al (2008), the main goal of online fraudsters is to steal customers’ personal information and use such information to access their accounts. Fraudsters employ many tricks such as phishing, hacking, viruses, and pharming to gain unauthorized access on customers’ accounts. Once this is done, the fraudsters then proceed to make online purchases using the stolen information. Ultimately, the fraudsters can empty the customers’ accounts. According to Zhang et al (2008), this is a very serious risk that is not easy to detect the actual perpetuators even after doing a thorough investigation.

Fraudsters can tamper with the domain-name server and therefore redirect a website to a completely different site. On the other hand, fraudsters can send fake bulk messages to unsuspecting recipients directing them to fake websites. Crooks also create viruses and distribute them to unsuspecting customers through fake websites. Such viruses also target banking institutions. Fraudsters also engage on money laundering where illegal properties are secretly transferred among parties.

2.3 Risks in China’s E-banking Sector

China’s e-banking sector is faced by a wide range of risks. This observation derives its impetus from Zhang and Li (2005) postulations that unlike other global financial markets, China’s financial market is still immature. Zhang et al (2008) strengthen this observation by asserting that despite the expected trend in most emerging markets, China’s e-banking sector is still in its nascent stages. The reason why China’s financial market is immature is because for a long time, the country has experienced close government supervision. According to Zhao et al (2008), China is home to a large number of world’s online attacks. Financial institutions as well as information technology service providers report many cases of online attacks every year. For instance, large financial institutions such as J.P Morgan Chase have been victims of online fraud in the recent years. In addition, third party financial services providers have reported numerous cases of attempted and successful online fraud.

Most common risks involve attacks on websites and personal data. These attacks include but are not limited to phishing, hacking, illegal use of personal data, money laundering, phoney websites, and phoney internet banks. As a matter of fact, China is ranked second in the world in terms of the number of phishing attacks emanating from a single country. This has caused distrust among Chinese customers. According to Laforet and Li (2005), unlike in other nations, Chinese customers have been noted for their increased skepticism on embracing the e-banking service because of the perceived risk it carries. Many Chinese customers would rather forego the convenience that comes with the e-banking platform for the security of their invisible financial information. Littler and Melanthiou (2006) opine that the risk posed by hackers is so real in China’s e-banking sector that China’s anti-fraud authorities close thousands of illegal websites annually.

2.4 Provisions of the BCBS on E-banking

The BCBS has published two major reports on mitigating risks in the e-banking sector. The first report is the Risk Management Principles for Electronic Banking published on July 2003 while the second one is supplementary to the first report and it is entitled, Management and Supervision of Cross-Border Electronic Banking Activities published on July 2003 by the Electronic Banking Group (EBG) of the BCBS. Overall, these reports outline a number of principles that are in actual sense not binding to the BCBS member states but that act as expectations and guidelines for individual banking institutions to adapt into their risk mitigation strategies for the e-banking sector.

The aims of the Risk Management Principles for Electronic Banking report by BCBS on e-banking are three-fold. The report seeks to address the areas of e-banking risks by outlining 14 principles that are grouped into three core areas. These groups are: Board and management oversight, security controls, and legal and reputational risk management. The premise behind this categorization is based on the realization that though e-banking risks may not be very different from risks faced in the traditional banking sector, they are complex and regenerative in nature. This is because unlike the traditional banking sector, the e-banking sector is prone to more risks as it is characterized by the rapid developments in the realms of technology and customer service, ever-present open electronic networks, linking up of e-banking applications with traditional computer systems, as well as the overdependence by banks on third party information technology firms. While noting this, the report acknowledges that though there are no new risks the inherent features that characterize the e-banking sector tend to increase and modify risks faced by the traditional banking sector. For instance, the report notes that some inherent risks that touch on the strategic, operational, legal and reputational realms are more pronounced in the e-banking sector.

The first categorization delves on issues related to effective board and management oversight measures. This group comprises of principles 1 to 3. The principles are “effective management oversight of e-banking activities … establishment of a comprehensive security control process…[and] comprehensive due diligence and management oversight process for outsourcing relationships and other third-party dependencies” (BCBS, 2003, p.7). Basically, these principles emphasize the need for banks, senior management teams, to put in place sound risk management strategies governing e-banking services. Such strategies should clearly stipulate an array of regulations, ways of implementing them, and most important ways of evaluating the effectiveness of such regulations. Overall, these principles place much emphasis on the role of banks senior management teams in mitigating e-banking risks.

The second category delves on the effectiveness of security controls. This group comprises of principles 4 to 10. In general, these principles emphasize on the need for security controls in the areas of customer authentication, e-banking transactions, segregation of duties, and authorization within e-banking functions. Others are data integrity, audit trails, and confidentiality of information. Basically, these principles propose that banks senior management teams responsible for developing, implementing, and evaluating the effectiveness of security controls should ensure that the substance of such controls is reflective of the inherent risks in the e-banking sector. Overall, the principles require that banks should effectively address the core e-banking risk areas for both domestic and cross-border transactions.

The third category delves on the management of legal and reputational risks. The group comprises of principles 11 to 14. Basically, these principles put much emphasis on the need for “appropriate disclosures for e-banking services … privacy of customer information … capacity, business continuity and contingency planning to ensure availability of e-banking systems and services … [and] incident response planning” (BCBS, 2003, p.8). This groups underlying notion is that banks should put in place measures to enhance capacity, continuity, and quick response to unforeseen events. This is because e-banking services end-users have high expectations on banks and may institute legal proceedings if these expectations are not satisfactorily met. Moreover, risks that cause service disruptions may increase liabilities, affect a banks strategic orientation and ultimately its reputation.

On the other hand, the Management and Supervision of Cross-Border Electronic Banking Activities report by the EBG outlines a number of expectations on the importance of banks to evaluate their risk management strategies concerning cross-border e-banking activities. The publication aims are two-fold. Firstly, it aims at identifying the responsibilities of banks in regards to managing cross-border e-banking risks. Secondly, the publication aims at creating awareness on the need for efficient supervision of all cross-border e-banking activities by home country regulators as well as the unrelenting cooperation between banking regulators across the globe.

Tellingly, this paper supplements the Basel Committee’s Risk Management Principles for Electronic Banking published in July 2003. This is because it reiterates the need by banking institutions to link cross-border e-banking risks with conventional bank risk management systems. The publication also emphasizes the need for banking institutions to exercise due care when carrying out cross-border e-banking activities so that they do not create unwarranted difficulties on the efficient use of the internet channel of service delivery. In a nutshell, this publication has a more refined version of the expectations that the BCBS has on banking supervisors and regulators in exercising due diligence when assessing and managing risks.

Like the Risk Management Principles for Electronic Banking published in July 2003, this publication also stresses the role of the home country supervisory and regulatory bodies in putting in place sound risk mitigation measures and disclosure regimes to ensure that all cross-border e-banking activities are safe. This is in tandem with the notion that though it is very important that countries join hands in harmonizing their e-banking risk management strategies, it is important too that such strategies be tailored to suit the local risk profiles and corporate governance cultures (see for example Howcroft 2002). The publication notes that such measures should be all-inclusive, that is, local banking supervisors and regulators should liaise with the local community and objectively evaluate the inherent circumstances and risk factors in their home countries so as to make decisions on whether to take national, regional, or even global actions.

Conclusively, the publication recognizes that cross-border e-banking risk management endeavors should be pursued alongside other cross-border traditional banking risk management measures. This is because e-banking risks are constantly evolving and that they are tightly intertwined with risks in the traditional banking sector.

CHAPTER THREE: METHODOLOGY

3.1 Research Design

This study aims and objectives are threefold: To understand the provisions of the BCBS on banking supervision as applied to e-banking, to understand the risk management strategies put in place by China’s e-banking sector and to analyze the extent to which these strategies comply with the BCBS guidelines. To fulfil these aims and objectives, the researcher required intensive information. To this effect, the researcher was aware that there is substantial information in existence regarding China’s e-banking sector. However, the depth of coverage required for the fulfilment of these aims and objectives called for primary research. As such, a robust research design was necessary for the fulfilment of the above aims and objectives.

To this end, the researcher utilized an explorative qualitative approach. According to Lincoln and Guba (1985) an explorative qualitative design helps in the creation of clear framework for drawing insights and conclusions on an issue that has not been researched earlier. Given that this study aims and objectives are complex, an explorative qualitative design was the most appropriate. Moreover, Creswell (2003) opines that an explorative qualitative design accords researchers a wide range of choices when selecting the major research processes. In addition, Creswell (2009) opine that an explorative qualitative design is easier to use because it allows for the use of simple procedures making it easy to organize, present, and engage context.

In addition, it was reasoned that an explorative qualitative design was chosen because it allowed for the easy identification of how the BCBS guidelines of e-banking are being implemented in China’s e-banking sector. This argument is in tandem with Babbie (2004) postulation that a qualitative research design enhances the chances of identifying all critical factors to an issue in this case, the impacts of the BCBS guidelines on e-banking on China’s e-banking sector. Lastly and as Creswell (2009) posits, the explorative qualitative design was chosen because it gave the researcher the right mindset to make assumptions and conclusions from both the secondary and primary data.

3.2 Sample and Sampling Techniques

This study is centred on how China’s e-banking sector has implemented the BCBS guidelines on managing e-banking risks. Consequently, the researcher narrowed down the study scope on the big four of China’s state-owned commercial banks, that is, BOC, CCB, ABC, ICBC. The reason why these four banks were chosen is because they have the most comprehensive e-banking platforms in the country given that they were the first to roll out e-banking platforms in China and that they are the largest in the country in terms of the total assets, employees and customers. As such, it was reasoned that they have the most comprehensive and representative risk management strategies among the various tiers of banks in the country.

From these four banks, the researcher narrowed his scope to senior managers only. Five senior managers were sampled from each of the four banks to make a total of 20 participants. The reason why senior managers were selected is because they have a better understanding of the various risk management strategies in the e-banking sector employed by China’s banks. On the other hand, the researcher utilized only 20 participants because of time and monetary limitations. However, the decision to utilize 20 participants for the study was in tandem with Ader, Mellenberg, and Hand (2008) opinion that a study sample should neither be too big nor should it be too small. It should be easy to manage and highly representative of the sample frame.

To arrive at a highly representative and reliable study sample, the researcher utilized random sampling method. Firstly, the researcher sought permission to incorporate the four banks in the study. Then he sought permission to participate in the study from the potential participants (senior managers) by sending consent letters to them. The returned letters were then used to list down senior managers who were willing to take part in the study. Senior managers who did not wish to be incorporated in the study were ignored. Using a random number generator, five senior managers were selected from each bank to add up to 20 participants.

3.2 Data Collection Methods

The study utilized both secondary and primary data sources. The secondary data sources included books, journal articles, banks official websites, as well as other online authentic sources. The collection of secondary data took place before the researcher embarked on the collection of primary data from the study participants. The secondary data helped the researcher to develop a general overview of the study topic. As a matter of fact, it helped the researcher to formulate the study aims and objectives for the study. To ensure, only authentic resources were utilized, the researcher held regular consultations with the dissertation mentor. In addition, the reseracher relied on the university library and peer consultations with classmates to acquire additional guidance.

On the other hand, the primary data source was questionnaires. The reason why questionnaires were chosen is because they are quicker, cheaper and easy to administer especially when there are money and time limitations. Well structured questionnaires were distributed to the study participants through the postal service. The reason why the postal service was used is because it is faster, convenient and reliable. To ensure that the questionnaires were returned, the researcher attached postage-paid stamps on the envelopes. The participants were given a period of two weeks to complete and return the questionnaires. In addition, the researcher sent out follow-up letters to the participants so as to remind them of the completion and returning period.

3.3 Data Analysis

This study gathered large amounts of raw data. To analyze this data, the researcher required a robust data analysis tool. The researcher had a large option of data analysis tools to choose but he opted for the coding method. This method entails drawing short codes and memos from the collected and using these codes and memos to make conclusions. The reason why this method was chosen is because it is faster, easy to use, efficient and reliable (Denzin & Lincoln, 2005). Moreover, Patton (2002) posits that a coding method of data analysis is the most appropriate for qualitative studies because it allows for the analysis and interpretation of data in phases so as to enhance validity and reliability.

Firstly, the raw data was scrutinized to evaluate its accuracy. Afterwards, the data was closely studied and all the important points were noted down in form of short memos. As Patton (2002) advices, the researcher transcribed the short memos using Microsoft word programme so as to make them easy to interpret. Further, the transcribed data was scrutinized before being subjected to objective coding. The next step involved an ad hoc analysis where the researcher utilized the coded data in filling frequency tables. The tables indicated the frequency (number of participants) as well as the percentage showing how the participants answered each of the ten questionnaire questions. This was necessary as it allowed for easy interpretation of the data.

3.4 Ethical Assurances and Validity Issues

According to Creswell (2003), studies that involve the use of human subjects should adhere to the set ethical standards. To this effect, the researcher sought permission from the four banks as well as from the potential participants before incorporating them in study. Moreover, banks as well as the potential participants were informed about the study aims and objectives prior to the actual collection of data. This gave them the opportunity to make an informed decision on whether to take part in the study or not. Moreover, the researcher did not ask the participants to include their names when completing the questionnaires. This enhanced the accuracy of information collected from the participants.

To guard against validity and reliability of the data collected and analyzed, the researcher was utilized by Lather (1986) postulation that “just as there is no neutral education there is no neutral research” (p.67). This opinion allowed the researcher to eliminate bias by utilizing worthwhile data collection and analysis procedures. This was made possible through constant data checks throughout all the salient study procedures. Moreover, through the extensive review of the existing relevant literature as well as the skills and knowledge gained in class and in professional practice, the researcher was able to confront the experiences of the study participants allowing him to make wise interpretations of the primary data.

3.5 Study Limitations

The research was done within limited time and resources. This therefore meant that the research aims and objectives had to be limited in scope to take into account these limitations. In addition, the research was investigating a sensitive matter, that is, the security of banking products. This meant that there was the risk that some participants may have been tempted to give inaccurate information. To deal with this, the research used questionnaires which according to Stettina and Heijstek (2011) come with anonymity which help to enhance honesty and objectivity. This argument derives its impetus from the fact that the participants were not asked to indicate their names in the questionnaires.

CHAPTER FOUR: RESULTS AND FINDINGS

4.1 Chapter Overview

This dissertation’s objectives were threefold. To understand the provisions of the BCBS on banking supervision as applied to e-banking; to understand the risk management strategies put in place by China’s e-banking sector, and; to analyze the extent to which these strategies comply with the BCBS guidelines. A joint analysis of both the secondary and primary data gathered during the course of the study yields the following set of findings. For purposes of clarity and as Creswell (2003) posits, these findings are presented according to the three objectives.

BCBS on Banking Supervision as Applied to E-Banking

All the study participants exuded substantial knowledge of the BCBS guidelines on internet banking. From the analysed data the researcher established that all the major banks offering e-banking services in China are aware of the BCBS guidelines and their importance in mitigating e-banking risks. The study found out that these principles are categorized into three broad but sometimes overlapping categories of Board and Management Oversight; Security Controls; and legal and Reputational Risk Management.

4.2.1 Board and Management Oversight

By the virtue of their senior management positions they hold in their respective banks, the study participants exuded their understanding of the role of board and management oversight committees in mitigating e-banking risks. The participants indicated that banks senior management teams should develop robust business strategies that stipulate methods of identifying, measuring, monitoring, and mitigating related risks. Such strategies should be clearly communicated to all the bank employees as well as its customers so as to operationalize it as per the banks vision on e-banking pursuits. As a matter of fact, the participants hinted that such a strategy should comprise of clear and specific accountabilities and responsibilities that help to address both local and cross-border risks. Moreover, it was discovered that this management oversight role of banks senior management teams should constantly monitor and review emerging issues in the e-banking sector with a view of reviewing the existing risk control strategies to address the ever-evolving e-banking risks.

4.2.2 Security Controls

The study established that all banks offering e-banking services in China are aware of the inherent risks in the industry and that they acknowledge the need to put in place robust security control systems. The participants indicated that such security control measures are stipulated by the BCBS report on internet banking published in 2003. As the numbered listed below shows, these security control measures include:

Establishing adequate authorization and authentication prompts before allowing access to personal information.
Establishing logical physical assess restrictions.
Creating appropriate security infrastructure that allow for the erection of logical boundaries between internal and external user activities.
Establishing clear audit regulations to establish the integrity of data entered during all e-banking activities.
Preserving the confidentiality of customer information.
Establishing disclosure regimes as may be determined by the local regulations.

4.2.3 Legal and Reputational Risk Management

The legal and reputational risk management category emphasizes on protecting banks from potential legal and reputation risks. To this effect, it calls for the consistent and timely delivery of e-banking services as may be determined conventional business practices such as the consistent fulfillment of customer expectations. The participants indicated that to fulfill their contractual obligations, banks must at all time deliver e-banking services to their customers no matter what the prevailing circumstances. Moreover, it was found that banks must create swift customer service programs and incidence response units so as to reduce potential operational and legal risks such as frauds, system outages, and fierce rivalry from other banks providing similar products.

Risk Management Strategies Put In Place By China’s E-Banking Sector

Almost all banks in China offer e-banking services. These banks are aware of the many security threats they stand to experience when offering e-banking services to their customers. As such, they have put in place the following risk management strategies. As the numbered list below shows, these strategies revolve around identifying, measuring, monitoring, and managing e-banking related risks.

Setting stringent online account opening measures
1. Authenticating new applicants
2. Close partnering with third party service providers
3. Setting robust identification and authentication measures
4. Setting robust operational measures
Monitoring bill payment services
1. Enrolling all vendors at the bank
2. Reviewing all risky bill payment transactions
Developing a clear understanding of the inherent risks
1. Determining the scope of the risk
2. Establishing the authority to guide through risk mitigation
3. Developing a reporting responsibility
4. Determining how the e-banking risks interact with those of other sectors.
Maximizing the existing risk mitigation investments
1. Improving on existing risk management measures
2. Enhancing international partnerships
Creating a strong vision and light throughout the sector
1. Forming risk mitigation departments and committees
2. Creating a responsive support program to link departments and committees.
Engaging highly qualified and motivated personnel
1. Carrying out rigorous hiring drives to identify appropriate personnel
2. Holding regular training for risk management personnel
Real-time tracking and reporting of internet related frauds
1. Capture all relevant details regarding the crime
2. Define what banking frauds fall within the e-banking sector
Carrying out regular consumer awareness drives
1. Customers should not share confidential information with anyone
2. Putting in place easy reporting measures
Carrying out regular risk assessment drives
1. Assessing the type of customers that are more vulnerable to risks
2. Assessing customer transactional capabilities
3. Assessing the sensitivity of customer information being transmitted
4. Assessing the volume of customer transactions
Putting in place concrete development plans
1. Concrete product development programs that outgrows threats
2. Initiating robust security controls that enhances competitiveness
Conducting regular review of risky e-banking products
Conducting a thorough testing on new products
Refusing to roll out untested products
Not rolling out products that jeopardize the integrity of the e-banking sector
Rolling out products that conform to the local monetary sector

Extent to Which these Strategies Comply with the BCBS Guidelines

The study established that like many other BCBS member countries, China’s e-banking sector complies with the BCBS 14 risk management principles of internet banking. The participants indicated that most banks in China that offer e-banking services have tailored their risk mitigation strategies as per the three broad categories of the BCBS principles on internet banking. For instance, it was established that most risk mitigation strategies are initiated from the board and oversight committees’ level, they address security risks such as phishing, hacking, and money laundering, and most importantly, they are meant to prevent business, legal, and reputational risks.

Even so, the study established that in what seems to be an adherence to what the BCBS requires, some risk mitigation strategies applied by banks in China offering e-banking services are customized to meet the unique risk challenges that face China’s e-banking industry. It was established that this is partly because the BCBS principles are not meant to be best practices for member countries to implement and partly because for many years China has continued to follow a very conservative monetary approach. As a matter of fact, the participants hinted that the current e-banking risks mitigation measures are a function of the unique characteristics of the China’s banking market as well as those of its banking partners.

Lastly, the participants indicated that in their capacity as senior banking officials, they have the responsibility to tailor risk mitigation strategies to suit the specific risks affecting China’s e-banking sector. This is because the BCBS guidelines allow them to do so. Moreover, the participants provided that in most instances risk mitigation strategies adopted by banks offering e-banking services in China are integrated with those utilized by the traditional banking sector. The study established that this is in tandem with the BCBS guidelines and at the same time a customized approach that puts into consideration the unique China e-banking sector where in most times services are offered in traditional banking platforms or even alongside traditional banking services.

CHAPTER FIVE: DISCUSSIONS

Overview of the Study Findings

It has been established that China’s banks that offer e-banking services base their risk mitigation strategies on the three pillars of minimum capital requirements, market discipline through increased public disclosure and supervisory review. This is in tandem with both the BCBS guidelines as well as on Brown (2009) who argues that banks should not exceed their minium capital reserves, they should operate within the set market regualtions (in this case the BCBS guidelines), and most importantly, they should create robust disclosure regimes that respect the privacy of customer information and at the same time clearly stipulate the values that underlie the bank operations.

This study has provided that the e-banking sector is prone to many risks. Basing on this extensive exposure to risk the Basel Committee on the supervision of banks came up with guidelines meant to help in the process of risk management. However, the Basel committee guidelines are not expected to be implemented uniformly across the board because they are mere guidelines, which mean that they are implemented to varying degrees in different financial institutions and jurisdictions. To this effect, most banks that offer e-banking services in China tailor their risk mitigation strategies to as per the set BCBS guidelines on internet banking while at the same time recognizing the inherent risks that characterize the country’s e-banking sector.

. Each financial institution will then come up with a suitable approach of dealing with each of the pillars. The committee acknowledges that although the challenges presented by the electronic banking platform closely resemble those found in traditional banking, there is still an increase in the number of challenges with regards to risk management. For that reason, the committee advises that the risk management strategies used in traditional banking be retained but be tailored to reflect the increased challenges found in the electronic banking platform.

6.0 BIBLIOGRAPHY

Ader, H. J., Mellenbergh, G. J., & Hand, D. J. (2008). Advising on research methods: A consultant’s companion. Huizen, The Netherlands: Johannes van Kessel Publishing.

Babbie, E. (2004). The Practice of Social Research (10th Ed.). Belmont, CA: Thomson/Wadsworth.

Basel Committee on Banking Supervision (July 2003). Risk Management Principles for Electronic Banking. Bank for International Settlement.

Bis. (2003). Risk Management Principles for Electronic Banking. Retrieved Oct 26, 2011, from Basel Committee on Banking Supervision: http://www.bis.org/publ/bcbs98.pdf

BIS. (2004, Jun). International Convergence of Capital Measurement and Capital Standards. Retrieved Dec 06, 2011, from Bank for International Settlements: http://www.bis.org/publ/bcbs107.pdf

BIS. (2011, Jun). Basel III: A global regulatory framework for more resilient banks and banking systems. Retrieved Dec 06, 2011, from Bank for International Settlements: http://www.bis.org/publ/bcbs189.pdf

BITS Financial Services Roundtable (April 2003) Fraud prevention strategies for internet banking, A publication of the BITS Fraud Reduction Steering Committee.

Brown, O. W. (2009). Financial Markets Regulation: Financial Crisis Highlights Need to Improve Oversight of Leverage at Financial Institutions and Across System. DIANE Publishing.

Chow, G.C. (2004). Knowing China. Singapore: World Scientific Publishing Company Pte limited.

Creswell, J. (2009). Qualitative inquiry and research design. Thousand Oaks, CA: Sage Publications.

Creswell, J.W. (2003). Research design: Qualitative, quantitative, and mixed methods approaches (2^nd ed.). Thousand Oaks, CA: Sage Publications.

Denzin, N.K. & Lincoln, Y.S. (Eds.) (2005). The sage handbook of qualitative research (3^rd ed.). Thousand Oaks, CA: Sage Publications.

Howcroft, B., Hamilton, R., & Hewer, P. (2002). Consumer attitude and the usage and JIBC April 2010, Vol. 15, No.1 – 10 – adoption of home-based banking in the United Kingdom. International Journal of Bank Marketing, 20(3), 111-121.

Kaplan. (2011). Governance, risk and ethics. London: Kaplan publishers.

Lather, P. (1986). Issues of Validity in Openly Ideological Research: Between a Rock and a Soft Place. Interchange, 17(4); 63-84.

Patton, M. Q. (2002). Qualitative evaluation and research methods. Newberry Park, CA: Sage Publications.

Segal, S. (2011). Corporate Value of Enterprise Risk Management: The Next Step in Business Management. New Jersey: John Wiley & Sons.

Sironi, A., & Resti, A. (2009). Risk management and shareholders’ value in banking: from risk measurement models to capital allocation policies. New Jersey: John Wiley and Sons.

Stettina, C. J., & Heijstek, W. (2011). Five Agile Factors: Helping Self-management to Self-reflect. Springer-Verlag Berlin Heidelberg , 84-96.

Yuan, X., Lee, H.S., & Kim, S.Y. (2010). Present and Future of Internet Banking in China. Journal of Internet Banking and Commerce, vol. 15, no.1; pp. 1-10.

Zhang, A., & Li, M. (2005). The Regional Analysis of Internet Banking Development of China. Journal of Information, 12, 108-110.

Zhang, H., Piao, G., & Zhao, P. (2008). The comparative study of Internet banking service in China and Korea. Economic Research, 2, 39-40.

Zhao, A. L., Lloyd, S. H.., Ward, P., & Goode, M. M. H. (2008). Perceived risk and Chinese consumers’ Internet banking services adoption. International Journal of Bank Marketing, 26(7), 505 – 525. www.bits.org/publications/fraud/FraudInternetBank0403.pdf

APPENDICES

Appendix I: Risk Factors Associated with Banking

Risk factor	Qualitative judgment	Rating(1=low risk; 10=high risk)
1. Human resource
· Fraud	Average/low	3
· Negligence	Average	5
· Violation of internal rules	High	9
2. Technology
· Systems failures	Average	4
· Software errors	Average/high	8
· Telecommunication	Low	2
3. Processes
· Model risk	High	10
· Transaction risk	Average	6
· Documentation risk	Average/low	3
4. External events
· Political risk	Low	1
· Regulatory/fiscal risk	Average/high	8
· Natural events	Low	2

Adapted From: Sironi and Resti (2009)

Appendix II: Study Questionnaire

Please answer all the questions in this questionnaire.

Does your bank offer electronic banking services? (Please tick the appropriate box).

[YES] [NO]

How long has your bank been offering electronic banking services? (Please underline the appropriate option).

Less than 5 years
5 years
10 years
More than 10 years

Are there any electronic banking risks that your bank or your bank customers have experienced?

[YES] [NO]

If yes, please name them.

……………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………

What are the effects of these electronic banking risks on your bank and its customers?

What are the measures that your bank has put in place to recognize, address, and manage risks?

Are these measures in tandem with what other banks in the country are doing? (Please tick the appropriate box).

[YES] [NO]

Please explain your answer.

Are these measures adjusted from the bank level or from the national level? (Please tick the appropriate box).

[YES] [NO]

Please explain your answer.

Are you aware of the provisions of the Basel Committee on Banking Supervision guidelines on electronic banking? (Please tick the appropriate box).

[YES] [NO]

Do you think the electronic banking risk mitigation measures in China are in tandem with the Basel Committee on Banking Supervision guidelines on electronic banking? (Please tick the appropriate box).

[YES] [NO]

Please explain your answer.

Do you think the Basel Committee on Banking Supervision guidelines on electronic banking are effective in recognizing, addressing, and managing risks? (Please tick the appropriate box).

[YES] [NO]

Get Professional Assignment Help Cheaply

Are you busy and do not have time to handle your assignment? Are you scared that your paper will not make the grade? Do you have responsibilities that may hinder you from turning in your assignment on time? Are you tired and can barely handle your assignment? Are your grades inconsistent?

Whichever your reason is, it is valid! You can get professional academic help from our service at affordable rates. We have a team of professional academic writers who can handle all your assignments.

Why Choose Our Academic Writing Service?

Plagiarism free papers
Timely delivery
Any deadline
Skilled, Experienced Native English Writers
Subject-relevant academic writer
Adherence to paper instructions
Ability to tackle bulk assignments
Reasonable prices
24/7 Customer Support
Get superb grades consistently

Online Academic Help With Different Subjects

Literature

Students barely have time to read. We got you! Have your literature essay or book review written without having the hassle of reading the book. You can get your literature paper custom-written for you by our literature specialists.

Finance

Do you struggle with finance? No need to torture yourself if finance is not your cup of tea. You can order your finance paper from our academic writing service and get 100% original work from competent finance experts.

Computer science

Computer science is a tough subject. Fortunately, our computer science experts are up to the match. No need to stress and have sleepless nights. Our academic writers will tackle all your computer science assignments and deliver them on time. Let us handle all your python, java, ruby, JavaScript, php , C+ assignments!

Psychology

While psychology may be an interesting subject, you may lack sufficient time to handle your assignments. Don’t despair; by using our academic writing service, you can be assured of perfect grades. Moreover, your grades will be consistent.

Engineering

Engineering is quite a demanding subject. Students face a lot of pressure and barely have enough time to do what they love to do. Our academic writing service got you covered! Our engineering specialists follow the paper instructions and ensure timely delivery of the paper.

Nursing

In the nursing course, you may have difficulties with literature reviews, annotated bibliographies, critical essays, and other assignments. Our nursing assignment writers will offer you professional nursing paper help at low prices.

Sociology

Truth be told, sociology papers can be quite exhausting. Our academic writing service relieves you of fatigue, pressure, and stress. You can relax and have peace of mind as our academic writers handle your sociology assignment.

Business

We take pride in having some of the best business writers in the industry. Our business writers have a lot of experience in the field. They are reliable, and you can be assured of a high-grade paper. They are able to handle business papers of any subject, length, deadline, and difficulty!

Statistics

We boast of having some of the most experienced statistics experts in the industry. Our statistics experts have diverse skills, expertise, and knowledge to handle any kind of assignment. They have access to all kinds of software to get your assignment done.

Law

Writing a law essay may prove to be an insurmountable obstacle, especially when you need to know the peculiarities of the legislative framework. Take advantage of our top-notch law specialists and get superb grades and 100% satisfaction.

What discipline/subjects do you deal in?

We have highlighted some of the most popular subjects we handle above. Those are just a tip of the iceberg. We deal in all academic disciplines since our writers are as diverse. They have been drawn from across all disciplines, and orders are assigned to those writers believed to be the best in the field. In a nutshell, there is no task we cannot handle; all you need to do is place your order with us. As long as your instructions are clear, just trust we shall deliver irrespective of the discipline.

Are your writers competent enough to handle my paper?

Our essay writers are graduates with bachelor's, masters, Ph.D., and doctorate degrees in various subjects. The minimum requirement to be an essay writer with our essay writing service is to have a college degree. All our academic writers have a minimum of two years of academic writing. We have a stringent recruitment process to ensure that we get only the most competent essay writers in the industry. We also ensure that the writers are handsomely compensated for their value. The majority of our writers are native English speakers. As such, the fluency of language and grammar is impeccable.

What if I don’t like the paper?

There is a very low likelihood that you won’t like the paper.

Reasons being:

When assigning your order, we match the paper’s discipline with the writer’s field/specialization. Since all our writers are graduates, we match the paper’s subject with the field the writer studied. For instance, if it’s a nursing paper, only a nursing graduate and writer will handle it. Furthermore, all our writers have academic writing experience and top-notch research skills.
We have a quality assurance that reviews the paper before it gets to you. As such, we ensure that you get a paper that meets the required standard and will most definitely make the grade.

In the event that you don’t like your paper:

The writer will revise the paper up to your pleasing. You have unlimited revisions. You simply need to highlight what specifically you don’t like about the paper, and the writer will make the amendments. The paper will be revised until you are satisfied. Revisions are free of charge
We will have a different writer write the paper from scratch.
Last resort, if the above does not work, we will refund your money.

Will the professor find out I didn’t write the paper myself?

Not at all. All papers are written from scratch. There is no way your tutor or instructor will realize that you did not write the paper yourself. In fact, we recommend using our assignment help services for consistent results.

What if the paper is plagiarized?

We check all papers for plagiarism before we submit them. We use powerful plagiarism checking software such as SafeAssign, LopesWrite, and Turnitin. We also upload the plagiarism report so that you can review it. We understand that plagiarism is academic suicide. We would not take the risk of submitting plagiarized work and jeopardize your academic journey. Furthermore, we do not sell or use prewritten papers, and each paper is written from scratch.

When will I get my paper?

You determine when you get the paper by setting the deadline when placing the order. All papers are delivered within the deadline. We are well aware that we operate in a time-sensitive industry. As such, we have laid out strategies to ensure that the client receives the paper on time and they never miss the deadline. We understand that papers that are submitted late have some points deducted. We do not want you to miss any points due to late submission. We work on beating deadlines by huge margins in order to ensure that you have ample time to review the paper before you submit it.

Will anyone find out that I used your services?

We have a privacy and confidentiality policy that guides our work. We NEVER share any customer information with third parties. Noone will ever know that you used our assignment help services. It’s only between you and us. We are bound by our policies to protect the customer’s identity and information. All your information, such as your names, phone number, email, order information, and so on, are protected. We have robust security systems that ensure that your data is protected. Hacking our systems is close to impossible, and it has never happened.

How our Assignment Help Service Works

1. Place an order

You fill all the paper instructions in the order form. Make sure you include all the helpful materials so that our academic writers can deliver the perfect paper. It will also help to eliminate unnecessary revisions.

2. Pay for the order

Proceed to pay for the paper so that it can be assigned to one of our expert academic writers. The paper subject is matched with the writer’s area of specialization.

3. Track the progress

You communicate with the writer and know about the progress of the paper. The client can ask the writer for drafts of the paper. The client can upload extra material and include additional instructions from the lecturer. Receive a paper.

4. Download the paper

The paper is sent to your email and uploaded to your personal account. You also get a plagiarism report attached to your paper.

PLACE THIS ORDER OR A SIMILAR ORDER WITH US TODAY AND GET A PERFECT SCORE!!!

Contents

CHAPTER ONE: INTRODUCTION

1.1 Overview of the Basel Committee on Banking Supervision Principles

1.2 Overview of E-Banking Risks

1.3 Overview of China’s Banking/E-banking Industry

1.4 Problem Statement

1.5 Aims and Objectives

2.0 CHAPTER TWO: LITERATURE REVIEW

2.1 The Concept of Risk

2.2 Risks in the E-banking Sector

2.3 Risks in China’s E-banking Sector

2.4 Provisions of the BCBS on E-banking

CHAPTER THREE: METHODOLOGY

3.1 Research Design

3.2 Sample and Sampling Techniques

3.2 Data Collection Methods

3.3 Data Analysis

3.4 Ethical Assurances and Validity Issues

3.5 Study Limitations

CHAPTER FOUR: RESULTS AND FINDINGS

4.1 Chapter Overview

BCBS on Banking Supervision as Applied to E-Banking

4.2.1 Board and Management Oversight

4.2.2 Security Controls

4.2.3 Legal and Reputational Risk Management

Risk Management Strategies Put In Place By China’s E-Banking Sector

Extent to Which these Strategies Comply with the BCBS Guidelines

CHAPTER FIVE: DISCUSSIONS

Overview of the Study Findings

Get Professional Assignment Help Cheaply

Why Choose Our Academic Writing Service?

Online Academic Help With Different Subjects

Literature

Finance

Computer science

Psychology

Engineering

Nursing

Sociology

Business

Statistics

Law

What discipline/subjects do you deal in?

Are your writers competent enough to handle my paper?

What if I don’t like the paper?

Reasons being:

In the event that you don’t like your paper:

Will the professor find out I didn’t write the paper myself?

What if the paper is plagiarized?

When will I get my paper?

Will anyone find out that I used your services?

How our Assignment Help Service Works

1. Place an order

2. Pay for the order

3. Track the progress

4. Download the paper

Why Choose Us?

Why Hire Our Writers?

How to place an order: