NEW DELHI • Punjab National Bank (PNB) says it is still investigating how the largest fraud in Indian banking history went undetected for so long. The accounts given by current and former executives who spoke to Reuters suggest an answer as simple as it is alarming: No one was paying attention.
The still unravelling story of how the fraud happened - which includes the alleged misuse of the Swift interbank messaging system and incomplete ledger entries - points to a breakdown in checks and balances as well as standard banking practices, they said.
Court documents filed last Saturday by the Central Bureau of Investigation (CBI) show branch deputy manager Gokulnath Shetty, who is in custody, issued a series of fraudulent Letters of Undertaking - essentially guarantees sent to other banks so they would provide loans to a customer, in this case, a group of Indian jewellery companies.
The letters were sent to overseas branches of banks, thought to be almost all Indian, that would then lend money to the jewellery firms.
Mr Shetty did so using the bank's Swift system to log in with passwords that allowed him, and in at least some instances a more junior official, to serve as both the person who sent messages and as the one who reviewed them for approval.
"The involvement and connivance of more staff members and outsiders at this stage cannot be ruled out," said a CBI document submitted to the court in Mumbai.
Asked about the password sharing, a senior PNB executive who declined to be identified said it does happen. "When you are flooded with customers in the morning, with 101 demands, you look for shortcuts," he said. "You do somebody else's work, somebody else does your work."
After entering the transactions on Swift, Mr Shetty - who worked at the same branch from 2010 to last year despite normal bank practices of regular rotations - did not record them on the bank's internal system. Because PNB's internal software system was not linked with Swift, employees were expected to manually log Swift activity. If that was not done, the transactions did not show up on the bank's books.
In all, there were at least 150 such fraudulent Letters of Undertaking during a seven-year period, according to a CBI official.
The mechanics of how the fraud happened, and what it says about the underlying industry culture, are worrying, said Mr Abizer Diwanji, national leader for financial services in India at accounting firm Ernst & Young.
"Checks and balances are there in public banks as well but they are not followed earnestly," he said.
To control such risks, most private sector banks require branches to route Swift messages through their central offices, Mr Diwanji said. They also usually integrate their software systems and Swift, meaning that activity such as a Letter of Undertaking being sent would be automatically recorded.