Privacy breach: The biggest upcoming scam
Authored by Rohan Mehta, CEO and Fund Manager – Turtle Wealth
India has had its share of financial scams, spanning the Stock Market, Stamp Paper, and Online Banking. These scams often transpired because, in their early stages, regulators didn't give them the attention they deserved. Today, one of the most significant concerns is data leakage, which is essentially a Privacy Breach. It encompasses everything from sharing our locations to AI tracking our shopping preferences and financial transactions. While it may not have gained widespread attention yet, the potential for this to become one of the most significant upcoming scams of the decade is very real if not addressed urgently.
We often take pride in the widespread adoption of UPI (Unified Payments Interface), which has revolutionized digital payments in India. However, every white has its black, and with UPI, banks gain access to a vast amount of our transaction data, data that used to be in the form of cash transactions. This is just the beginning; banks are on track to surpass even tech giants like Google in data collection by 2025. If not regulated, this could become a behemoth, and no individual or entity may be capable of preventing the misuse of this data for their own business advantage.
To illustrate how financial data privacy breaches occur, let's consider the practices of banks. While banks were originally established to facilitate financial transactions and ensure the safety of citizens' money, they have expanded their services to include various financial products like loans, insurance, wealth management, and credit cards. These additional services yield substantial commissions for banks, often surpassing the income from traditional banking services like Current Account and Savings Account (CASA). Consequently, employees in private banks, particularly the top 3-5 private banks, are under immense pressure to meet targets. This leads to not only mis-selling but also privacy breaches of investors.
As the owner of a Boutique Portfolio Management Service (PMS), I've witnessed numerous instances where new and existing clients who withdraw substantial sums from banks to invest with us are aggressively pursued by bank personnel. The banks make excuses to delay clearing high-value checks, hoping that their wealth management division can intercept the client and push their products instead of ours. This raises a critical question: Why does this happen in the first place?
The client's funds were already within the bank, yet the bank didn't approach the client for investment. They gained this information from the clearing high-value department, where it's understood that client data is shared with the sales team head and individual relationship managers (RMs). RMs approach the client with questions like:
"Why are you investing with them and not us?"
"We are a bigger and better name than these boutique PMS companies."
"Why not split your business between us and them?"
The issue here is that banks have access to client information and can use it to engage in this behavior. Isn't this one of the most significant privacy breaches? Many clients have complained to us about this practice, and while we have tried to avoid the issue, it's prevalent among large private banks. They act as if they are undisputed financial powerhouses that can do anything to secure business.
I spoke with a friend in banking who works at Kotak Bank, and they confirmed that tracking clients who do business outside the bank and attempting to divert them to the bank is standard practice. In their business reviews, it's mandated to identify why a client is doing business elsewhere and not with the bank. This involves several departments, from clearing to operations to sales. It's alarming that any significant payment you make can be tracked by the bank.
As bank customers, we have every right to expect data privacy and security. It should not concern the bank, or anyone else, why we are drawing a particular check or for what amount. This is a critical concern that everyone should address with their banks and with the Reserve Bank of India (RBI). The irony is that most of us are unaware that our privacy is being breached. We may soon see banks advertising that they are champions of privacy, urging individuals to open accounts with them.
Disclaimer: The opinions expressed above are personal and may not reflect the views of DSIJ.