Category: Think-Tank

Welcome to our Think Tank category, a dedicated space designed to host thought-provoking discussions and thorough analyses related to the future landscape of fintech. As an influential player in the fintech industry, we believe in the power of knowledge sharing and the exchange of insights as a means to cultivate an environment that fosters innovation and thought leadership.

The Think Tank is a hub of articles that span an array of topics. We delve into everything from the profound impact of regulatory changes on fintech to the transformative role of artificial intelligence within the realm of financial services. Our objective is to provide a forum for insightful discourse that stimulates thought, encourages debates, and acts as a catalyst for innovation.

At Signzy, our passion lies in exploring and envisioning the future of fintech, and sharing our vision with the world. Our Think Tank is a testament to this passion. It’s a platform where we showcase our ideas, share our insights, and make predictions about the evolution of the fintech industry.

Whether you are a fintech professional at the forefront of industry developments, a business leader steering your organization through the digital landscape, or an individual intrigued by the future of finance, our Think Tank offers a treasure trove of thought-provoking insights and stimulating discussions.

We invite you to join us on this exciting intellectual journey as we explore the future of fintech, sharing our vision for a financial landscape that is more efficient, secure, and customer-centric. Step into our Think Tank, where ideas fuel innovation and discussions shape the future of fintech. Let’s explore, question, and envision the future of finance together.

Digital Transformation of 5 Cs of Credit Analysis — New Trends in Lending

Posted on | by Signzian

Digitization has become a marvel of technological innovation. It is dramatically changing credit markets around the world. It is also creating opportunities for consumers and new market participants. However, there remain challenges for traditional financial institutions and regulators.

What are the 5cs Of Credit

 

Credit analysis determines the risk involved with a loan and its borrower. A bank or lending institution will check your business & personal financial details. This comes regardless of the type of financing needed. Credit analysis can be broken into the “5 Cs:” character, capacity, condition, capital and collateral.

Character: This assures lenders about the honesty and integrity of the borrower and guarantors. The lender needs to be confident about other aspects of the applicant. This includes the background, education, industry knowledge and experience which is essential for successfully managing the business. Lenders may need a certain amount of management and/or ownership experience. One can assume the past is the best predictor for the future. On that note, a lender will examine the personal credit of all borrowers and guarantors as a precaution.

Capacity (Cash flow): The lender will obviously want to check if your business is capable of loan repayment. The business should have a consistent cash flow to support expenses and debts. Verifying the payment history of existing loans and expenses is crucial. This is because it acts as an indicator to the borrower’s reliability to make loan payments.

Condition: The lender must identify the condition of the business, the industry, and the economy. This is why it is essential for lenders to know the industry. The lender will also verify the current conditions of the business/individual. The check involves knowing whether the condition will continue, improve, or deteriorate. In addition, the lender will want to know how the loan proceeds will be used. This can be towards working capital, renovations, additional equipment, etc.

Capital: Lenders need to check for personal investments that the borrower plans to make in the business. Investing personal capital reduces the chance of default. Investing in personal assets also indicates that you are willing to take a personal risk for the sake of your business.

Collateral: A lender will evaluate the assets (both business and personal) of the guarantors. This is because they can act as a secondary source of repayment. Collateral is vital, however, its significance depends on the type of loan. A lender will provide details on the types of collateral needed depending upon the type of loan.

The above five components constitute an effective way of credit analysis. It also helps the lender understand the borrower and the business. By knowing each of the “5 Cs,” a better understanding of the loan application process and its requirements can be gained.

Need For Technology In Credit Analysis

In today’s digital environment, customers require excellence in terms of service. The demands are cumbersome when it comes to hassle-free and timely service rendition. Banking and financial services are one of the highest demand sectors in this regard.

Modern lending institutions are Constantly competing to win clients over. Utilizing software solutions can help meet those lofty demands. It can simultaneously mitigate credit risks as well.

The need for an improved credit management process

The traditional lending industry is adopting automated credit underwriting as the accepted norm. This shortens the wait time for clients. It also helps banks improve customer experience through a competitive environment. According to an article by Monja, the automated credit underwriting market stood globally at USD 2,615.8 million in 2017. It is predicted to grow up to USD 5,579.4 million by 2024. This will reflect a CAGR of 11.6% over the forecast period. The traditional lending industry is adopting automated credit underwriting as the accepted norm. This shortens the wait time for clients. It also helps banks improve customer experience through a competitive environment. According to an article by Monja, the automated credit underwriting market stood globally at USD 2,615.8 million in 2017. It is predicted to grow up to USD 5,579.4 million by 2024. This will reflect a CAGR of 11.6% over the forecast period.

 

The paper-based process causes delays in credit estimation, loan approval and releases. Time, as well as the cost of processing each loan application, can be reduced drastically. This requires a streamlined credit management process to replace legacy methods.

Hence, only automation can be the messiah to deliver an immense improvement in the current practice of extending loans. Lending firms that continue to be cynical about the efficiency of automation would be losing a lot. This includes clients, business opportunities, and more importantly revenue.

The paper-based process causes delays in credit estimation, loan approval and releases. Time, as well as the cost of processing each loan application, can be reduced drastically. This requires a streamlined credit management process to replace legacy methods.

6 Reasons Why Digitization Is The Need Of The Hour

Customer expectations. Banks traditionally depend upon physical distribution methods. Recently, it has been challenging to meet changing customer needs for speed and simplicity. Demands like fast online credit approvals are growing. A Report by Mckinsey highlights how the customer needs for online and mobile experience will grow 4X by the end of 2020.

Reduce back and forth client interactions

The current process requires scanning, emailing, and faxing financial information and supporting documentation, . This can be a strenuous back-and-forth process. Customer-facing interactive portals and APIs can easily enable the digital capture of such information.

Eliminate unnecessary manual work: The amount of unnecessary manual data entry can be easily reduced. Leveraging a portal that connects to the borrower’s financial accounting package is the answer. It should also support the technology to read tax forms digitally,

Make quicker and smarter decisions: The time required to generate financial spreads can be reduced. The application of innovative machine-learning technology is perfect for this.

Improved risk mitigation: Risk reduction is the main goal of any lender. Automation technology using AI can easily help in this area. The system will use the rules you define and analyze entire credit applications in seconds. It also reports reporting every error it detects. AI can handle redundant tasks at a higher speed and with lower error chances.

Pressure on cost and returns. The new players in the market are challenging incumbents’ revenues and their cost models. The conventional form of banking operations, branch networks, and legacy IT systems can be cumbersome. Fintech companies can operate at much lower cost-to-income ratios. This is approximately 40 percent lower according to a report by McKinsey.

How Automation Can Transform The Credit Analysis & Lending Landscape

The operational problems present in a manual paper-based solution can be complicated. The automation of credit analysis and the digitization of the key steps can provide savings of up to 50%. The benefits extend well beyond even improvements. Digitization can also protect bank revenue from harm. The potential of reducing leakage can be up to 5–10%.

1.Improved accuracy, zero paperwork

Sifting through voluminous data has been the inevitable cause of delays in loan processing. The front-end data flow requires extensive man-hours. But in a paper-less setting, the complications in the process are reduced. This can be seen from the initiation stage until the approval phase.

An automated lending system can manage the heavy volume of data. It can delegate transactions without missing a step. Signzy’s complete onboarding solutions can help in this regard. With AI-based proprietary technology, higher efficiency is easily guaranteed. Using computer vision, our solution is capable of processing almost 3.5 million documents in 1 day.

 

2. Greater Savings With Lesser Cost

Automation greatly reduces processing time. Thus the cost of doing business or processing a loan application will automatically drop. Credit and loan officers can utilize time to process more accounts.

Most importantly, lending firms can exempt the cost of hiring and training of additional personnel. Overall operating costs are greatly reduced. Automation can help reduce the cost of risk mitigation by 10–25%. Additionally, the overall costs are lowered by about 20%.

3. Optimize lending operations through APIs

A lending software solution can optimize all segments of the lending operation. However, the primary point of focus is always on the risk-assessment aspect.

Signzy uses proprietary APIs that our decision-making engine can use. These APIs can cross-check credit scores against EXPERIAN data. The checks are conducted against the Consumer Bureau database as well. The system checks for accurately retrieving the credit score of the borrower. This allows for a faster decision-making process.

4. Clients are the ultimate beneficiaries

The best customer experience is ultimately desirable in a streamlined credit management process. The processing of consumer, commercial or industrial loans is not a time-consuming affair. Automation can easily satisfy customer expectations.

Clients are not really concerned with the internal mechanism of the process. When all loan requirements ae fulfilled, the timer begins to count down. Most borrowers expect the processing of their loan applications to be timely.

New Trends In Lending — How Organizations Are Adopting To Automation

The onset of Covid-19 has set an inflection point for a spike in demand for contact-less and paper-less lending. This has fast-tracked digital transformation in the lending industry. This is similar to how demonetization catapulted digital payments in India.

NBFC’s have traditionally designed digital capabilities to drive cost-efficiencies and manage risks. However, the Fintech industry has shown digital prowess for improving customer experience.

Digital Analytics For Credit Analysis

FinTech’s have largely managed collections via data analytics led sms/phone/email communication. They have also employed limited on-ground collection teams. As a result, an increase in on-ground collections is viable. This can be either through in-house teams or collection-agency outsourcing.

There has also been a spike in partnerships with payment banks. The purpose of this is to enable customers to deposit cash at kirana outlets. It also entices the proliferation of awareness campaigns for customers to pay using UPI and similar methods.

Fintechs Play A Crucial Role In Digital Lending

In McKinsey’s Future of Risk Management Survey, data shows that 85% of risk managers believe legacy IT infrastructure to be the main challenge in digitization. To resolve this, many large financial institutions have collaborated with fintechs. For example, ING with Kabbage and BBVA Compass Bancshares with OnDeck.

The report also highlights new lending approaches. This includes automating SME credit decisions through the use of alternative data sources. Ex: e-commerce-transaction data from Amazon, PayPal, and eBay. Other examples include: cloud-accounting data from Xero and banking-transaction data via APIs. These are collected from financial-data aggregators such as Yodlee and Finicity). From these findings, it can be inferred that fintechs can play a key role for innovations in digital lending.

Conclusion

Traditional lenders seem to have a notion. They feel that an automated lending system is overrated. For them, a complex process like credit management is impossible to automate. They fear for the weakening of the lending process. On the other hand, sticking to the manual process poses bigger risks.

Moreover, a lending firm that processes loans at a turtle pace will not merit attention. Times have changed and credit risk processes are turning digital. Every player in the lending space needs a lending software solution.

Automation is essential in this day and age. Lenders can hit volume targets, increase profits while managing delinquencies and mitigating risks. It’s the new backbone of any lending business.

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

 

 

Investing In Mutual Funds- Volatility & The New Digital Experience

Posted on | by Signzian

Months into the pandemic, we have adjusted to social distancing and self-quarantine norms. The past few months were harsh and difficult and we have come a long way but the future still looks murky.

With unemployment rates at a high, people are already under the fear of pay cuts and layoffs. Personal finances have taken a massive toll on people.

While news of increasing recovery rates can be considered as a silver lining, there is no doubt that the economy is struggling to stay afloat.

Market volatility is something that an investor deals with on a regular basis. But, the ongoing situation has made them scratch their heads over the future of investments.

Mutual Funds In Times Of Market Risk — Still ‘Sahi hai’?

Mutual Fund companies have been active with their outreach programs for quite some time now. In 2017, the Association of Mutual Funds in India (AMFI), launched a campaign under the tagline ‘Mutual funds Sahi Hai’ to educate people about mutual funds. This was a part of the investor awareness outreach program. The aim of the campaign launched was to bust myths and encourage investors to opt for mutual funds as their potential investment options.

While the campaign did help gain the trust of people and brought around 50 lakh investors in a single year, Mutual funds are still considered risky and hard to understand by a huge number of people. And uncertain times like this further add to the fuel.

The nationwide imposed lockdown, the uncertain future of an economy already in turmoil, and the volatility of the markets have contributed to growing concerns of investors. Should they invest more, sell-off, or wait till it gets normal?

Market Volatility: A Minor Setback In The Long Term Picture

Reports indicate that Mutual Funds investors must not panic as the ongoing situation will not last forever and things will ease out eventually.

Indian Institute of Technology-Hyderabad did a study on Mutual Funds which said “Nonetheless, there is no need for Mutual Fund investors to panic as long as the net asset value (NAV) of their investment drastically does not die out in this ongoing first quarter of FY 2020–21,”

While the economic slowdown may plant seeds of doubts in investors’ brains, it is important to keep one’s cool and look at the long term prospectives. The markets will eventually start giving better returns.

Reports by Arthikdisha show that the mutual fund industry has proven to be effective in wealth creation. With an average return of 12 to 15 per cent in the past 10 to 15 years, investors can rely on long-term returns.

Experts tell investors to focus more on their financial plans than the changing demographics of the market. This would help them make wiser decisions about their investments.

Wealth Creation In Crucial Times Through Investors’ Glasses

According to AFMI, the contribution of SIP rose to Rs 100,084 crore in the fiscal year 2019–20 as reported by Bloomberg Quint. In a highly unpredictable market, investors look for a safer route for wealth creation. The rupee-cost averaging through a SIP in uncertain markets reaps better long-term benefits. As the purchase is made consistently for a greater period. Thus, on average providing lesser risks and better returns to the investors. Investors aim to diversify and balance the risks and uncertainties of the market. Hybrid funds, STP or Systematic Transfer Plans, Large-cap funds help them do that.

For a long time, completing formalities involved the investors to fill out lengthy forms. The Know Your Customer (KYC) process required investors to visit the bank, produce the necessary documents and wait in queues. While many organizations did try to ease out the process, in-person verification was a must. The onset of the pandemic posed its own set of challenges to both the institutions and the investors.

How Adaptive Have Financial Institutions Become?

The outbreak of the virus continues to trouble citizens across the globe. Many institutions have adopted precautionary norms to function in a safe manner. Many fund houses have allowed employees to work from home in containment areas. Those working in offices are taking mandatory measures. Regular temperature checks of employees and visitors are one such measure. Institutions use infrared thermometers for this. Regular hand washing, availability of sanitizers is a must. These measures ensure responsible communication in times of crisis.

Ensuring An Efficient Digital Experience

In the wake of the crisis and a nationwide imposed lockdown, several mutual fund houses moved the KYC (Know Your Client) procedure online. While some representatives still went to the client’s house to get the in-person verification (IPV) done, others allowed the clients to get the IPV done through a video recording.

However, each fund house may have different procedures making the situation unfavorable and confusing for the people. To standardize the process, the Securities and Exchange Board of India (SEBI) released a clarification on the KYC norms.

  • The intermediaries carry out the online KYC procedure through their apps. Along with the bank and PAN details, personal details can be recorded. This includes the customer’s photograph, name, address, the mobile number.
  • Video IPV can be done through the apps while the clients can upload a signed cancelled cheque online.
  • As far as verifications are concerned email and mobile numbers can be verified by OTP generation. Aadhar and PAN can be verified through UIDAI and income tax department respectively. Digilocker can also be used to verify documents. The investor can then digitally sign the KYC form and submit it.

How Signzy is helping build the future?

Through our tech-enabled solutions, Signzy intends to offer financial institutions futuristic operational assistance. Our Algorithm Risk Intelligence aims to provide a satisfactory background check. Digital real-time KYC, Digital signature for KYC, Biometric signatures, Digital contracts are some of the key features of our products. Through our AI solutions, our system is equipped to meet strict data security requirements to help financial institutions function smoothly.

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

 

Impact Of Blocking and Unblocking Of E-Way Bill Generation Facility On Taxpayers & Transporters

Posted on | by Signzian

The Indian government has introduced new regulations to control the E-Way bill(EWB) generation facility. This move will identify and penalize GST non-filers and evaders. With effect from December 2, 2019, the blocking and unblocking of the EWB generation facility has been implemented on the e-way bill portal.

EWB generation has been deactivated for taxpayers who haven’t filed their returns for the previous two months. In this regard, Form GSTR3B is to be considered (which is filed by normal taxpayers) for the blocking of E-Way Bill Generation. The move is in accordance with Notification #74 which was released on 31st December 2018 to include Subrule ’E’ under Rule 138 of the GST Act.

What is the objective behind blocking e-way bill generation for taxpayers?

According to a report by Economic Times based on GSTN data, around 20.75 lakh GSTINs have not filed their GSTR-3B for September and October months. Moreover, around 3.47 lakh GSTINs (16.7%) of these had transactions for September and October 2019 in the e-way bill system. Taking under consideration the increase in the number of tax defaulters, their ability to generate E-way bill had to be blocked. The tax department is of the opinion that non-filing of returns has been the primary reason for the decline in the GST revenue collection so far.

Blocking of E-Way Bill Generation Facility

Every taxpayer who is registered under GST is required to file GSTR-3B, on a monthly basis. GSTR-3B includes details of sales and purchases made by a business and the final tax payable after claiming input credit.

As per the new rule, when a taxpayer fails to file his or her GST returns (GSTR-3B) for two continuous tax periods, he or she will get blocked from generating an e-way bill. A blocked GSTIN cannot be used for generating an e-way bill. This applies to both consignor or consignee. For example, if a taxpayer failed to file his/her GSTR-3B returns for the months of September and October 2019, his/her E-way bill generation facility would be blocked effective from 2 December 2019.

The new rule also applies to the transporter who will be unable to generate EWB using the blocked GSTIN of the taxpayer.

The blocking of EWB generation will not impact previously generated EWBs in any way.

Unblocking Of E-Way Bill Generation Facility

Unblocking of e-way bill generation facility restores the facility of generation of E-Way Bill. In the event of filing of the return for the default period(s), the default period is reduced to less than 2 consecutive tax periods. This is in respect of such taxpayers GSTIN (as Consignor or Consignee),

For updation of his/her status the taxpayer can visit the EWB portal. Select the option ‘Search <Update Block Status’. Enter their GSTIN and use the Update Option to get themselves unblocked on GST portal. This applies only when GSTR-3B return has already been filed for the default period(s).

EWB generation facility can also be restored by the jurisdictional tax official. This can be done on the basis of manual representation by a taxpayer. The tax officials will issue an online order on the GST Portal, for accepting or rejecting such requests of the taxpayers. In case he accepts the request, the facility will get restored.

Taxpayers will usually receive an Email/SMS of acceptance or rejection will be sent to taxpayer on email ID/mobile number. In order to view the status of the order issued by the tax official,taxpayers can login to the GST Portal. Using their GSTIN, the user can go to Dashboard>Services>User Services> View Additional Notices/Orders.

The Unblocking of EWB will be valid till the period indicated by the tax official in his/her order. The GST Portal will send a reminder to the taxpayer about 7 days before the expiry date via mail/SMS.

Impact Of Blocking/Unblocking EWB Generation On Transporters

Transporters who are enrolled on the EWB portal but not registered on GST portal will not be impacted in any way. This is because they are not required to file GTR3B returns.

If the GSTIN of the transporter registered under GST portal is blocked, that GSTIN cannot be used. This rule applies to Consignor, Consignee or transporter while generating EWB or updating transporter details.

In case an EWB was generated before blocking, the transporter can also update the vehicle and transporter details. He/she can carry out the extension in validity period of these EWBs if required.

Impact On Taxpayers Who Are Blocked From EWB Generation

Not generating an e-way bill will be considered as an act of non-compliance as per the provisions of the GST law. In such a case, the business may be prevented from delivering goods without an e-way bill.

When goods are transported without an e-way bill, the authorities can claim that the consignor of the goods has made an attempt to evade taxes. A subsequent levy a fine equal to the tax amount is payable in such case. Such commodities and the vehicle transporting them can be seized or detained. Both the goods and the vehicle may be released upon successful payment of the pending tax amount and the penalty mentioned by the concerned officer.

The absence of an e-way bill during transportation of goods can lead to the disruption in the day-to-day operations. It can also hamper delivery of goods for a business. This move by the government is intended to push taxpayers to be more compliant and make sure they file their returns/make their tax payments on time.

Businesses need to approach with caution by filing their GSTR-3B within the deadline. Doing so ensures that there is no disruption in their business-related operations. This new modification to the e-way bill system may effectively improve GST revenue collection.

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

 

Data privacy: the debacle & the debate (GDPR vs PDP)

Posted on | by Signzian

In an increasingly data driven digital economy, Big Tech companies have an eye, ear, and finger on the pulse of billions.

Depending on how deep you’ve let Amazon, Facebook, and Google sync into your life (pun intended), the data these companies have access to has reached an increasing level of detail. The digital era has molded us into great liars when it comes to signing up to online sites. While complaining about how ridiculous it seems to identify traffic lights to prove we’re not robots, we mechanically lie about reading all the Terms and Conditions. By agreeing to the T&C we may have inadvertently let the company use and sell our data for reasons we weren’t aware of.

Contextualizing the need for personal data protection

In the past few years, the headlines have been replete with worrying instances from the digital world. From large scale data breaches to controversial targeted political ad policies and inconclusive investigative hearings on privacy. The Facebook–Cambridge Analytica data scandal of 2018 exposed how unethically sourced personal data could be used for thought manipulation. Data of about 87 million Facebook users was inappropriately harvested by the political consulting firm, Cambridge Analytica, and was used for electoral advertising.

The mammoth scale and global repercussions of this scandal altered the history of the privacy debate. It revealed the imperative need to have wide-scale legal mechanisms. A system needed to be enforced to regulate what data will be collected, what it will be used for, and how permission should be sought from its owners. Organizations would have to be held accountable to such provisions through a transparent legal process. These regulations were to be designed to protect the privacy and personal data of netizens and perhaps rein in the power and influence of giant tech companies.

Introducing EU’s GDPR and India’s PDP

The European Union set precedence with the European General Data Protection Regulation (GDPR). The GDPR was adopted in 2016 and enforced on 25 May 2018. It is not a mere directive, but a regulation. This implies that it is directly binding and applicable although it does allow for some flexibility to individual member nations to adjust the provisions. The GDPR is also not an Act, which means that its members have passed their own legislations based on the regulation.

In India, a regulation governing data privacy and data protection is set to be passed this year. The need stemmed from the 2017 Supreme Court judgement on the Right to Privacy. (Read our article on how the judgment impacted the digital world and the financial sector here.) A draft data protection bill was then composed by a committee headed by Justice B. N. Srikrishna. After about 2 years of contentious debate on the bill, during which it was floated for public feedback from stakeholders, it was tabled in the Indian Parliament on 11 December 2019. Currently, a joint parliamentary committee is scrutinizing the revised draft of the bill, codified as the Personal Data Protection Bill (PDP Bill). Post this, it will be debated in the Indian Parliament and finally passed.

It is yet to be determined whether the Indian PDP Bill is closer to the EU’s progressive GDPR or to China’s policy of control. Either way, it has managed to irk both Big Tech companies and privacy advocates alike. Companies with data banks aren’t happy with the cost and hassle of compliance. They deem the bill as isolationist due to its restrictive certification requirements to operate in India. Privacy advocates highlight how the exceptions in the bill can lead to State excesses of control over our data. They warn of government mission creep. Mission creep is the gradual expansion of an intervention, here, it implies the dangerous possibility of the State having access to all our data in the absence of a Privacy Law.

This blog is an exploration of how the GDPR and PDP Bill are similar, yet different in various ways.

Coming to terms with the terminology

Before delving into specifics, it’s important to be acquainted with the terminology used in the legal mechanisms for data privacy. The two regulations also use different terms for the same entity:

 

  • Data processor: Any person or legal entity including the State who processes the data. This may consist of the data controller or data fiduciary itself or a third party.
  • Interestingly, the PDP Bill’s definition of personal data differs from the international definition in the GDPR.

Thematic classification of differences

The underlying principles and intent of the PDP Bill resemble the provisions enshrined in the GDPR. Aspects such as the need to have a clear purpose of processing personal data, consent requirements, personal rights, and the appointment of Data Protection Officers in organizations are closely adapted from the GDPR.

However, there are a range of differences between these two instruments of privacy. Here, the language and enforcement provisions aren’t compared, but the stance both mechanisms take on different issues.

These have been classified into the following themes:

1. Classification of data

 

Critical data has not yet been defined by the Indian government. Although the category resembles the list of “special categories” in the GDPR, the EU’s regulation has defined what the category entails while in India the government has the power to declare any data as critical data. The GDPR does not have separate localization rules for this type of data, unlike India. This is explained ahead.

2. Data localization and cross border data flows

Data localisation requires the collection, processing, or storage of certain types of data within the borders of the nation where the data was generated, before being internationally transferred.

GDPR stance

The aim of data protection frameworks is to protect the data while safeguarding its free flow. The GDPR has no hard data localization conditions. It allows for cross-border transfer of all types of data if the country of data transfer has an adequate framework of data protection.

PDP Bill stance

On the other hand, the Indian regulation’s requirements seem to restrict data’s free flow.

  • Sensitive personal data: This category of data when collected, shared or disclosed to the data fiduciary in India has to be stored only within the borders of the State. It may be transferred beyond the territory of India for processing, subject to explicit consent and conditions.
  • Critical personal data: Strict data localization norms exist for this category of data. It can only be processed within the borders of India. The problem arises since this type of data has not even been defined yet.

Due to firm opposition, the 2018 draft was amended to dilute data localisation requirements (such as storing a mirror copy of all personal data in India). Yet, the GDPR’s approach to handling data is considered more pragmatic since it ensures data gets similar protection once it moves out of the jurisdiction of the regulation.

3. Right to restrict processing

The GDPR grants the data subject the right to limit the processing of their data. This means that the processing of personal data can be stalled at an intermittent stage. This can be requested on the grounds of unlawful processing, data inaccuracy etc. The PDP Bill doesn’t enshrine any such right to the data subject.

4. Right to not be subjected to automated decisions

The GDPR grants the right to not be subjected to automated decision-making, such as profiling. Profiling is the automated processing of personal data to assess certain things about an individual. This right gives the data subject the recourse of obtaining human intervention. This is when such data is solely automatically processed to make an important decision, has legal consequences or significantly affects the individual.

For example, automated processing can be used to profile potential behaviour of an individual in a faster way. It is possible that the individual will not behave in the manner the results project. In that case, if such profiling affects the legal rights of the individual, the person can legally request human intervention.

The PDP Bill does not ascertain this right. While it encourages individuals to seek remedy through courts in case of such discrimination, it does not empower an individual to decide how their data should be processed.

5. Storage limitation

The GDPR lays down specific exceptions for increasing the storage period of collected data. These exceptions include public interest, historical, scientific, and statistical reasons.

On the other hand, the PDP Bill mandates the explicit consent of the data principal to store data for a longer duration of time than is needed to satisfy the purpose for which it is collected. The GDPR does not necessitate this consent.

What does this mean for your organization?

The most contentious question is whether GDPR compliance implies PDP compliance. It is briefly addressed in this section to understand how these bills affect an organization’s compliance needs.

  • Areas such as the anonymization standards differ between the PDP Bill and the GDPR.
  • With no parallel of ‘critical personal data’ in the GDPR, companies will have to be careful with their processing of this classification for India.
  • Unlike the GDPR, the PDP Bill also mandates the explicit consent of the data principal to store data for a longer duration of time.

Such differences and more, warrant that companies pay close attention to the compliance needs of the PDP Bill, even if they meet the requirements of the GDPR.

Other interesting follow-up questions will be explored in our next blog in the PDP Bill series.

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

 

Crypto attacks

How to Safeguard Against Crypto Attacks?

Posted on | by Signzian

Crypto attacks have surged in tandem with the rising popularity of digital currencies, emphasizing the need for robust security measures. To safeguard against these threats, users must employ multi-factor authentication, maintain updated software and wallets, and be cautious of phishing attempts. Educating oneself on the latest types of attacks and remaining vigilant while conducting transactions is crucial.

We’re just two months into 2018 and $2,653,302,364+ of real money has already been spent to buy virtual money. Cryptocurrencies — whether regulated or not — have buyers all over the world, even in countries where their status lies in the limbo.

However, just like real money, virtual money is also being stolen. And just like real money investment scams, the virtual currency space, too, has its share of investment scams with cheats floating schemes promising lucrative returns and running away with all the money.

Let’s look at some of the most common crypto attacks and how regulation can bring them down.

ICOs and the Disappearing Act

ICOs (or Initial Coin Offerings) is a means of crowdfunding that allows new ventures/startups to raise capital without following the regulated processes and compliance needed by venture capitalists, stock exchanges, and banks.

While cryptocurrency ICOs intend to raise money for building the proposed ground-breaking blockchain solutions, scamsters only use them to loot. Their modus operandi is the same: Announce an ICO. Lure investors. Collect the cash and disappear.

The Benebit scam is one such recent ICO scam. In its whitepaper, Benebit had proposed a revolutionary customer loyalty blockchain solution. But it did a runner with about 4M USD when someone reported that Benebit’s website’s photos were stolen from some school’s website.

Phishing and Crypto Attacks & Thefts

When dealing with virtual currencies, customers face the same risks as they face when doing net banking. Cryptocurrency users are prone to all kinds of cyber attacks like phishing, password hacking, trojan software and others.

IBM’s X-Force research group states how cyber criminals have modified TrickBot, a banking trojan, to target cryptocurrency trading platforms by redirecting the virtual currency to their wallets during transactions.

Coincheck, a cryptocurrency exchange from Japan, was a victim of a cyber stealing attack and lost $530 million of its users money. Another Japan-based bitcoin exchange company, Mt. Gox, had in 2014 lost $400 million of its users’ funds. Although it promised to return the lost money, it ended up filing for bankruptcy.

Unlike traditional banks or card processing companies, cryptocurrency exchanges can’t do much to recover virtual currency.

Crypto Attack: ‘Cashing’ in on the Hype

When a technology is so new and disruptive as blockchain, it creates hype. A stream of scamsters use nothing but this hype and lure unsuspecting victims into investing their money.

The Suppoman scam is one such scam. A youtuber scammed hundreds of his viewers by promising information on a “secret ICO” if they bought one of his Udemy’s paid courses and joined his Facebook mastermind group. To join this group and get access to the password, the viewers were required to pay 10$.

Suppoman succeeded in creating such hype around the “secret ICO” that people started buying even his old Udemy courses so they could get the password. To the disappointment of the buyers, the secret ICO turned out to be: Seele, which is a very popular ICO everyone knows of.

There are also instances where scamsters rebranded old cryptocurrencies and raised funds all over again, only to run away with the money.

Countries that accept (or the ones that haven’t banned) cryptocurrencies are working on creating regulations to protect the investors against such attacks.

Regulatory Red Tape on Cryptocurrencies

Treating cryptocurrency companies like any other financial institutions and forming regulations for the same will clamp down — if not eliminate — most of the different crypto attacks.

Regulating to avoid tax evasion and ensure the money isn’t used for sponsoring shady activities: Subjecting cryptocurrency trading companies to stringent KYC, AML, user data privacy and other financial norms will help monitor the flow of fiat currency to crypto and vice-versa. This will also impose checks on issues like tax evasion.

In US (where cryptocurrencies are undergoing rapid regulation), virtual currency trading companies are required to register as money services businesses with the Financial Crimes Enforcement Network, a part of the U.S. Treasury Department.

Regulating to avoid fraud ICOs from raising funds: Regulating how ICOs are released and what happens to the money in the case of a non-delivery will protect investors from ponzi virtual currency schemes.

Gibraltar is working on a law that will regulate Initial Coin Offerings (ICOs) in the British overseas territory. This law aims to regulate how ICO tokens are promoted, sold, and distributed. Sian Jones, a senior GFSC advisor, says the regulation will introduce the concept of “authorized sponsors,” who’d be “responsible for assuring compliance with disclosure and financial crime rules.”

Regulating to strengthen the security norms of cryptocurrency makers and trading companies: Regulating the security standards for companies that deal with cryptocurrencies will help prevent thefts.

When it comes to securing users’ money in banks, RBI has given as many as 24 best practices on user, software, asset, environment, and security management. It would be interesting to see if RBI could introduce comparable standards for the cryptocurrency companies as well.

Regulation can pave the way for a safer and more secure cryptocurrency trading environment. Regulation will also handle the government’s key concerns such as financing illegitimate activities, money laundering, and terrorist financing related to crypto trading.

About Signzy

Signzy is a market-leading platform redefining the speed, accuracy, and experience of how financial institutions are onboarding customers and businesses – using the digital medium. The company’s award-winning no-code GO platform delivers seamless, end-to-end, and multi-channel onboarding journeys while offering customizable workflows. In addition, it gives these players access to an aggregated marketplace of 240+ bespoke APIs that can be easily added to any workflow with simple widgets.

Signzy is enabling ten million+ end customer and business onboarding every month at a success rate of 99% while reducing the speed to market from 6 months to 3-4 weeks. It works with over 240+ FIs globally, including the 4 largest banks in India, a Top 3 acquiring Bank in the US, and has a robust global partnership with Mastercard and Microsoft. The company’s product team is based out of Bengaluru and has a strong presence in Mumbai, New York, and Dubai.

Visit www.signzy.com for more information about us.

You can reach out to our team at reachout@signzy.com

Written By:

Signzy

Written by an insightful Signzian intent on learning and sharing knowledge.

1 2 3 4