INDEX
Sr. No. TOPICS PAGE No.
1. Research Methodology 5
2. Research Objectives 5
3. Introduction 6
4. Automation 7
5. Revolution 9
6. Advantages 11
7. Challenges 11
8. Mechanisms 12
9. Frauds 13
10. Conclusion 19
11. Glossary 20
12. References 22
RESEARCH METHODOLOGY
� BANKING LAW
The research of this project is primarily based on secondary data. The facts and laws relevant
to this topic are tapped from on-line journals and articles by different scholars and research
and analysed them together to arrive at conclusions. The researcher has mainly depended
upon the Electronic Funds Law. The research includes systematic method, which includes
clarification of the objectives, collection of the facts, critical analysis and conclusion.
RESEARCH OBJECTIVE
To understand the meaning of Electronic Funds Transfer.
To highlights the legal regimes regarding electronic funds transfer.
To understand the revolution took place.
To analysis the challenges.
To recognise the advances.
To understand the frauds involved in electronic funds transfer.
To suggest some ways in which banks and customer can trust electronic funds
transfer.
INTRODUCTION
2|Page
� BANKING LAW
With the beginning of twenty-first century, it was noticed that businesses were being
conducted over internet along with competitive characteristics and a number of promises for
creating wealth. Those firms with an established business started creating new online
businesses. New ventures coming up and exploiting the opportunities that the internet
provides. It was inferred that E-business has the potential of generating enormous wealth,
mostly through corporate start-ups and corporate ventures. The merge of the information
technology and the web standards have formed the electronic business "E-business". E-
business is a combination of economic, technology and market forces that remake strategies
of traditional business. The business process is counted to use the power of computers and
communication networks which is known as Internet.
Electronic Fund Transfer is one among these strategies of traditional business. EFT includes direct-
debit transactions, wire transfers, direct deposits, ATM withdrawals and online bill pay services.
Transactions are processed through the Automated Clearing House (ACH) network, the secure
transfer system of the Federal Reserve that connects all U.S. banks, 1credit unions and other financial
institutions. For example, when one uses his/her debit card to make a purchase at a store or online,
the transaction is processed using an EFT system. The transaction is very similar to an ATM
withdrawal, with near-instantaneous payment to the merchant and deduction from your checking
account.
Direct deposit is another form of an electronic funds transfer. In this case, funds from your employer’s
bank account are transferred electronically to your bank account, with no need for paper-based
payment systems. The increased use of EFTs for online bill payments, purchases and pay processes is
leading to a paper-free banking system, 2where a large number of invoices and payments take place
over digital networks. EFT systems play a large role in this future, with fast, secure transactions
guaranteeing a seamless transfer of funds within institutions or across banking networks.
Cryptography has been used for years to secure electronic funds transfers. However, in the
electronic data interchange environment, cryptographic controls are still in their infancy. In
this paper examines the revolution , automation and challenges of the electronic funds
transfer process as well as its security control mechanism. Apart from this this paper will deal
1
[Link]. (2019). Direct Deposit Definition & Example | InvestingAnswers. [online] Available at:
[Link] [Accessed 24 Sep. 2019].
2
[Link]. (2019). Business Automation with Globalscape EFT | Globalscape. [online] Available at:
[Link] [Accessed 25 Sep. 2019].
3|Page
� BANKING LAW
with the challenges and fraud cases that came across since the inception of electronic fund
transfer.
AUTOMATION
Transferring funds via electronic gateway is much simpler than the conventional methods.
One can choose to-
Transfer funds into their own linked accounts of the same bank network.
Transfer funds into different account of the same bank.
Transfer funds into different bank’s accounts using NEFT.
Transfer funds into other bank accounts using RTGS
Transfer funds into various accounts using IMPS.
Types of electronic funds transfer-
NEFT or National Electronics Funds Transfer
RTGS or Real Time Gross Settlement
IMPS or Immediate Payment Service.
NEFT
The National Electronic Funds Transfer is a nation-wide money transfer system which
allows customers with the facility to electronically transfer funds from their respective
bank accounts to any other account of the same bank or of any other bank network. Not
just individuals but also firms and corporate organizations may use the NEFT system to
transfer funds to and fro.
Funds transfer through NEFT requires a transferring bank and a destination bank. With
the RBI organizing the records of all the bank branches at a centralized database, almost
all the banks are enabled to carry out an NEFT transaction. Before transferring funds via
4|Page
� BANKING LAW
NEFT you register the beneficiary, receiving funds. 3For this one must possess
information such as name of the recipient, recipient’s bank name, a valid account number
belonging to the recipient and his respective bank’s IFSC code. 4These fields are
mandatory for a funds transfer to be authorized and processed. Any sum of money can be
transferred using the NEFT system with a maximum of Rs. 10, 00, 000/- .
RTGS
Real Time Gross Settlement, as the name suggests is a real time funds transfer system
which facilitates to transfer funds from one bank to another in real time or on a gross
basis. The transaction isn’t put on a waiting list and cleared out instantly.
RTGS payment gateway, maintained by the Reserve Bank of India makes transactions
between banks electronically. The transferred amount is instantly deducted from the
account of one banks and credited to the other bank’s account. 5
Users such as individuals, companies or firms can transfer large sums using the RTGS
system. The minimum value that can be transferred using RTGS is Rs. 2 Lakhs and
above. However there is no upper cap on the amount that can be transacted. The remitting
customer needs to add the beneficiary and his bank account details prior to transacting
funds via RTGS
IMPS
Majority of the funds transferred using electronic channels are processed via NEFT or
RTGS. But as the funds could only be cleared in batches using these transfer gateways,
the National Payments Corporation of India introduced a pilot mobile payment project
also known as the Immediate Payment Service (IMPS). Available to Indian public,
IMPS offers instant electronic transfer service using mobile phones.
IMPS interbank transfer service is available 24X7 and allows you to use your mobile
phones to access your account and to authorize transfer of funds between accounts and
3
[Link]. (2019). [online] Available at: [Link] [Accessed
25
Sep. 2019].
4
Ibid.
5
Youth Forum. (2019). Mechanism of Electronic Fund Transfer: Analysis and Challenges. [online] Available
at: [Link] [Accessed 20 Sep.
2019].
5|Page
� BANKING LAW
banks. The IMPS service also features a secure transfer gateway and an immediate
confirmation on fulfilled orders. IMPS are offered on all the cellular devices via Mobile
Banking or through SMS facility.
To be able to transfer money via IMPS route one must first register for the immediate
payment services with your bank. On obtaining the Mobile Money Identifier (MMID) and
MPIN from the bank one can login or make a request via SMS to transfer a certain
amount to a beneficiary. Meanwhile the beneficiary must link his/her mobile number with
his/her respective account and obtain the MMID from the bank to be able to receive
money.
Thus IMPS enables customers to use mobile instruments as an instant money transfer
gateway, facilitating user convenience and saving time and effort involved in other modes
of transfer.
ADVANTAGES
Time Saving:- the online payment system has made the process of fund transfer simpler.
Now just on one click any amount whether small or big can be transferred without any
lengthy procedure and formalities.
Convenience:- The system of electronic payment has made the payment system feasible for
users and the flexibility ensured by it has also increased. Now people don't have to stand in
huge lines and go through a complicated lengthy procedure.
Safety:- The information on each users port in personalised. no one can access that
information without a personalised ID and password. On to of it to ensure double security
OTP is to be entered which is given on the personal numbers of users. By this double
security system the safety is also taken well into consideration.
All Time Service:- Earlier transaction could only take place during the bank hours and at
the bank only but now the transactions cam take place anytime, anywhere. Now it is a 24/7
service available for the users.
Paperless:- EFT saves a lot of money for some who would have otherwise had to send
money through cheques. Another benefit goes to the environment as there is no use of
papers.
6|Page
� BANKING LAW
Effective and efficient:- That time is gone when you had to travel so much, stand in queues
to pay bills and face the weather conditions. Sitting at your homes, you can complete your
tasks in just a few clicks. To conclude the advantages of EFD it can be said that the biggest
benefit is that either transaction is significantly faster than dealing with a check. Also, you
tend to have better visibility in where you are at in the process. Finally, electronic transfers
don’t get lost, eaten, delayed by weather, destroyed, etc.
FRAUDS
In a world of instant electronic payments and money transfers, people might worry about a
simple mistake draining bank. Their money could be withdrawn by somebody thousands of
miles away, and they will never know about it unless they review their accounts or
start getting overdraft notices.
Although online banking is a relatively recent phenomenon, it’s already difficult to image life
without it. For both personal and business banking, the ability to pay bills, collect fees and
otherwise transfer funds from a remote computer virtually eliminates the need to visit a brick-
and-mortar bank to make financial transactions. Unfortunately, as an increasing range of
financial transactions move to the virtual world of computers, a whole new set of liabilities
arise. Chief among those is the fraudulent electronic funds transfer (EFT)
Fraudulent EFT is the activity of accessing a personal or business bank account and
transferring the funds to another account without permission. Gaining access to an account
can occur through various means. For example, someone can steal your credit or debit card,
or copy your card numbers and passwords through a sophisticated reader illegally attached to
an ATM machine. The motives behind EFT fraud are vast and complex. Common motivating
factors include significant financial gain; desire to master the EFT system, thrill of the deed,
and employee revenge.
In many cases, people do not have to pay when something goes wrong with their bank
account. Federal law gives people the right to have those fraudulent charges removed. But
people also have the responsibility that comes with those rights. Their job is to monitor their
accounts and report any problems to your bank or credit union quickly. Over the years, rules
have evolved to help public avoid paying for charges that are not legitimate. Lawmakers
began to address the issue as early as 1978 with the Electronic Funds Transfer Act. It applies
to (EFTs) in bank accounts.
7|Page
� BANKING LAW
Often, very large dollar amounts are transmitted over EFT networks during a single EFT
transmission. By fraudulently altering payment instructions in the EFT process, an individual
could potentially steal large sums of money. Although it is difficult, if not impossible, to
obtain accurate statistics on EFT fraud, one could suggest that millions of dollars are loss by
companies per year to fraudulent EFT payment instructions. In order to avoid embarrassment
and a potential decline in share price, most companies prefer not to release information
pertaining to fraudulent activity to the public.
For today’s businesses, however, perhaps the greatest threat is having someone gain access to
your online bank account and illegally transfer funds into their own account. One source of
such illegal activity is dishonest company employees. There are many cases of employees
who have access to company financial accounts ciphering company money by making
payments to bogus vendor accounts they set up. This exposure is appropriately insured by an
Employee Dishonesty Policy.
In today’s corporate world, mergers, acquisitions, and streamlining of business processes are
common occurrences. Positions sometimes become redundant, and employees consequently
lose their jobs and livelihood. Such an environment increases the risk of EFT fraud. An
employee at the EFT controls could anticipate a loss of employment and retaliate against the
company by releasing a fraudulent EFT payment to their own bank account. EFT crime offers
an intellectual challenge, which is as attractive to some as the opportunity for financial gain.6
A bigger threat to companies, however, is fraudulent EFT’s perpetrated by computer hackers,
often located halfway around the world. These thieves can and do instantaneously empty a
company’s entire bank account, often resulting in losses of hundreds of thousands of dollars.
STEPS FOR PREVENTION
1. Formalize your EFT policy
Develop a strict policy regarding who has access and authority to make electronic fund
transfers. As a general rule, you want to limit who has access to company bank accounts as
well as limit the number of computers that can provide access to company funds. At the same
time, you don’t want a single employee to have full authority over electronic funds transfers.
It is usually best to have responsibilities divided so that oversight is in place.
6
“Selected Electronic Funds Transfer Issues, Privacy, Security, and Equity.” URL:
[Link] PDF
8|Page
� BANKING LAW
2. Reconcile bank accounts frequently
The EFT policy should establish frequent reconciliations of all company bank accounts, so
that any suspicious withdrawals are caught at the earliest time possible. Discovering fraud
quickly is essential to possibly reversing the transaction and limiting the company’s liability.
3. Upgrade computer security
Up-to-date antivirus software and adequate company firewalls are your first line of defence to
combat malware and keep intruders out of your computers. Antivirus software helps detect
and quarantine dangerous files and programs that can damage and control your computers.
And don’t forget physical security as well. Keep computers that access your bank accounts
under lock and key when not in use. And make sure usernames and passwords are kept secure
and frequently updated.
4. Ensure Physical Security Surrounding All EFT Components
Physical security surrounding the EFT hardware and software components cannot be stressed
enough. On occasion, I have conducted reviews of companies’ EFT processes and noted
entire solutions could be easily compromised because of an outright disregard for physical
security. Frequently, companies install a financial institution’s EFT software on a standalone
workstation. Following are steps, which could be used to easily compromise such a
configuration:
a. Gain physical access to the EFT workstation;
b. Reboot the EFT workstation from diskette;
c. Download the NT Security Account Manager (SAM) database to diskette;
d. At a remote workstation, use l0phtCrack (a tool available on the Internet) to crack
the SAM;
e. Return to the EFT workstation and login with an NT login ID, which was cracked
with l0phtCrack;
f. Install a keystroke logger program on the NT workstation, and subsequently use the
logger to capture passwords used to authorize EFT file transmissions to the bank;
g. Send fraudulent EFT payment instructions to the bank; and
9|Page
� BANKING LAW
h. Leave the country for vacation. As the example demonstrates, physical security is a
key control surrounding the EFT process. If your EFT solution lacks physical
security, the mentioned scenario should alarm you.
5. Implement Effective EFT Application Security
Too often, organizations wholeheartedly purchase and immediately implement a new
application without understanding the security capabilities of the software. An emphasis is
placed on installing the application into production as soon as possible. Similarly, EFT
applications are sometimes placed in a production environment without the appropriate
logical controls. Whilst EFT software packages support similar security capabilities, these
applications also offer unique security configurations. Prior to implementation, an application
security review should be conducted to determine the appropriate security parameters. In
addition, user profiles should be designed to enforce segregation of duties amongst sensitive
EFT functions (e.g. application IDs with the ability to transmit EFT files or create/delete user
IDs) and the least privilege principle.
6. Insurance is your Final Safeguard
Since you can never guarantee 100% protection of your electronic funds, insurance can be
your last line of defines. Funds Transfer Fraud insurance is a specific type of crime insurance.
It is typically combined with Computer Fraud insurance in what is called a “wrap” policy. It
is important to note that while the Funds Transfer Fraud and Computer Fraud insurance
agreements may contain similar coverages, there are important differences. Namely, the
Funds Transfer Fraud coverage specifically protects against losses caused by fraudulent
instructions given to the financial institution by a third party and purported to have been sent
by the insured to transfer, pay or deliver funds to another account. This coverage may be
specifically excluded on the Computer Fraud insurance agreement. Note that some insurers
include fraud prevention education as well as discounts on security software along with their
wrap policy.7
BUREAU OF JUSTICE STATISTIC REPORT
7
Preventing Electronic Funds Transfer Fraud Article provided by Professional Liability Agents Network
(PLAN). URL - [Link]
10 | P a g e
� BANKING LAW
The rapid increase in the use of computer-based systems for financial transactions has
heightened public and private concern over the potential for electronic fund transfer (EFT)
crime or fraud. Two principal types of crime highlighted by this report are incidents
associated with automatic teller machines (ATMs) and with wire transfer, that is, the tr8I'.sfcr
of funds by electronic means between banks.
At present, ATM represents the most established retail application of EFT technology. Other
retail applications also include telephone bill paying, home banking and "point of sale" fund
transfers. It is estimated that in 1983, 2.7 billion transactions (withdrawals and deposits)
worth $262 billion were processed through 43,800 installed ATMs.8
At the corporate level, wire transfer, i.e., the transfer of funds by electronic means between
financial institutions represents the most established use of EFT technology. Approximately
60 million wire transfers were completed in 1980 involving 117 trillion dollars. This was 45
times the value of the nation's 1980 gross national product.
Data from a survey of 16 American banks, all but one with deposits in excess of one billion
dollars, and related industry data sources reveal the following estimates of level of activity in
electronic transfers and the extent of crime:
In 1983, there were 2.7 billion transactions involving $262 billion processed through
automatic teller machines (ATM).
Of a sample of 2,707 ATM-related incidents (transactions resulting in accountholder
complaints), 45% of all incidents were found to be potentially fraudulent, involving, for
example, unauthorized use of lost or stolen cards, overdrafts, and "bad" deposits .
Nationwide ATM bank loss from fraud during 1983 is estimated in the range between $70
and $100 million based on bank characteristics and a median bank loss of approximately
$84 million calculated on the basis of 2.7 billion transactions.
In 1980, roughly 60 million wire transfers were completed involving 117 trillion dollars.
The average exposure to loss in 139 problem wire transfer incidents reported by 12 of the
16 banks was $833,279; actual losses occurred in 56% of these incidents.
Anticipated losses from wire transfer fraud were estimated to increase approximately
70% over the next 5 years by a cross-section of bank managers and wire transfer experts.
8
U.S. Department of Justice Bureau of Justice Statistics. URL - [Link]
11 | P a g e
� BANKING LAW
ATM-related incidents resulting in apparent loss to an accountholder or bank may result from
technical failure, human error or fraud. Individual incidents were classified as "fraudulent" on
the basis of the facts involved as indicated in bank records, including in some cases existence
of actual fiscal loss to the bank. Law enforcement investigation and judicial review might
result in a reclassification of some of these incidents.9
Public concern over potential major EFT fraud loss is focused in the area of wire transfer. At
his time, however, no formal recording mechanisms exist for the ongoing documentation of
wire transfer incidents.10 Estimates of the extent of current annual losses and the anticipated
level of losses in 5 years. As in the case of incidents reported by panel banks, it is reasonable
to assume that incidents are infrequent and that major losses may not be fully reported. It is
relevant, however, that average anticipated losses ($39,548) exceed current net loss estimates
($23,327) by 70%, reflecting a high level of concern among bank officials.
The rapid growth of EFT systems fuelled by advances in computer and communications
technology and by competition resulting from a continuing deregulation of the banking
industry makes it critical to assess their risk to fraud on an ongoing basis. This is especially
important, as EFT systems tend to complement each other's growth.
CONCLUSION
The past thirty years have seen rapid advances in the technological component of banking
services and as a consequence new legal issues have come to the fore, especially with regard
to EFTs which is now used to transfer money around the world, and have made fund
transactions between payers and payees easier, faster and more secure. The method involves
risks for both banks and customers, due to the possibility of unauthorized payments risks,
credit and insolvency problems, and confidentiality issues. Most contracts and obligations
now depend on the new technology, although there are a variety of methods for dealing with
the concomitant risks. EFTs share a number of similarities with paper-based funds transfers
in regard to methods of regulation, and the careful observer can identify patterns and themes.
9
Incidents where potentially irregular transactions (e.g., mechanical failures, empty envelope deposits) were
corrected by the accountholder or bank to avert loss were classified as non-fraudulent; this may underestimate
the level of fraudulent incidents.
10
Errors or inquiries concerning wire transfer are usually kept on a log, while incidents requiring further
investigation or legal action are described in note form and kept in folders that may be maintained by the bank's
wire transfer manager, security office or audit and control office.
12 | P a g e
� BANKING LAW
Although EFT provides flexibility in performing financial transaction, fast and easy, however
individuals are still reluctant to adopt the system because of several reasons. First, the
security and privacy are two elements in the perceived risk. Without a proper knowledge of
the system, individuals are not interested to test the system. Perceived usefulness, ease of use
and consumer awareness has positive impact on the intention to adopt EFT while perceived
risk has negative impact on it. When EFT is perceived as useful, customer's intention to adopt
it would be greater. Likewise bank customers are likely to adopt EFT when it is easy to use.
This shows that bank customers anchor their EFT adoption intention to the beneficial
outcomes and ease of use process of the system.
Today, the business world depends heavily on EFT systems for its procedures; and
government and academia have also taken a keen interest in EFTs. This thesis reviews and
examines the existing legal position of liability of banks and customers for risks associated
with EFT transactions: unauthorized EFT instruction and the problem of customer identity,
credit risk and privacy, especially, the systems employed for safeguarding the customer’s
transactions and data. The bank should create on awareness about EFT among the customers
of all segments irrespective of age, income etc. In general most of the account holders are not
availing the EFT system for so many reasons like technological up gradation, security etc. so
it is the responsibility of the bank officials to educate the customers through proper, training.
The banks can reduce the transaction cost for EFT system in order to increase11
11
IOSR Journal of Business and Management (IOSR-JBM) e-ISSN : 2278-487X, p-ISSN : 2319-7668, PP 51-
53 [Link]
13 | P a g e
