NATURAL LANGUAGE processing (NLP), Gen AI, core tech…that such seemingly arcane concepts are now commonly discussed in bank boardrooms and strategy meetings shows the distance Indian banking has travelled over past few years. The triggers: Changing customer needs, competition from tech-savvy fintechs and cost pressures. While Indian banks started using computers in the 90s, over past five-six years, they have been riding the next wave of digitisation to improve efficiency, customer experience and risk management. Internet banking, mobile apps, robotic process automation and machine learning (ML) have become game changers. Leading the change are some of India’s oldest lenders.

State Bank of India (SBI), which calls itself the ‘Banker to Every Indian’, has launched mobile apps for 10 of its sponsored regional rural banks. Its mobile banking app YONO has introduced YONO Business for companies, integrating offerings such as trade finance, forex, cash management, internet banking, API banking, pre-approved business loans, cash management and supply-chain finance. “YONO Business has onboarded 5.24 lakh new-to-digital customers with 66 crore transactions. We opened 2,00,000 current accounts through YONO Business in FY24,” SBI chairman Dinesh Kumar Khara has said in a letter to shareholders. The bank’s private cloud, Meghdoot, hosts more than 400 applications, including UPI, Kiosk Banking, DBT, loan management system and government business solutions. In FY24, it had a 26.81% share in number of mobile banking transactions and sanctioned 17.35 lakh digital loans.

Continuing the focus on turning its mobile app into a one-stop solution, in FY24, private sector lender ICICI upgraded its retail lending platform iLens by adding personal/education loans and mortgages. It says 71% trade transactions during the year were digital. Volume of transactions through trade online platform grew 29.2%. The bank has also simplified its bank guarantee process through Smart BG Assist, a solution to enable digital execution of bank guarantees, e-stamping and digital signature.

ICICI Bank’s rival and India’s largest bank by market capitalisation, HDFC Bank, revamped its mobile app PayZapp 2.0, which has nearly three million users and handles 2.5 lakh transactions in a day. That is not all. “HDFC Bank SmartHub Vyapar (merchant payment) platform handles ₹19,000 crore transactions and disburses ₹650 crore a month. Xpress Car Loans brings almost 30% of our car loan volumes,” Srinivasan Vaidyanathan, CFO, HDFC Bank, said in an earnings call.

Among medium-sized players, Kotak Mahindra Bank is moving to ‘digical’; this means first priority to digital. “Our 95-96% savings account customers transact outside the branch, either on mobile app or net banking,” Virat Diwanji, head, Consumer Banking, said during the bank’s latest quarterly results call.

Even those considered laggards till a few years ago are catching up. In FY24, Punjab National Bank saw an 8% increase in Internet banking users from 3.9 crore to 4.2 crore. The number of digital transactions rose 62% from 408 crore to 659 crore. Share of digital transactions was nearly 87.6%. The revamped PNBONE app reported a 91% increase in number of transactions from 2.8 crore in FY23 to 5.4 crore in FY24. Average daily logins rose from 12 lakh to 25 lakh. The bank now plans to leverage NLP and Gen AI for employee learning and improving customer experience.

Even smaller banks are digitising with vigour. Last fiscal, Ujjivan Small Finance Bank launched digital fixed deposit and digital savings account. It also introduced Ujjivan Pay, a QR code service for small merchants, and Digi Mitra, a technology team to solve customer queries on digital applications. Ujjivan says wider adoption of its digital platform will reduce the cost of servicing customers. This, along with cross-selling of investment products, will maximise returns. The bank’s in-house digital banking team has 17 UI/UX design experts who work closely with fintechs. AU Small Finance Bank’s mobile app AU0101 provides a complete banking stack with video banking and fully digital onboarding. It has 180-plus features and 30 lakh-plus customers; over 55% are monthly active users. More than 90% transactions are digital. “In FY24, as part of AD-1 (authorised dealer-1) business, we rolled out foreign remittances on AU 0101. We have built a cloud native data lake on AWS to strengthen analytics and roll out data applications such as self-service BI (business intelligence),” says Mayank Markanday, head of AU 0101. The bank has a team of over 100 people working on digital strategy and implementation across product, design, core tech and engineering.

Navigating Cyber Risks

However, one of the biggest downsides of digitisation has been a sharp rise in cyber frauds, some due to lax security measures by banks. In March this year, RBI reported an estimated 1.3 million cyberattacks on financial sector between January and October 2023 and warned banks to pull up their socks. The central bank recently barred Kotak Mahindra Bank from on-boarding customers through online/mobile banking and issuing fresh credit cards citing concerns over its technology platforms. ICICI had to block 17,000 credit card users after a glitch in ‘ibank’ mobile app that showed customers data of other users.

Banking frauds come in several forms — phishing, data theft using advanced software and algorithms, cloning digital identities and creating counterfeit banking apps or websites to trick customers. There is now a more urgent need to modernise legacy cybersecurity infrastructure due to third-party vendor risks and sophisticated AI-driven attacks by nation-state actors. “With ransomware, distributed denial-of-service and supply chain attacks becoming major concerns, just compliance with data protection regulations under Personal Data Protection Act and Payment Card Industry Data Security Standard may be inadequate”, says Balaji Rao, area vice president, India & SAARC, Commvault, a data protection company. “Strengthened regulatory adherence and improved mobile banking security, including rigorous testing and robust multi-factor authentication, are imperative. Many banks lack mature cyber recovery processes, rendering them vulnerable,” he says.

A massive rise in adoption of Cloud services has expanded the attack surface, says Sundar Balasubramanian, India and SAARC MD, Check Point Software Technologies. Check Point’s Threat Intelligence Report says Indian BFSI organisations faced an average of 2,100 attacks per week in last six months, surpassing the global average of 1,314. Cloud services help banks achieve scale and flexibility but also bring new vulnerabilities.

About 84% global respondents in the Kyndryl State of IT Risk Survey 2023 agreed their organisations rely heavily on IT systems for critical processes and 71% said they had experienced a cybersecurity-related event. Despite these challenges, Indian banks have made significant progress in strengthening cybersecurity through encryption protocols, multi-factor authentication and advanced intrusion detection systems, says Saket Verma, India practice leader, Cybersecurity, Kyndryl. “Indian banks have embraced a collaborative approach. Through partnerships with global cybersecurity firms and participation in international forums, they stay abreast of latest threats and best practices. This allows them to implement cutting-edge security measures effectively,” he says.

India’s central bank has also been playing an important role in pushing banks to adopt better cybersecurity standards through comprehensive guidelines, periodic audits and mandatory disclosure of breaches. However, with latent risk of ever advancing technology, one can never be sure if the measures are enough. For Indian banks, this means being always on their toes to stay abreast of the latest in the world of technology.

Follow us on Facebook, X, YouTube, Instagram and WhatsApp to never miss an update from Fortune India. To buy a copy, visit Amazon.