Since 2010, Sanjib Subba has been working as the Chief Executive Officer for National Banking Institute (NBI), the banking academy of Nepal established with the support of Nepal Rastra Bank, Nepal Bankers’ Association, Asian Development Bank and Rural Microfinance Development Center. He has an experience of over 20 years in the field of educational institute management, training programs, capacity building, program development and banking.
Dibesh Dangol from B360 interviewed Subba on issues ranging from trainings for IT security and human capital development and most pressing elements that banks in Nepal need to improve on. Excerpts:
What academic and training courses is NBI currently offering? How do you design courses?
NBI largely offers banking related courses within the banking gamut like management, credit, operation, along with new boarding challenges including anti-money laundering and cyber security. Because the banking landscape is changing and evolving due to constant evolution in technology, we try to address these kinds of issues and prepare courses accordingly. The banking institute also has courses regarding governance in which we provide information on how to have a good corporate governance and ethics inside the bank.
NBI trains bank personnel from new hires and bank tellers to CEOs and BODs. The courses or trainings we provide are designed according to the need of the banks and are applicable at every stage whether it is at the beginner level, managerial level or executive level. Though the courses related to governance and code of conduct issues are more relevant to the top executives and BODs, and the topics such as operations and risk management is applicable at every banking stage, it doesn’t mean that the beginner level or managerial level should not be concerned with learning about governance and code of conduct. A perpetual learning habit is essential, and it is what we, National Banking Institute, cater to the banks and banking personnel.
The courses are designed either according to the needs we receive from the banks or we modify the existing courses according to the changing banking scenarios and new challenges the banks could be facing in the future. We firstly vision those scenarios and then design the courses. During the course designing phase, we consult with experts of the course concerned field and design the courses together. Let’s say for risk, we invite risk professionals, ask them about the challenges and gaps, and based on the findings and feedbacks, we design the course accordingly.
Nepal Rastra Bank had issued strict regulations regarding IT security last year after NIC Asia’s SWIFT account was hacked. Is NBI providing banking IT security courses or programmes?
NBI is involved in providing courses around IT security areas. Actually, as soon as NIC Asia’s SWIFT account was hacked, we held an international level conference and invited experts from various financial institutions and countries including Bangladesh. After the conference, we came with answers regarding what measures can be taken to prevent such IT hacks and make banks’ IT security stronger which we have included in our IT related courses.
In IT security courses, the main topic we have focused on is regarding identifying why and how does lapses happen in IT system which results in system crashing or hacking. The primary reason for such lapses happening is inadequate system or inadequate investment in technology. NBI has suggested the BODs and CEOs to never opt for cheap software because the moment one tries to bargain and get cheap product, it will result in cheap outcome which will not help in providing useful security in banking. Investment in technology is a leadership will and vision in actuality. Particularly in IT security, the Core Banking Software (CBS) alone cannot help to manage all the IT works. Looking at the current and future scenario of banking industry and hacking cultures, banks need to have additional software especially for IT security management. Banks should never compromise on investing properlyin technology.
The second important element is proper orientation and training of the staff. Why these lapses are happening is also because bank personnel aren’t following the prudent norms like changing passwords frequently, reporting suspicious e-mail attachments and avoiding operating bank accounts from personal devices. Hackers are the smartest people who are always finding ways to penetrate the system 24×7. The way hackers hack is by sending suspicious attachments in e-mail which contains malwares and viruses. If such attachments are opened then the malwares enter the system making it possible for hackers to penetrate the system.
To protect from such hacks, having a robust culture; culture of zero tolerance, compliance, code of conduct and following the rules and regulations are required. If banks address these issues and have good technology, system and culture, lots of IT threats can be taken care of and the chances of getting hacked are very minimal.
The Central Bank has circulated a directive for Information Security Officer for banks, but do we, at present, have skilled manpower to take up the responsibility?
It is a challenge… a challenge in a sense that there are only few banks that have IT officers at top executive levels. When talking about technology in banking, the banks constantly need to upgrade positions, find right people, and invest wisely, whether it is for software or staffs. The IT staffs must have international certifications which aren’t cheap. The IT personnel also need to be trained and certified frequently; the reason being the rapid change in technology along with advancement of hackers. If the banks aren’t advancing and informing IT related issues to their personnel or doesn’t have an officer level IT personnel handling IT security matters, it doesn’t help banks to solve these issues which puts the banks in a threatening position of getting hacked. Every bank must have a Chief Technology Officer (CTO), an executive staff below CEO. If something goes wrong in CBS, ATMs or other minor IT problems, these types of work are to be assigned to the IT admin personnel. Beyond that you need a vision or strategy part which the entry level personnel will not be able to handle. So, banks need to invest wisely in IT personnel and have a robust IT department under the CTO whose position hierarchy must be one level below the CEO. The CTO also should have an independent budget targeted to improve the IT systems of the bank.
Understanding technology is more apparent because in banking the language of dollars and cents are spoken. But, it is high time that the top level executives of banks became bilingual, not only knowing the language of dollars and cents, but also the language of bits and bytes. Bankers should move on from traditional banking trends and learn this new lingua franca that is so critical in the current banking industry. Unless our top level bankers are oriented or educated about IT vocabularies, simply continuing with the plain vanilla type of banking will not help a bank to progress.
People at the top, with the power, must first learn, accept and realise why they are vulnerable. Each and every bank in Nepal currently is at a very vulnerable stage. Banks are growing in size, but in terms of understanding the technology and technology security, they are still very weak. Banks should also create partnership with ethical hackers – those who specialise in penetration testing and in other testing methodologies and ensure the security of an organisation’s information system.
As for the question regarding if such skilled manpower is available currently for such purposes or not, I would say, availabilities come when opportunities are created. Though there are challenges, opportunities to build, create and grow the needed skilled manpower are there. Currently, we do have such skilled people in the country, especially the young generation.These young citizens are tech savvy and have a good idea about IT security. They are being hired by international companies but aren’t involved with Nepali banks and companies simply because of the pay cheque. Nepalis do have the budget and can hire these IT geniuses.
Rather than investing in other areas, banks should firstly invest in improving their IT security because it is an emerging emergency issue in Nepal’s banking industry. It is high time that the banking systems in Nepal match up with that of their international counterparts and be secured from unnecessary mishaps.
NBI has signed MoUs with various banks as strategic alliance to provide “exclusive customised training programmes to the bank for human capital development”. What does human capital development mean in this statement and why is it important?
To start a business, whether big or small, capital is needed to invest, nurture and build the business. Similar to monetary capital, human beings or personnel are also capital to a business. A company also seeks to take maximum rate of return from their personnel by investing and giving them proper growth and learning opportunity. The learning opportunity is a very good factor that every company provides.
Currently, the banks have signed the agreement and investing in their personnel’s training or learning and development (L&D) just because the central bank has made it mandatory for banks to at least invest 3% of gross annual staff expenses on employee training and capacity development every year. After the Central Bank made it mandatory, the quantity of banks investing in human management development has gone up, but not strategically. It is still regarded as a check-box item because the Central Bank has made it mandatory. Without identifying the departments or areas where trainings are needed and the quality of training institutes where banks are sending their staffs to, they are randomly sending their staffs and spending the required budget.
The reason for such happening is because not many banks have a robust L&D department. When it comes to human capital, a leader or a custodian to look after human capital is needed in every financial institution. As CEOs have other issues of banks to address, s/he may not be able to focus on these issues. So, like CTO, every bank should have another deputy officer, Chief People Officer (CPO) or Chief Human Resources Officer (CHRO), who oversees all aspects of human resource management, policies, practices and operations of a bank and strategises for human capital development.
According to the demand and requirement of the bank, whether it is for risk, operation, IT security, etc., NBI prepares the training programmes. We also do recommend the banks to enrol their personnel for certain programmes.
The duration of the training programs can be from a day to two weeks depending on the contents and methodology of the programmes.
Does providing such short-term trainings actually work in practical life?
It depends upon both the banks and staffs. The trainings are designed and provided according to the banks’ needs, request and budget. Some programmes can be completed in the short duration whereas some are for longer duration. We have received good reviews from many banks and bank personnel about NBI’s short-term trainings, and they have actually applied and worked in practical life. But in spite of focusing on short-term trainings, firstly we are more focused towards encouraging banks to send the right personnel for right training, and secondly for long-term training programmes.
But there are challenges for this to happen. Being understaffed is the main challenge that banks are currently facing due to which theyhaven’t been able to send their staffs for long duration trainings.
Also, during the short-term trainings, we specifically discourage bank staffs from using their phones and fully focus on the training programme.But if their employers are constantly calling them while they are in the training programmes, the staffs will not able to concentrate and learn anything from these trainings that NBI is providing. Similarly, the base of the hierarchy is occupied mostly by young generations. Banks usually send these young personnel for trainings on the weekends or public holidays which discourages them. The situation might not be for all the staffs coming for the training, but most of them do feel so.
Occurrence of such scenarios doesn’t add value to the banks, the staffs and the banking industry. NBI has been requesting the banks to overcome these challenges by having reasonable number of staffs and sending them for long duration trainings without hampering their usual holidays and unusual disturbances during their training period.
Women are successful at entry and middle level managerial positions, but why do you think that boardrooms are filled with men and C-level executives are rarely women?
This is a very critical issue in Nepali banking industry. I feel despaired to not see women moving up to or at top executive levels. Though we want to see women at the top executive positions, they should have the qualification and time to focus on their professional career.
Nepali women are actually superwomen. They are very talented and diligent.But when it comes to professional life, they face many challenges compared to their male counterparts. The male counterparts aren’t invested much in household activities and bound by social restrictions as much as females are due to which they get more time to focus on their professional career, whereas women have to face such obstacles due to which their professional careers are always restricted. This might not be the scenario everywhere, but I am referring to what is generally happening in our Nepali society.
A month back I took 30 trainees from different banks to Kolkata for Credit Leadership course. Out of 30, we only had a woman trainee that too from a public sector bank. The entire private sector banks only sent their male staffs which was very disheartening.
Such scenarios have been occurring where the banks give preference to their male staffs rather than women. It doesn’t mean that only women should be given priority in the name of women empowerment. But opportunities should be created and given to women to compete with their male co-workers.
If women are given equal opportunities like men and if both genders can work hand-in-hand and take responsibilities in household activities, we will surely see more number of women in banking and top management positions.
What are your plans for the future of NBI?
NBI will be completing 10 years in February. During these 10 years, NBI has come a long way and overcome the struggles faced in the initial period. Till now NBI has trained more than 40,000 people. Though we have achieved a lot, there are lot of things yet to be done. We are now trying to focus more on long term academic programs. We already have two courses, Junior Associated of National Banking Institute (JANBI) and Chartered Associate of National Banking Institute (CANBI), which are certified banking courses. We are focusing more on certification level courses like JANBI and CANBI, technology learning platform called Learning Management System (LMS), and channelising our energy to train people about ethics, integrity and governance in banking.
We are also looking forward to train the banks in the coming periods regarding how short-term trainings can be conducted by them rather than sending their staffs to training institutes like NBI. Conducting these types of trainings in-house or by the banks themselves can create organisational culture sharing opportunities between the trainers and trainees.
What is the most pressing element banks in Nepal need to improve on and which NBI can help with?
Banks in Nepal must improve on their governance. Governance in the Nepali banking industry is very poor at the moment. The banks or the top-level executives of the banks must be free from any undue influence from their BODs. BODs are non-executive directors who are responsible to establish policies for management and oversight, and make decisions regarding major issues of the company. They shouldn’t be entering the office of top-executives unless there is a board meeting. The CEO of the bank shouldn’t be meeting to his/her BODs on daily basis or talking about the recruitment and procurement issues. The CEO and BODs should be in talks only at the board meeting room during the board meetings.The BODs also must realise the value of governance and what their roles restrict to.
Equally important element banks need to improve on is establishment of good culture. Culture and governance are interrelated. If a bank has good governance, the company and the personnel automatically get good culture and vice versa.
NBI has been and will be continuously working towards educating the top-level executives, BODs and even the banks’ personnel on these topics, but it is up to the people to adapt our teachings in their banks’ policies. Regulators should also keep monitoring banks to avoid occurrence regarding poor governance and culture, and establish strong governance rules and regulations.