Month: September 2019

There are several legal and regulatory compliance implications with offshore banking that I’d like to cover in this article. However, please don’t construe information on this site as legal guidance. I am providing this information for free based on my own experiences. Please consult your professional attorney or CPA (accountant) before you get involved with offshore internet banking.

What is an Offshore Bank

To be over simplistic, an offshore bank is a financial institution outside the shores of your country. If you are in Australia, a bank in the United States is an offshore bank to you. If you are in the United States, a bank in Singapore is an offshore bank to you. Therefore, the idea of offshore banking is relative.

A business or an individual, in this case you, may select an offshore bank account in a jurisdiction that is typically favorable in terms of taxes (often referred to as a tax haven by media), as well as in terms of legalities. In addition to choosing a jurisdiction with no to little income tax, for many, privacy and “secrecy” of banking activities are two of the bigger key considerations.

It goes without saying that access to your funds is important, as well as protection from corruption and stability in terms of certainty.

List of Common Offshore Online Banking Services

This is a brief list of services offered by offshore banks. This list is by no means a full comprehensive list of an offshore bank’s offerings, but rather a list of some of the most common offshore online banking services that businesses and individuals are offered:

Remote Deposits of funds
Direct Deposits of funds
ACH / Wire Transfers / EFT – Electronic Fund Transfers
Consumer and Commercial Lending
All Basic Credit Activities
Access to Capital – Offshore Debit Cards
Forex – Currency Exchange
Wealth Management
Offshore Trading Account
Offshore Brokerage Account
Administrative Services
Trustee Services

Note: Offshore banks typically tend to focus on either consumer or commercial banking. Within consumer, banks differentiate between retail consumer (the average individual) or private banking (meant for high net worth individuals).

Because each concentration involves a different cost structure from the bank’s perspective, when selecting an offshore bank for yourself, be clear on what type of consumer you are and what offshore online banking services you need. Gaining this clarity will ensure you are not disappointed in your choice.

List of Common Offshore Banks

No doubt the two most common names in offshore online banking are Switzerland and Cayman Islands. Just pick up any business journal or pop in a business based Hollywood flick. There is likely a mention of a Swiss bank account somewhere.

This is because as of at least 2012, these two jurisdictions held the most number of total deposits amongst all offshore online banks. Some other jurisdictions that offer offshore online banking are the following:

Singapore
Malaysia
Panama
Cook Islands
Dominica
Saint Kitts and Nevis
Antigua
Malaysia
Anguilla
New Zealand
Luxembourg
Bahamas
Barbados
Bermuda
British Virgin Islands
Cyprus
Cook Islands
Channel Islands
Monaco
Mauritius
Hong Kong
Malta
Macau
Regulating Offshore Online Banking

With complexity comes increasing regulation. The regulation around offshore online banking activities has steadily increased over the years, but according to many of its supporters it is still not enough. This means much more is in the pipelines. Regulation has particularly increased significantly after the significant events of September 11, 2011.

Regulatory guidance is issued and monitored by global bodies such as the International Monetary Fund or the IMF, who require financial institutions worldwide to maintain a certain level of operating or performance standard, specifically in terms of capital adequacy and liquidity. These key performance indicators are to be reported by banks on a quarterly basis to its designated regulator (such as the Fed or the FDIC in the United States).

The list of regulations is endless and quite comprehensive to say the least. Some notables are the Anti Money Laundering (AML) regulation and the Bank Secrecy Act (BSA). These acts require banks and financial institutions to immediately report suspicious activity resembling money laundering to local government authorities despite stepping out of the BSA jurisdiction.

Another example is the information sharing requirements between a certain group of countries with regards to capital flow and taxation which was initiated by members of the European Union. On the other side of the pond, the taxing body of the United States, the Internal Revenue Service (IRS) requires financial institutions to report to it names of businesses and individuals who benefited from interest income resulting from deposits in US based institutions.

The most notable in my opinion of recently enacted regulations is the US Patriot Act, which permits the US Government to seize all assets of a financial institution if it suspects that the institution holds assets that belong to a potential criminal. Several other countries have since followed suit.

I personally feel these regulations strengthen the global banking infrastructure. But then again I am just one person. There are others who feel in all sorts of ways about offshore online banking.

Interesting Fact: Did you know that just until the 1990s, individuals were allowed to create their very own offshore banks. This practice was stopped and now only large institutions are allowed to do so.

Connotations and Implications of Offshore Online Banking

It is not illegal to conduct offshore online banking, but such activities tend to carry with them a certain set of connotations and legal implications that you must be aware of and comply with. There can be severe fines, penalties and legal repercussions if you fail to comply with the legal and regulatory requirements.

Why you must be thinking? Because offshore banking historically has been used and abused by those who intended to evade taxes, as well as those that used funds for illegal causes. For example, organized crime networks heavily use offshore online banking to launder money.

But like I said, conducting offshore online banking isn’t an illegal activity. All persons conducting offshore online banking are required by most countries (depending on their residency) to disclose the activities and the outcomes, such as interest income for example.

Specifically in the United States for example, a US resident’s income is taxed on a global basis. This means that even interest earned overseas is subject to taxation by US authorities. Now although financial institutions are not required to disclose this information to countries of interest due the bank secrecy guidelines, individuals are required to disclose this information.

Similarly, one can legally avoid taxes in certain situations. For example, a resident of Country X living and working in the United Arab Emirates (UAE) may not have to pay taxes if Country X does not tax the individual’s global income.

Because there is no taxation on income earned in many Arab nations, interest income earned from deposits in a UAE bank account is not subject to tax. Further, the income is also not taxed in Country X. This is a common reason why so many affluent folks change residency and citizenship status, one that resonates most with their financial goals and objectives.

It’s a very interesting dynamic and there is a ton of opportunity for strategizing as you can imagine.

Dollar Concentration in Offshore Online Banking

Although offshore online banking is not a subject delved into by the average individual, the numbers involved (concentration of wealth and financial activity) are quite significant. You may find a lot of these simply fascinating.

For example, specialized banking economists and analysts indicate that half of the global capital (money) flows through one of the many offshore banks out there. The so called Tax Havens (think Switzerland) have over a quarter of the global wealth (think high net worth individuals and big companies). These Havens also hold over 30% of profits generated by companies based in the United States.

And that’s not it. Over 6 trillion US dollars owned by high net worth individuals are also reported to be held in offshore bank accounts in one shape or another.

Illegal Monies in Offshore Bank Accounts

Opportunists have identified weaknesses in the offshore banking system and thus have taken advantage of the systems to launder monies generated through illegal means and used for illegal purposes. According to the IMF, this amount is as large as 1.5 trillion US dollars on an annual basis. To put things in perspective for you, this is roughly 5% of the world’s total Gross Domestic Product (GDP).

In addition to illegal monies, there are also monies that have evaded taxation as well as monies that were generated through fraud, graft and corruption. All in all, the amounts are super significant. And as I stated above, the two jurisdictions with the biggest concentration of these amounts are the Cayman Islands and Switzerland (as of 2012).

Offshore Internet Banking for Corporations of All Sizes

I have already stated this earlier, but offshore online banking is not only for large companies, but companies of all sizes as well as individuals. There are a certain set of requirements that any institution, an individual or a company have to meet in order to open and maintain an offshore bank account.

In fact, it is easier for individuals to open and maintain an offshore bank account before companies are required to complete additional forms in a specific manner when establishing an offshore internet bank account.

Corporations typically engage in offshore online banking when they contemplate one or any mix of the following purposes.

Cost containment (bank fees and charges)
Paying and receiving payments from vendors and customers in local jurisdictions
Asset protection strategies
International acquisitions and investments
Compensating local employees in an offshore jurisdiction
Political reasons – Stability and predictability
Establishing a local business presence
Again, this is not a comprehensive list of why companies engage in offshore online banking. There are several other reasons why a company may decide to establish an offshore bank account. The only true way to find out the best offshore bank for you, and whether your objectives will be met through offshore internet banking is by speaking to a professional who can walk you through the entire process.

Concluding Thoughts on Offshore Internet Banking

I gave you a ton of information to read and digest in this article. As you have read, offshore internet banking is used by several different constituencies for several different purposes with several different intentions.

There are some significant advantages that can be derived from opening an offshore bank account such as entering new global markets and some serious offshore tax planning. I obviously recommend opening an offshore bank account for the right reasons, with full compliance with laws and regulations. For those contemplating abusing the system, understand that bank secrecy is a weakening concept, and one that will continue to weaken over the years.

Countries are increasingly sharing information, some voluntarily and some while succumbing to pressure by more powerful nations such as the United States.

The Chennai-based Shriram Group, which is keen to enter the banking space once the RBI issues the final guidelines on the entry of new players, believes it can leverage its 50-lakh customer base across companies for a successful business. Many of our chit fund customers do not have access to banking facilities and we feel they would require banking services like small cash transaction services or remittances. Hence, we are keen to get into the banking space though were awaiting the final guidelines, said Arun Duggal, chairman, Shriram Capital Trust. India Infoline in its report on SCUF sources over 90% of its business through the groups large chit fund infrastructure. SCUF benefits from low competitive intensity in its core geographic areas (Tamil Nadu and Andhra Pradesh) and product niches (two wheelers, used auto/CV, gold, small business and personal loans). According to sources, Shriram Group is considered to be a strong contender for the banking licence. There are over half a dozen corporate houses keen to enter the banking space but the RBI is expected to cap number of new bank licences at four. At present, Shriram Group is present in the financial services space through its various subsidiaries that offer commercial vehicle financing, life insurance, consumer and small businesses financing, retail broking and chit fund business. Shriram Capital Trust is the holding company of Shriram Group. The beneficiaries of the Trust are the employees of Shriram Group. It is a unique ownership structure with an employee stock option and partnership, said Duggal. Shriram Chits has a turn over Rs 2,500 crore, 465 branches and 5,000 employees. Shriram Chits operates in four states Tamil Nadu, Andhra Pradesh, Karnataka and Maharashtra. The Group is also looking to grow its consumer and small businesses financing subsidiary, Shriram City Union Finance (SCUF), to enter the home loan business. We will roll out the Shriram City Union branches in other states like Maharashtra and Gujarat. We will be entering the housing finance business once we receive the National Housing Bank approval, added Duggal.Gippy Grewal Desi Rockstar

Symbiosis School of Banking Management is one of the premier institutes located in Pune that is able to offer an in-depth analysis of the BFSI sector with its MBA in Banking Management program. Contrary to the regular Symbiosis MBA in Finance, SSBM focuses more on the concepts relevant to both banking and finance sector. The curriculum at SSBM is a fine balance of academics and extra-curricular activities that is able to give students the much needed grooming or training to become capable managers of the banking sector. In fact, Symbiosis Banking Management courses is one of the few programs in the country that has received an extremely positive feedback from the industry and in-spite of its relatively recent establishment, SSBM has fast grown to become a popular PG destination amongst students.
Organizing regular industry interactions so as to make the students aware of the latest developments along with inviting experts to share their opinions and experiences is one of the most religiously followed rules in the SSBM curriculum. In line with this tradition, SSBM will be organizing a special workshop on Mergers and Acquisitions in the second week of February 2013. The workshop will be conducted by Dr. Nilanjan Sen (Associate Dean, Nanyang Executive Education and Associate Professor, Banking and Finance, Nanyang Business School). With Mergers and Acquisitions happening on a daily basis, it is very important for the MBA in Banking Management students to do an in-depth analysis through such workshops.
The Symbiosis Banking Management program is a comprehensive approach towards understanding the BFSI sector. This workshop will help the students broaden their perspective and understand the functioning of the BFSI sector with regards to the latest developments in the industry. It is these distinctive features that put up SSBMs MBA in banking management program high on the preference list of students looking for options in their PG programs. In fact; hosting workshops, encouraging students to develop a proactive approach and even and learning through practical training are all an integral part of the Symbiosis Banking Management program in Pune.
The rigorous study routine is not the only part highlighted in the Symbiosis Banking Management program; SSBM balances academics with an equal dose of extra-curricular activities through its regularly organized events, creative clubs, etc where students are given an excellent platform to nurture their innate talents. This year the admissions 2013-2015 have yet again received an overwhelming response as millions of students aspiring to enter SSBM, have put forth their registrations.
This is just one of the many events organized by SSBM. Just recently, SSBM also organized a knowledge enhancing conclave with Mint-one of the leading newspapers of the country. Even during the coming year, SSBM has a series of interesting events lined up to create an interacting learning atmosphere for the students.
Currently the institute is looking forward to welcoming the new batch as they go ahead with the next round of group discussion and interview sessions. Applicants to SSBM can follow us onhttp://www.pagalguy.com/forums/xat-snap-iift-and-others/admission-2013-2015-at-ssbm-t-87968/p-3609268/r-4253981 for latest updates with regards to the Admissions 2013-2015.
We will be happy to assist you!

Fractional reserve banking and the fraud that came with it is at the core of the present-day financial system. In order to grasp an understanding of the ongoing dilemma, and why Federal Reserve Banks are at fault, it is essential to understand the concept of Fractional Reserve Banking and why it is more than just counterfeiting.

Contrary to what is believed, the American dollars in your bank account are not the same dollars in the form of cash (Federal Reserve Notes) in your wallet. The dollars in the banks are make believe paper dollars, or numbers on a computer created by the bank an obligation or promissory note to pay you a certain dollars in Federal Reserve Notes. Simply stated, the bank backs the dollars in your bank account while the Federal Reserve backs the Federal Reserve Notes.

Throughout time, gold was the only existing currency. Purchasing your daily loaf of bread with pure gold did not seem practical and for that reason, goldsmiths served as early bankers. Goldsmiths would issue certificates that were backed by gold and this allowed people to purchase things with paper money. This paper money was represented by pure physical gold bullion and was stored in the goldsmiths vaults.

Producing certificates to look after gold meant that a significant amount of cash (gold) was just sitting around in storage. So the goldsmiths decided to start a fraud. When this happened, they became the bankers we know today.

Creating this fraud was really simple. Given that people did not know how much gold was actually stored, it was easy for goldsmiths to issue out more certificates than the gold being stored. By doing this, they attempted to earn more interest than would have been possible if they would have limited themselves to loan based on the gold stored. These goldsmiths relied on the assumption that not all of the certificates would be cashed in at the same time and therefore nobody would find out.

This is a critical explanation of the fraud that is fractional reserve banking. In the time of goldsmiths, it was easy to distinguish between right and wrong. The promissory notes were backed by the gold in the vaults. The moment the goldsmiths decided to issue notes that were backed by nothing (aside from the supposition that they would have enough gold inventory to pay, assuming not everyone demanded their physical gold at the same time)thus the process of fraud began.

How is it possible that bankers were allowed to get away with something like this? How could no one say anything about the false creation of gold?

Enter the government. Corruption can stem from power, and absolute power corrupts absolutely. So indeed, the government knew the trick of the goldsmiths scam. However, the worlds ruling classes knew it was not convenient to stop it. Instead, they saw it advantageous to perpetuate the scam. Why? Because by taxing and regulating the issue of money, they could keep a system in place where both could profit. This inevitably led to what we know as Fractional Reserve Banking.

If you move forward in time 500 yearsthe US Dollar is the worlds reserve currency and serving like the worlds goldsmith. Privately owned by several mysterious group banks, the Federal Reserve System illustrates the jaded relationship banks and governments have developed in the last 500 years. For some reason, world economies fall in the same trap of the same scam.

The interest rate banks operate under and lend are controlled by the Federal Reserve. In addition, the Federal Reserve controls the fractional reserve ratios banks are required to maintain (as a percentage of their reserves held in Federal Reserve Notes). What does this mean? The money supply and the new money being created are controlled by privately owned company comprised of banks allowed to counterfeit money. There is also the interest charge on those dollars created out of thin air!

For those reasons, I have a nickname for Fractional Reserve Banking: I refer to them as Fictional Reserve Banking. How long will you allow yourself to be fooled by this fraud? Will you take the steps necessary to protect yourself and stay ahead of the crowd?

Here are some suggestions for further reading: It is essential to understand the Fractional Reserve Banking in order to find or create positive banking solutions for your family and future. Solutions like these are the ones author Peter Macfarlane writes about in his blog on offshore banking. Peter also writes several articles on the topic of Wealth Creation for The Q Wealth Report which is a leading quarterly journal dedicated to financial privacy and individual liberty, as well as offshore asset protection. He is also a well-known authority and speaker at offshore living events.

Over the last few years, our On-Demand and Hybrid Penetration Testing platform has performed security testing of applications across various verticals and domains including Banking, e-commerce, Manufacturing, Enterprise Applications, Gaming and so on. On one side, SQL Injection, XSS and CSRF vulnerabilities are still the top classes of vulnerabilities found by our automated scanning system, on the other hand however, there are a lot of business logic vulnerabilities that are often found by our security experts powered by a comprehensive knowledge base.

A business logic vulnerability is defined as security weakness or bug in the functional or design aspect of the application. Because the security weakness or bug is in the function or design, it is often missed by all existing automated web application scanners.

In this blog we are sharing the top commonly found Business Logic Vulnerabilities in the Virtual Credit Creation (VCC) module of a Banking Application.

Consider the following scenario: A Banking Application provides web based functionality to users to pay Bills Online as well as to create and manage Virtual Credit Cards. Virtual Credit cards are used to shop online. A Virtual Credit Card creation use case involves the following steps: 1.User visits banking application. 2.User opts to create virtual credit card. 3.User fills up personal details, required amount, expiry date of VCC etc. 4.User chooses a payment gateway. 5.User fills up credit / debit card details. 6.Banking Application redirects user to a Payment Gateway. 7.Required amount + Service Charge are debited from user’s Debit / Credit card. 8.Payment Gateway redirects user to a Callback URL provided by the Banking Application. 9.Banking Application verifies the Payment Gateway confirmation. 10.Banking Application generates a CVV number. 11.Banking Application presents VCC details to the user. 12.Banking application performs SMS verification of the user.

A couple of security weaknesses that are found in the above scenario are as follows:

TAMPERING OF DATA COMMUNICATION BETWEEN PAYMENT GATEWAY AND BANKING APPLICATION: Weaknesses: The Banking application does not verify whether the required amount is successfully paid at the Payment Gateway Side, or what amount is being paid at the Payment Gateway Side. As a result, a virtual card can be recharged with higher amount while paying a lower amount to the bank by modifying amount when the request is sent from payment gateway to the bank.

Mitigation: There should be sufficient validations between the Banking application and the payment gateway. The callback URL should not be allowed to be directly controlled by an attacker.

NO VALIDATION ON BANKING APPLICATION’S CALLBACK URL Weakness: There is lack of validation on the Banking Application Side when the Payment Gateway redirects a user to the Banking Application’s callback URL. As a result, a virtual credit card can be created without paying any service charges, by sending the request directly to the callback URL of Payment Gateway.

Mitigation: There should be enough validations on the callback URL including whether the URL is redirected by the Payment Gateway or directly called by an attacker.

VIRTUAL CREDIT NUMBER IS PREDICTABLE Weakness: Generated Virtual Credit card numbers are predictable or follow certain patterns. As a result, an attacker can predict what virtual credit card numbers are being used by other legitimate users.

Mitigation: Virtual Credit Card numbers should be sufficiently random.

NO ANTI-AUTOMATION IN VIRTUAL CREDIT CARD DETAILS VERIFICATION Weakness: There is no anti-automation (e.g. CAPTCHA) while verifying the Virtual Credit Card details such as CVV number and expiry date. The Credit Card number is sufficiently long however, the CVV number is generally a 3 digit number and expiry date is also a 2 digit number. As a result, it is possible to bruteforce the CVV number and expiry date, and shop online using a stolen virtual credit card number.

Mitigation: There should be sufficient anti-automation e.g. CAPTCHA while verifying the CVV numbers along with the Credit Card Number.

NO ANTI-AUTOMATION IN CARD CREATION PROCESS Weakness: There is no anti-automation while creating a virtual credit card. An attacker can use automated scripts to exhaust credit card numbers. As a result, Credit Card Numbers can be exhausted and be therefore made unavailable to users leading to a Denial of Service (DoS) attack. It can also lead to other attacks including Credit Card Number pattern prediction.

Mitigation: There should be sufficient anti-automation e.g. CAPTCHA while creating virtual credit card numbers