Posts Tagged ‘banks’

For India’s banks, the worst of their bad-loan woes may be yet to come

February 15, 2018

The Reserve Bank of India’s decision to force more struggling borrowers into bankruptcy proceedings was its latest move to try to clean up India’s bad loans mess. (Reuters)
MUMBAI: Just when many Indian banks thought the worst of their bad debt woes were behind them, new central bank rules are stoking fears that the worst of the soured-loans buildup is yet to come.
The central bank surprised the financial sector this week by halting all of its existing loan-restructuring mechanisms with immediate effect, and rolling out new rules that will push more debt defaulters into bankruptcy courts.
To force its point home, the Reserve Bank of India (RBI) set strict timelines for lenders to take action against defaulters, threatening penalties if banks failed to act in a timely manner.
Soured loans, which include non-performing, restructured or rolled-over loans, reached a record high of 9.5 trillion rupees ($148 billion) in the middle of last year before dipping slightly and prompting some relief among bankers that the worst was over. State-run lenders account for the bulk of these loans.
India’s bad loans have nearly doubled in the past four years following an economic slowdown and years of profligate lending – the combination has choked new lending and dragged on the economy.
Analysts say the actual level of bad loans is higher than the official figures suggest, pointing to central bank audits of banks, including State Bank of India, that showed non-performing loans were higher than reported for the financial year ended March 2017. Banks have also been blamed for perpetually renewing loans on soured assets.
Most of the loan-restructuring schemes that the central bank is withdrawing have seen little success. Analysts say banks will soon have to declare the loans in those schemes as non-performing loans, which will trigger the timeline for banks to take debtors to court.
That means the banking sector will have to recognize the new status of the loans and make provisions for them, said Rajkiran Rai, chief executive at state-run Union Bank of India.
“When you look at the short term, yes, we will have issues with the existing accounts,” Rai said.
Longer term, the RBI’s measure will benefit banks, he said.
Indeed, the new rules would bring discipline to the banking sector, although provisioning costs will shoot up as more borrowers are taken to court, said R. Subramaniakumar, chief executive at Indian Overseas Bank, a state-run lender with the second-highest bad loan ratio among all banks.
“Of course it’s going to put pressure on bank’s balance sheets,” he said, adding capital injections announced by the government will help cushion the impact.
The RBI’s decision to force more struggling borrowers into bankruptcy proceedings was its latest move to try to clean up India’s bad loans mess.
Last year, it ordered about 40 of the country’s largest debt defaulters into bankruptcy courts, demanding creditors put aside at least 50 percent of loan amounts in provisioning.
Under the new process, the RBI requires banks to figure out plans to resolve debts of defaulters with 20 billion rupees or more in outstanding debt by September 1, or take them to bankruptcy court.
Since 50 percent provisioning will be required for these bankruptcy cases as well, the total funds that banks will have to set aside will shoot up, pressuring profits, analysts said.
Moody’s Indian affiliate ICRA estimates the criteria would net 50 defaulting companies with combined outstanding debt of 2.46 trillion rupees, so banks’ credit provisions will spike.
India Ratings and Research, the local affiliate of Fitch, said banks’ non-performing loans and provisions will shoot up in coming months, said analyst Udit Kariwala.
Rajeev Kumar, the top government bureaucrat overseeing the banking sector, said the new rules will impact 2-3 percent of banks’ loan books, while provisions could rise a “little”, financial news service NewsRise reported.
Bank shares slid on Wednesday, with the sector index falling 1.4 percent compared with a 0.4 percent fall in the broader market.


Treasury’s Mnuchin says Russian oligarch report to lead to sanctions

January 30, 2018


WASHINGTON (Reuters) – The Trump administration will seek to impose sanctions in connection with a U.S. government report identifying Russian oligarchs who are close to the Kremlin, Treasury Secretary Steven Mnuchin said on Tuesday

 Image result for Steven Mnuchin, photos

U.S. Treasury Secretary Steven Mnuchin testifies to the Senate Banking, Housing and Urban Affairs Committee on “The Financial Stability Oversight Council Annual Report to Congress” on Capitol Hill in Washington, U.S., January 30, 2018. REUTERS/Joshua Roberts

In testimony before the Senate Banking Committee, Mnuchin said while the administration has not levied sanctions under a new law designed to punish Moscow for alleged meddling in the 2016 U.S. election, it viewed the report as an initial step.

“This should in no way be interpreted as we’re not putting sanctions on any of the people in that report,” Mnuchin told lawmakers.

“There will be sanctions that come out of this report,” he said, adding that it could happen as soon as next month.

Late on Monday, the Treasury Department named major Russian businessmen, including the heads of the country’s two biggest banks, metals magnates and the boss of the state gas monopoly on a list of oligarchs close to the Kremlin.

Mnuchin said there was a classified component to the report, which was mandated by the law passed by Congress in July.

Democrats have criticized the Trump administration for failing to impose new sanctions on Russia. The State Department has said it was not yet seeking sanctions as the new law was already acting as a deterrent.

Reporting by Pete Schroeder; Editing by Paul Simao


Russian bank CEOs, metals magnates and gas chief named on U.S. ‘oligarch list’

January 30, 2018

MOSCOW (Reuters) – The U.S. Treasury Department named major Russian businessmen including the heads of the two biggest banks, metals magnates and the boss of the state gas monopoly on a list of oligarchs close to the Kremlin.

Image result for German Gref, photos

FILE PHOTO – German Gref, chief executive of Russia’s Sberbank

The list, drawn up as part of a sanctions package signed into law in August last year, does not mean those included will be subject to sanctions, but it casts a potential shadow of sanctions risk over a wide circle of wealthy Russians.

Russian President Vladimir Putin’s inner circle is already subject to personal U.S. sanctions, imposed over Russia’s 2014 annexation of Ukraine‘s’ Crimea region.

But the so-called “oligarchs’ list” that was released on Tuesday, prompted in part by Washington’s belief the Kremlin meddled in the 2016 U.S. presidential election, covers many people beyond Putin’s circle and reaches deep into Russia’s business elite.

After the release of the report, the rouble opened down 0.1 percent against the dollar, while shares in some of Russia’s biggest companies fell too.

 Image result for Vladimir Potanin, photos
Vladimir Potanin

Among the biggest fallers was Norilsk Nickel, down 1.2 percent after its co-owner Vladimir Potanin was included on the U.S. list. Rusal, the world’s second-biggest producer of aluminum, whose co-owner Oleg Deripaska was also on the list, saw its shares tumble 1.4 percent in Hong Kong.

Representatives of many businessmen, including Potanin, Deripaska, metals magnate Alisher Usmanov and Alexei Mordashov, co-owner of Severstal, declined to comment. Some other businessmen are yet to reply to requests for comment.

Image result for Oleg Deripaska, photos

Oleg Deripaska

But Russian market-watchers said the damage from the list was not as great as it could have been.

 Image result for VTB Bank Chief Executive Andrei Kostin, photos

FILE PHOTO: VTB Bank Chief Executive Andrei Kostin 

The list appeared to have been drafted based on oligarchs’ net worth, rather than attempting to establish who is closest to the Kremlin, an exercise that could have made it more toxic for those included. The White House said it would not immediately impose new sanctions on Russia.

“For now it all looks pretty mild,” said Oleg Kuzmin, an economist with Renaissance Capital, an investment bank.

Image result for Gazprom Chief Executive Alexei Miller, photos

FILE PHOTO – Gazprom Chief Executive Alexei Miller (R) 

The Treasury Department, in a statement accompanying the list, said people had been included on the list based on their net worth and “their closeness to the Russian regime.”

It said inclusion does not denote that people on the list are subject to sanctions or any other restrictions, that they meet the criteria for being put under sanctions, or that they are involved in any malign activity.

Among the businessmen on the list are German Gref, CEO of state-controlled Sberbank, Russia’s biggest lender, and Andrey Kostin, chief executive of the second-biggest lender, VTB, which is also controlled by the Russian state.

Sberbank declined to comment. VTB has not replied yet.

Image result for Leonid Mikhelson, photos

Leonid Mikhelson (R) with Russian President Putin

Alexei Miller, CEO of state-controlled gas export monopoly Gazprom, was also on the list, as was Severstal’s Mordashov and Leonid Mikhelson, co-owner of private gas producer Novatek.

Usmanov, who is part owner of London’s Arsenal soccer club, and Eugene Kaspersky, CEO of the Moscow-based cyber security company that carries his name, were included on the same list.

Reporting by Polina Devitt, Maria Kiselyova, Zlata Garasyuta, Jack Stubbs, Polina Nikolskaya, Anastasia Lyrchikova and Andrey Ostroukh; Writing by Christian Lowe; Editing by Louise Heavens

Image result for Gazprom Chief Executive Alexei Miller, photos

Russian gas giant Gazprom Chief Executive Officer Alexei Miller (L) and Chairman of Board of Directors Zubkov. June 30, 2017

Top Dutch banks, revenue service hit by cyber attacks

January 29, 2018



THE HAGUE (AFP) – The top three banks in the Netherlands have been targeted in multiple cyber attacks over the past week, blocking access to websites and internet banking services, they said on Monday.

The Dutch Revenue Service was also briefly targeted on Monday by a similar attack, but services were quickly restored, a spokesman said.

The number one Dutch bank, ING, was hit by a so-called distributed denial of service (DDoS) attack on Sunday evening while the eurozone nation’s third largest lender, ABN Amro, suffered three attacks over the weekend in a total of seven over the last week, Dutch media reported.

 Image result for ING, photos, banks

Rabobank, the country’s number two lender, saw its internet banking services go down on Monday morning.

“We have been targeted by a DDoS attack since 9.10 am (0810 GMT) this morning (Monday) and our clients don’t have access or very little access to online banking,” Rabobank spokeswoman Margo van Wijgerden said.

“We are working to resolve the problem as quickly as possible,” she told AFP.

Also on Monday, the Dutch Revenue Services saw its website go down for about 10 minutes due to an attack, spokesman Andre Karels said.

“Things are running as normal and we are investigating the incident,” Karels told AFP.

ING, which has some eight million private clients, experienced an attack on Sunday evening, it said on its website.

“During the DDoS attack ING’s internet site was blasted with data traffic causing our servers to overload and which put pressure on the availability of online banking,” ING said, adding services had been restored.

ABN Amro experienced a similar attack but also said services were restored. It will “keep monitoring availability and is extra alert since the weekend’s attacks,” it said in a statement.

The banks all stressed that clients’ banking details were not compromised or leaked.

It is not the first time Dutch banks were targeted in a DDoS attack with central bank chief Klaas Knot telling a TV news programme Sunday there were “thousands of attacks a day” on his own institution.

“I think these (recent) attacks are serious, but our own website is being attacked thousands of times per day,” Knot told the Buitenhof talk show.

“That is the reality in 2018,” he said.

Which Banks to Own When Savers Get Fed Up

January 2, 2018

2018 will be the year that banks finally start paying decent returns to savers, but some will have to pay more than others

A Bank of America branch stands in lower Manhattan.
A Bank of America branch stands in lower Manhattan. PHOTO: SPENCER PLATT/GETTY IMAGES

Savings accounts, which have paid out almost nothing for the past decade, could get more interesting in 2018 as yields rise and investors scramble for the higher returns. That could be bad news for certain banks.

Savings account yields haven’t risen much since the Federal Reserve started raising interest rates. As the Fed keeps tightening in 2018, more banks will raise deposit rates and savers will respond by rushing to the banks that pay the most.

That is what happened in the last tightening cycle in the mid-2000s—banks moved slowly at first, gradually accelerating as rates moved higher. This time banks might have to be more aggressive because it is easier than ever for savers to move cash electronically to higher yielding competitors like Capital One and American Express.

Analysts at Keefe, Bruyette and Woods estimate that banks will pass along 34% of the rise in the Fed’s target rate to savers in 2018, up from 15% in 2017. As a result, most banks will still be net beneficiaries of higher rates. But the impact will be uneven.

For the first time in years, investors in bank stocks will have to look hard at the liability side of bank balance sheets. How much banks need to pay for deposits will determine banks’ profitability and growth rates.

Backwater BankingPercent of deposits in metro statistical areas with less than one million people:Source: Goldman Sachs estimates
Synovus FinancialBB&TRegions FinancialKeyCorpPNC FinancialWells FargoBank of AmericaJ.P. Morgan ChaseCitigroup0%1020304050607080Wells Fargox19%

Already, banks with more ordinary consumer deposits have raised yields more slowly, compared with banks with lots of deposits from businesses or wealth management clients, which tend to chase yields. Among the biggest banks, Bank of America has the strongest consumer franchise with 72% of deposits coming from consumers, according to analysts at Goldman Sachs. Among regional lenders, Regions Financial and PNC Financial are among the most consumer-centric.

Banks that get deposits from rural areas where there is less competition can often keep rates low. Synovus Financial for instance gets 67% of deposits from metro areas with less than 1 million people, while BB&T gets 56%, according to Goldman Sachs. J.P. Morgan Chase, by contrast, gets just 7% of deposits from these sparsely populated areas. The ease of electronic transfers could force rural banks to pay more this time around, but they are likely to still enjoy some advantage.

Fast-growing banks may also need to pay up for deposits to continue their loan growth.

The biggest banks have the advantage here because the government has restricted their lending so they are sitting on excess deposits.

In a recent note, analysts at Goldman Sachs put all these factors together into a composite score judging how resilient a bank is to rising rates. Among major national banks the clear winner was Bank of America. Among regional lenders, some of the standouts were Regions Financial, BB&T and PNC Financial.

These banks should be among the best to own as rates keep marching higher.

Write to Aaron Back at

ATM cyber heists hit Pakistan banks

December 11, 2017

This photo shows that HBL ATM software license is not genuine. (AN photo)

ISLAMABAD: An ATM scam affecting hundreds of debit card users in Pakistan has led to several arrests by the country’s Federal Investigation Agency (FIA), which apprehended another four suspects on Sunday.

FIA official Abdul Ghaffar Mirani told Arab News that investigators have unearthed a scam of about $105,000 and expected the number to rise after digital forensic experts searched confiscated equipment and cloned debit cards used by the scammers.
Mirani withheld the exact number of people arrested but said that mostly Chinese nationals had been taken into custody. “Our team is probing further as more complaints are pouring in and data is being compiled from other cities,” he said.
The cyber heist is being dealt with by the FIA’s National Response Center for Cyber Crime (NR3C), the country’s only technology-based crime division, which was set up 10 years ago and assists other law enforcement agencies in Pakistan.
On Friday, FIA Director Shakeel Durrani said at a press briefing that the investigation had revealed the involvement of Canadian, Nigerian and Italian hackers, as well as an Indian scammer identified as Sorev.
The information was divulged by Saqibullah, a Rawalpindi resident running a racketeering business, who as their front man sold stolen financial information to the hackers. He is also involved in identity theft, credit debit card cloning and extortion. His arrest has expanded into a FIA investigation searching for his collaborators.
Durrani said, “The prime suspect (Saqibullah) would take photos of ATM machines to match suitable skimming machines that were ordered from other countries.”
The cash withdrawals from the hacked accounts were in China, Canada, Italy, Nigeria, Indonesia, Malaysia, US, but were not limited to those countries, he said.
Revelations of the ATM-skimming scam were revealed last week by the country’s largest financial institution, Habib Bank Limited (HBL), which confirmed more than $105,000 had been stolen from 559 hacked HBL customers, mostly in the cities of Karachi and Lahore.
Image result for Habib Bank Limited, photos, signage
“We have more than 10 million customers, which means that the size of the amount missing is not very significant for the HBL, while the number of customers affected is also low, said HBL’s corporate and marketing executive Naveed Asghar, who was reported in a local English daily. “It is a fraud and we must check it and find the culprits … it happens in all the countries that use ATMs,” he said.
Banks using outdated technology fitted with aging security protocols attracted a “organized foreign group” to hack the ATM booths, suggests the FIA, which is approaching the State Bank of Pakistan, the country’s banking regulator, to introduce biometric policy and enforce it across the banking spectrum.
An HBL official in Islamabad told Arab News: “The practice of skimming is not new,” but the bank’s new biometric security measures, currently being introduced in its ATMs, “will prevent and curb future hacks.” Though HBL seems to be the main target, Standard Chartered Bank, Faysal Bank Limited, Bank Al Habib Limited and other banks have also fallen victim to cybercrime, he said.
“Officially the bank hasn’t sent out warning notifications to customers of this continuing fraud but we are compensating the affected account holders. An internal memo has been circulated for each bank branch to check and monitor the ATMs,” the banking officer said.

Senators Support Rollback of Bank Oversight

November 14, 2017

Bipartisan deal raises threshold dictating which banks would face heightened oversight from the Federal Reserve

Dozens of banks received the biggest signal yet that they may soon be freed from some of the most onerous rules put in place after the financial crisis, as lawmakers from both parties agreed to a plan that would enact sweeping changes to current law.

The bipartisan Senate agreement released Monday would relieve small and regional lenders from a number of restrictions meant to limit the damage firms could cause to the economy in the event of another crisis.

In what would be the biggest step to ease the financial rule book since Republicans took control of Washington, the proposal could cut to 12 from 38 the number of banks subject to heightened Federal Reserve oversight by raising a key regulatory threshold to $250 billion in assets from $50 billion. The legislation also would ease red tape affecting credit unions and community banks, allowing them to lend more, supporters said.

The deal will “significantly improve our financial regulatory framework and foster economic growth by right-sizing regulation,” said Senate Banking Committee Chairman Michael Crapo (R., Idaho), who brokered the agreement between Republicans and a group of moderate Democrats.

Monday’s deal shows Republicans’ determination to ease regulations that they say constrain U.S. economic growth by limiting the capacity of banks and other businesses to serve customers and hire new workers. While it isn’t clear that any rule reduction will bolster the economy, efforts to scale back the 2010 Dodd Frank financial overhaul law and other policies amount to a bet that a freer environment will pave the way for increases in investment, spending and hiring.

Analysts said it isn’t clear that lending would actually increase, given that demand for commercial loans this year has been weak. But banks that had been avoiding mergers, such as those that didn’t want to go over the $50 billion line, could be more inclined to deal-making, said Brian Klock, an analyst at Keefe, Bruyette & Woods.

The deal could dramatically lighten the regulatory burden on a wide swath of banks from Utah’s Zions Bancorp oration to M&T Bank Corp. in Buffalo, N.Y. Those banks in recent years have had to submit to detailed financial and risk exams in order to pay dividends to shareholders.

Many banks bristled at this annual “stress test” review done by the Federal Reserve, and some including Zions, Citizens Financial Group Inc., BB&T Corp. and SunTrust Banks Inc., failed the Fed’s annual test previously. The bill would lighten their stress-test load.

For stress tests alone, building a system to meet the Fed’s expectations could cost firms tens of millions of dollars or more. Liquidity rules governing banks’ cash holdings are another expensive regulatory exercise that the legislation could allow the Fed to ease.

Regional banks have said their smaller size and lack of interconnected trading businesses makes it unlikely that their demise could create systemic risk that would threaten the economy as Lehman Brothers’ failure did in 2008. Their critics say regional banks can be risky, pointing to the 2008 failure of IndyMac Bank.

Read More

  • The $50 Billion Question: What Makes a Bank Big? (May 30)
  • See the Banks Affected at Different Thresholds

The deal marks a setback for regional banks with assets above $250 billion, including U.S. Bancorp and PNC Financial Services Group Inc., which have urged policy makers to do away with asset-size thresholds altogether. They favor allowing regulators to apply rules based on their own judgment of firms’ riskiness.

“$50 billion? $250 billion? Why is that number any better than another?” U.S. Bancorp’s chief financial officer Terry Dolan said in an October interview. His firm has about $459 billion in assets.

PNC said in a statement Monday it was disappointed in lawmakers’ proposal. “As a Main Street Bank, PNC’s business model and risk profile are very similar to that of other regional banks, and very different from the systemically important Wall Street banks,” it said.

Monday’s deal is co-sponsored by nine Republicans, including Tim Scott of South Carolina and Bob Corker of Tennessee, along with nine Democrats, including Joe Donnelly of Indiana and Heidi Heitkamp of North Dakota. That is enough to clear both the banking panel and the full Senate, assuming all Republicans in the chamber support the bill.

In brokering the deal, Mr. Crapo left off key Republican goals such as attacking the Volcker rule, a ban on proprietary trading.

“This is the first proposal that has a legitimate shot at making it to the president’s desk,” said Milan Dalal, an attorney at lobbying firm Brownstein Hyatt Farber Schreck in Washington and a former aide to Sen. Mark Warner (D., Va.), who backed Monday’s deal.

Republicans hold just 52 seats in the Senate and generally need support from at least eight Democrats for legislation to pass a needed 60-vote threshold. The House, also controlled by Republicans, would need to act for the plan to clear Congress.

Liberal Senate Democrats, including Ohio Sen. Sherrod Brown, the top Democrat on the banking panel, attacked the legislation, saying it would do little to help “working families.”

Negotiations between Messrs. Brown and Crapo on a similar regulatory rollback broke down last month, prompting Mr. Crapo to seek a deal with moderate Democrats.

Mr. Crapo released a summary of the legislation Monday, without unveiling its text. It appears to send a message that Congress wants regulators to lighten the burden, though regulators still have broad authority to apply tough rules to banks they view as risky.

Regulators could immediately exempt firms with assets between $50 billion and $100 billion from stress tests and other rules that were mandatory under Dodd Frank, according to the summary of the legislation. Banks with between $100 billion and $250 billion in assets could get that treatment after 18 months, though the Fed could exempt them earlier. Banks in the latter group would still have to take periodic stress tests.

Presumably, banks that are no longer subject to stress-testing and other rules would be able to slash their costs, but Evercore ISI analyst John Pancari said he wasn’t sure if looser regulation would actually materialize into cost savings. “A lot of the banks view much of the cost that they’ve spent on that as sunk costs,” Mr. Pancari said. “So, for example, if they spent money on the robust monitoring of their risks, they are probably going to keep up what they built.”

The effect on each bank would depend on how close it is to the $250 billion threshold, Mr. Pancari said.

The legislation also is expected to include dozens of other provisions, some of which have been previously floated or discussed by lawmakers.

One targets credit bureaus in the wake of the hack of Equifax Inc., according to the summary. It would require credit bureaus to freeze and unfreeze consumers’ credit for free once a year.

Russia’s Kaspersky to Allow Outside Review of Its Cybersecurity Software

October 23, 2017

Company hopes sharing source code will build trust after allegations its software helped Russia spy on Americans

Kaspersky Lab, the Moscow-based cybersecurity firm whose software U.S. officials suspect helped the Russian government spy on Americans, promised to make its source code available for an independent review.

The company said Monday the review is part of a “global transparency initiative” that it hopes will improve the trustworthiness of its products. It said it would hand over the source code for its software in the first quarter of next year but didn’t specify who would undertake the review or how widely the code would be…

Image result for Eugene Kaspersky, photos

Eugene Kaspersky


Kaspersky fights spying claims with code review plan

October 23, 2017 — 0745

Apple Pay now in 20 markets, nabs 90% of all mobile contactless transactions where active

Russian cybersecurity software maker Kaspersky Labs has announced what it’s dubbing a “comprehensive transparency initiative” as the company seeks to beat back suspicion that its antivirus software has been hacked or penetrated by the Russian government and used as a route for scooping up US intelligence.

In a post on its website today the Moscow-based company has published a four point plan to try to win back customer trust, saying it will be submitting its source code for independent review, starting in Q1 2018. It hasn’t yet specified who will be conducting the review but says it will be “undertaken with an internationally recognized authority”.

It has also announced an independent review of its internal processes — aimed at verifying the “integrity of our solutions and processes”. And says it will also be establishing three “transparency centers” outside its home turf in the next three years — to enable “clients, government bodies and concerned organizations to review source code, update code and threat detection rules”.

It says the first center will be up and running in 2018, and all three will be live by 2020. The locations are listed generally as: Asia, Europe and the U.S.

No automatic alt text available.

Finally it’s also increasing its bug bounty rewards — saying it will pay up to $100K per discovered vulnerability in its main Kaspersky Lab products.

That’s a substantial ramping up of its current program which — as of April this year — could pay out up to $5,000 per discovered remote code execution bugs. (And, prior to that, up to $2,000 only.)

Kaspersky’s moves follow a ban announced by the US Department of Homeland Security on its software last month, citing concerns about ties between “certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks”.

The US Senate swiftly followed suit, voting to oust Kaspersky software from federal use. While three months earlier the General Services Administration also removed Kaspersky Lab from a list of approved federal vendors.

The extensive system-wide permissions of antivirus software could certainly make it an attractive target for government agents seeking to spy on adversaries and scoop up data, given the trust it demands of its users.

The WSJ has previously reported that Russian hackers working for the government were able to obtain classified documents from an NSA employee who had stored them on a personal computer that ran Kaspersky software.

Earlier this month CEO Eugene Kaspersky blogged at length — rebutting what he dubbed “false allegations in U.S. media”, and writing: “Our mission is to protect our users and their data. Surveillance, snooping, spying, eavesdropping… all that is done by espionage agencies (which we occasionally catch out and tell the world about), not us.”

We’re proud to keep on protecting people against all cyberthreats – no matter of false allegations in U.S. media 

Photo published for What’s going on?

What’s going on?

I doubt you’ll have missed how over the last couple months our company has suffered an unrelenting negative-news campaign in the U.S. press.

But when your business relies so firmly on user trust — and is headquartered close to the Kremlin, to boot — words may evidently not be enough. Hence Kaspersky now announcing a raft of “transparency” actions.

Whether those actions will be enough to restore the confidence of US government agencies in Russian-built software is another matter though.

Kaspersky hasn’t yet named who its external reviewers will be, either. But reached for comment, a company spokeswoman told us: “We will announce selected partners shortly. Kaspersky Lab remains focused on finding independent experts with strong credentials in software security and assurance testing for cybersecurity products. Some recommended competencies include, but are not limited to, technical audits, code base reviews, vulnerability assessments, architectural risk analysis, secure development lifecycle process reviews, etc. Taking a multi-stakeholder approach, we welcome input and recommendations from interested parties at

She also sent the following general company statement:

Kaspersky Lab was not involved in and does not possess any knowledge of the situation in question, and the company reiterates its willingness to work alongside U.S. authorities to address any concerns they may have about its products as well as its systems.

As there has not been any evidence presented, Kaspersky Lab cannot investigate these unsubstantiated claims, and if there is any indication that the company’s systems may have been exploited, we respectfully request relevant parties responsibly provide the company with verifiable information. It’s disappointing that these unverified claims continue to perpetuate the narrative of a company which, in its 20 year history, has never helped any government in the world with its cyberespionage efforts.

In addition, with regards to unverified assertions that this situation relates to Duqu2, a sophisticated cyber-attack of which Kaspersky Lab was not the only target, we are confident that we have identified and removed all of the infections that happened during that incident. Furthermore, Kaspersky Lab publicly reported the attack, and the company offered its assistance to affected or interested organisations to help mitigate this threat.

Contrary to erroneous reports, Kaspersky Lab technologies are designed and used for the sole purpose of detecting all kinds of threats, including nation-state sponsored malware, regardless of the origin or purpose. The company tracks more than 100 advanced persistent threat actors and operations, and for 20 years, Kaspersky Lab has been focused on protecting people and organisations from these cyberthreats — its headquarters’ location doesn’t change that mission.

“We want to show how we’re completely open and transparent. We’ve nothing to hide,” added Kaspersky in another statement.

Interestingly enough, the move is pushing in the opposite direction of US-based cybersecurity firm Symantec — which earlier this month announced it would no longer be allowing governments to review the source code of its software because of fears the agreements would compromise the security of its products.


Chinese Banks in Need of a Stiff Quality Check

October 23, 2017

When Chinese banks start reporting their third quarter earnings this week, investors should pay particular attention to their asset quality.


By Anjani Trivedi
The Wall Street Journal
Oct. 23, 2017 1:41 a.m. ET

Chinese bank stocks have been on a tear this year, with many now trading close to their book values—a sign that investors trust their financial reports more than they have in some time. With leading Chinese banks due to start reporting their latest earnings this week, it’s time for a more realistic assessment.

China’s banks have been vital forces behind the explosive growth of credit across the economy, with corporate debt now estimated at around 250% of GDP. They have played a critical role in the rise of shadow banking too.

The country’s biggest banks, whose shares are up 21% this year—the likes of ICBC and Bank of China —have also been faithful executors of Beijing’s will, directing credit to sectors the government favors and propping up debt-challenged state-owned enterprises. Chinese President Xi Jinping’s speech to the Communist Party’s congress last week made clear that the state’s role in directing the country’s economy is only set to grow.

Image result for Bank of China, photos

For investors, the question is where this leaves banks’ asset quality—a key driver of their share prices. Over the past 4 ½ years, Chinese banks have recognized some 5 trillion yuan ($760 billion) of bad loans. Even so, official estimates of nonperforming loans in the overall banking system still put them at 1%-2% of assets; the most bearish independent analysts reckon the real figure could be up to 20%. The truth is hard to know but there is plenty of troubling evidence that bad loans are understated and more are at risk of going bad.

Even though state-owned enterprises’ profitability has ticked up, their debt has too—and at a higher interest rate, hampering their ability to repay. Their liabilities continue to rise as well, up 11.4% in the first half of this year. Meanwhile, the amount of so-called special mention loans—those that are overdue but which haven’t yet been written off—that banks record has been rising sharply.

Any correction in China’s frothy property market could spark a rise in nonperforming loans. When property prices in the city of Wenzhou—a wealthy coastal town that has seen dramatic housing price fluctuations—dropped almost 50%, the NPL ratio for banks there surged more than 4 percentage points, according to Deutsche Bank analysts.

For the past year, Beijing has tried to clear out bad debts. It has set up more than a dozen asset managers whose role it is to manage distressed debts bought up from the banks. It has put in place programs that allow banks to swap debt for equity in companies, and let them securitize bad loans.

All this, though, amounts to rotating China’s bad-loan problem around the financial system. It may be time for investors to go back to basics, and question the banks’ original balance sheets harder.

Write to Anjani Trivedi at

Millions caught in South Africa’s cyber breach — Called “the worst data breach in history”

October 21, 2017
  • 20 October 2017
Photograph of local website running cyber breach article
South Africa has been hit by what is described as the worst data breach in history

Authorities in South Africa are investigating a data breach which has seen the personal details of more than 30 million citizens leaked on the internet – placing them at risk of identity theft.

The information contained in a 27GB file was discovered by Australia-based internet security expert Tony Hunt earlier this week.

It contains their names, full identity numbers, income, gender, employment history, contact numbers and even home addresses.

South Africa’s population is about 54 million, so more than half of the country is affected by what has been described as the country’s worst leak of private data.

The country’s State Security Agency (SSA) would not be drawn into discussing the implications of such a breach and whether it could threaten security.

“We are looking in to the matter. There is an investigation. We are obviously very concerned,” SSA spokesperson Brian Dube told the BBC.

“It’s important to us to get to the bottom of this, see how it came about and do whatever we have to do, to deal with it,” he said.

Local newspaper, The Times, is reporting that the breach has even reached senior politicians, including President Jacob Zuma, but this has not been confirmed.

What could go wrong?

There are many unknowns.

According to Mr Hunt, the file dates back to April 2015 but it is not clear how long the information was on the internet prior to his find.

Fingers on keyboard
The file has since been removed but it is not clear how many people have already accessed it

The information could have been accessed by anyone from anywhere in the world if they knew what to look for.

Experts say this is the sort of data that companies would pay good money for.

Mr Hunt said on Twitter this week that the data breach “is one of the worst I’ve ever seen on many levels”.

The server of a property company called Jigsaw Holdings appears to be the source of the breach, this was traced through an IP address, according to local reports.

While Jigsaw has not been available for comment, it is not believed the cyber breach was a result of malice or negligence.

What happens now?

Some local newspapers have been calling for South Africans to use Mr Hunt’s website haveibeenpwned which works by checking one’s email address to see if their account has been compromised.

I took his advice. I’ve been using a private email address for years which I have always believed to be secure – but it turns out I’m in the 30 million.

It is not clear what happens now and perhaps that is the part that is most unnerving – do you wait until you are a target? Will you be a target? Do you warn your credit providers? Or simply do nothing?

So what’s the risk?

The publisher of Stuff Magazine, a technology magazine in South Africa, says in the wrong hands, the information could be used to impersonate people.

“All of this information could be used to open a bank account, a credit card account and they would use it knowing that someone will else have to pay for it when the bill comes,” Radio 702 quotes Toby Shapshak as saying.

He also speculated in the same interview that as many as 60 million people have had their personal data compromised, if you include the details of people who have died.

Time to panic?

South Africa’s banking institutions are said to be among the safest in the world, but they could be caught off-guard if the information was misused.

Cyber crime graphic image
Experts say cyber crime is still not taken as seriously as conventional crime despite its links in some cases to terrorism. ISTOCK photo

It is said to be the largest leak of the details of private citizens in the country’s history – and yet it seems to have gone largely undetected.

There is no outcry.

But Mr Shapshak says South Africans “should panic”.

“Yes the data may be five years old but our ID numbers stay the same, our employment history stays the same and these are the sort of things that make it possible to create fake identities. It is a serious problem and I’m not being paranoid.”

Experts say cyber crime is still not taken as seriously as conventional crime, even though it can be used to fund all sorts of illicit activities including terrorism. While the possibility of identity theft could open a whole new door for criminals here.

“It’s too early to say anything at this moment… There are a lot of reports going around, but we are concerned and looking into it,” said Mr Dube.

And so we wait – and hope that the right people are doing all the right things to protect the country’s citizens from those who live on the dark web.