How and where do banks store, retrieve, and update account information?
Banking
Asked by Question Bot05/Feb/20141 answer
1 Answer
F
Faisal Khan
Answered 05/Feb/2014
You are correct in saying that your money is stored on a couple of hard disks. However, rest assured 10,000s of man hours worth of effort, thinking and practise has gone into making it secure.
Modern day, core banking software have a whole lot of redundancy built-in to the system, not to mention security.
First of all, in new core-banking systems, you cannot just unilaterally add and/or delete money. It has to be a transaction. The transaction has to be one that is sanctioned by the system. Any out of the ordinary transaction would usually set up flags in the system, if not immediately, then the BI (Business Intelligence) flags would be highlighted.
To delete money, the money must "go" somewhere, i.e. it must be credited and debited on to some ledger account. By merely deleting it or reducing it down to zeros will not work. It cannot just vanish.
The audit mechanism is very robust. Even collusion, requires a couple of procedural steps for the money to be transfered out or cashed out, and even in that case, the audit logs (which cannot be tampered with) will provide a complete audit trail of what transpired, who logged in, who authorised the transfer, to which account, when? from which IP, from which terminal? who was the maker of the request? who was the checker of the request? who was managerial approver of the request, etc.
The systems are in place precisely to ensure that such hacking attempts and siphoning of money (be it accidental, or via hacking or via data corruption) does not happen, and the electronic assets are secure and recoverable.
Modern day, core banking software have a whole lot of redundancy built-in to the system, not to mention security.
First of all, in new core-banking systems, you cannot just unilaterally add and/or delete money. It has to be a transaction. The transaction has to be one that is sanctioned by the system. Any out of the ordinary transaction would usually set up flags in the system, if not immediately, then the BI (Business Intelligence) flags would be highlighted.
To delete money, the money must "go" somewhere, i.e. it must be credited and debited on to some ledger account. By merely deleting it or reducing it down to zeros will not work. It cannot just vanish.
The audit mechanism is very robust. Even collusion, requires a couple of procedural steps for the money to be transfered out or cashed out, and even in that case, the audit logs (which cannot be tampered with) will provide a complete audit trail of what transpired, who logged in, who authorised the transfer, to which account, when? from which IP, from which terminal? who was the maker of the request? who was the checker of the request? who was managerial approver of the request, etc.
The systems are in place precisely to ensure that such hacking attempts and siphoning of money (be it accidental, or via hacking or via data corruption) does not happen, and the electronic assets are secure and recoverable.