University of Ghana http://ugspace.ug.edu.gh
UNIVERSITY OF GHANA
MANAGING THE RISKS OF ELECTRONIC BANKING:
A COMPARATIVE STUDY OF LOCAL AND FOREIGN BANKS IN GHANA
BY
ABRAHAM BORTIEH SANGO
(10636321)
A LONG ESSAY SUBMITTED TO THE DEPARTMENT OF FINANCE,
UNIVERSITY OF GHANA BUSINESS SCHOOL IN PARTIAL FULFILMENT OF
THE REQUIREMENTS FOR THE AWARD OF MASTER OF BUSINESS
ADMINISTRATION DEGREE IN FINANCE
AUGUST 2019
University of Ghana http://ugspace.ug.edu.gh
DECLARATION
I declare that this Long Essay is my own work produced under supervision and that it has been
not submitted in whole or in part, to any other University or Institution for the award of any
degree or diploma. Except where states otherwise by reference or acknowledgement, the work
submitted is entirely my own.
……………………………………. .................................................
ABRAHAM BORTIEH SANGO DATE
(10636321)
i
University of Ghana http://ugspace.ug.edu.gh
CERTIFICATION
I hereby certify that this Long Essay was supervised in accordance with the procedures and
guidelines laid down by the University of Ghana.
……………………………………… ........................................
DR. CHARLES ANDOH DATE
(SUPERVISOR)
ii
University of Ghana http://ugspace.ug.edu.gh
DEDICATION
I dedicate this piece of work to the memory of my late father, Mr. Sango Laryea, who taught
me that the best kind of knowledge to have is that which is learned for its own sake. It is also
dedicated to my mother, who taught me that even the largest task can be accomplished if it is
done one step at a time.I am proud of them.
ii i
University of Ghana http://ugspace.ug.edu.gh
ACKNOWLEDGEMENT
First and more importantly, I am mush indebted to the almighty God for sustaining me health
wise and endowing me with much energy and wisdom to embark on this difficult task of writing
this Long Essay and finally seeing to its completion.
Dr. Charles Andoh has been my ideal Long Essay supervisor. His sage advice, insightful
criticisms, and patient encouragement aided the writing of this Long Essay in innumerable
ways.
My profound gratitude goes to my colleagues, for their constructive and invaluable criticisms
as well as their time devoted in discussion certain aspects of the work.
My sincere gratitude also goes to Mrs. Matilda Osei whose steadfast support of this Long
Essay was greatly needed and deeply appreciated.
Finally, my sincere thanks go to Miss Rosemary Clottey and Mrs. Rita Boateng for the patience
and caring love they showed me during the time I was putting this Long Essay to together. I
am very grateful indeed.
iv
University of Ghana http://ugspace.ug.edu.gh
TABLE OF CONTENTS
DECLARATION....................................................................................................................... i
CERTIFICATION .................................................................................................................. ii
DEDICATION........................................................................................................................ iii
ACKNOWLEDGEMENT ...................................................................................................... iv
TABLE OF CONTENTS ........................................................................................................ v
LIST OF TABLES ............................................................................................................... viii
LIST OF FIGURES ................................................................................................................ ix
LIST OF ABBREVIATIONS ................................................................................................. x
ABSTRACT ........................................................................................................................... xii
CHAPTER ONE ...................................................................................................................... 1
INTRODUCTION.................................................................................................................... 1
1.1 Introduction ...................................................................................................................... 1
1.2 Background of the study .................................................................................................. 1
1.3 Problem statement ............................................................................................................ 3
1.4 Purpose of the study ......................................................................................................... 4
1.4.1 Specific objectives......................................................................................................... 4
1.5 Research questions ........................................................................................................... 5
1.6 Significance of the study .................................................................................................. 5
1.7 Scope & limitation of the study........................................................................................ 5
1.8 Chapter organization ........................................................................................................ 6
CHAPTER TWO ..................................................................................................................... 7
LITERATURE REVIEW ....................................................................................................... 7
2.1 Introduction ...................................................................................................................... 7
2.2 History of electronic banking ........................................................................................... 7
2.3 The concept of electronic banking ................................................................................... 8
2.3.1 Internet aanking ............................................................................................................. 9
2.3.2 Automated teller machines (ATM) ............................................................................. 10
2.3.3 Telephone banking ...................................................................................................... 11
2.3.4 Personal computer banking ......................................................................................... 11
2.3.5 Branch networking ...................................................................................................... 11
2.3.6 Mobile banking ........................................................................................................... 12
2.4 Electronic banking in Ghana .......................................................................................... 12
2.5 Importance of eectronic banking .................................................................................... 13
2.6 Risks associated with electronic banking ....................................................................... 14
2.6.1 Operational/Transaction risk ....................................................................................... 15
2.6.2 Strategic risk ................................................................................................................ 17
2.6.3 Reputational risk ......................................................................................................... 17
2.6.4 Legal/Compliance risk ................................................................................................ 18
v
University of Ghana http://ugspace.ug.edu.gh
2.7 Managing risks associated with electronic banking ....................................................... 19
2.8 Radio frequency identification (RFID) .......................................................................... 20
2.9 Theoretical framework ................................................................................................... 21
2.9.1 The diffusion of innovation theory.............................................................................. 21
2.9.2 The technology acceptance model .............................................................................. 22
2.10 Empirical review .......................................................................................................... 23
2.11 Gaps in literature .......................................................................................................... 25
2.12 Implication of the study................................................................................................ 25
CHAPTER THREE ............................................................................................................... 26
RESEARCH METHODOLOGY ......................................................................................... 26
3.1 Introduction .................................................................................................................... 26
3.2 Research design .............................................................................................................. 26
3.3 Research approach.......................................................................................................... 26
3.4 Target population ........................................................................................................... 27
3.5 Sample size and sampling technique .............................................................................. 27
3.6 Data collection method................................................................................................... 28
3.6.1 Sources of data ............................................................................................................ 28
3.6.2 Data collection tools .................................................................................................... 28
3.6.2.1 The study questionnaire ........................................................................................... 29
3.6.2.2 Interviews ................................................................................................................. 29
3.7 Data management & analysis ......................................................................................... 30
3.8 Ethical Considerations.................................................................................................... 31
3.9 Limitation to methodology ............................................................................................. 31
CHAPTER FOUR .................................................................................................................. 32
DATA ANALYSIS AND DISCUSSION OF FINDINGS ................................................... 32
4.1 Introduction .................................................................................................................... 32
4.2 Background information of respondents (bank staff) .................................................... 32
4.2.1 Gender of respondents ................................................................................................. 32
4.2.2 Age of respondents ...................................................................................................... 33
4.2.3 Marital status of respondents....................................................................................... 34
4.2.4 Educational background of respondents ..................................................................... 35
4.2.5 Years of working experience in the banking field ...................................................... 36
4.3 Identification of electronic banking risks from the bankers’ perspective ...................... 38
4.4 Examining the effect of Electronic Banking Risks on Banks ........................................ 41
4.4.1 Qualitative analysis from local banks ......................................................................... 41
4.4.2 Qualitative analysis from foreign banks ..................................................................... 43
4.5 Risk management of electronic banking based on the fourteen (14) principles of the
Basel Committee .................................................................................................................. 45
4.6 Discussion of findings .................................................................................................... 52
CHAPTER FIVE ................................................................................................................... 55
SUMMARY, CONCLUSION AND RECOMMENDATIONS ......................................... 55
5.1 Introduction .................................................................................................................... 55
5.2 Summary of key findings ............................................................................................... 55
5.3 Conclusion ...................................................................................................................... 57
v i
University of Ghana http://ugspace.ug.edu.gh
5.4 Recommendations .......................................................................................................... 58
5.5 Suggestions for further study ......................................................................................... 58
APPENDIX 1: STAFF QUESTIONNAIRE ........................................................................ 68
APPENDIX 2:INTERVIEW GUIDE FOR STAFF........................................................... 72
vi i
University of Ghana http://ugspace.ug.edu.gh
LIST OF TABLES
Table 4.1: Age of respondents ................................................................................................. 34
Table 4.2: Marital status of respondents .................................................................................. 34
Table 4.3: Descriptive statistics: Risks associated with electronic eanking by local banks in
Ghana. ...................................................................................................................................... 40
Table 4.4: Descriptive statistics: Risks associated with electronic banking by foreign banks in
Ghana. ...................................................................................................................................... 41
Table 4.5: Descriptive statistics: Responses from staff of selected local banks ...................... 47
Table 4.6: Descriptive statistics: Responses from staff of selected foreign banks .................. 48
vi ii
University of Ghana http://ugspace.ug.edu.gh
LIST OF FIGURES
Figure 4.1: Gender representation of respondents ................................................................... 33
Figure 4.2: Educational representation of respondents ........................................................... 35
Figure 4.3: Number of years of professional experience ......................................................... 36
Figure 4.4: Position of respondents ......................................................................................... 37
Figure 4.5: Type of banks ........................................................................................................ 38
ix
University of Ghana http://ugspace.ug.edu.gh
LIST OF ABBREVIATIONS
ADB Agricultural Development Bank
ATM Automated Teller Machine
AVR Automated Voice Response
BCBS Basel Committee on Banking Supervision
BIS Bank for International Settlements
CBG Consolidated Bank Ghana
CV Coefficient of Variation
EB Electronic Banking
FRQ Frequency
FTC Federal Trade Commission
GCB Ghana Commercial Bank
HBTF Housing Bank for Trade and Finance
ICT Information and Communications Technology
IT Information Technology
JCB Jordan Commercial Bank
MBRC Money and Bank Research Centre
NIB National Investment Bank
PBL Prudential Bank Limited
PC Personal Computer
PIN Personal Identification Number
PLC Public Limited Company
POS Point Of Sales
RFID Radio Frequency Identification
SMS Short Messaging Service
x
University of Ghana http://ugspace.ug.edu.gh
SPSS Statistical Package for Social Sciences
SQL Structured Query Language
STD DEV Standard Deviation
TAM Technology Acceptance Model
TB Telephone Banking
UBL Universal Merchant Bank
x i
University of Ghana http://ugspace.ug.edu.gh
ABSTRACT
The purpose of this study was to compare electronic banking risk management practices among
local and foreign banks in Ghana. The study employed the mixed-method research approach
through the use of questionnaires and interview guides for collecting primary data. With the
aid of the Statistical Package for Social Sciences (SPSS Version 25), descriptive statistics tools
namely; frequency, percentage, mean scores, standard deviations, variances and coefficient of
variation were utilized to analyze the quantitative data. Furthermore, analysis of qualitative
data through interviews was done manually to determine the themes in the interview text. From
the findings, both local and foreign banks in Ghana have demonstrated a high level of efficacy
in managing the risks associated with electronic banking based on the fourteen (14) principles.
Nonetheless, the risk management roles by the foreign banks pertaining to EB were more
prominent than the local banks. The study was necessary in view of the fact that several people
are turning to the adoption of EB services, thus, it is essential that risks associated with EB be
identified and effectively managed.
Keywords: Bank, electronic banking, risk management, security.
xi i
University of Ghana http://ugspace.ug.edu.gh
CHAPTER ONE
INTRODUCTION
1.1 Introduction
This chapter provides the general overview of the study. It presents the study background and
statement of the problem. It outlines further the objectives of the study, research questions,
study significance, scope and limitation of the study. The chapter ends by giving a preview of
organization for the entire study.
1.2 Background of the study
Advancement in Information and Communications Technology (ICT) in modern times have
caused many banks, both local and international towards adopting electronic banking.
According to Brady, Saren, and Tzokas (2002), the adoption of advanced technology via the
use of internet, mobile phones, computers, Automated Teller Machines (ATMs), etc has played
a vital role in revolutionizing the banking sector from the “rudimentary” labour-intensive
grounded ledger system to systemized processes. This has indeed set the motion for the banking
sector in delivering efficient payment systems compatible with the demands of the electronic
market (Balachandler, Santha, Norhazlin & Rajendra, 2001). An innovative, vibrant, efficient
and productive banking sector has emerged, and to stay competitive, many banks are adopting
Electronic Banking (EB) to gain customer satisfaction and retention without geographical
limitations (Karjaluoto, Mattila, & Pento, 2002).
Daniel (1999) refers to EB to include several types of financial services which enable bank
customers to carry out financial transactions via computer, mobile phone, or television.
Furthermore, Federal Financial Institutions Examination Council (2003), defines EB as the
automated delivery of traditional banking products and services to customers through
electronic and interactive communication channels. According to Kolodinsky Hogarth and
Hilgert (2004), EB has developed from providing just automated bill payments via Automated
Teller Machines (ATMs) in the 1990s to provision of online services through electronic
1
University of Ghana http://ugspace.ug.edu.gh
payments, account opening, borrowing facilities, computer banking, etc. The adoption of EB
seems to be a significant task in today’s changing world, whereby society have shifted more to
the use of internet and electronic facilities rather than the traditional way of banking. Today,
the banking industry is changing rapidly as a result of the development of ICT, market
competition and the overall international economic causing increase in the growth of financial
transactions through electronic means such as fund electronic transfer, ATMs, electronic
payment of bills, etc, (Money & Bank Research Centre (MBRC), 2005).
Besides, innovations like cell phones, telecommunication networks, ATM, etc have changed
the way in which banks provide financial services to customers with the advantage of focusing
on new distribution channels; while granting access to services without spatial and time
limitations. Ghana has also witnessed reforms in EB as evidenced with the introduction of
technologies such as the ATMs in the 1990s (Abor, 2005). Following this, the Point Of Sales
(POS) networks, Internet Banking, Mobile Banking, Tele-banking, Personal Computer (PC)
Banking, International Money Transfer, Inter-Banking, payment, settlement system, etc, have
been introduced by banks to satisfy their customers’ needs.
According to Georgescu (2006), banks are generally expected to manage some common risk
in the areas of operational, strategic, market, credit, liquidity, compliance or legal or regulatory
and reputational risks. Nevertheless, new risks have been triggered by this electronic banking
phenomenon. These include: unfamiliarity of employees and customers with new technology
and lack of essential infrastructure for providing electronic financial services.
Furthermore, EB has increased the technical complexity involved in many security and
operational issues, by which users must be verified and given authorization prior to undertaking
banking transactions (Trenca, Silivestru & Paun, 2010). A major important responsibility of
banks and other financial institutions is to understand all types of risks so as to device
appropriate strategies for managing them. Risk management practices usually used in EB are
categorized into board and management oversight, security controls as well as legal and
2
University of Ghana http://ugspace.ug.edu.gh
reputational risk management as recommended by the Basel Committee on Banking
Supervision (BCBS) (Basel, 2008).
1.3 Problem statement
Advances in technology as well as the rising influence of Information and Communications
Technology (ICT) in financial institutions is one of the major achievements of the 21st century,
to the extent that today, ICT has improved the relationships between groups of societies in
different geographic regions and levels without any limitations of time and space
(Abasinezhad, 2011). According to Christopher, Mike, Visit, and Amy (2006), EB has become
an important channel for selling banking products and services, causing a paradigm shift in
marketing practices, and contributing to the high performance of banks. Similarly, Singhal and
Padhmanabhan (2008), posit that the ability of banks to provide opportunity for their customers
through access and monitoring of personal accounts have increased their competition power
within the complex markets in modern times.
Despite the numerous benefits of electronic banking to both banks and customers, the
introduction and development of EB has exposed the banking industry to more risks in the
areas of operation, security, reputation and legal, which if not properly managed will lead to
falling consumer confidence and financial losses (Adams, 2015).
According to Imala (2002), Basel Committee on Banking Supervision (2003a) and Trenca et
al. (2010), EB has increased and altered some of the risks associated with traditional banking.
A report by the Basel Committee identified major electronic banking risks to include:
operational, strategic, credit, liquidity and market risks (Basel Committee on Banking
Supervision, 2003a). Even though the Basel Committee on Banking Supervision (BCBS, 2008)
outlined some risk management principles categorized into; board and management oversight,
security controls and legal and reputational risk management, the implementation of these risk
management principles remains a major challenge, and continues to be a major drawback to
3
University of Ghana http://ugspace.ug.edu.gh
most banks. In Nigeria for example, Ihejiahi (2009), argues that the lack of co-operation among
commercial banks to tackle the high occurrence of ATM related frauds hinders the
development of the banking industry in Nigeria. Since some emerging EB services are
relatively new to the Ghanaian banking industry, little is known about the strategies put in place
by banks in Ghana to manage the associated risks.
Consequently, this study provides an empirical evidence by comparing EB risk management
practices among local and foreign banks in Ghana. In particular, the study seeks to identify the
risks involved in EB system among local and foreign banks in Ghana, to also examine how
such risks can affect the banks, and to finally ascertain how these risks are managed by the
banks.
1.4 Purpose of the study
The purpose of this study is to compare electronic banking risk management practices among
local and foreign banks in Ghana.
1.4.1 Specific objectives
The study is guided by the following specific objectives:
i. To identify the risks involved in electronic banking among local and foreign banks in
Ghana.
ii. To examine how such risks can affect the banks.
iii. To ascertain how electronic banking risks are managed by the banks based on the
fourteen (14) principles of Basel Committee.
4
University of Ghana http://ugspace.ug.edu.gh
1.5 Research questions
The following research questions have been formulated to achieve the objectives of the study:
i. What are the risks involved in electronic banking among local and foreign banks in
Ghana?
ii. In what ways can these risks affect the banks?
iii. How are electronic banking risks managed towards attaining organizational
effectiveness?
1.6 Significance of the study
This study seeks to compare EB risk management practices among local and foreign banks in
Ghana. Given that several people have turned to, or are turning to the adoption of EB services,
it is essential that risks associated with this type of banking be identified and managed to enable
banks to encourage their customers towards the use of such banking services.
This study would be beneficial in many ways: First of all, the study would be significant by
way of bridging the knowledge gap in EB risk management practices among local and foreign
banks operating in the country. It is expected that findings from this study would be important
to management of both local and foreign banks in Ghana, as well as regulatory bodies such as
the Bank of Ghana as it would offer insight with regard to the various approaches of managing
the risks associated with EB towards ensuring operational efficiency and profitability. This will
also facilitate enhancement of customer confidence towards the adoption of EB services. Also,
the study would serve as a reference material and form the basis for further research.
In summary, the study findings will make significant contribution to practice, policy and
academia.
1.7 Scope & limitation of the study
The study seeks to compare EB risk management practices among selected local and foreign
banks in Ghana. The study scope is limited to only sixteen (16) local and foreign banks
5
University of Ghana http://ugspace.ug.edu.gh
operating in Ghana. The study target both management and non-management employees
sampled from the sixteen (16) local and foreign banks in Ghana.
1.8 Chapter organization
The study is organized into five (5) chapters. Chapter 1 presents the general introduction; which
include the study background, statement of the problem, study objectives, research questions,
study significance, scope & limitation and organization of the study. Chapter 2 reviews
literature, both the theoretical and empirical literature relevant to the study. Chapter 3 discusses
the research methodology used in conducting the study. Chapter 4 focuses on data presentation,
analysis and discussion of findings. Chapter 5 provides highlights of the key findings through
summary. Furthermore, conclusion and relevant recommendations are provided based on the
study’s findings.
6
University of Ghana http://ugspace.ug.edu.gh
CHAPTER TWO
LITERATURE REVIEW
2.1 Introduction
This chapter presents a review of literature relating to the study topic. The chapter will review
literature on electronic banking history, concept, EB in Ghana, importance, types of risks
associated with electronic banking, management of electronic banking, risks as well as Radio
Frequency Identification (RFID) of electronic banking. Additionally, the chapter reviews
theoretical frameworks, empirical studies related to the study topic, with identification of gaps
as well as the implication of the study.
2.2 History of electronic banking
Banks are searching continually for solutions to decrease operational costs and to also improve
customer service delivery. In view of this, the banking industry has adopted several
technologies and innovations based on prevailing trends to revolutionize the banking sector
from the “rudimentary” labour-intensive grounded ledger system to systemized processes
(Brady, Saren & Tzokas, 2002).
The revolution of information technology within the banking industry started in the early
1970s, with the credit card, Automated Teller Machine (ATM) as well as the ATM networks.
The telephone and cable television banking followed during the 1980s, with PC banking
following during the late 1980s to early 1990s (Giannakoudi, 1999). Mobile Banking also
emerged as banks sought to be more innovative, and to attract both the young and old
generation of customers. According to Giannakoudi (1999), Information Technology (IT)
allows electronic channels to execute several banking functions which would have been
otherwise undertaken over the counter.
7
University of Ghana http://ugspace.ug.edu.gh
Nonetheless, the challenges that characterize EB technologies for instance internet banking
and ATMs are security issues with respect to internet banking, and high maintenance costs of
ATMs.
2.3 The concept of electronic banking
Advancement in the usage of contemporary Information and Communications Technology
(ICT) as well as the internet has caused a change, replacing the traditional methods of banking
with innovative ways through electronic operations. Stamoulis, Kanellis and Martakos (2002),
consider EB as a financial innovation which has advanced significantly as a result of the
creative usage of emerging Information and Communications Technology (ICT) in addition to
other business forces. EB has become very dominant in performing financial transactions,
providing financial benefits, and at the same time serving as a very powerful tool for promoting
competition between banks (Zarei, 2011). EB provides convenient financial services to bank
customers, either through a natural or legal person, from the use of the internet, wireless
networks, as well as other forms of electronic devices.
The term Electronic Banking (EB) has been defined in many ways by various researchers due
to their understanding of EB application. For instance, Sathye (1999), describes EB to include
a variety of channels such as: (a) Internet banking (or online banking), (b) television-based
banking, (c) telephone banking, (d) PC banking (or offline banking) and (e) mobile phone
banking.The Federal Financial Institutions Examination Council (2003), defines EB to include
systems which allow financial institutions, individuals and businesses to transact business,
access their accounts, obtain information on financial products or services, etc by means of a
private or public network. Furthermore, the Basel Committee report defined EB as the
provision of retail as well as small value banking products or services via electronic channels,
and also large value electronic payments as well as other wholesale financial services delivered
through electronic channels. Examples of EB products or services include; deposit taking,
8
University of Ghana http://ugspace.ug.edu.gh
account management, lending, electronic bill payment, among many others (Basel Committee
on Banking Supervision (BCBS), 2003).
Moreover, Money and Bank Research Centre (MBRC) (2000), refers to EB as including
electronic funds transfers, ATMs, electronic bill payments, mobile banking, web-based
banking, etc which have transformed traditional ways of providing financial service to more
technologically-driven banking transactions without spatial or time limitations. Again, Hong
Kong Monetary Authority (2015), EB includes online banking through the internet (using
mobile devices or computers) for making banking transactions, mobile payments through the
use of wireless networks, self-service terminals such as the ATMs, mobile banking using
mobile telephone networks. Additionally, Jehangir, Zahid, Jan, and Khan (2016), posit that EB
represents automatic delivery of traditional and new banking products or services using
computers, telecommunication equipment and other electronic channels.
2.3.1 Internet banking
Internet banking is a type of EB which uses internet in bringing a bank closer to its customers.
According to the Internet Banking Handbook (2001), internet banking is the means by which
banking services are provided via the internet. Again, Thulani, Tofara, and Langton (2009),
describe internet banking as systems which enable a customer to access his or her accounts and
get general information about banking products and services via a bank’s website, without the
need to send letters, original signatures or telephone confirmations. The system provides
flexible and convenient services to customers by enabling customers to transact certain
transactions such as checking accounts, making enquiries, transferring funds to different
accounts, etc over the internet. An additional feature is that it offers customers 24/7 access. For
customers that have access to a computer and internet, all that is required is to proceed their
bank’s website and login.
9
University of Ghana http://ugspace.ug.edu.gh
Internet Banking is however different from PC banking. As internet banking is browser-based,
PC banking on the other hand requires that customers install a software package to be assigned
by their bank on their PC.
2.3.2 Automated teller machines (ATM)
Automated Teller Machines (ATMs), also known as 24-hour tellers are electronic terminals
which provides opportunity to customers to bank at almost any time and at anywhere (Federal
Trade Commission (FTC), 2006). Rose 1999, cited in Abor (2005), describes ATM as the
amalgamation of computer terminal, database system and cash vault into a unit, which provide
customers access to a bank’s book keeping system through the use of a plastic card with a
Personal Identification Number (PIN), or by entering a unique code number into the computer
terminal that is connected to the computerized records of the bank 24/7.
ATM provides numerous retail banking services to bank customers. Introduced originally to
function as machines for dispensing cash, and mostly situated outside the banks (airports,
malls, etc.), the swift increase in technology in recent times has made ATMs serve other
purposes such as providing account information and paying of bills (Abor, 2004). Many ATMs
provide customers the opportunity to also make cash and cheque deposits, transfer money, top
up phone credit and even purchase postage stamps. ATM services provide many benefits.
The use of this provides banks which patronize in it with competitive advantage over banks
which do not. Furthermore, the combination of human tellers and ATMs enable banks to be
more productive. Again, the service saves time in terms of delivering service to customers as
queuing in banking halls is minimized so that spared time can be utilized for productive
activities (Abor, 2004). Additionally, the ability of ATMs to continue operation even after
banking hours provides continuous productivity. According to Crosland of NCR Corporation
10
University of Ghana http://ugspace.ug.edu.gh
(2010), ATM services apart from the cost savings and revenue generation benefits have become
the face of several banks, with significant number of customers subscribing to them.
2.3.3 Telephone banking
Telephone Banking or Telebanking (TB) is the type of banking which delivers financial
services through the means of telecommunication technologies by which customers can carry
out transactions by means of dialing a touch-tone telephone or a mobile communication device
linked to the bank’s computerized system through an Automated Voice Response (AVR)
device (Balachandher, Santha, Norhazlin & Rajendra, 2001).
According to Leow (1999), TB is very useful to banks and customers through the delivery of
convenient, time saving as well as easy access to banking services for customers. For banks,
TB services help reduce cost as compared to branch-based banking services. TB has virtually
all the gains derived from the ATM.
2.3.4 Personal computer banking
Personal Computer (PC) Banking offers customers with access to their account information via
a restrictive software system installed on their Personal Computers (PCs). Through this,
customers can perform several retail banking functions. A customer can access banking
services such as checking account balances, making transfers between accounts, paying bills,
etc at his or her home and office (Abor, 2005). Technology development has expanded the use
of PCs, bolstering the efficiency of PC banking. PC banking provide convenience to customers
as they can electronically conduct several banking transactions on their PC.
2.3.5 Branch networking
Branch Networking branches are described as an automation as well as the networking of
geographically different branches of a bank into a framework of Wide Area Network to
facilitate customer data sharing (Abor, 2005). This system ensures rapid inter - branch banking
11
University of Ghana http://ugspace.ug.edu.gh
transactions, hence reducing time and distance constraints. Most banks operating in Ghana
have several of their branches networked all over Ghana. Through this system, a customer can
access their accounts in any of the bank’s branches, regardless of the branch where he or she
opened the account.
2.3.6 Mobile banking
The latest to be added to EB products or services in Ghana is banking on the mobile phone,
popularly referred to as Mobile Banking. Mobile banking offers a platform or system whereby
customers are automatically updated on their mobile phone about any transactions in their
accounts in the form of credits, debits or any other information. Chovanova (2006), describes
it as a system that uses text messaging system to update its customers about every transaction
on their accounts. All what is required to be part of the platform is a mobile phone with an
active text-messaging system. Short Messaging Service (SMS) banking is within this group.
2.4 Electronic banking in Ghana
The Ghanaian banking industry has gone through numerous changes in terms of delivering
service with the intention of improving the quality of service for its customers. These changes
are evidenced by the increasing adoption of technologies and other innovative concepts into
the banking industry (Adams & Lamptey, 2009). Earlier types of communication and electronic
technologies were mostly office automated technologies. Telephones, facsimile and telex were
used for speeding up and improving efficiency of service. For several years, they were the basic
ICTs for making banking transactions (Abor, 2005).
The Trust Bank Ghana introduced the ATM in 1995, with other major banks such as the Ghana
Commercial Bank (GCB) Limited in partnership with the Agricultural Development Bank
(ADB) Limited following in 2001 (Abor, 2005). ATM remains the most widely utilized EB
service in Ghana. Since they are networked and customers are not required to be present
12
University of Ghana http://ugspace.ug.edu.gh
personally at their branches to carry out banking transactions (Abor, 2005). Their availability
is considered a major determinant for the choice of bank, and banks which were not efficient
in their operation of ATM systems have suffered drastically.
Due to competition between banks, almost all Ghanaian banks are presently providing different
types of 24-hour EB services.
2.5 Importance of electronic banking
EB offers convenience, secure transactions, and 24-hour banking options. In today’s
information-driven business environment, organizations who do not adopt EB are
disadvantaged in terms of competition with other banks who patronize EB products or services
(Laura, 2014). According to Cheng, Lam and Yeung (2006), customers prefer EB for
convenience, round the clock services, speed and access to their account anywhere and at any
time. Nonetheless, some customers are still reluctant to adopt EB services, due to security
issues and lack of knowledge about its usage (Ayrga, 2011). EB delivers benefits to banks too.
According to (Polatoglu and Ekin, 2001), EB results in higher satisfaction of customers and
retention. Furthermore, Cheng, Lam and Yeung (2006), maintain that banks benefit by way of
less transaction costs, as EB entails less paper work, staff and physical branches. Again, Jen
and Michael (2006), argue that EB generates extraordinary opportunities for banks and
businesses universally, through the development of financial products, marketing and delivery
of services.
According to Laura (2014), EB provides five (5) key benefits to financial institutions. They
include:
i. Activity review: Accountants and other approved staff could perform routine
banking activities like deposits, clearing of cheques, transferring funds, etc, quickly
by means of an online banking interface. This enable processing of banking
transactions to be performed smoothly on daily basis, instead of waiting for
13
University of Ghana http://ugspace.ug.edu.gh
statements every month. Again, errors can be noted and quickly resolved before any
adverse impact on the business could be detected.
ii. Productivity: EB contributes to productivity gains. Electronic payments which
minimizes physical visits of customers to the bank, as well as the ability to staff to
work efficiently as required increases productivity.
iii. Lower banking costs: EB reduces business overhead and expenses of banks.
iv. Reduced errors: EB adoption minimizes errors of banks. Electronic payments,
transfers, and other financial activities are made quickly. Furthermore, errors may
be prevented as a result of keyboard slips or error of user(s).
v. Reduced fraud: Increasing scrutiny of finances of organizations through audits, as
well as antifraud measures demands higher level of transparency for every financial
transaction. EB improves transparency of banking activities, making it difficult for
fraud activities to occur.
2.6 Risks associated with electronic banking
The term risk is commonly defined as the probability of a threat which leads to a diverse
implication. Hubbard (2010) and the International Organization for Standardization (2011),
however in their definition of the term argued that the definition of risk should be based on the
state of uncertainty, rather than on the degree of likelihood. Thus they defined risk as a
condition of uncertainty by which some of the possibilities include a loss, a catastrophe, or
other undesirable consequence. Building on the definition of these authors, risk is defined in
this study as a condition of uncertainty by which a particular threat source exploits one or many
vulnerabilities, leading to a negative impact, whereby some of the possibilities include a loss,
catastrophe, or other undesirable consequences. The key word in this definition is condition of
uncertainty, and its resulting effect on the objectives of an organization.
14
University of Ghana http://ugspace.ug.edu.gh
Electronic Banking (EB) is considered the wave of the future. Despite numerous benefits that
EB provides, several challenges are also associated with its adoption. According to Abdou,
Muslem, and Ismal (2014), both banks and customers must be ready to encounter an increased
level of risk in the same way they enjoy the benefits available for adopting EB. In view of the
increasing adoption of EB products or services, identification of and management of risks
related with this banking system is considered an important task for banks and other financial
institutions so as to encourage customers to patronize the services.
Management processes of traditional banking have focused on market, security, liquidity,
credit, compliance or legal, etc. (Georgescu, 2006). Nonetheless, following the introduction of
EB, the industry has been more exposed to greater challenges in terms of operational, security,
legal, strategic and reputational risks which if ignored will result to financial losses as well as
falling consumer confidence (Federal Deposit Insurance Corporation, 2007; Nwogu & Odoh,
2015). A report by the E-banking group on risk management and EB supervision identified
risks associated with EB to include; operational, strategic, liquidity, credit and market risks
(BCBS, 2003). Below are the major types of risks associated with EB:
2.6.1 Operational/Transaction risk
Operational risks are common risks in EB services. The dependence on new technology for the
provision of services puts system availability and security as the fundamental operational risk
involved in EB. “Security”, as identified by Titrade, Ciolacu and Pavel (2008:1540), remains
a threat to both banks and customers, hence undermining confidence and confidentiality.
Threats to security can occur from inside or outside of the banking system. Thus, measures are
required to be undertaken to ensure data confidentiality and system integrity (Mihalcescu,
Ciolacu, Pavel & Titrade, 2008). According to MollaZade (2010), operational risk is the type
of risk that generates losses as a result of inadequate or inefficient internal controls, and human
errors. Abou and Hasani (2008), consider operational risk to occur due to failure or lack of
efficient personnel, technology and working processes. The Basel Committee on Banking
15
University of Ghana http://ugspace.ug.edu.gh
Supervision (BCBS) (2011), also defines operational risk as risk losses that may result from
inadequate or unsuccessful internal processes, people, or external events. This definition entails
legal risk, but however excludes reputational and strategic risk. Some financial reports have
revealed of substantial financial losses on EB platforms due to malfunctioning of Information
Systems namely: Structured Query Language (SQL) injections (Barnett, 2009); fraud, viruses,
as well as phishing attacks (Bonsón, Escobar & Flores, 2008; United Kingdom (UK) Payments
Administration, 2011). For instance, phishing attacks which targeted UK banks rose from 1,700
reported cases in 2005 to 61,873 in 2010 (Financial Fraud Action UK, 2011).
Also, Phone banking fraud rose by 5% (£12.7 million) in 2010, as compared with 2009,
(Financial Fraud Action UK, 2011). These substantial financial losses have been classified as
operational risk. For this reason, EB service providers must increase the complexity of the
processes together with supporting technological infrastructure to minimize the risks.
Management of operational risk should form an integral part of a bank's overall risk
management.
The rapid change in terms of technological advancement, as well as the introduction of clear
capital requirements under the Basel II accord in the year 2006 are two fundamental factors
which have concentrated on operational risk. Kondabagil (2007), maintains that operational
risks can be reduced when there are active and direct risk controls. According to Ramakrishnan
(2001), a number of EB facilities can be considered for outsourcing, however he recommends
that management limit the use of third party providers due to increased transaction risks caused
by lack of continuous control over the systems and processes used.
Also, Khan and Karim (1997), suggest that effective management of operational risk can be
achieved through effective policies and procedures to overcome such risks. Furthermore,
Titrade et al. (2008) argue that separation of duties remains significant internal control. The
number of controls required should depend on how sensitive the information is to the customer,
16
University of Ghana http://ugspace.ug.edu.gh
institution and the institution’s established level of risk tolerance. Again, Anghelache,
Cozmanca, Handoreanu, Obreja, Olteanu and Radu (2011), suggests that in implementing
operational risk issues, financial institutions should identify and plan by using advanced
methods in managing operational risk.
2.6.2 Strategic risk
According to Kondabagil (2007), strategic risk relates to all features of banking, but becomes
specific to EB when there is inadequate planning, management or monitoring of the
performance of various EB channels on the part of management. Sokolov (2007), defines
strategic risk as the current and future adverse impact on capital or earnings which arises as a
result of business decisions, inappropriate implementation of decisions, absence of strategic
goals, etc. The resources required in undertaking organizational strategies include: operating
systems, communication channels, delivery networks, and managerial skills.
These risks can be minimized through effective implementation of IT corporate governance
programmes to facilitate the development of strategies, management processes, performance,
as well as risk measurement of EB within organizations. According to Khan and Karim (1997),
the board and management of a bank must take the responsibility to understand and evaluate
the strategic risks associated with EB, and compare the costs of managing the risk against the
possible return on their investment. Management information systems must be adequate
enough to track usage, cost versus profitability, competition from co-banks, technical,
operational, compliance and marketing support for EB products or services.
2.6.3 Reputational risk
Kondabagil (2007), argue that several risk factors of which banks are exposed to has the
tendency of affecting individual banks’ reputation and that of the sector. A bank’s reputation
may be affected by factors including; fraud, security breaches, customer dissatisfaction with
EB services., etc. Furthermore, a bank’s failure to safeguard customers’ confidential
information could cause loss of trust in the bank. Scholars such as Kondabagil (2007), indicates
17
University of Ghana http://ugspace.ug.edu.gh
that the damage to a bank’s reputation can significantly affect the sector in general, hence
leading to a systemic disruption.
Reputational risks can also arise from the misapplication of security precautions by customers,
or ignorance on the part of a customer about the importance of taking such precautions.
Security risks can augment and may lead to distrust of electronic delivery channels. Difficulties
in addressing security or legal issues could affect a bank’s reputation causing dissatisfaction
with EB services, security breaches, fraud etc (Pennathur, 2001). For instance, “Phishing”, the
process of obtaining sensitive or private data to commit fraudulent activities could lead to
irreparable loss of trust or confidence between a customer and a bank. Reputational risk
weakens the ability of banks to build and maintain relationships with their customers.
Furthermore, substantial loss resulting from mistakes of other banks providing similar EB
services might cause customers to distrust the system, hence negatively affecting the reputation
of the banking sector (Shirazi, 2003; Sokolov, 2007). Thus, banks have the responsibility of
managing and controlling this risk. According to Kondabagil (2007), customer education, rapid
response to incidents and management procedures could demonstrate that the benefits derived
by customers for patronizing EB services far outweigh the risks involved.
2.6.4 Legal/Compliance risk
As pointed out by Pennathur (2001), EB technology is under development constantly, hence
uncertainty in terms of related legal issues. Violation of the rules could cause damage to the
reputation of a financial institution, and could even lead to withdrawal of right to operate.
Florina, Liliana and Viorica (2008), argue that EB service providers assume a higher amount
of compliance risk due to the rapid changing nature of EB technology, the number of errors
that could be replicated, and the rate at which regulatory changes occur.
18
University of Ghana http://ugspace.ug.edu.gh
Compliance risk refers to risk to capital or earnings which results from non-conformance or
violation of prescribed laws and regulations. Non- conformance to these changes often results
in dire consequences such as being rated low, monetary fines, suspension of operations,
damage to reputation, and sometimes withdrawal of license to operate (Kondabagil, 2007).
Furthermore, compliance risks are frequently compounded in cross border conditions as a
result of conflicting laws, tax procedures, reporting requirements, etc (Ramakrishnan, 2001;
Shirazi, 2003).
According to Pennathur (2001), typical legal issues in terms of customer privacy and money
laundering must be effectively managed. Similarly, Kondabagil (2007), recommends that
compliance risks under EB could be responsibly managed by employing well-trained personnel
in addition to strengthening mitigation measures to help in reducing these risks.
2.7 Managing risks associated with electronic banking
Globally, banks have a responsibility to ensure that customers gain the same level of
confidence in the system, whether transactions are dealt with electronically or on a personal
basis with bank employees (Basel Committee, 2003; BIS, 2003). According to Georgescu
(2006), the competitive pressure by banks to launch innovative products within short time
scales has intensified the challenge of their management in terms of undertaking adequate
strategic assessment, risk analysis as well as security reviews. Gup and Kolari (2005), are of
the view that management of risks is necessary for banks in order to increase their profits. Thus
banks must acknowledge the various types of risks and seek alternative strategies so as to
maximize shareholder wealth.
Risk management practices used in EB are typically categorized into three (3) major areas.
They are: Board and Management Oversight, Security Controls, and Legal and Reputational
Risk Management. These areas are based on the fourteen (14) risk management principles
identified by the Basel Committee on Banking Supervision (BCBS). The board of directors in
19
University of Ghana http://ugspace.ug.edu.gh
addition to senior management have the responsibility to develop a risk management plan that
will ensure that any risk is identified and managed effectively. Security control is also of great
importance and includes the establishment of appropriate authentication procedures as well as
providing secure EB services. Also, the legal and reputational risk of a firm is undoubtedly
dependent on security control (Basel Committee, 2003).
According to Basel (2003), these principles are to help financial institutions (banks) expand
their current risk oversight policies as well as processes to manage their EB activities.
2.8 Radio frequency identification (RFID)
Emerging EB capabilities like automation, access control to resources, improvement of internal
processes, cost reduction, increasing competitiveness, as well as enhancing customer
relationship have been the motivation of most reputational financial institutions (Gupta &
Joseph, 2006). Considering the use of RFID in various banking activities, the RFID technology
is a recommended technology for the development of EB, and can be useful in a variety of
functions. The RFID technology makes use of radio frequencies for exchanging data between
a tag which is attached to an object and the reader (Tuyls & Batina, 2006). As an electronic-
tagging technology, it is able to digitally provide the identify of an object. The tags can be both
active or inactive. Inactive tags are less expensive, are lower in range, and have no internal
power supply. In contrast, active tags are expensive, are higher in range, and have internal
power supply.
Application of RFID technology in EB can help to improve management of customer
relationship, management of financial document, prevent counterfeiting, aid in electronic
payments as well as access control to resources. Thus, RFID play essential role in EB
applications. Most banks are implementing solutions for the use of RFID in managing their
relationship with customers. The purpose is to equip bank customers with a unique identity,
for instance, a RFID card so that the bank can identify customers, thus it ensured security of
payment cards. The RFID tags also could be embedded in high value banknotes so as to encrypt
20
University of Ghana http://ugspace.ug.edu.gh
the security data against counterfeiting. Furthermore, an RFID tag can be used to track and
manage sensitive bank documents against loss and subsequent banking fraud.
Despite these great advantages, the technology is vulnerable to server attacks. One of such
attack is peculiar to application of RFID systems in EB is cloning; this is the duplication of
security features in such a way that they are considered authentic during authentication. Tag
cloning is a major threat to anti-counterfeiting solutions in EB systems, and hence should be
critically considered during the EB RFID solutions (Mitrokotsa, Rieback & Tanenbaum, 2009).
2.9 Theoretical framework
Two (2) theories relevant to the adoption of electronic banking are discussed below. They
include: The Diffusion of Innovation Theory and the Technology Acceptance Model (TAM).
2.9.1 The diffusion of innovation theory
The Diffusion of Innovation Theory by Rogers (1995), explains how innovations are
developed, used and become widely adopted. Clarke (2001), relating this theory to EB explain
it as how technologies such as internet banking, ATMs, telephone banking, PC banking and
mobile banking are adopted and become successful.
According to Sevcik (2004), not all technologies are adopted as soon as they emerge, even
though they may be good, it can take quite some time before they are accepted. Furthermore,
he states that resistance to change can hinder diffusion of innovation, by slowing down the
adoption process. Rogers (1995), identifies five (5) major attributes that influence adoption
rate. These are; relative advantage, complexity, compatibility, trialability and observability. In
explaining this further, relative advantage for instance talks about the degree to which a new
technology may be perceived to be superior to already existing technology, thus influencing
adoption. Compatibility is the consistency of technology’s performance to meeting consumer
needs. Complexity is the complicated nature or feature of a technology which may affects its
utilization.
21
University of Ghana http://ugspace.ug.edu.gh
Rogers explains that the adoption rate of new innovation depends on how an organization
perceives the five major attributes mentioned above. Therefore, if some banks in Ghana for
instance recognize the benefits of EB, the innovation will be adopted provided there is
availability of required resources. The banks will ensure that their presence is acknowledged
in the industry and work hard to meet the gap that the technology seeks to address. Usage of
these innovations would take place faster in organizations which already have IT departments
for instance than those organizations without them. This theory nevertheless, causes a pro-
innovation bias meaning that while the theory promotes successful diffusions that can be
identified easily and investigated, it does not sufficiently account for unsuccessful diffusions
as it normally does not provide visible traces so it can be easily studied.
2.9.2 The technology acceptance model
Literature is prevalent with studies which make use of numerous models for comprehending,
predicting and explaining the intention behind individuals’ acceptance or rejection of a
technology, in this case electronic banking. A major model in this field is the Technology
Acceptance Model (TAM), proposed by Davis, Bagozzi & Warshaw (1989).
TAM is a widely used model by researchers to ascertain the underlying factors which
contribute to new technologies’ acceptance and adoption (Alshibly, 2011). Furthermore, the
model enables researchers and practitioners to determine the cause for unacceptability of a
particular system (Davis et al., 1989). Davis et al. (1989), identified attitudes of the user toward
the system usage as well as the effect of the system’s perceived usefulness of using the
technology. Again, both attitudes and perceived usefulness are affected by perceived ease of
usage. TAM posits that with other things being constant, perceived usefulness is influenced by
the perceived ease of usage since the more a technology is easier to be used, the more its
usefulness increases. Thus the external variables of this model are described to be a group of
22
University of Ghana http://ugspace.ug.edu.gh
variables which are assumed to indirectly influence the adoption of a technology via perceived
ease of use and perceived usefulness (Davis et al., 1989).
2.10 Empirical review
A study was conducted by Abdou, English and Adewunmi (2014), to investigate risk
management practices of EB among major UK banks, using the principles of Basel Committee
on Banking Supervision (BCBS). Initial pilot study was conducted by interviewing some
selected staff of one major UK banks. Questionnaire covering the fourteen (14) principles of
Basel Committee on Banking Supervision (BCBS) was used as the main instrument for
collection of the data. Qualitative analysis through the interviewees revealed security risk as
the main risk faced by customers in their use of EB services. Furthermore, the quantitative
analysis through the questionnaire found that UK banks have in place successful risk
management structures which help prevent potential electronic risk as well as reduce losses.
incurred from EB risks. The results of the study confirmed that UK banks are managing EB
risks in accordance with the 14 BCBS risk principles in relation to the security controls for EB.
Another study was conducted by Abdou, Hadjiantoni and Derwin (2015), on EB and risk
management among public sector banks in Cyprus. The study was aimed at exploring the
perception of bankers about the benefits derived from electronic banking as well as the
associated risks of EB. Furthermore, the study explored bankers’ perception of the risk
management principles with the 14 principles of BCBS. Data was collected through
administration of questionnaire to selected bankers in Cyprus. Analysis of data was done by
conducting multinomial regressions in addition to other statistical tools.
The findings revealed that EB reduces the risk involved in carrying cash, it saves time and very
convenient. Surprisingly, the findings also revealed from responses of the bankers that EB does
not increase frauds. Furthermore, the study found from the four (4) leading public banks that
risks are identified and then managed in accordance with the fourteen (14) principles of BCBS.
23
University of Ghana http://ugspace.ug.edu.gh
Nzevela (2015), undertook a research to examine the impact of internet risk management
strategies on financial performance among commercial banks in Kenya. By adopting a
descriptive research design, all 43 commercial banks in Kenya participated in the study. Data
was collected through both primary and secondary sources; primary data was obtained through
administration of structured questionnaires administered to risk manager, whereas secondary
data on financial performance was obtained from financial statements (of a five-year period,
2010-2014) of the various banks. Analysis of data was done through the use of correlation and
regression analysis. Findings of the study revealed an insignificant relationship between risk
management practices of internet banking and financial performance. The study however
recommended that commercial banks invest in appropriate risk management practices so as to
reduce risks, and curb fraud associated with internet banking.
AL-Rawashdeh, Abu-Errub Areiqat and Dbbaghieh (2012), conducted a study to exmine the
influence of information technology towards reducing EB risks in the banking sector of Jordan.
By sampling three banks to represent the Jordanian banking sector, data was collected through
interviews with the operations managers of the three banks namely; Jordan Commercial Bank
(JCB), Housing Bank for Trade & Finance (HBTF) & Audi Bank. The study found that
Jordanian banks paid much attention to managing risks associated with EB through their
compliance of the Basel Standards on managing risk with regards to safety and security of EB
services.
24
University of Ghana http://ugspace.ug.edu.gh
2.11 Gaps in literature
Review of existing literature revealed compliance of most sampled banks with the fourteen
(14) principles of BCBS in managing EB risks in their respective banks. Nevertheless, the
study identified the lack of empirical evidence on the strategies put in place by banks in Ghana
to manage the associated risks. Hence the study sought to provide an empirical evidence on EB
risk management practices among local and foreign banks in Ghana. The empirical findings of
this study would be useful to management of both local and foreign banks in Ghana, as well as
regulatory bodies such as the Bank of Ghana as it would offer insight with regard to the various
approaches of managing the risks associated with EB towards ensuring operational efficiency
and profitability.
Furthermore, most of the empirical studies reviewed adopted either quantitative or qualitative
research approaches. In contrast, this study utilized the mixed research approach so as to
provide more comprehensive evidence, and to help answer questions that could not be
answered by either a quantitative or qualitative approach alone (Creswell & Plano Clark, 2011).
2.12 Implication of the study
The prevalence of the above gaps in the reviewed literature leaves some implication for this
study. It is essential that more studies be undertaken particularly in Ghana to validate more
evidences on EB risk management practices in the banking sector as well as other sectors in
the country.
25
University of Ghana http://ugspace.ug.edu.gh
CHAPTER THREE
RESEARCH METHODOLOGY
3.1 Introduction
This chapter discusses the procedures used in conducting the study. As indicated by Babbie
(2015), research methodology refers to the procedural framework by which a study is
conducted. According to Hair, Money, Samuel and Page (2012), research methodology
includes the theoretical, ideological and fundamental principles which guides a researcher in
selecting a specific research method over the other. For this reason, the chapter presents a
discussion of procedures used in conducting the study. It discusses the research design,
research approach or strategy, data collection method, sampling size and sampling techniques,
data management and analysis technique as well as the ethical considerations. The chapter ends
by discussing the limitations to methodology.
3.2 Research design
According to Babbie (2015), a research design is a plan or blueprint of how the researcher
intends on conducting the research. It considers the constraints such as access to data, location,
time and money that would be inevitably encountered, as well as ethical issues relating to the
research (Hair, Money, Samuel, & Page, 2012). This study was carried out by using a
descriptive design. According to Schutt (2011), descriptive research as a scientific method
focuses on describing or defining a subject’s behaviour, mostly by creating a profile of a group
of people, problems, or events through data collection and tabulation of frequencies. The
descriptive research design was appropriate for the study as the study seeks compare the state
of affairs existing already in the field.
3.3 Research approach
This study adopted the mixed-method approach in comparing risk management of electronic
banking among local and foreign banks in Ghana. Creswell (2012), defines mixed-method as
26
University of Ghana http://ugspace.ug.edu.gh
the procedure for collecting, analyzing, and ‘mixing’ both the quantitative and qualitative
method of data gathering and analysis within a single study in order to understand a research
problem. Creswell and Plano Clark (2011), recommend that researchers share their beliefs
through a mixed-methods approach in order to provide more comprehensive evidence, and to
help answer questions that cannot be answered by a quantitative or qualitative approach alone.
Thus this study adopted the mixed-method approach by using both quantitative and qualitative
data gathering and analysis procedures to help in addressing the study objectives.
3.4 Target population
According to Barreiro and Albandoz (2001), population is a group of people or objects in a
particular social or biological setting from which data is gathered in a research. Similarly, Hair,
Money, Samuel, and Page (2012), describe population as consisting of all the elements which
forms the unit of analysis. The target population for this study included sixteen (16) banks in
Ghana; eight (8) local banks and eight (8) foreign banks in Ghana. The eight (8) local banks
include: Agricultural Development Bank (ADB) Limited, Cal Bank Limited, Fidelity Bank
Limited, Prudential Bank Limited (PBL), Universal Merchant Bank (UMB) Limited, GCB
Bank Limited, National Investment Bank (NIB) Limited and Consolidated Bank Ghana (CBG)
Limited. The foreign banks also include: Access Bank (Ghana) Plc, Barclays Bank of Ghana
Limited, Ecobank (Ghana) Limited, Guaranty Trust Bank (Ghana) Limited, Republic Bank
(Ghana) Limited, Societe Generale (Ghana) Limited, Standard Chartered Bank (Ghana), and
Zenith Bank (Ghana) Limited.
3.5 Sample size and sampling technique
According to Barreiro and Albandoz (2001), sampling in research may be required because
the population of participants may be too large to be conveniently surveyed. For this reason,
sixteen (16) banks; eight (8) each from local and foreign banks operating in Ghana were
conveniently sampled to participate in the study.
27
University of Ghana http://ugspace.ug.edu.gh
A non-probability purposive method was utilized in selecting eighty (80) respondents made up
of operations managers, senior risk management officers and other staff involved in EB
activities from the selected banks. Furthermore, four (4) EB specialists, two each from the
selected local and foreign banks were purposively selected to participate in the study through
interview guide. According to Palinkas, Horwitz, Green, Wisdom, Duan and Hoagwood
(2015), the non-probability purposive sampling guarantees correct identification as well as
selection of information - rich cases which relate to the phenomenon of interest, and therefore
ensures that only subjects within the specific characteristics are selected for the study. The
selection of this study participants was necessary since the study was aimed at comparing
electronic banking risk management practices among local and foreign banks in Ghana. The
level of professional experience ensured that appropriate and in-depth information was
provided in order to address the study objectives.
3.6 Data collection method
3.6.1 Sources of data
This study relied on primary data through self-administered questionnaires and face-to-face
interviews for gathering information in response to the research questions. The primary data
collected enabled the collection of first-hand information from the field, with a higher level of
confidence in the study outcome.
3.6.2 Data collection tools
Both structured questionnaire and interview guide were used in this study. The structured
questionnaire was employed to gather information from eighty (80) respondents made up of
operations managers, senior risk management officers and other staff involved in EB activities
drawn from the selected sixteen (16) local and foreign banks in Ghana. The interview guide on
the other hand was used; four (4) EB specialists, two each from the selected local and foreign
banks.
28
University of Ghana http://ugspace.ug.edu.gh
3.6.2.1 The study questionnaire
According to Talbot (1995), a structured questionnaire is appropriate to be used when a
researcher seeks to obtain information about the feelings, attitudes and beliefs, but which are
not instantly observable. For this reason, structured questionnaire comprising of carefully
framed questions was administered to eighty (80) respondents made up of operations managers,
senior risk management officers and other staff involved in EB activities drawn from the
selected sixteen (16) local and foreign banks in Ghana. The questionnaire items were developed
based on objectives one and three of the study.
The questionnaire designed had a number parts, which were further divided based on the
research questions, with the exception of the Part 1 which captured the demographic
information of respondents. Part 2 asked questions relating to risks associated with EB among
local and foreign banks in Ghana. Part 3 asked questions relating to risk management practices
of the banks based on the fourteen (14) principles of Basel Committee. This part was further
divided into three (3) sections; Section A asked questions on three of the 14 risk management
principles in relation to board management and oversight; Section B coverered seven of the
principles in relation to security controls; whereas Section C covered four of the principles in
relation to legal and reputational risk management. In each case, respondents were required to
indicate their level of agreement by using a five Likert scale (which ranged from 1 = strongly
disagree to 5 = strongly agree).
Administration of questionnaires to respondents was done through the drop and pick later
method.
3.6.2.2 Interviews
According to Bryman (2008), interviews provide excellent means of accessing individuals’
perceptions and definitions of situations. Furthermore, interviews are helpful in gathering
opinions, beliefs and thoughts of participants. To this effect, a non-probability purposive
29
University of Ghana http://ugspace.ug.edu.gh
method was utilized in selecting four (4) EB specialists, two each from the selected local and
foreign banks to participate in the study through interviews in order to gain a comprehensive
understanding of issues relating to EB risk management practices among selected local and
foreign banks in Ghana. The interviews were particularly conducted so as to find answers to
the research question 2 based on the objective two of the study. According to Palinkas, Horwitz,
Green, Wisdom, Duan and Hoagwood (2015), the non-probability purposive sampling
guarantees correct identification as well as selection of information-rich cases which relate to
the phenomenon of interest, and therefore ensures that only subjects within the specific
characteristics are selected for the study. Thus, the level of professional experience of the
interviewee ensured that appropriate and in-depth information was provided in order to address
the study objectives.
Furthermore, the reliability and validity of responses from the interviewees were enhanced
through member checking.
3.7 Data management & analysis
Bryman and Bell (2015), define data analysis as the process of sorting, collating, coding and
organizing collected data, so as to derive meaning from it. With the aid of the Statistical
Package for Social Sciences (SPSS Version 25), descriptive statistics were utilized to analyze
the collected data. Descriptive statistical tools namely; frequency and percentage were useful
in assessing the demographic information of respondents,whereas mean scores, standard
deviations, variances and CV were used to analyze the various EB risks, as well as compliance
of banks to the 14 risk management principles of the Basel Commiteee. On the other hand,
analysis of qualitative data through interview guide conducted was done manually. The
research guiding questions were continuously displayed to assist focus on the study and stay
within the scope of the research questions.
30
University of Ghana http://ugspace.ug.edu.gh
3.8 Ethical considerations
Ethical issues were really considered since human beings were involved in the study. In view
of this, the study was carried out in accordance with basic research ethics.
Participants’ permission was sought prior to collection of the data. There was an introductory
letter from the Department of Finance of the University of Ghana Business School prior to
administration of questionnaires. Furthermore, confidentiality of participants was upheld.
Respondents were also assured that their responses will only be used for academic purposes.
On the whole, respect, confidentiality and safety of participants were highly maintained and
adhered to in this study.
3.9 Limitation to methodology
The study sampled only sixteen (16) local and foreign banks operating in Ghana, eight (8) from
each category to participate in the study. Furthermore, the total sample size of eighty-four (84)
respondents was too small to make generalization about the study findings. Thus an increase
in the sample size would lead to a better generalization of the study findings.
31
University of Ghana http://ugspace.ug.edu.gh
CHAPTER FOUR
DATA ANALYSIS AND DISCUSSION OF FINDINGS
4.1 Introduction
While the preceding chapter provided the procedures employed for collection of the data, this
chapter analyses the field data collected through questionnaire and interview administration.
The chapter is divided into three parts; the first part analyses data on the background
information of respondents; the second part analyses data relating to risk management of
electronic banking, whereas the third part covers the general discussion of the study findings.
4.2 Background information of respondents (bank staff)
The study obtained data on the background information of respondents. The background
information included: Gender, age, educational level, type of bank, number of years of work
experience and position.
4.2.1 Gender of respondents
From the total number of eighty (80) respondents who responded to the study questionnaire,
data collected revealed, as presented in Figure 4.1, that sixty-three (63), representing 79% were
males, with the remaining seventeen (17) respondents, representing 21% of the total number
of respondents being females. From the results of the data, it can be found that majority of the
study participants were males; and this is due to the fact that more males as compared to
females are found in the risk management departments. This was observed in both the local
and foreign banks selected for the study. The statistics presented are summarized in Figure 4.1.
32
University of Ghana http://ugspace.ug.edu.gh
Figure 4.1: Gender representation of respondents
Female
21%
Male
Male Female
79%
Source: Field data (2019)
4.2.2 Age of respondents
From the data analyzed, it was revealed that five (5) respondents, representing 6% were 29
years and below; forty-four (44) of them, representing 55% were between the age of 30 to 39;
those between the ages of 40 to 49 were twenty-three (23), representing 29%; with the
remaining eight (8) respondents representing 10% being 50 years and above. The results hence
reveal that many of the respondents that took part of the study were in their middle adulthood;
and therefore had the predisposition to understand the study in its entirety. The statistics
presented is summarized in Table 4.1.
33
University of Ghana http://ugspace.ug.edu.gh
Table 4.1: Age of respondents
Ages Frequency (f) Percentage (%)
29 years and below 5 6
30-39 years 44 55
40-49years 23 29
50 years and above 8 10
Total 80 100
Source: Field data (2019)
4.2.3 Marital status of respondents
The study also took into account the marital status of the respondents. From the total of 80
respondents, twenty-four (24) respondents, representing 30% were single; forty-nine (49)
respondents, representing 61% were married; five (5) respondents, representing 6% were
divorced; whereas the remaining two (2) respondents, representing 3% of total respondents
were widowed. The statistics is summarized in Table 4.2.
Table 4.2: Marital status of respondents
Marital status F r e q u e n c y ( f ) P e rcentage (%)
Single 24 3 0
Married 49 61
Divorced 5 6
Widowed 2 3
Total 80 100
Source: Field Data (2019)
34
University of Ghana http://ugspace.ug.edu.gh
4.2.4 Educational background of respondents
From the data collected, it was revealed as presented in Figure 4.2 that nine (9) respondents,
representing 11% had HND; fifty-four (54) respondents, representing 68% had Bachelors’
degree. Respondents with Masters’ Degree were seventeen (17), representing 21%. It is
apparent from the statistics presented in this segment that both of the selected local and foreign
banks who participated in the study engage the services of people with higher level of
education, and this is due to the fact that risk management and for that matter electronic banking
risk management is a very technical area and therefore requires people with higher level of
knowledge and capacity for effective delivery of this task. The statistics presented is
summarized in Figure 4.2.
Figure 4.2: Educational representation of respondents
54
17
9
HND Bachelor Masters
Source: Field Data (2019)
35
University of Ghana http://ugspace.ug.edu.gh
4.2.5 Years of working experience in the banking field
Data on the number of years of working in the bank was also collected. The results revealed
that nine (9) of the respondents, representing 11% have worked at the bank for less than 2
years; those that have bank working experience between 2 to 5 years were twenty-two (22),
representing 28% of the total number of 80 respondents; thirty-two (32) respondents,
representing 40% have had between 6 to 10 years of bank working experience; whereas the
remaining seventeen (17) respondents, representing 21% have bank working experience of 10
years and above. The level of professional experience by these respondents implied that
appropriate and in-depth information was provided in order to address the study objectives.
The statistics presented is summarized in Figure 4.3.
Figure 4.3: Number of years of professional experience
35
30
25
20
15
10
5
0
Less than 2 years Between 2-5 years Between 6-10 years 10 years and above
Source: Field Data (2019)
Furthermore, data on the position of respondents was obtained. From the total number of 80
respondents, twenty-seven (27) of them, representing 34% were IT Managers; twenty-nine (29)
respondents, representing 36% were EB Risk Management Officers; sixteen (16), respondents,
representing 20% were Operations Managers; whereas the remaining eight (8) respondents,
36
University of Ghana http://ugspace.ug.edu.gh
representing 16% of total number of respondents were Business Development Officers. The
statistics presented is summarized in Figure 4.4.
Figure 4.4: Position of respondents
Business
Development
Officers
10% IT Managers
Operations
34%
Managers
20%
EB Risk
Mangement
Officers
36%
Source: Field data (2019)
Data on the type of bank, was also obtained. From the results, eight (8) banks, representing
50% of the total number of 16 banks sampled for the study were local banks. The remaining
eight (8) banks, representing 50% were foreign banks. These banks were all offering electronic
banking services in their respective banks. The statistics presented is summarized in Figure
4.5.
37
University of Ghana http://ugspace.ug.edu.gh
Figure 4.5: Type of banks
Foreign Local
50% 50%
Source: Field data (2019)
4.3 Identification of electronic banking Risks from the bankers’ perspective
This section analyzed data regarding the risks associated with EB, by some selected local and
foreign banks in Ghana, in line with objective one of this study. The analysis includes
comparison of the EB risks being encountered by the local and foreign banks.
With respect to EB having the chance of fraud, the results revealed the coefficient of variation
(CV) of 16.00 and 13.26 for local and foreign banks respectively (thus accounting for 16.00%
and 13.26% of variation in the level of EB risk respectively (see: Table 4.3 and Table 4.4 on
the descriptive statistics). This implies that the foreign banks in comparison with the local
banks face more EB risks relating to fraud.
With regards to EB lacking information security, the results revealed the CV of 19.02 and 18.52
for local and foreign banks respectively (thus accounting for 19.02% and 18.52% of variation
in the level of EB risk respectively (see: Table 4.3 and Table 4.4 on the descriptive statistics).
This implies that the foreign banks in comparison with the local banks encounter more EB risks
relating to lack of information security.
38
University of Ghana http://ugspace.ug.edu.gh
In terms of EB being faced with network failures, the results revealed the CV of 20.51 and
21.19 for local and foreign banks respectively (thus accounting for 20.51% and 21.19% of
variation in the level of EB risk respectively (see: Table 4.3 and Table 4.4 on the descriptive
statistics).
The results suggest that the local banks in comparison with the foreign banks encounter more
EB risks relating to network failures.
Regarding EB having many legal and security issues, the results revealed the CV of 15.12 and
16.49 for local and foreign banks respectively (thus accounting for 15.12% and 16.49% of
variations in the level of EB risk respectively (see: Table 4.3 and Table 4.4 on the descriptive
statistics). The results suggest that the local banks in comparison with the foreign banks
encounter more EB risks relating to legal and security issues.
Regarding EB having less operational reliability, the results revealed the CV of 13.98 and 14.81
for local and foreign banks respectively (thus accounting for 13.98% and 14.81% of variations
in the level of EB risk respectively (see: Table 4.3 and Table 4.4 on the descriptive statistics).
The results hence suggest that the local banks in comparison with the foreign banks encounter
more EB risks relating to less operational reliability.
Thus, the findings reveal that the local banks encounter more EB risks in terms of the system
lacking information security; the system facing network failures, as well as the system having
many legal and security issues. The foreign banks on the other hand encounter more EB risks
in terms of the system having the chance of fraud, as well as the system lacking information
security.
39
University of Ghana http://ugspace.ug.edu.gh
The study findings affirmed the study findings of Nwogu and Odoh (2015), who revealed that
the banking industry, following the introduction of EB has been more exposed to greater
challenges in terms of operational, security, reputational, legal and strategic risks which if not
managed effectively will result to financial losses as well as decrease in consumer confidence.
The analysis of responses in relation to EB risks by the local and foreign banks operating in
Ghana is summarized in Table 4.3 and Table 4.4.
Table 4.3: Descriptive statistics: Risks associated with electronic banking by local banks in
Ghana.
Statement SA A N Mean Variance St. Dev. Coefficient
of
Variation
(%)
Frq. % Frq. % Frq. %
Electronic banking has
the chance of fraud 14 35 24 60 2 5 4.30 0.32 0.57 13.26
Electronic banking lacks 12 30 18 45 10 25 4.05 0.56 0.75 18.52
information security
Electronic banking is
faced with network 12 30 12 30 16 40 4.20 0.80 0.89 21.19
failures
Electronic banking has 14 35 20 50 6 15 4.20 0.47 0.69 16.43
many legal and security
issues
Electronic banking has 8 20 26 65 6 15 4.05 0.36 0.60 14.81
less operational
reliability
40
University of Ghana http://ugspace.ug.edu.gh
Table 4.4: Descriptive statistics: Risks associated with electronic banking by foreign banks
in Ghana
Statement SA A N Mean Variance St. Coefficient
Dev. of
Variation
(%)
Frq. % Frq. % Frq. %
Electronic banking has 0.46 16.00
12 30 26 65 2 5 4.25 0.68
the chance of fraud
Electronic banking lacks 14 35 16 40 10 25 4.10 0.61 0.78 19.02
information security
Electronic banking is
faced with network 12 30 14 35 14 35 3.95 0.66 0.81 20.51
failures
Electronic banking has 16 40 20 50 4 10 4.30 0.42 0.65 15.12
many legal and security
issues
Electronic banking has 10 25 26 65 4 10 4.15 0.34 0.58 13.98
less operational reliability
Source: Field data (2019)
4.4 Examining the effect of electronic banking risks on banks
This part of the analysis presents and analyses data qualitatively so as to examine how banks
are affected by electronic banking risks, in line with objective two of the study. Qualitative
data was gathered through interviews from four (4) selected EB specialists, two each from the
selected local and foreign banks.
4.4.1 Qualitative analysis from local banks
On how the bank’s EB channels are tested against common techniques by which fraudsters use
to break into the bank’s server by misleading application, one interviewee replied that;
“EB channels are tested regularly through the use of inbuilt application that
verifies the authenticity of every transaction”.
Another also responded that;
41
University of Ghana http://ugspace.ug.edu.gh
“electronic banking channels are usually tested before running the application
on pilot bases, and also at least once very month”.
Furthermore, on what procedures are implemented to verify the accuracy and content of
websites information and links to other websites or interactive programs available to
customers, it was revealed from both interviewees that;
“every programme has a unique PIN. In addition, PIN numbers and special
serial numbers are required for every transaction”.
On how the banks mitigate the various risks associated with electronic banking, it was revealed
from the responses that;
“there is the implementation of proper internal control measures or
authentication”.
Most importantly, the interviewees were asked about how EB affect their banks. The responses
revealed that: They are affected by:
i. Reputational risks: That is, the risks incurred due to certain factors such as fraud
and security breaches. They indicated that;
“when such incidences occur the banks reputation is affected and lead to loss
of trust in the bank by its customers”.
Difficulties in addressing security or legal issues could affect a bank’s reputation causing
dissatisfaction with EB services, security breaches, fraud etc
ii. Legal risks: With regards to legal risks, the interviewees revealed that;
“their banks are constantly faced with legal risks and issues related to their
delivery of EB services. They noted that legal or compliance issues involved
with regards to regulations for instance when violated can cause the reputation
of the banks, and even lead to the withdrawal of license to operate”.
iii. Operational risks: The interviewees again noted that;
42
University of Ghana http://ugspace.ug.edu.gh
“threat to security is a major threat to their operations, as it undermines the
confidence that their customers have in them. They revealed that when there are
security threats in their operations, they encounter financial losses”.
The results of the findings thus confirmed the argument of Nwogu and Odoh (2015), who
revealed that the banking industry following the introduction of EB has been more exposed to
greater challenges in terms of operational, reputational, legal, and strategic risks which if
ignored will result to financial losses as well as falling consumer confidence.
4.4.2 Qualitative analysis from foreign banks
On how the bank’s EB channels are tested against common techniques by which fraudsters use
to break into the bank’s server by misleading application, one interviewee replied that;
“EB channels are always tested on pilot bases. Another also responded that
“passwords and virus protection software are regularly used on all devices of
the bank”.
Furthermore, on what procedures are implemented to verify the accuracy and content of
websites information and links to other websites or interactive programs available to
customers, it was found that;
“PIN numbers and special serial numbers are provided to customers to use them
in performing transactions”. Furthermore, “it is ensured by the banks that
proper authorization controls are put in place to protect customers of the
bank”.
On how the banks mitigate the various risks associated with electronic banking, it was revealed
from the responses that;
43
University of Ghana http://ugspace.ug.edu.gh
“the risks are mitigated by implementing multi-channel fraud and suspicious
activity monitoring solutions. Again, it was established that the banks
implement proper internal control measures to mitigate EB risks”.
Most importantly, the interviewees were asked about how EB affect their banks. The responses
revealed that: They are affected by:
i. Operational risks: The interviewees revealed that;
“security poses a major threat to their operations, It was revealed that when the
bank experience security threats in its operations, they incur some financial
losses”.
ii. Legal risks: With regards to legal risks, it was revealed through the interviewes
that;
“their banks face legal risks in the course of the delivery of EB services. They
indicated that legal issues involved with regards to regulations when violated
can cause the reputation of the banks, or cause the withdrawal of license for the
banks to operate”.
iii. Reputational risks : That is, the risks incurred due to certain factors such as fraud
and security breaches. The interviewees indicated that;
“when such incidences occur the banks reputation is affected and lead to loss
of trust by customers”.
iv. Strategic Risks: In terms of strategic risks, it was revealed through the interviews
conducted that;
“the banks also face some strategic risks of inappropriate management
decisions as well as the implementation of those decision. The revealed that
the occurrence of strategic risks negatively affect their earnings”.
44
University of Ghana http://ugspace.ug.edu.gh
The results of the findings thus confirmed the argument of Nwogu and Odoh (2015), who
revealed that the banking industry following the introduction of EB has been more exposed to
greater challenges in terms of operational, security, legal, strategic and reputational risks which
if ignored will result to financial losses as well as falling consumer confidence.
4.5 Risk management of electronic banking based on the fourteen (14) principles of the
Basel Committee
This section analyzed data regarding the management of EB risks based on the 14 Principles
of the Basel Committee, by some selected local and foreign banks in Ghana. The analysis
involves a comparison of how the banks are managing EB risks in accordance with the 14
principles. The statistics presented are summarized in Table 4.5and Table 4.6.
Principles 1 to 3: Board and management oversight
Principle 1: Effective management oversight regarding EB activities.
The results revealed the coefficient of variation (CV) of 26.33 and 26.38 for local and foreign
banks respectively (thus accounting for 26.33% and 26.38% of variations in the level of EB
risk management pertaining to Principle 1 respectively (see: Table 4.5 and Table 4.6 on the
descriptive statistics). This implies that although both local and foreign banks in Ghana take
appropriate actions to manage EB risks, the local banks are more strategic in managing the
construct. Again, it presupposes that the local banks are assertive and proactively responsible
for implementing their business strategy that outlines how effective risk management oversight
responsibilities must be executed.
Principle 2: Establishment of the security control process.
The results revealed the CV of 29.86 and 34.16 for local banks and foreign banks respectively
(thus accounting for 29.86% and 34.16% of variations in the level of EB risk management
pertaining to Principle 2 respectively (see: Table 4.5 and Table 4.6 on the descriptive statistics).
45
University of Ghana http://ugspace.ug.edu.gh
This implies that the local banks in comparison with the foreign banks have put in more
strategies and systems in place to effectively manage security control processes. This also
posits that the executive and senior-level staff proactively analyses, evaluates and sanctions
the most vital components of the institution’s security control process. Again, it means that the
banks periodically alter the password system at every login to make security more robust.
Principle 3: Establishment of comprehensive due diligence as well as oversight process
for the management of outsourcing relationships of the bank, in addition to other third-
party dependencies.
The results revealed the CV of 21.60 and 21.35 for local banks and foreign banks respectively
(thus accounting for 21.60% and 21.35% of variations in the level of EB risk management
pertaining to Principle 3 respectively (see: Table 4.5 and Table 4.6 on the descriptive statistics).
The results therefore suggest that the foreign banks have established a more comprehensive
due diligence as well as oversight process for the management of outsourcing relationships of
the bank, in addition to other third-party dependencies. It also means that the management of
the foreign banks in order to remain more competitive with their local counterparts may have
created comprehensive synchronized approach, essential to reinforcing the banks’ outsourcing
relationships and other third-party dependencies supporting EB. Furthermore, it means that the
foreign banks having gained some level of expertise over the years, coupled with their
professional staff in the EB space have utilized the best vendors for outsourcing and as third
party.
46
University of Ghana http://ugspace.ug.edu.gh
Table 4.5: Descriptive statistics: Responses from staff of selected local banks
N Mean Variance Std. Coefficient
Dev. of
Variation
Board & management oversight
Principle1 40 3.38 0.80 0.89 26.33
Principle2 40 2.88 0.74 0.86 29.86
Principle3 40 3.75 0.65 0.81 21.60
Security controls
Principle4 40 3.48 0.67 0.82 23.56
Principle5 40 3.60 0.91 0.95 26.39
Principle6 40 3.65 0.44 0.66 18.08
Principle7 40 3.38 1.37 1.17 34.62
Principle8 40 2.78 1.41 1.19 42.81
Principle9 40 3.25 0.91 0.95 29.23
Principle10 40 3.25 0.76 0.87 26.77
Legal & reputational risk
management
Principle11 40 3.70 0.83 0.91 24.59
Principle12 40 3.80 0.73 0.85 22.37
Principle13 40 3.28 0.87 0.93 28.35
Principle14 40 3.50 1.23 1.11 31.71
Source: Field data (2019)
47
University of Ghana http://ugspace.ug.edu.gh
Table 4.6: Descriptive statistics: Responses from staff of selected foreign banks
N Mean Variance Std. Dev. Coefficient
of
variance
Board & management oversight
Principle1 40 3.45 0.82 0.91 26.38
Principle2 40 3.63 1.53 1.24 34.16
Principle3 40 3.70 0.63 0.79 21.35
Security controls
Principle4 40 3.83 0.45 0.67 17.49
Principle5 40 3.63 0.75 0.87 23.97
Principle6 40 3.83 0.81 0.9 23.50
Principle7 40 3.75 0.91 0.95 25.33
Principle8 40 3.40 0.81 0.9 26.50
Principle9 40 4.18 0.46 0.68 16.27
Principle10 40 4.00 0.33 0.57 14.25
Legal & reputational risk
management
Principle11 40 3.83 0.74 0.86 22.45
Principle12 40 3.38 0.75 0.87 25.74
Principle13 40 3.78 0.38 0.62 16.40
Principle14 40 3.85 0.49 0.70 18.18
Source: Field data (2019)
Principles 4 to 10: Security controls
Principle 4: Authentication of EB customers.
The results revealed the CV of 23.56 and 17.49 for local banks and foreign banks respectively
(thus accounting for 23.56% and 17.49% of variations in the level of EB risk management
pertaining to Principle 4 respectively (see: Table 4.5 and Table 4.6 on the descriptive statistics).
This implies that the foreign banks have put in more adequate measures of authenticating EB
Customers. Nonetheless, some of these measures are often breached as a result of clients’
inability to keep some of these measures, for example, confidentially of passwords. The results
mean that the local banks need to put more suitable steps in place to effectively verify or
authenticate the identity and authorization of client over EB business transactions.
48
University of Ghana http://ugspace.ug.edu.gh
Principle 5: Usage of transaction authentication methods.
The results revealed the CV of 26.39 and 23.97 for local banks and foreign banks respectively
(thus accounting for 26.39% and 23.97% of variations in the level of EB risk management
pertaining to Principle 5 respectively (see: Table 4.5 and Table 4.6 on the descriptive
statistics).The results imply that the foreign banks adhere more to security control which means
that they use transactional authentication methodologies that promote nonrepudiation and
ensures accountability.
Principle 6: Segregation of duties within EB systems.
The results revealed the CV of 18.08 and 23.50 for local banks and foreign banks respectively
(thus accounting for 18.08% and 23.50% of variations in the level of EB risk management
pertaining to Principle 6 respectively (see: Table 4.5 and Table 4.6 on the descriptive statistics).
The results imply that the local banks in comparison with the foreign banks have put in place
all essential control needed for maintaining segregation of duties.
Principle 7: Authorization controls within EB systems.
The results revealed the CV of 34.62 and 25.33 for local banks and foreign banks respectively
(thus accounting for 34.62% and 25.33% of variations in the level of EB risk management
pertaining to Principle 7 respectively (see: Table 4.5 and Table 4.6 on the descriptive statistics).
The results imply that the foreign banks have put in place more authorization control
mechanisms within EB systems.
Principle 8: Clear audit trails regarding EB transactions.
The results revealed the CV of 42.81 and 26.50 for local banks and foreign banks respectively
(thus accounting for 42.81% and 26.50% of variations in the level of EB risk management
pertaining to Principle 8 respectively (see: Table 4.5 and Table 4.6 on the descriptive statistics).
The results imply that the foreign banks have established more clear audit trails regarding EB
49
University of Ghana http://ugspace.ug.edu.gh
transactions. This also means that the foreign banks adopt more measures to store and ensure
that historical data transactions are difficult to be modified.
Principle 9: Data integrity of EB transactions & information.
The results revealed the CV of 29.23 and 16.27 for local banks and foreign banks respectively
(thus accounting for 29.23% and 16.27% of variations in the level of EB risk management
pertaining to Principle 9 respectively (see: Table 4.5 and Table 4.6 on the descriptive statistics).
The results imply that the foreign banks have established more clear audit trails regarding EB
transactions. This also means that the foreign bank data protection integrity regime for EB
transactions, records and information sharing is more advanced and also meet best
management practices.
Principle 10: Confidentiality of key EB information.
The results revealed the CV of 26.77 and 14.25 for local banks and foreign banks respectively
(thus accounting for 26.77% and 14.25% of variations in the level of EB risk management
pertaining to Principle 10 respectively (see: Table 4.5 and Table 4.6 on the descriptive
statistics). The results suggest that foreign banks in Ghana key information or data is more
secured than that of the local banks, and only available to authorized and authenticated
individuals.
Principles 11 to 14: Legal and reputational risk management
Principle 11: Appropriate disclosures for EB services.
The results revealed the CV of 24.59 and 22.45 for local banks and foreign banks respectively
(thus accounting for 24.59% and 22.45% of variations in the level of EB risk management
pertaining to Principle 11 respectively (see: Table 4.5 and Table 4.6 on the descriptive
statistics). The results indicate that the foreign banks are leading in their attempt to minimize
legal and reputational risks that come from disclosures relating to their EB activities.
50
University of Ghana http://ugspace.ug.edu.gh
Principle 12: Privacy of customer information.
The results revealed the CV of 22.37 and 25.74 for local banks and foreign banks respectively
(thus accounting for 22.37% and 25.74% of variations in the level of EB risk management
pertaining to Principle 12 respectively (see: Table 4.5 and Table 4.6 on the descriptive
statistics). The results imply that the local banks are more efficient in managing privacy of
customer information, as indicated by the responses.
Principle 13: Existence of effective capacity, business continuity and contingency
planning process.
The results revealed the CV of 28.35 and 16.40 for local banks and foreign banks respectively
(thus accounting for 28.35% and 16.40% of variations in the level of EB risk management
pertaining to Principle 13 respectively (see: Table 4.5 and Table 4.6 on the descriptive
statistics). This implies that foreign banks have in place a more effective capacity, business
continuity and contingency planning process. Thus foreign banks have more effective planning
processes which promote EB risk management systems and services.
Principle 14: Incident response planning.
The results revealed the CV of 31.71 and 18.18 for local banks and foreign banks respectively
(thus accounting for 31.71% and 18.18% of variations in the level of EB risk management
pertaining to Principle 14 respectively (see: Table 4.5 and Table 4.6 on the descriptive
statistics). Thus, it can be concluded that the foreign banks are more prepared for unexpected
attacks on their EB systems than the local banks.
51
University of Ghana http://ugspace.ug.edu.gh
4.6 Discussion of findings
This study sought to compare EB risk management practices among some selected local and
foreign banks in Ghana. The study focused on achieving three (3) specific objectives; to
identify the risks involved in EB among the selected banks, to examine how such risks affect
the banks, and also to ascertain how EB risks are managed by these banks based on the 14
principles of the Basel Committee.
In the first objective, the study identified certain EB risks encountered by local banks and
foreign banks in Ghana. It was revealed that although both local and foreign banks encounter
EB risks in terms of fraud, lack of information security, network failures, legal and security
issues, as well as less operational reliability, the study found that local banks encounter more
EB risks in terms of the system having the chance of fraud, lacking information security; the
system facing network failures, as well as the system having many legal and security issues.
The foreign banks on the other hand encounter more EB risks in terms of the system having
the chance of fraud, as well as the system lacking information security.
In line with the second objective, the results revealed some major EB risks and their effect on
selected local and foreign banks in Ghana. These include: Operational, Reputational, Legal and
Strategic Risks. The results from the local banks revealed that the banks are mainly affected
by Reputational, Legal and Operational Risks. Operational Risk was found to occur mainly
due to security threats in the operations of the banks; Again, it was revealed that the banks were
exposed to Legal Risk, that is; risk associated to the loss of capital or earnings which results
from non-conformance or violation of prescribed laws and regulations. It was revealed that the
banks are also much exposed to legal risk due to the rapid changing nature of EB technology,
the numerous mistakes that could be replicated, in addition to frequent regulatory changes. The
interviewees indicated that this type of risk has dire consequences on their operations in the
form of; monetary fines, suspension of operations, as well as damage to their reputation.
Furthermore, Reputational Risks, that is, the risks incurred due to certain factors such as fraud
52
University of Ghana http://ugspace.ug.edu.gh
and security breaches. The interviewees indicated that when such incidences occur the banks
reputation is affected and lead to loss of trust by customers.
With respect to the foreign banks, the results revealed that these banks are mainly affected by
Reputational, Legal, Strategic and Operational Risks. Reputational Risks, that is, the risks
incurred due to certain factors such as fraud and security breaches. The interviewees indicated
that when such incidences occur the banks reputation is affected and lead to loss of trust in the
bank. Operational Risk is found to occur mainly due to security threats in the operations of the
banks; Again, it was revealed that the banks were exposed to Legal Risk, that is; risk associated
to the loss of capital or earnings which results from non-conformance or violation of prescribed
laws and regulations. It was revealed that the banks are also much exposed to legal risk due to
the rapid changing nature of EB technology, the numerous mistakes that could be replicated,
in addition to frequent regulatory changes. The interviewees indicated that this type of risk has
dire consequences on their operations in the form of; monetary fines, suspension of operations,
as well as damage to their reputation. Furthermore, the results revealed the banks’ exposure to
Strategic risk, occurring from occasional inappropriate management decisions, and the
implementation of those decisions.
Thus in comparing how both local and foreign banks are affected by the EB risks, the study
found some major EB risks which affect the local banks to include; Reputational, Legal and
Operational Risks. On the contrary, the study found some major EB risks which affect the
foreign banks to include; Operational, Legal, Reputational, and Strategic Risks.
In line with the third objective, the researcher sought to ascertain how EB risks are being
managed by the local and foreign banks based on the 14 principles of Basel Committee.
Comparisons were made to discover which of the banks; local and foreign banks comply most
in accordance with the 14 principles of Basel Committee.
53
University of Ghana http://ugspace.ug.edu.gh
With regards to Principle 1 to 3 under Board and Management Oversight, the results revealed
that the board and Management of both the local and foreign banks have demonstrated a high
level of efficacy in their oversight roles in managing EB risks. Nonetheless the Board and
management oversight roles of the local banks pertaining to EB risk management were more
prominent as compared to those of the foreign banks.
With regards to Principle 4 to 10 under Security Controls, the results revealed that although
both the local and foreign banks have put in security measures in the areas of; authenticating
the identity of customers during transactions; segregation of duties in EB systems;
authorization controls as well as access privileges for EB systems and applications; audit trails
for EB transactions; protection of data integrity of EB transactions and information; and
confidentiality of key EB information to manage EB risks, the security controls being
implemented by the foreign banks are more effective in comparison with the local banks.
Regarding Principle 11 to 14 under Legal and Reputational Risk Management, the results
revealed that although both the local and foreign banks have put in appropriate measures to
manage legal and reputational risk, the legal and reputational risk management being
implemented by the foreign banks were more effective in comparison with the local banks.
54
University of Ghana http://ugspace.ug.edu.gh
CHAPTER FIVE
SUMMARY, CONCLUSION AND RECOMMENDATIONS
5.1 Introduction
While the preceding chapter presented and discussed the study’s findings, this chapter presents
the summary of key findings and conclusion. Furthermore, recommendations are provided in
addition to suggestion for further research.
5.2 Summary of key findings
This study sought to compare EB risk management practices among local and foreign banks in
Ghana. The study focused on achieving three (3) specific objectives; to identify the risks
involved in EB among local and foreign banks in Ghana, to examine how such risks affect the
selected banks, and also to ascertain how EB risks are managed by the banks based on the 14
principles of the Basel Committee.
The study employed the mixed-method approach, with the adoption of quantitative and
qualitative approaches for data collection and analysis. The purposive method was utilized in
selecting eighty (80) respondents made up of Operations Managers, Risk Management Officers
and other staff involved in EB activities from the selected banks. Furthermore, four (4) EB
Senior Managers, were purposively sampled for interviews. With the aid of the Statistical
Package for Social Sciences (SPSS Version 25), descriptive statistics were utilized to analyze
the collected data. Descriptive statistical tools namely; frequency and percentage, were useful
in assessing the demographic information of respondents (gender, age, education and job
tenure), whereas means scores, variance, standard deviations and coefficient of variation were
used to analyze the various EB risks, as well as compliance of banks to the 14 risk management
principles of the Basel Committee. On the other hand, analysis of qualitative data through
55
University of Ghana http://ugspace.ug.edu.gh
interviews conducted was done manually to determine the themes in the interview text. The
methodology employed helped in identifying the following key findings:
In line with objective one, the study found that local banks encounter more EB risks in terms
of the system lacking information security; the system facing network failures, as well as the
system having many legal and security issues. The foreign banks on the other hand encounter
more EB risks in terms of the system having the chance of fraud, as well as the system lacking
information security. The study findings affirmed the study findings of Nwogu and Odoh
(2015) ,who revealed that the banking industry, following the introduction of EB has been more
exposed to greater challenges in terms of operational, security, reputational, legal and strategic
risks which if not managed effectively will result to financial losses as well as decrease in
consumer confidence. The statistics summarized was presented in Table 4.3 and 4.4.
In line with the second objective, the results revealed some major EB risks and their effect on
banks in Ghana. These include: Operational, Reputational, Legal and Strategic Risks. For the
local banks, the results reveled that they mostly encounter Reputational, Legal and Operational
Risks.
On the contrary, the study found some major EB risks which affect the foreign banks to include;
Operational, Legal, Reputational, and Strategic Risks. These results thus confirmed the studies
of scholars such as Kondabagil (2007), Sokolov (2007) and Nwogu and Odoh (2015), who
revealed that the banking industry following the introduction of EB has been more exposed to
greater challenges in terms of operational, legal, strategic and reputational risks which if not
managed effectively will result to financial losses as well as decrease in consumer confidence.
With regards to the third objective, it was found that both local and foreign banks in Ghana
have demonstrated a high level of efficacy in managing EB risks, based on the 14 Principles.
Nonetheless the risk management roles of the foreign banks pertaining to EB risk management
56
University of Ghana http://ugspace.ug.edu.gh
were more prominent than those of the local banks. The statistics summarized was presented
in Tables 4.5 and 4.6.
5.3 Conclusion
Advancement in ICT in modern times have caused many banks, both local and international
towards adopting EB. According to Brady, Saren, and Tzokas (2002), the adoption of advanced
technology via the use of internet, mobile phones, computers, ATMs, etc has played a vital
role in revolutionizing the banking sector. The emergence of EB has become very dominant in
performing financial transactions, providing financial benefits, and at the same time serving as
a very powerful tool for promoting competition between banks (Zarei, 2011).
The evidence gathered in the study showed the following conclusions:
i. That both local and foreign banks in Ghana have demonstrated a high level of efficacy
in managing EB risks based on the 14 Principles. Nonetheless, the risk management
roles by the foreign banks pertaining to EB were more prominent than the local banks.
ii. The risk management practices of the foreign banks were more effective than the local
banks. Despite this, the several reported cases of the failure of EB systems in some
foreign banks indicate that more needs to be done.
iii. That security poses a major threat to the delivery and adoption of EB products/services.
This was made evident by both the local and foreign banks.
iv. That both local and foreign banks are exposed to Operational, Legal and Reputational
Risks.
57
University of Ghana http://ugspace.ug.edu.gh
5.4 Recommendations
In line with the study findings, the study recommends the following:
i. Local banks should undertake suitable steps to promote adequate segregation of roles
in the EB databases and applications system. In so doing, technical staff should be
equipped to operate in a good and comfortable workspace to minimize challenges.
ii. Local banks should adopt effective transaction authentication applications like alert
messaging text or mails for every business deal verification.
iii. Local banks should also resort to automated day-to-day reports generation and
inaugurating effective communication and report sharing regimes with their customers
iv. There should also be other ways whereby the banks could undertake optimum and
careful control mechanisms to prevent clients from altering their status, thereby
allowing access to EB systems which otherwise is not expected. Thus, the database
system should be configured with real-time update function and a consistency of
internet connectivity to avoid any challenge.
v. The need for downloading and installing internet banking applications, for instance
must be approved to registered users only.
vi. Effective incident response systems should be adopted, essential to help minimize
operational and legal risks that might occur.
vii. Finally, the RFID technology is recommended to be adopted for the development of
EB in Ghana.
5.5 Suggestions for further study
In future, it is suggested that more studies be conducted in the area of EB Risk Management
practices since the identification of EB risks, and the provision of relevant recommendations
to manage EB risks would lead to a better service delivery, and encourage more customers to
patronize EB services.
58
University of Ghana http://ugspace.ug.edu.gh
REFERENCES
Abasinezhad, H. (2011). Electronic Banking. Iran-Tehran. SAMT publishing, printing, 3, 20.
Abdou, H., English, J., & Adewunmi, P. (2014). An investigation of risk management practices
in electronic banking: the case of the UK banks. Banks and Bank Systems, 9(3).
Abdou, H., Hadjiantoni, H., & Derwin, G. (2015). E-banking and risk management: evidence
from the Cypriot public sector banks. Banks and Bank Systems, 10(3), 17-27.
Abdou, H., Muslem, O. & Ismal, R. (2014). Risk Management Practices in the Republic of
Yemen: Are Islamic banks different?. Journal of Islamic Economics, Banking and
Finance, 10 (3),46-73.
Abor, J. (2004). Technological Innovations and Banking in Ghana: An evaluation of
customers’ perceptions. Accra: University of Ghana, Legon.
Abor, J. (2005). Technological innovations and banking in Ghana: an evaluation of customers'
perceptions. IFE Psychologia. An International Journal, 13(1), 170-187.
Abou, A. A., & Hasani, M. R. (2008). An Investigation about Risk and its Management
Approaches In Iran Interest Free Banking System.
Adams, N. A., & Odartey Lamptey, A. (2009). Customer perceived value in internet banking
in Ghana. Master’s thesis, Lulea University of Technology: Sweden.
AL-Rawashdeh, B. S., Abu-Errub, A. M., Areiqat, A. Y., & Dbbaghieh, M. (2012). Information
Technology Role in Reducing E-Banking Services Risk in Jordanian Banking Sector.
Journal of Computer Science ,8 (3),374-381.
Alshibly, H. H. (2011). An extended Tam Model to evaluate user's acceptance of electronic
cheque clearing systems at Jordanian Commercial Banks. Australian Journal of Basic
and Applied Sciences, 5(5), 147-156.
Anghelache, G-V., Cozmanca, B-O., Handoreanu, C-A., Obreja, C., Olteanu, A-C. & Radu,
A-N. (2011). Operational risk- an assessment at international level. International
Journal of mathematical Models and Methods in Applied Sciences, 1(5),184-192.
59
University of Ghana http://ugspace.ug.edu.gh
Ayrga, A. (2011). Is Mauritius Ready to E-Bank? From A Customer and Banking Perspective.
Journal of Internet Banking and Commerce, 16(1).
Balachandler, K. G., Santha, V., Norhazlin, I., & Rajendra, P. (2001). Electronic banking in
Malaysia: Evolution of services and consumer reaction.
Bank for International Settlement. (2003). Basel Committee on Banking Supervision Risk
Management Principles for Electronic Banking. Retrieved November 25, 2010, from
http://www.bis.org/publ/bcbs98.htm.
Barnett, R., Coleman, J., Shezaf, O., Grossman, J., & Auger, R. (2009). Web hacking incident
database.
Barreiro, P., L., &Albandoz, J. P.(2001). Population and sample. Sampling
techniques. Management mathematics for European schools, 6.
Bank for International Settlement. (2003). Basel Committee on Banking Supervision Risk
Management Principles for Electronic Banking. Retrieved November 25, 2010, from
http://www.bis.org/publ/bcbs98.htm.
Basel Committee on Banking Supervision. (2006). International Convergence of Capital
Measurement and Capital Standards: A Revised Framework Comprehensive Version.
Switzerland: Bank for International Settlements. Retrieved January 6, 2009, from
http://www.bis.org/publ/bcbs128.pdf.
Basel Committee on Banking Supervision. (2009). Enhancements to the Basel II Framework.
Switzerland: Bank for International Settlements. Retrieved January 5, 2012, from
http://www.bis.org/publ/bcbs157.pdf.
Basel Committee on Banking Supervision. (2011). Principles for the Sound Management of
Operational Risk – final document. Switzerland: Bank for International
Settlements. Retrieved from http://www.bis.org/publ/bcbs195.pdf.
Bonsón E., Escobar, T., & Flores, F. (2008) Operational Risk Measurement in Banking
Institutions and Investment Firms: New European Evidences. Financial Markets,
Institutions and Instruments, 17(4), 287-307.
60
University of Ghana http://ugspace.ug.edu.gh
Brady, M., Saren, M., & Tzokas, N. (2002). Integrating information technology into marketing
practice - the IT reality of contemporary marketing practice. Journal of Marketing
Management, 18(5-6), 555-577.
Bryman, A. & Bell, E. (2015). Business Research Methods. (4th Ed.).Oxford University Press,
USA. ISBN: 978-0-19-966864-9; p.347. Retrieved February 16, 2016, from
http://www.books.google.com.
Cheng, T. E., Lam, D. Y., & Yeung, A. C. (2006). Adoption of internet banking: an empirical
study in Hong Kong. Decision support systems, 42(3), 1558-1572.
Chovanová, A. (2006). Forms of electronic banking. BIATEC, 14(6), 22-25.
Christopher, G., Mike, C., Visit, L., & Amy, W. (2006). A Logit Analysis of Electronic
Banking in New–Zealand. International Journal of Bank Marketing, 24(1), 360-383.
Clarke, R. (2001). Innovation diffusion resources. Open Site. Retrieved September 25, 2005,
http://www. anu. edu. au/people/Roger. Clarke/SOS/InnDiffISW. html.
Creswell,J.,W.(2012). Educational research. Planning, conducting, and evaluating
quantitative and qualitative research. University of Nebraska, Lincoln.
Creswell, J. W., & Plano Clark, V. L. (2011). Designing and Conducting Mixed Methods
Research (2nd Ed.). Thousand Oaks, CA: Sage Publications.
Crosland, M. NCR Corporation. (2010). Consumer behaviour drives innovation in ATM
Technology. Retrieved from http://www.atmmarketplace.com.
Daniel, E. (1999). Provision of electronic banking in the UK and the Republic of
Ireland. International Journal of bank marketing, 17(2), 72-83.
Davis, F. D., Bagozzi, R. P., & Warshaw, P. R. (1989). User acceptance of computer
technology: a comparison of two theoretical models. Management science, 35(8), 982-
1003.
Federal Deposit Insurance Corporation. (2007). Retrieved from
http://www.fdic.gov/regulations/examinations/trustmanual/section_2/fdic_section_2
-internal_controls_and_auditing. html .
61
University of Ghana http://ugspace.ug.edu.gh
Federal Financial Institutions Examination Council (2003). FFIEC IT examination handbook
on E-Banking EB, Federal Register Ed. Vol. 67, No. 237.
Federal Trade Commission. (2006). FTC Facts for Consumers. Washington DC: Federal
Trade Commission.
Financial Fraud Action UK,. (2011). Fraud The Facts: The Definitive Overview of Payment
Industry Fraud and Measures to Prevent It [online]. London: Financial Fraud Action
UK. Available from: http://www.financialfraudaction.org.uk/Publications/#/1/.
Florina, V., Liliana, M., & Viorica, I. (2008). Risk Management of E-banking Activities.
Available at http://steconomice.uoradea.ro/anale/volume/2008/v3-finances-banks-
accountancy/160.pdf. Accessed on 04/02/10.
Georgescu, M. (2006). Some issues about risk management for e-banking. Available at SSRN
903419.
Giannakoudi, S. (1999). Internet banking: the digital voyage of banking and money in
cyberspace. Information and Communications Technology Law, 8(3), 205-243.
Gup, B., & Kolari, J. (2005). Commercial banks. (3rd Ed).United States: John Wiley & Sons.
Hair, Jr J.F., Money, A.H., Samuel, P., & Page, M. (2012). Research methods for business.
John Wiley and Sons Ltd. Chichester, UK.
Hong Kong Monetary Authority. (2015). Risk Management of E-banking, Supervisory Policy
Manual, TM-E1. Retrieved from http://www.hkma.gov.hk/media/eng/doc/key-
functions/banking-stability/supervisory-policymanual/TM-E-1.pdf
Hubbard, D. W. (2010) How to Measure Anything: Finding the Value of “Intangibles” in
Business. 2nd edn., New Jersey: John Wiley & Sons, Inc.
Ihejiahi, R. (2009). How to fight ATM fraud online. Nigeria Daily News, 21.
Imala, O. I. (2002). Electronic Commerce and Telecommunications in Nigeria: Bank Regulator
Perspective.Paper presented at the International Conference on Electronic Commerce
and Telecommunications in Nigeria, Lagos, 23rd September.
62
University of Ghana http://ugspace.ug.edu.gh
International Organization for Standardization (2011). ISO / IEC 27005. Information
Technology - Security Techniques - Information Security Risk Management. Geneva:
International Organization for Standardization.
Internet Banking Handbook. (2001). Federal Reserve Board of Chicago’s Office of the
Comptroller of the Currency (OCC).
Jehangir, M., Zahid, M., Jan, S., & Khan, A. (2016). Benefits and Risks of Electronic Banking
in the Context of Customer Satisfaction. Journal of Applied Environmental and
Biological Sciences, J. Appl. Environ. Biol. Sci., 6(3)112-117.
Jen, N. & Michael, W. (2006). Journal of Electronic Commerce Research,7(2).
Karjaluoto, H., Mattila, M., & Pento, T. (2002). Factors underlying attitude formation towards
online banking in Finland. International Journal of Bank Marketing, 20 (6), 261-271.
Khan, A. R. & Karim, M. (1997). E-banking and Extended Risks, How to deal with challenge?.
Retrieved from http://www. ru.ac.bd/finance/images/stories/working_
papers/ebanking-edited.pdf.
Kolodinsky, J. M., Hogarth, J. M., & Hilgert, M .A. (2004).The adoption of electronic banking
technologies by U.S consumers. The International Journal of Bank Marketing. 22(4),
238-259.
Kondabagil, J. (2007). Risk management in electronic banking: Concepts and best
practices (Vol. 454). John Wiley & Sons.
Laura, A. (2014). The Importance of E-banking in Business. Demand Media.
Leow, H. B. (1999). New distribution channels in banking services. Banker’s Journal
Malaysia, 110, 48-56.
Mihalcescu, C., Ciolacu, B., Pavel, F., & Titrade, C. (2008). Risk and Innovation in e-
Banking. Romanian economic and business review, 3(2), 86.
MollaZade.(2010). Study of Effective Factors at the E-banking Operational Risk in the
MaskanBank. The Master of Business Administration, Islamic Azad University,
Kermanshah Branch, Iran.
63
University of Ghana http://ugspace.ug.edu.gh
Money and Bank Research Center (MBRC). (1999). Electronic Banking and Its Strategies in
Iran. Winter. Center Bank of Iran (text Persian of ISC).
Money and Bank Research Center (MBRC). (2005). Electronic Banking and Its Administrative
Requirements in Comparison of Operational Costs of Different Banking Services,
Spring. Center Bank of Iran (Text Persian of ISC).
Nwogu, E. & Odoh, M. (2015). Security Issues Analysis on Online Banking Implementations
in Nigeria, International Journal of Computer Science and Telecommunications, 6
(1),20-27.
Nzevela, A. K. (2015). The Effect of Internet Banking Risk Management Strategies on
Financial Performance of Commercial (Doctoral Dissertation, School of Business).
University of Nairobi.
Palinkas, L. A., Horwitz, S. M., Green, C. A., Wisdom, J. P., Duan, N. & Hoagwood, K. (2015).
Purposeful sampling for qualitative data collection and analysis in mixed method
implementation research. Administration and policy in mental health and mental
health services research, 42(5); 432: 533-544.
Pennathur, K, A. (2001) “Clicks and Bricks” e-risk Mananagement for banks in the age of the
internet, journal of banking & finance 25, 2103-2123.
Polatoglu, V. N., & Ekin, S. (2001). An empirical investigation of the Turkish consumers'
acceptance of internet banking services. International Journal of Bank Marketing,
19(4), 156-65.
Ramakrishnan, G. (2001). Risk management for internet banking. Information Systems Control
Journal, 6, 48-51.
Rogers, E. M. (1995). Diffusion of Innovations: modifications of a model for
telecommunications. In Die diffusion von innovationen in der
telekommunikation (pp. 25- 38). Springer, Berlin, Heidelberg.
Rose, P. S. (1999). Commercial Bank Management.(4th Ed.).Irwin/McGraw- Hill:Boston,
USA.
64
University of Ghana http://ugspace.ug.edu.gh
Sathye, M. (1999). Adoption of internet banking by Australian consumers: an empirical
investigation. International Journal of Bank Marketing, 17 (7), 324-334.
Schutt, R.K. (2011). Investigating the social world: The process and practice of research. Pine
Forge Press.
Sevcik, P. (2004). Innovation diffusion. Business Communication Review, 34(9), 8-11.
Shirazi, S. H. (2003). Risk Profile in E-banking.The Pakistan Accountant.
Singhal, D., & Padhmanabhan, V. (2008). A study on customer perception towards internet
banking: Identifying major contributing factors. Journal of Nepalese business
studies, 5(1), 101-111.
Sokolov, D. (2007). E-banking: risk management practices of the Estonian banks. Institute of
Economics at Tallinn University of Technology, 101.
Stamoulis, D., Kanellis, P., & Martakos, D. (2002). An approach and model for assessing the
business value of e-banking distribution channels: evaluation as
communication. International Journal of Information Management, 22(4), 247-261.
Talbot, L. (Ed.). (1995). Principles and practice of nursing research. St. Louis, MO : Mosby
Incorporated.
Thulani, D., Tofara, C & Langton, R. (2009). Adoption and Use of Internet Banking in
Zimbabwe: An Exploratory Study. Journal of Internet Banking and Commerce, Vol.
14(1).
Titrade, C., Ciolacu, P., & Pavel, F. (2008). E-banking--Impact, Risks, Security. The Annals of
the University of Oradea Economic Sciences, 17(1), 1537-1542.
Trenca, I., Silivestru, H., & Paun, D. (2010). New Trends Concerning Operational Risc In E-
Banking. Analele Stiintifice ale Universitatii" Alexandru Ioan Cuza" din Iasi-Stiinte
Economice, 171-180.
UK Payments Administration. (2011). Fraud Losses Drop on UK Cards, Cheques and Online
Banking [online]. UK Payments Administration Press Releases. Retrieved from:
http://www.ukpayments.org.uk/media_centre/press_releases/-/page/1324/.
65
University of Ghana http://ugspace.ug.edu.gh
Zarei, S. (2011). Risk management of internet banking. In Recent Researches in
Artificial Intelligence. 10th WSEAS International conference on Artificial
Intelligence, Knowledge Engineering and Data Bases (AIKED 11), Cambridge, UK.
66
University of Ghana http://ugspace.ug.edu.gh
67
University of Ghana http://ugspace.ug.edu.gh
APPENDIX 1: STAFF QUESTIONNAIRE
UNIVERSITY OF GHANA BUSINESS SCHOOL
DEPARTMENT OF FINANCE
Dear Respondent,
Thank you in advance for completing this question for my research. I am a student of the
University of Ghana Business School currently conducting a study on “Managing the Risk of
Electronic Banking: A comparative Study of Local and Foreign Banks in Ghana”. The study
is purely an academic exercise, therefore any information given would be treated with utmost
confidentiality. It is against these backdrops, therefore that your input is very important to make
this study a success.
Thank you.
PART 1: Demographic information
INSTRUCTION: Please answer by ticking (√) in the box beside your choice and specify
where necessary.
1. Sex:
a. Male
b. Female
2. Age(years):
a. Less than 29 years
b. 30 – 39 years
c. 40 – 49 years
d. 50 years and above
68
University of Ghana http://ugspace.ug.edu.gh
3. What is the highest level of education? Please select the most appropriate.
a. Post Graduate Degree
b. Graduate Degree
c. HND
d. Other, please specify……………………………………………
4. Marital status:
a. Single
b. Married
c. Divorced
d. Widowed
e. Separated
5. Is your bank a local or foreign bank?
a. Local
b. Foreign
6. Years of work experience in the banking field
a. Less than 2 years
b. 2 to 5 years
c. 5 to 10 years
d. 10 years
7. Please specify your position:
a. Operation Manager
b. EB Risk Management Officer
c. Other, please specify……………………………………………
8. Does your bank offer electronic banking service(s)?
a. Yes
b. No
69
University of Ghana http://ugspace.ug.edu.gh
PART 2: Identifying risks associated with electronic banking among local and
foreign banks in Ghana.
9. Using the scale; 1 = Strongly Disagree (SD); 2 = Disagree (D); 3 = Neutral (N); 4 =
Agree (A); and 5 = Strongly Agree (SA), kindly indicate your level of agreement
with each of the statements in terms of the risks associated with electronic banking.
Scale
No. Risks associated with Electronic Banking 1 2 3 4 5
Q1. Electronic banking has the chance of fraud.
Q2. Electronic banking lacks information security.
Q3. Electronic banking is faced with networks failures.
Q4. Electronic banking has many legal and security
issues.
Q5. Electronic banking has less operational reliability.
PART 3: Risk management of electronic banking based on the fourteen (14) principles
of basel committee.
Using the scale; 1 = Strongly Disagree (SD); 2 = Disagree (D); 3 = Neutral (N); 4 = Agree
(A); and 5 = Strongly Agree (SA), kindly state your level of agreement with the following
statements in terms of how your bank comply to these principles.
Statement Scale
No. A. Board and management oversight (Principles 1 to 3) 1 2 3 4 5
Q1. The Board of Directors and Senior Managers has established effective
Management Oversight over the risks associated with E-banking
activities, including the establishment of specific policies and controls
to manage these risks.
Q2. The Board of Directors and Senior Managers have reviewed and
approved the key aspects of the bank’s security control process.
Q3. The Board of Directors and Senior Management have established a
comprehensive and ongoing due diligence and oversight process for
70
University of Ghana http://ugspace.ug.edu.gh
managing the bank's outsourcing relationships and other third-party
dependencies supporting E-banking.
B. Security controls (Principles 4 to 10)
Q4. The Bank takes appropriate measures to authenticate the identity and
authorization of customers with whom it conducts business with.
Q5. The Bank uses transaction authentication methods that promote non-
repudiation and establish accountability for E-banking transactions.
Q6. The Bank ensures that appropriate measures are in place to promote
adequate segregation of duties within e-banking systems.
Q7. The Bank ensures that proper authorization controls and access
privileges are in place for E-banking systems, databases and
applications.
Q8. There are clear audit trails for all E-banking transactions.
Q9. The Bank ensures that appropriate measures are in place to protect the
data integrity of E - banking transactions, records and information.
Q10. The Bank takes appropriate measures to preserve the confidentiality of
key E-banking information.
Legal and reputational risk management (Principles 11 to 14)
Q11. The Bank ensures that adequate information is provided on their
websites to allow potential customers to make an informed
conclusion about their E-banking services.
Q12. The Bank takes appropriate measures to ensure adherence to customer
privacy requirements.
Q13. The Banks has an effective capacity, business continuity and
contingency planning process to help ensure the availability of E-
banking services.
Q14. The Bank has a developed appropriate incident response plan to
manage, contain and minimize problems arising from unexpected
events including internal and external attacks.
Thank you for your time.
71
University of Ghana http://ugspace.ug.edu.gh
APPENDIX 2:INTERVIEW GUIDE FOR STAFF
UNIVERSITY OF GHANA BUSINESS SCHOOL
DEPARTMENT OF FINANCE
Dear Respondent,
Thank you in advance for completing this question for my research. I am a student of the
University of Ghana Business School currently conducting a study on “Managing the Risk of
Electronic Banking: A comparative Study of Local and Foreign Banks in Ghana”. The study
is purely an academic exercise, therefore any information given would be treated with utmost
confidentiality. It is against these backdrops, therefore that your input is very important to make
this study a success.
Thank you.
PART 1: Demographic information
INSTRUCTION: Please answer by ticking (√) in the box beside your choice and specify or
write where necessary.
1. Sex:
a. Male
b. Female
2. Age(years):
a. Less than 29 years
b. 30 – 39 years
c. 40 – 49 years
d. 50 years and above
72
University of Ghana http://ugspace.ug.edu.gh
3. What is the highest level of education? Please select the most appropriate.
a. Post Graduate Degree
b. Graduate Degree
c. HND
d. Other, please specify……………………………………………
4. Marital status:
a. Single
b. Married
c. Divorced
d. Widowed
e. Separated
5. Is your bank a local or foreign bank?
a. Local
b. Foreign
6. Years of work experience in the banking field
a. Less than 2 years
b. 2 to 5 years
c. 5 to 10 years
d. 10 years
7. Please specify your position:
a. Operation Manager
b. EB Risk Management Officer
c. Other, please specify……………………………………………
8. Position of interviewee……………………………………………
73
University of Ghana http://ugspace.ug.edu.gh
SECTION B: Examing the effects of electronic banking risks on banks.
1. How often is your bank E- banking channels tested against common techniques
fraudsters use to break into the bank’s server by misleading application?
2. What procedures are implemented to verify the accuracy and content of websites
information and links to other websites or interactive programs available to
customers?
3. How does the bank mitigate the various risks associated with electronic banking?
4. How does E- banking risk affect the banks based on the following?
i. Operational
ii. Legal
iii. Reputational
iv. Strategic
Thank you for your time.
74