In recent years, one of the most important steps is the promulgation of the Law on Credit Institutions 32/2024/QH15 (hereinafter referred to as the New Law). Regulatory agencies in Vietnam have actively made efforts to reform the legal system to improve the transparency, safety and efficiency of the banking system. This new law makes many major changes in regulations for the operations of credit institutions, especially commercial banks, in order to strengthen management, supervision and ensure the stability and safety of credit institutions. the whole system.

The changes in the new Law will have a profound impact on all aspects of banking operations, from business processes, management models to information technology (IT) systems. For banking software developers, the new Law poses many challenges but also opens up new opportunities to improve and upgrade current systems and build advanced technology solutions suitable for customers. new legal environment.

In this article, we will focus on analyzing important new points of the Law on Credit Institutions 32/2024/QH15, evaluate their impact on banking software systems, and offer solutions. solutions for software developers to comply with new laws and enhance banks’ technological capabilities.

Important changes of the Law on Credit Institutions 32/2024/QH15

Bad debt and restructuring

The new Law addresses the issue of bad debt more clearly by setting out regulations on how banks should classify, provision for risks, and handle such debts. It mandates banks to closely monitor and manage debts based on updated criteria and allocate enough funds to cover potential risks, ensuring the safety of their operations. This requirement calls for a tight integration between the credit management system and the bank’s accounting and provisioning system.

Furthermore, the Law introduces new mechanisms for handling bad debts, including restructuring, transferring bad debts, or dealing with bankruptcy of credit institutions. Banks are required to develop specialized systems for managing bad debts, facilitating the restructuring and transfer processes in compliance with legal requirements.

When it comes to restructuring credit institutions, the new Law outlines intervention measures, assigns responsibilities to relevant parties, and lays out implementation procedures more explicitly. To support effective restructuring, banks need dedicated software systems for restructuring management. These systems aid in monitoring and managing the restructuring process, assessing asset and liability values, and overseeing restructuring projects at each stage.

Apart from developing new systems, it’s crucial to pay attention to integrating and synchronizing bad debt data and restructuring information with other systems. Establishing connections between debt management systems and core banking systems, financial reporting systems, and human resource management systems is essential to ensure data accuracy, synchronization, and provide effective support for management and administration tasks.

To address bad debt and restructuring issues, banking software requires the following solutions:

• Information Management: Implement a system to manage and maintain detailed records of bad debts requiring attention.
• Automated Classification and Provisioning: Develop functionality to automatically classify debts and calculate risk provisions based on predefined debt classification principles and provisioning levels.
• Comprehensive Bad Debt Management: Create a platform for comprehensive management of bad debts, covering balances, accrued interest, collateral details, negotiation outcomes, and debt restructuring efforts.
• Detailed Reporting: Enable the generation of comprehensive and detailed reports across various analytical dimensions to facilitate effective bad debt management.

Disclosure of information about shareholders and foreign investors

Aside from imposing ownership limits, Law on Credit Institutions 32/2024/QH15 also mandates transparent disclosure of information concerning shareholders and foreign investors in Vietnamese banks. This measure aims to enhance transparency and accountability, ensuring that foreign investors are accountable to regulatory authorities and the public.

Moreover, disclosing information about foreign shareholders imposes stricter requirements on the security and integrity of bank systems. Enhanced encryption and data protection solutions are necessary to safeguard information when sharing and disclosing it in accordance with regulations.

Under the new regulations, banking software needs to incorporate the following solutions:

• Banks must establish and update a system to gather and store comprehensive information about foreign shareholders, including their full names, addresses, nationalities, etc. This system should be capable of synthesizing this information and generating public reports as mandated by regulatory bodies.
• The collected information must be regularly updated and reported to regulatory authorities as per their requirements.
• The software system must have the capability to synthesize and report foreign shareholder information in formats and according to the requirements specified by law.

Lowering Maximum Ownership Limits

In addition to the restrictions on consolidated ownership, Law on Credit Institutions 32/2024/QH15 introduces new regulations aimed at reducing the maximum ownership ratio permissible for foreign investors in Vietnamese banks. This measure is part of ongoing efforts to decentralize control, mitigating risks associated with excessive concentration of ownership among a specific group of foreign investors.

Under the new law, a lower maximum ownership ratio for foreign investors in Vietnamese banks is stipulated, compared to the previous limit. Banks are obligated to review, update, and ensure that the ownership ratio of each foreign investor complies with the new threshold as specified by regulations.

To adhere to this regulation, banking software requires upgrading the current shareholder and investor management system to track and calculate the ownership ratio of each foreign investor. The system must promptly incorporate new regulations on maximum ownership limits to issue warnings and prevent potential violations.

Furthermore, processes for verifying and authenticating investor information before updating it into the system need revisiting and tightening to ensure data integrity and accuracy. Enhanced interconnection and integration with other systems are necessary to maintain synchronized and consistent investor data.

Limiting Loans from Foreign Banks

Law on Credit Institutions 32/2024/QH15 also imposes new restrictions on lending by Vietnamese banks to foreign organizations and individuals. This measure aims to mitigate exchange rate risks and ensure the safety of banking operations amidst deepening international economic integration.

Under the new regulations, banks are required to monitor and restrict total outstanding loans to foreign customers within permissible limits. Stringent control over outbound loan capital flows will assist banks in managing exchange rate fluctuations, maintaining liquidity safety, and adhering to operational safety ratios mandated by the State Bank regulations.

To adhere to this regulation, banking software requires:

• Deploy specialized monitoring and tracking systems for outstanding loans to foreign customers. The system needs to be able to classify, calculate and warn when foreign loan balances reach the prescribed limit. At the same time, the system also needs to integrate exchange rate risk assessment tools and models to warn and support banks in controlling this risk.
• New foreign loan balance monitoring systems need to be closely integrated with existing systems such as banking core systems, credit management systems, and customer management systems.
• Special attention to security and confidentiality of customer information during the implementation of new systems. Technical solutions like data encryption and decentralized access control should be applied to comply with stringent regulations on customer data protection in the banking sector.

Prohibition of Banks Engaging in Insurance Activities

A significant amendment in the Law on Credit Institutions 32/2024/QH15 is the prohibition of commercial banks from participating in the insurance business. This measure aims to distinctly separate banking and insurance sectors, while safeguarding customers’ rights against being compelled to purchase insurance when engaging with banks.

Previously, many banks practiced cross-selling insurance products through their distribution networks. However, this raised significant concerns and controversies regarding the authenticity and voluntariness of customer purchases. The new law was enacted to address these issues by completely segregating banking and insurance business operations.

To comply with the regulations prohibiting insurance activities, banking software must eliminate the capability to sell insurance on existing software systems such as customer relationship management (CRM) systems, core banking systems, and online transaction applications.

Simultaneously, it’s imperative to develop new systems to manage insurance contracts previously sold to customers. These systems will oversee and administer the process of settling insurance claims and managing requests pertaining to contracts until their expiration.

In order to comply with the regulations prohibiting banks from engaging in insurance business as stipulated in the Law on Credit Institutions 32/2024/QH15, banks must implement comprehensive software solutions across various systems, including:

• Conducting a thorough review and analysis to eliminate features associated with insurance sales from core banking systems, CRM systems, online transaction applications, and other relevant platforms.
• Integrating auditing processes to prevent the creation of new insurance contracts during customer transactions.
• Updating user interfaces by removing links and functionalities related to insurance sales from transaction screens.
• Segregating insurance-related data from banking data systems to ensure proper separation.
• Reviewing all business processes related to insurance sales and completely segregating them from primary banking activities.

Impact of the New Law on Banking Software Development

The changes introduced in the Law on Credit Institutions 32/2024/QH15 will significantly affect the current software systems used by banks. Here are some key impacts that need to be taken into account:

Revise Business Processes

The implementation of the new law might introduce fresh regulations regarding risk management, internal control, reporting, and compliance, necessitating banks to amend their current business processes. This adjustment will prompt the need to update and tailor software systems to accommodate these new processes.

Enhance Security and Data Management

The law may impose stricter regulations on information security and the management of customer data. Existing software systems will require upgrades to meet these new security and data management standards.

Integrate and Share Data

The new law may mandate data integration and sharing between banks and state regulators. This will entail the establishment of new protocols, standards, and infrastructure to facilitate seamless data integration and sharing.

Implement Technological Improvements

New laws may incentivize or mandate the adoption of advanced technologies such as artificial intelligence (AI) and big data analytics to enhance operational efficiency and risk management. Consequently, banks will need to invest in upgrading and integrating these new technologies into their existing software systems.

Solutions for Businesses Developing Banking Software

To meet the requirements outlined in the Law on Credit Institutions 32/2024/QH15 and concurrently enhance banks’ technological capabilities, software development businesses should consider implementing the following solutions:

Implementing Modern and Flexible Software Architecture

• Transitioning to a service-oriented architecture (SOA) enhances scalability and integration by breaking down the system into manageable services.
• Adopting microservices architecture allows for the division of the system into independent services, facilitating easier upgrades and replacements.
• Utilizing Cloud-Native Architecture optimizes deployment and operation capabilities in cloud computing environments.

Incorporating New Technology in Software Development

• Employing distributed databases and NoSQL enhances the capacity to process large volumes of data at high speeds.
• Integrating artificial intelligence (AI) and machine learning into data analysis and processing supports better analysis and risk assessment.
• Leveraging cloud computing and containers improves the flexibility and scalability of applications.

Implementing Modern Software Development Practices

• Embrace continuous software development methodologies to expedite development cycles, enabling quicker upgrades and bug fixes.
• Integrate legal compliance requirements from the design phase itself (Compliance by Design) to ensure adherence to laws throughout the software’s lifecycle.
• Regularly conduct compliance testing through automated tests to ensure software compliance.

Ensuring Safety and Information Security

• Employ comprehensive security solutions like data encryption, multi-factor authentication, and decentralized access control.
• Conduct periodic information security audits to identify and address security vulnerabilities.
• Foster an information security culture within the organization through training and awareness programs for the software development team.

Collaborate and Seek Expert Guidance in Banking Technology

• Engage with industry experts to gain insights into the latest technologies applicable in banking.
• Partner with reputable software firms and consulting agencies specializing in the banking sector for project implementation.

Given the numerous challenges posed by the Law on Credit Institutions 32/2024/QH15, selecting a trustworthy software development partner with expertise in banking is crucial.

Evotek, a leading provider of software solutions for the finance and banking sector, stands ready to assist banks in developing and upgrading their IT systems to align with new legal mandates.

Evotek takes pride in its team of seasoned software experts possessing exceptional professional knowledge. Our team is adept at analyzing, designing, and implementing software solutions tailored to meet our clients’ needs.