Research study on Risks in the E-Payments Industry (Paytm)

Research study on Risks in the E-Payments Industry (Paytm)

Risks in the E-Payments Industry (Paytm)

By Ankur Sengupta and Srijani Bhattacharyya, PGDRM Batch July’20-21



Brief about the company


  • Paytm is an Indian financial technology company founded by Vijay Shekhar Sharma began its journey in 2010 in e-commerce transactions.​​
  • Initially, services like DTH and mobile recharge were available on the platform. But later options like landline bill payments, postpaid mobile bill payments, etc. were added to the platform. ​
  • Paytm Wallet was launched in January of 2014 and was picked up by Uber and Indian Railways as an online payment option on their platforms. ​
  • As of 2020, the company is considered to have an evaluation of approximately 16 billion US Dollars.




Money making canvas


Overview of the risks



Risk Indicators

  • Failure of tie-ups/ Alliances​
  • Competition​
  • Geopolitics​
  • Reputational​


  • Business processes not aligned to business goals and objectives​
  • Lack of adequate market research and insights​
  • Inappropriate business alliances​
  • Failure to meet revenue and expense targets​
  • Ineffective products​
  • Inappropriate response to changing business dynamics & competition​
  • Lack of innovation and disruptive ideas​


Risk Indicator

  • E-Transaction​
  • Platform / Application Design ​
  • Network & Infrastructure Security​
  • Data Governance, Integrity and Security​


  • Cyber security lapses, IT systems not aligned to business objectives​
  • Software assets are not monitored appropriately​
  • Unauthorized changes to the applications and systems​
  • Absence of IT Policies and Procedures​
  • Inadequate business continuity/disaster recovery plan​
  • Unauthorized/excessive user access to the IT systems​
  • Poor Data-center controls​
  • Weak/unsecured network perimeter of the organization​

Risk Indicators

  • Unauthorized transactions​
  • Siphoning of funds​
  • Cyber frauds​
  • Accounting Frauds​


  • Unauthorized transactions in customer accounts​
  • Misappropriation of customer funds​
  • Over / under-reporting of customers / users​
  • Accounting Fraud, Abuse / Misuse of sensitive personal information​
  • Identity Theft​
  • Pharming ​
  • Phishing ​



Risk Indicators

  • Time-Outs​
  • Bugs​
  • Execution time​


  • Transaction fraud​
  • Account takeover​
  • Fake accounts​
  • Mule accounts for anti-money laundering.​
  • Return/order cancellation fraud, where customers abuse your return policy.​
  • Merchant fraud is when merchants are frauding customers.​


Overview of Risks




Risk Indicators

  • Non-compliance to RBI’s regulations / directions​
  • Data Privacy Norms​
  • Safety of Data


  • KYC non-compliances​
  • Inappropriate Consumer Grievance Redressal​
  • AML non-compliances​
  • Non-compliance to RBI Master Circular on Cyber Security Framework​
  • Non-compliance to minimum Net-worth requirements​
  • Other non-compliances to RBI guidelines​



Risk Indicators

  • Unbilled / under billing of Fees, Commission, Delivery charges, etc.​
  • Unreconciled balances with third parties​
  • Wrong reporting of financial transaction


  • Payments made to merchants, not recovered from customers​
  • Unbilled fees / commission / delivery charges​
  • Excessive cashbacks / discounts offered to customers​
  • Unreconciled balances with third parties​
  • Errors in exception pricing (fees and waivers)​
  • Under-billing to customers​
  • Unenforced price contracts​
  • Delay in price changes​



Risk Indicators

  • Selection of inappropriate vendors​
  • Non-compliances / control gaps in vendor managed processes​
  • IT failures at Vendors​


  • Improper due diligence​
  • Non-compliances to Regulatory and Statutory obligations by third parties​
  • Dependency on a single vendor for critical business processes​
  • Improper/unfavorable legal contracts with third parties​
  • Over/underpayment to third parties​
  • Inadequate ongoing monitoring of third parties​
  • Absence of inappropriate BCP ​
  • Non-compliances to agreed policies, procedures, and SLAs by third parties






This report has been produced by students of Global Risk Management Institute for their own research, classroom discussions and general information purposes only. While care has been taken in gathering the data and preparing the report, the student’s or GRMI does not make any representations or warranties as to its accuracy or completeness and expressly excludes to the maximum extent permitted by law all those that might otherwise be implied. References to the information collected have been given where necessary.

GRMI or it’s students accepts no responsibility or liability for any loss or damage of any nature occasioned to any person as a result of acting or refraining from acting as a result of, or in reliance on, any statement, fact, figure or expression of opinion or belief contained in this report. This report does not constitute advice of any kind.

Get the research study here: Risks in E-Payment(Paytm)


Design and Developed by KodeForest @ All Rights Reserved by KodeForest