The Stock Holding Corporation of India Ltd (SHCIL), which has been in the middle of trying to control a bizarre scam, perpetrated by its own senior management is now in a mood to wind up the investigation. While the KPMG fraud detection team is still to submit its final report, the general sense is that the worst is over, becuase the Central Bureau of Investigation (CBI) has done nothing more than seek documents. The messy e-stamping scam and the four dubious companies floated by SHCIL’s management seem set to be ignored, just to give it a quiet burial without a detailed investigation.
The question is, will SHCIL and the KPMG forensic team answer some basic questions about the state of SHCIL’s compliance with Information Technology laws as well as intellectual property statutes?
Here are some unanswered questions for the SHCIL management, KPMG and the CBI investigators:
1. What were the findings of the Oracle LMS review audit in March 2006? Is it not a fact that the audit revealed serious violations and attracted penalities?
2. What expenses did SHCIL incur in sending executives to Almaty, Kazhakstan for the CoRMS Software? Does this software not belong to Kannan and Indira Jagan, promoters of ValueSoft Technologies, which is listed as a defaulter on the Karnataka government website? The Jagans, were later brought in to partner with R.Jayaraman Iyer (SHCIL’s discredited CEO) in a joint venture called SHCIL Valuesoft Technologies.
SHCIL ValueSoft Technologies, is one among four companies spawned by R.Jayaraman Iyer (the discredited CEO) in the year 2006; although it uses the prefix SHCIL, the ownership is complicated by cross-holdings through the three companies with the SHCIL prefix such as SHCIL Hannobe and SHCIL Projects.
What action has the SHCIL board taken with regard to this company? Isn’t it a fact that the CoRMS technology was later purchased by SHCIL’s own Information Technology (IT) division? And that full payment was released even though it is not fully installed even today?
3. If SHCIL’s IT department was considered fit to be awarded the government’s highly sensitive e-stamping project, why does it use private companies to maintain its own network and web security infrastructure? Does SHCIL have any official who meets the international/governmental IS0 27001/BS 7799 National Skills Registry?
4. Isn’t it a fact that the IFCI official, A.K.Bhan who was responsible for getting SHCIL the e-stamping contract is now a consultant with SHCIL. What is more, his daughter Dr.Tapasya Bhan is also a medical advisor to SHCIL based in Delhi.
5. Has the SHCIL management and its newly active board of directors even examined the role played by various data administrators, and their access to multiple domain names (www.shcilservices.com, www.shcilservices.in, www.shcil.in, www.stockholding.com, www.shcil.com) and servers maintained by SHCIL. Have they even begun to unravel the cross connections between SHCIL and its subsidiary SSL, which has been transferring a significant portion of its infrastructure and IT costs to what was once its parent company?
6. Finally, has KPMG or anybody bothered to audit the various payments running into crores of rupees made by SHCIL for purchase of software? And has the actual purchase been cross-verified by any auditor or forensic audit agency? Our sources say that the auditors have not even begun to ask questions in some vital areas.