Latest Headlines
Why Banks Must Safeguard their Banking Customers
Ugo Aliogo, in this report examines the need why bank should protect their banking customers from the activities of fraudsters
In the 21st century, the banking industry has evolved due to advancement in technology which has brought changes in its systems and processes. Technology has also revolutionised banking and brought about new trends.
However, for everything that has a positive side, there is always a negative impact as well. As technology continues to be used to improve banking processes, on the flipside, some unscrupulous individuals have harnessed the space to carry out fraudulent activities in the banking ecosystem from time to time. Therefore, cybercrimes remain one of the major threats to the banking industry.
It has been argued by experts in the industry that fraud in online banking greatly affects how banks and financial institutions provide their services and do their businesses. Consequently, there is an urgent need to strike a balance between innovation and ensuring safety for both retail and corporate customers.
Today, online banking frauds are multidimensional. They are carried out through malware, social engineering, and fast cash-out techniques and include two macro-categories: Account Takeover (ATO) or Automatic Transfer System (ATS).
Despite efforts by the Nigeria banking sector to protect the safety of its banking public, the fraudsters has continued develop new mechanisms to defraud unsuspecting customers of their hard-earned monies.
According to a study, the most common examples of social engineering attacks examples of cyber-attacks include Phishing, smishing, and vishing and they are pretty simple to implement. Cybercriminals can spread infectious malware on the victim’s devices through clickable links contained in an email (phishing) or an SMS (smishing) that could look 100 percent legitimate.
Often, these links direct the victim towards downloading apps directly from the official marketplaces, such as Google Play Store, making it harder for users to realize the potential danger in advance. Once the malicious app is downloaded and installed, the hidden malware gains complete access to the victim’s device, giving the fraudsters the door, they need to perform ATO.
The rate of frauds in the Nigeria banking sector had expanded and the perpetrators are continuously exploiting new channels to compromise the system.
The Ministry of Communications had in 2017 disclosed that Nigeria loses about N127billion yearly to cases of Internet frauds across all the sectors of the economy. It added that the majority of the frauds were perpetrated on foreign domain names but had become popular among Nigeria’s millions of Internet users.
There is an argument that frauds could happen within the banks, which was why the Central Bank of Nigeria (CBN) introduced the dual authorisation process whereby a transaction cannot start and end with one person.
The Apex bank also tasked the banks to provide security and protection mechanisms around the information of their customers in their possession. The Payment Card Industry Data Security Standard, known as PCI DSS, was also made mandatory, in which case every bank has to secure the data its customers provided in a way that they cannot be stolen.
There is the notion that most of the information used by the fraudsters to defraud customers were due to the leakages in the banks, because some persons have defrauded other people by sending them a text message about replacing of their debit card and requesting that they send some information if they wanted it fixed.
The Role of CBN
A
The Central Bank of Nigeria (CBN) in December 2001, introduced the cashless policy in a move to reduce the amount of physical cash in circulation, thereby encouraging the use of electronic platforms for settlement or payment for goods and services.
While the pilot programme started in Lagos in January 2012, the policy was extended to Ogun, Rivers, Anambra, Abia, Kano and the Federal Capital Territory (FCT) on the 1st July, 2013. On July 1st, 2014, the policy kicked off in the remaining 30 States of the federation.
Ten years into the programme, the policy has spurred the growth of digital and electronic payments in the country, with many Nigerians adopting electronic platforms for settlement or payment for goods and services.
However, the rise in the adoption of electronic banking by Nigerians has also brought about a negative side: the exponential rise in cases of e-fraud.
The Director, Risk Management, CBN, Dr. Blaise Ijebor, pointed out that Internet fraud was a rapidly evolving problem and that the only way to tackle it was to deploy a more advanced response.
He stated, “Another area where we need the cooperation of the banks is tracing. We need to block and blacklist every account found wanting,” adding that perpetrators must be brought to book so as to serve as a deterrent to others.
The Managing Director and Chief Executive Officer, Nigeria Inter-Bank Settlement System (NIBSS), Premier Oiwoh, also called for improved information and knowledge sharing in the financial services sector to tackle the menace.
Oiwoh said: “From one fraud, we can raise 20 questions and answering those questions would help to stop the fraud as well as know how they operate. The CBN and other regulatory bodies have to work and ensure the policies are there to support the operators. Also, the industry operators, like the banks and others within the ecosystem, need to do what it takes. The police, NFIU, EFCC (Economic and Financial Crimes Commission) and others have to play their roles. The fraud worries everybody.”
Experts say banks were only interested in making money and do not want to spend money to fund investigations, because it an expensive venture that police might not be able to fund alone.
As part of its effort to combat fraudulent activities in the banking industry, particularly those associated with increased use of electronic payment systems, the Central Bank of Nigeria (CBN) established the Nigeria Electronic Fraud Forum (NeFF).
The bank’s Director, Banking and Payments Systems Department, Dipo Fatokun, said the establishment of the new industry desk followed submissions to the NeFF and consultation with the deposit money banks as well as electronic payments service providers.
The new desk, Fatokun said would set up effective mechanisms for receiving and responding promptly to fraud alerts, to help manage and reduce electronic payments fraud in the country’s banking industry.
Under the new arrangement, the NIBSS would be responsible for coordinating the industry as provider of electronic platform for all the fraud desks across all banks, mobile money operators, switches and payments service providers to log frauds.
The NIBSS will also maintain direct and dedicated lines and email contacts of all stakeholders for the purpose of exchanging information and coordinating industry response to fraud attempts and incidents.
It will also ensure that DMBs receive enhanced e-fraud portal/instant payment platform, with capabilities for banks to initiate ‘block’ and’ hold funds’ electronic messages from a bank’s fraud desk to the other, while providing operational rules for effective fraud desk coordination.
The desk will ensure that all interbank transactions on all electronic channels are expected to be passed through the central anti-fraud solution in NIBSS, which shall have access to each bank record of fraudulent transactions and provide monthly reports to the CBN.
Online fraud is costing the financial sector the whopping sums of money. As technology evolves, there is a growing concern over the rising trend of fraud perpetuated on telecommunication platforms across key sectors of the economy known.
The CBN in its commitment to tackle the issue, collaborated with Nigeria Communication Commission (NCC) on how to curb mobile banking fraud in both banking and telecommunication sectors.
The Head of Zonal Operations Department in the NCC, Mrs. Helen Obi said the collaborations had begun between NCC and NCB as a result of online payment fraud which according to her had become necessary for the two agencies to find a lasting solution to online banking and telecom fraud.
“As a result of online payment fraud going on in the system, there are a lot of collaborations which have become necessary between NCC and CBN. So, both parties have recognized that the fact and are making sure that customers and consumers in the banking and telecommunication sectors are not short changed on data services and other related financial frauds.
“Along that line, we are discussing on common grounds to come up with an MoU that will guide the sectors that will regulates banks and service providers. As soon as we put that in place, we will make it available to the public.”
In 2018, it was reported that about N15.5 billion was lost to bank fraud. And about 60 percent of the fraud was committed using online channels owing to available internet-based and tech-rated banking services. Therefore, the banking sector has been grappling with efforts to tackle this menace headlong lately.
Protecting the Customer
On November 7, 2016, the CBN issued the Consumer Protection Framework (CPF) to enhance consumer confidence in the financial services industry, and promote stability, growth and innovation.
The CBN issues the Consumer Protection Regulation to improve overall compliance with the CPF by banks, other financial and non-financial institutions. The regulation prescribes far reaching requirement on fair treatment of consumers; disclosure and transparency, responsible business conduct; complaints handling and redress, in line with the principles enunciated by the CFP.
Consequently, all regulated institutions are required to immediately develop internal policies to comply with the regulations and ensure approval by respective board of directors. They shall thereafter forward the approved policies, which shall include comprehensive plans for consumer protection, education and enlightenment, to the Director, Consumer Protection Department, CBN on or before March, 2020.