Trends in Nigeria’s payment system, cyber issues
• Fraud attempts in banks rise, losses decline
• ‘Casual workers’, officers lead insider-related crimes
The global payment system, riding on the partnership with financial institutions, has changed and for good, but not without risks and challenges. The evolving technology, with various applications, has indeed, emerged the special purpose vehicle. Nigeria is a major stakeholder.
Today, banks swim in the “ocean” of technology-driven products to reach customers. The propositions have gone from distance considerations to seamlessness, convenience, availability, precision and data proofs. But safety and affordability issues still dominate discourse.The Nigerian Bureau of Statistics, in its third quarter (Q3) 2018 report on Selected Banking Sector Data, the value of electronic payment transactions rose to N33.95 trillion in the period, from N32.9 trillion in the second quarter, both figures represent 3.2 quarter-on-quarter increase and 31.6 per cent rise against the corresponding quarter in 2017.
“A total volume of 5.29 billion transactions valued at N340.15 trillion were recorded in Q3 2018 as data on Electronic Payment Channels in the Nigerian Banking Sector. Automated Teller Machine (ATM) transactions dominated the volume of transactions recorded at 220.27 million volume of transactions, valued at N1.59 trillion in Q3 2018,” the report noted.Cheque transactions hit 2.1 million in volume, valued at more than N1.18 trillion, while Point of Sale (PoS) transactions got a turnover of 86.03 million, valued at N650.41 billion.
Transactions on the web reached a 13.96 million level, with estimated value at N69.07 billion, just as mobile payments recorded 23.92 million worth N496.37 billion in the quarter under review.The Nigeria Inter-Bank Settlement System’s Instant Payment transactions also dominated the electronic payments with 168.62 million transactions valued at N19.96 trillion, while the Nigerian Electronic Fund Transfer recorded 7.71 million activities, worth N3.58 trillion.
Indeed, activities in the cyber space are getting humongous for Nigeria’s economy.In Nigeria, cases of cyber crime have become a state matter and assigned a weightier repercussion for offenders, as government moves to curb the activities of Internet scammers, whose activities smear the country locally and internationally.
The Nigeria Electronic Fraud Forum (NeFF), in 2015, said the thriving electronic fraud, if left unchecked, is capable of wiping out entire profit line of an individual bank, as well as send a wrong signal against the financial inclusion drive.As a foil to the development, the currently operational Cybercrime Act 2015 came into force. Although with some loopholes, as assessed by experts, there have been some reviews to strengthen its effect on culprits.
For emphasis, cybercrime refers to, but not limited to any illegal activity through the computer as primary means, as well as any illegal activity that uses a computer for the storage of evidence. It include crimes that have been made possible by computers, such as network intrusions and the dissemination of computer viruses, as well as computer-based variations of existing crimes, such as identity theft, stalking, bullying and terrorism.
Reports and Numbers
The number of reported cases of attempted frauds and forgeries in the nation’s banking industry witnessed a substantial increase to 26,182 cases in 2017, representing 56.30 per cent over the 16,751 cases reported in 2016. It also represents 146.50 per cent and 113.20 per cent increase over reported cases in 2014 and 2015, respectively.
In 2017, Q4 alone, 8,146 cases, which was the highest attempt so far, was recorded and that calls for regulatory concern, especially as banks continue to develop financial products in line with technological advancements, amid the prevailing harsh economic conditions, a development that could trigger the spate of vulnerabilities, if they fail to implement the necessary controls.However, from those attempted fraud cases in 2017, compared with preceding years, actual losses were well below the reported cases in 2014 through 2016.
The actual amount lost to fraud incidences in 2017 stood at N2.372 billion, lower by one per cent, 25.20 per cent and 61.70 per cent compared to figures recorded in 2014, 2015 and 2016, respectively.“The marginal decline in the trajectory of fraud losses could be attributed to improved regulatory/supervisory oversight, relative increase in vigilance by banks’ adoption of more robust internal control procedures, and the deployment of improved security architecture in the banking industry.
“The continued cooperation and collaboration amongst regulatory/supervisory authorities and the financial institutions could also be responsible for the increasing decline in the success rate recorded in frauds in 2017,” the Managing Director and Chief Executive Officer of NDIC, Alhaji Umar Ibrahim, said.A comparative analysis of the number of banking staff involved in frauds and forgeries in the last three years, showed that on the aggregate, out of the total number of fraud cases which stood at 26,182 in 2017, 320 were staff-related, representing 1.22 per cent of the entire fraud cases.
The number of fraud cases perpetrated by staff in 2017 increased by 38.5 per cent from 231 cases reported in 2016, but represented a declined by 31.2 per cent and 24.7 per cent from 425 and 465 cases recorded in 2014 and 2015, respectively.The cadre of bank staff engaged in fraudulent practices were temporary staff, representing the largest proportion, which comprised 132 out of 320 staff involved. The development brought to focus, the concern on current practices of engaging contract/casual employees in sensitive banking operations.
Besides, officers and executive assistants, as well as managers, accounted for 25.9 per cent and 21.3 per cent of the total cases during the year respectively. Still, messengers, drivers, cleaners and security guards constituted 4.1 per cent of the total fraud cases. The frequency and actual loss recorded in ATM/Card-related channels was 16,397 and N798 million, higher than N504 million and N476 million in 2015 and 2016, with respective frequencies of 8,039 and 11,244 cases.
The ATM/Card-related channels were closely followed by Web-based frauds (internet banking) and fraudulent transfers/withdrawal of deposits with 7,869 and 963 attempts, respectively. The actual losses recorded through those channels stood at N709 million and N318 million, representing 30 per cent and 13 per cent of total losses during the period.
The frequencies and actual loss recorded in 2017 through fraud instruments such as lodgment of stolen warrants, unauthorized credits, outright theft by staff (cash defalcation), presentation of forged cheques, presentation of stolen cheques, as well as suppression of customer deposits, were effectively lower than the figures recorded in 2015 and 2016.
In the banking industry, there is a significant push to stem the tide. For example, debit and credit cards are no longer magnetic strips alone, but chip and pin, which behoove every holder to protect the details. There have been guidelines by the regulator on various anti-skimming devices and cameras at Automated Teller Machine (ATM) points. But there are still issues about unrelenting ingenuous
cybercriminals and insider collaborators.
This is partly the motivating force behind the intensified efforts of the Central Bank of Nigeria (CBN) to give the financial system a facelift through the Bank Verification Number project, which, among other things, would foil identity theft and duplication of identities in various financial institutions.
A report by the Nigerian Deposit Insurance Corporation (NDIC), affirmed that technology-based platforms are the most vulnerable points for the banking system and had the highest frequencies similar to what happened in previous years. An analysis showed that the most used instruments by the fraudsters were mainly cards, cash and cheque.Internet and ATM remain the most popular channels for e-fraud, while Point of Sales (PoS) terminals are the preferred channels of cash out for the fraudsters.
As at 2015, banks’ losses to electronic fraud-related cases were put at about N203 billion in 14 years, a development that persisted in the industry with sophistication and some cases left unreported by some financial institutions.A top official of CBN and Chairman of Nigeria Electronic Fraud Forum (NeFF), Dipo Fatokun, said that as at then, the number and size of frauds against organisations were on the rise.
The forum, according to him, has reiterated the need to collaborate more, think ahead and creatively too, to successfully tackle the fraudulent activities, which have been assessed as increasingly devising sophisticated techniques in approach.f course, strategies to confront the menace that has resulted in loss of hundreds of billions and their perpetrators have been evolving. Recently, CBN, the Nigeria Communication commission (NCC) and Telecommunication Companies (Telcos) unveiled plans that would strengthen efforts to clampdown fraudsters engaged in SIM identity theft in the country.
This would be in form of intensive public education, using the social media, Fatokun said at the NeFF’s routine meetings, in Lagos, noting that globally, the level of electronic fraud has been increasing, but in Nigeria, it has been decreasing, going by records.
From experts, the underlying challenges of insider abuses would require strategic approach and profiling of officers in sensitive offices. Banks could curb insider abuse by watching out for warning signs like employees living above their means, frequent manipulation of data and continuous, excessive use and abuse of privileged and systems account.
A top banker, who preferred anonymity, said: “Banks will be able to combat electronic fraud by filtering out predatory employees, reviewing upwards, the required reliability status for all staff who need privileged roles to work, as well as deploying appropriate prevention and detection technologies like CCTV monitoring and access cards with authorisations.”
There may not be an end to cyber crime, especially now that vulnerability has increased due to multiplicity of financial products. Besides, the quest to include the billions excluded, comprising few lettered ones and mass of unlettered people, coupled with momentary lapses in security, has provided more opportunities for the fraudsters.
There should not be an end to investments in mitigating security breach, in fact, banks should be ahead of the fraudsters, whose job is to undermine every protocol, by increasing control.These imply the need for the overhaul of the entire internal control processes by banks’ management to help identify potential weaknesses by employing adequate checks and balances to protect the institution.