Over the past decade, financial services in Nigeria have transferred their delivery channels from brick and mortar to new technologies because they are cheaper and provide better access, availability and quality of service.
Although the adoption of electronic finance and other electronic services offer emerging economies like Nigeria an opportunity to leapfrog, it also carries potential risk.
As noted by the World Bank, most of the crimes that exploit the vulnerabilities inherent in these technologies are not new; fraud, theft, impersonation, denial of service, and related extortion demands, have plagued the financial services industry for years. However, the widespread use of these technologies exposes users to crimes of greater dimensions in terms of depth and scope.
Open network technologies create a fertile environment for crimes of great magnitude and complexity to be committed very quickly. Less down ten years ago, banking fraud was the preserve of minor criminals attempting to steal fairly small amounts of money. Cheque fraud had been the most potent and most popular type of fraud.
But today, electronic banking fraud is a global industry in which chic criminal syndicates employ and deploy state of the art tools, and regularly connive with dishonest bank staff to steal very huge sums. This has pushed up the liabilities that banks must absorb to cover the losses their customers suffer due to fraud.
Read Also: How to protect yourself from rising e-banking fraud
This has resulted in tens of billions of naira being stolen by bank hackers every other year.
How do financial institutions fit into the puzzle?
From the perspective of a financial institution, the difficulty in detecting e- fraud is that, in most cases, it appears that a customer is legitimately accessing their own account or providing legitimate instructions regarding fund transfers.
There is a rising need for banks to ensure a balance between operational efficiency and the protection of one of its most valuable assets, its financial assets. Ineffective controls and systems within an organisation can lead to the mismanagement of fraudulent incidents which in turn negatively impacts an organisation’s ability to make appropriate resource allocation and investment decisions.
The use of Insiders and other strategies by fraudsters, makes it critical that organisations adopt effective cyber security measures to avoid incapacitating outcomes.
Keep financial data separate
Organisations must use a separate system dedicated to performing financial transactions and backing up the data in an external drive regularly. Moreover, restrict or limit access to financial information and data.
Know who is asking
Banks never ask for personal information over the telephone, emails, or text messages. Therefore, avoid sharing PINs, passwords, or your organization’s financial information without proper verification.
Keep it secret and safe
Create a strict password policy to avoid the risks of password sharing at work. Also, never leave files containing access to the financial information in an unsecured place. Moreover, make sure to always leave your computer locked when unattended.
Manage user authentication
Restrict email address/IP locations to allow only authorized users to make transactions on behalf of the organization. Make purchases only on authorised and legitimate websites and review the organisational financial statements regularly.
Cyber awareness training
Educate employees about cyber security awareness. Providing this training makes the employees familiar with the attacks and gives them the knowledge of what needs to be done when such attacks occur.
Background checks on all staff
Banks and other organisations must begin to adopt aggressive security measures to protect their operations. Background checks on the life, history and past activities of staff will help in identifying potential threats to the bank. There is a reason why intelligence services undertake intensive background checks before any new staff is employed to protect their secrets.
