EFCC pushes for financial regulator on e-transactions as crimes heighten

losses from e-transactions surge 1,178% to N6.2bn

The Economic and Financial Crimes Commission (EFCC) says it is time for Nigeria to consider creating a financial regulator specifically dedicated to monitor electronic transactions and investigate real and possible cyber attacks as incidences of electronic fraud heighten across the country.

Total losses incurred as a result of e-transactions rose 1,178 percent from N485 million in 2013 to N6.2 billion in 2014, Ibrahim Shazali, Bank fraud Section of the EFCC said on Tuesday.

Actual losses through Automated Teller Machines (ATM) channels grew astronomically by 4,789 percent from N55 million in 2013 to N2.7 billion in 2014, while that from Point of Sale (PoS) went up by 2,594 percent from N5.8 million in 2013 to N155. 6 million in 2014.

Losses through the mobile banking rose by 96 percent from N6.8 million to N13.3 million.

Nigeria has witnessed remarkable increased adoption of e-transactions with volume and value accounting for 86 percent and 82 percent of all transactions, respectively, in 2014 up from a mere 6 percent in 2013.

Presenting a paper at a workshop for Finance Correspondents Association of Nigeria  (FICAN) and business editors on developments on e-banking, mobile payment system and deposit insurance in Nigeria, Ibrahim Shazali of the Bank fraud Section of the EFCC, confirmed that Nigeria still lagged behind in adequately protecting itself from threats to its cyber security.

While there are a number of Acts to assist in the process of litigation against fraudulent financial activities such as the Independence Corrupt Practices Commission (ICPC) Act, 2007, and the Money Laundering (Prohibition) Act 2011, as amended, more is still needed to be done, he said.

He also noted the Cybercrime Act 2005, which had been successfully passed to regulate e-commerce and prosecute offenders and had thus strengthened the law for trial of cyber crime offenders.

Much as efforts have advanced in passing the necessary laws, there is still the need for collaboration between law enforcement agencies and consolidation of information, he said.

He particularly raised the concerns that Nigeria still lagged behind with regard to understanding the role and necessity of forensic auditing.

According to him, while the EFCC has employed forensic accounting in some of its past investigations, the anti-graft agency is yet to have a dedicated forensic accounting unit, although efforts are being made in that regard.

“It is pertinent that we begin to work towards creating a financial regulator specifically assigned to monitor electronic transactions and investigate real and possible cyber attacks as is being done in countries such as the United Kingdom,” he said.

As technology exploded so also does the occurrence and sophistication of fraud, he said.

As banks rely more and more on technology, they increasingly have to make huge amounts of sensitive personal data readily available to customers, clients, vendors, and employees through various platforms, particularly those that face the most risk of compromise – mobile apps and cloud servers, he noted.

With the electronic banking absorption by the Nigerian banking system, also came an exponential growth in the adoption of online payment methods in the country.

E-transactions with volume and value accounting for 86 percent and 82 percent of all transactions, respectively, in 2014, came up from a mere 6 percent in 2013.

Web transactions went up 108 percent from N31.5billion in 2012 to N65.6 billion in 2014, mobile transactions surged 8,382 percent from N3.5 billion to N296.9 billion, while instant transfers (NIBSS) went up 424 percent from N3.8 trillion to N19.9 trillion.

Nigerian Electronic Fund Transfers (NEFT) went up 7 percent from N13.6 trillion to N14.6 trillion, PoS transactions pushed up 550 percent from N485 billion to N312 billion.

“While these figures are highly encouraging as it shows that Nigerians are increasingly embracing cashless transactions, it also serves as pointer to the urgency required in developing rigorous standards for the monitoring and security of electronic banking transactions in Nigeria,” he said.

In further proffering solutions, Shazali stressed the need for the banking sector to focus their energies not just on developing attractive electronic financial products for their clients, but also simultaneously devise methods of ensuring the highest possible security and protection from attacks.

He said corporate controls such as internal audits, rotation of personnel and physical and IT security procedures must be coupled with intensified fraud risk mitigation, assessment and management.

“In addition, corporate and culture must be one in which personal  integrity and ethics are consistently emphasised and visibly rewarded. Whistle blowing policies and procedures should be clearly laid out and whistle blowers should not be victimised or shamed for doing the right thing,” he further suggested as he called for intensified deployment of Know Your Customer principles by banks.