• Friday, December 27, 2024
businessday logo

BusinessDay

Banks lose N43bn to fraud despite heavy investment in IT

Banks lose N43bn to fraud despite heavy investment in IT

Losses to fraud in deposit money banks in Nigeria have climbed by 589.6 percent in the first half (H1) of 2024 despite heavy investment in information technology (IT).

Bank customers lost N43 billion in H1 compared to N6.25 billion in the corresponding period of last year, highlighting the growing cyber threats to the Nigerian financial system, according to the Financial Institutions Training Centre (FITC) report.

Over N84 billion has been invested in IT by five Nigerian banks in the first six months of 2024, as disclosed in their financial statements. The banks surveyed include: GTCO, Stanbic IBTC Holdings Plc, Zenith Bank, FCMB Group and Wema Bank, financial institutions are struggling to stay ahead of the onslaught of cyber-attacks.

Read also: FITC urges Nigerian banks to enhance auditing procedures to tackle N42.6bn loss to fraud

Adedeji Olowe, founder/chief executive officer of Lendsqr, who once worked at UBA, Access Bank, Fidelity, and FCMB, said banks spend significant amounts on cybersecurity.

However, Olowe questioned the effectiveness of this spending, stating, “There is a difference between spending enough and making good use of what you have. Banks spend a good deal of money on cybersecurity. Many use Israeli-based platforms like Imperva. So, they spend a lot of money, but is it enough?

He noted that the growing fraud was due to gaps in competence and accountability within the banking sector, emphasising that many skilled professionals have left the country, a development limiting the fight against fraud.

According to FITC’s recently released Q2 report, out of 80 fraud and forgery reports from 28 deposit money institutions, 26 were submitted in April, and 27 each in May and June.

“In the second quarter of 2024, the total amount involved in fraud cases from Q1 to Q2 2024 rose from N2.9 billion to approximately N56.3 billion while the total amount lost due to fraud surged by 8.9 percent, rising from N468.49 million in Q1 to N42.6 billion in Q2, 2024.”

This brought the total number of reported fraudulent cases in Q2, 2024 to 11,532, representing a 0.52 percent increase from the 11,472 cases recorded in Q1 2024.

The frauds and forgeries in Nigeria Banks Q2 Report added that perpetrators carried out these fraud activities through various channels, including ATMs, online platforms like web and mobile banking, bank branches, and point-of-sale (POS) terminals.

Similarly, the 2024 Global Financial Crimes Report projected that banks could lose $442 billion in 2023 even though they are increasing investment in security.

The report said, “The scale of this global financial crime epidemic is immense” and estimated that $3.1 trillion worth of illicit funds went through the global financial system in 2023.

Read also: Banks battling with regulation, high compliance costs Elumelu

In an earlier report, Pwapo of Resilience Technologies disclosed that overlapping roles within the banking sector create conditions conducive to fraud.

She stated, “Cybercriminals almost always beat the system because they are more prepared. We need to be more prepared. We also need to invest in improving cyber knowledge, which is a lot.”

She also warned that as technology advances, so do threats. “With every development comes an equal or greater threat. In the next few years, we are talking about deep fakes and AI, which means that hackers or cybercriminals will put in more effort because they can now automate more. We are doing well, but we can do better.”

According to Gartner, Inc., the banking and investment services sector’s IT spending was about $652.1 billion in 2023, an 8.1 percent increase from 2022. Spending on software recorded the largest growth, with a 13.5 percent increase.

Reports indicate that banks’ IT spending has consistently grown year-on-year since 2013, with a 33 percent increase in Europe and a 48 percent increase in the US in 2022.

Despite this, earlier reports from Techcabal disclosed that a First Bank employee siphoned N40 billion (around $29 million) into various accounts, including his wife’s. Also, fintechs like Flutterwave in April 2024, experienced a security breach resulting in the unauthorised transfer of N11 billion ($7 million) to multiple accounts.

Experts also point to the rise of insider threats, where employees with access to sensitive information either collaborate with external fraudsters or commit the crimes themselves. FITC disclosed that deposit money institutions reported the termination of 49 employees due to their involvement in fraudulent activities. This marks a 40 percent increase compared to the previous quarter, where 35 bank staff members were terminated for similar reasons.

In response to the growing threat, the Central Bank of Nigeria (CBN) has issued new guidelines to address cybersecurity within the banking sector. These include a mandatory regulation for Tier-1 bank accounts and wallets for individuals to have BVN and or NIN

The apex bank added that it was mandatory for Tiers 2 & 3 accounts and wallets for Individual accounts to have BVN and NIN.

Read also: What government’s domestic dollar bond means for banks recapitalisation

“The process for account opening shall commence by electronically retrieving BVN or NIN related information from the NIBSS’ BVN or NIMC’s NIN databases and for same to become the primary information for onboarding of new customers, and all existing customer accounts/wallets for individuals with validated BVN shall be profiled in the NIBSS’’ ICAD immediately and within 24hrs of opening accounts/wallets.

“Effective immediately, no new Tier 1 accounts and wallets should be opened without BVN or NIN. For ALL existing Tier 1 accounts/wallets without BVN or NIN: any unfunded account/wallet shall be placed on “Post No Debit or Credit” until the new process is satisfied,” CBN said.

“The situation is dire, but not hopeless. Nigerian banks need to shift focus towards not just technological solutions but also improving security awareness among their staff and customers. Cybercrime is evolving, and so should our defence,” Patrick Amadi, a cybersecurity expert said.

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp