• Friday, March 29, 2024
businessday logo

BusinessDay

CBN mandates banks to strengthen security operation centres

businessday-icon

Worried by recent increases in the number and sophistication of cyber-security threats against Deposit Money Banks (DMBs) and the Payment Service Providers (PSPs), the Central Bank of Nigeria (CBN) and the Bankers Committee, at their last meeting, mandated banks to strengthen their security operation centres.

Cyber security is currently a huge concern to organizations, especially financial institutions with the rate at which fraudulent transactions pose financial risk to the sector and it is expected to continue.

Banking industry reported more fraud cases as it lost a total of N12.30 billion to various fraud cases between 2014 and 2017. In terms of volume, the sector recoded 41,461 fraud cases during the year under review.

In a presentation on “Industry fraud overview with focus on mobile and payments related frauds”, by the Nigeria Interbank Settlement System (NIBSS) ATM recorded the highest value of fraud followed by  Mobile.

Fraud by channels in 2017 show that 314 fraud with actual loss of N259 million was recorded across the counter, 9.823 fraud valued at N497.6 million at ATM transactions, 11 fraud volume with actual loss of N18.74 million was reecorded using cheques.

Also, fraud at e-commerce was put at 1,036 with actual loss of N36.05 million. Internet banking channel recorded 1,691 fraud volume with actual loss of N143.14 million, mobile channel 1,055 fraud with actual loss of N347.64 million, PoS channel 982 fraud with actual loss of N79.44 million and web channel 5,307 fraud volume with actual loss of N132.89 million among others.

Adebisi Shonubi, managing director/CEO, NIBSS, disclosed that said the industry lost N6.22 billion in 2014 on attempted fraud value of N7.76 billion.

However, the CBN is not resting on its oars as it on Wednesday released an exposure draft of the risk-based cyber security framework and guidelines for Deposit Money Banks (DMB) and payment service providers (PSPs).

The framework is as a result of recent increase in the number and sophistication of cyber-security threats against banks and PSPs. Consequently, these institutions are mandated to strengthen their cyber defences if they are to remain safe and sound.

In a circular signed by Balogun K.O, for director of banking supervision, the released draft guidelines stipulates minimum requirements for enhancing cyber-security.

According to a report by World Economic Forum, attacks are increasing, both in prevalence and disruptive potential. Cyber breaches recorded by businesses have almost doubled in five years, from 68 per business in 2012 to 130 per business in 2017. Having been choked off by law enforcement successes in 2010–2012, “dark net” markets for malware goods and services have seen a resurgence.

Cybercriminals have an exponentially increasing number of potential targets, because the use of cloud services continues to accelerate and the Internet of Things is expected to expand from an estimated 8.4 billion devices in 2017 to a projected 20.4 billion in 2020.

“I will say today organizations in Nigeria are facing cyber risk, we are seeing lots of institutions facing cyber challenges, and it will continue to be on the increase, fraudulent transactions on online banking platform will continue to happen and we see those practice of fraudulent transactions that are happening.

“So that is why it’s obvious that Nigeria business ecosystem is not insulated from challenges that are being faced by businesses across the globe, and we will continue to see that on the increase. Either we like it or not internet, connectivity, network eco-system will continue to evolve in Nigeria and as long as we remain a global world, we will continue to be exposed”, Joseph Tegbe, Partner and Head, Technology Advisory, KPMG Nigeria said last year in an interview.