On July 14, 2023, James Nelson Okuzor, a product manager, was strolling along an event centre at Oniru when his phone was stolen. The same day, while still trying to digest the loss, he discovered that the thieves had used the SIM card in the phone to withdraw money from his account with Access Bank and also to buy airtime from another account with Guaranty Trust Bank (GTBank).
A total of N178,241.91 was transferred from his Access Bank account to a PalmPay Limited account under the name Lawrence Ifeanyichukwu Oji. It was the same account that received the N2,500 airtime from Okuzor’s GTBank account.
Read also: Inside N14bn fraud crippling Nigeria’s payment ecosystem
Four days later, he secured a statement from a police station at Maroko, Lekki, Lagos, and an affidavit from the Federal High Court of Lagos at Ikoyi, which confirmed he was the bearer of the name and the owner of the stolen phone. With the two documents in his possession, Okuzor marched to Access Bank at Ajose, Victoria Island and presented them to the customer service officers. The officers printed his account statement, which showed the series of transfers, balance enquiry, and charges to aid the investigation, with the hope of retrieving the funds and bringing the culprit to justice.
Although the bank promised to contact PalmPay, Okuzor took the initiative to write a complaint to PalmPay, using the documents in his possession. Although PalmPay responded to his complaint, Okuzor said he has yet to get his money back from the financial institution.
“They said contact your bank,” he said. “No feedback till now.”
According to a report by the Financial Institutions Training Centre (FITC), mobile and Point of Sale (POS) channels saw the highest fraud activities. In the first quarter of 2023, the amount involved in mobile fraud increased by 17.85 percent from N938 million to N1.1 billion while POS fraud amount involved increased from N241 million to N450 million, representing an 86.73 percent increase. Mobile fraud also saw the second-highest reported cases in the quarter at 4,982 compared to computer/web fraud which recorded 5,173 cases.
It is important to point out that mobile money operators in Nigeria saw the biggest jump in the number of customers in Q1 2023 following the implementation of the naira redesign policy by the Central Bank of Nigeria (CBN). Following the policy rollout, the naira became scarce across the country as customers struggled to lay their hands on the new notes. When the supply of new notes proved inefficient and insufficient, mobile money operators quickly filled the gap by providing quicker access to cash and payment transactions.
It was during this period that fintech companies such as Moniepoint, OPay, and PalmPay emerged as leaders in the market, accounting for the largest share of mobile money agents in the country. These companies have kept accumulating new agents and merchants since then. Today, Moniepoint boasts 33 million terminal users, while OPay and PalmPay have 40 million each. The drive to include more unbanked Nigerians is finally gaining momentum, with fintech companies driving aggressive acquisition strategies, but experts say it also comes with high costs. Many of the fintech companies may be taking more than they can cater for.
Susan Fasipe, head of retail payment at Interswitch Group, said in an interview with BusinessDay that factors driving the massive spike in fraud in financial services included corporate control lapses, lack of harmonised databases for fraudulent individuals across the industry, emerging payments channels and the drive for financial inclusion, sophisticated hacking techniques, and lack of both penalties from both corporates and law enforcement for offenders.
Victims of fraud are growing and the complaints appear to be overwhelming the customer care units of many fintech companies. A visit to the social media platforms of nearly all the fintech companies is filled with customers complaining about one or more problems.
Read also: Payment channel fraud losses surge over 12-fold in three months
“A big part of the problem is that our existing payment systems were never designed to handle today’s huge number of transactions or the clever tricks fraudsters use. It’s like trying to win a modern car race with an old, beat-up car; it’s just not going to work. And as the financial scene in Nigeria gets more complicated, our old methods of keeping things secure are falling short,” said Olayiwola Osoba, vice president, marketing and corporate communications at Zone, a regulated blockchain network that enables payments and issuance of digital currencies. “This isn’t just an issue for banks or fintechs; it’s a growing problem for everyone in Nigeria, and we all need to be part of the solution. If we don’t adapt fast enough, we’re making it way too easy for scammers to get ahead.”
Kelvin Olumese, senior marketing manager at PalmPay Nigeria, told BusinessDay that the problem is not peculiar to PalmPay KYC alone as it affects most mobile money operators. However, customers need more education on reporting fraud.
“The standard process (for reporting fraud) is that they (customers) need to contact their bank and their bank sends the email to us. We investigate the issue and send findings back to the user’s bank. The user’s bank is to contact the user,” he said.
In the case of Okuzor, slow communication between the originating bank and the recipient may have caused a delay in the resolution of the fraud incident. Often, a bank customer service officer will tell a customer reporting a fraud incident that communication has been sent to the other bank as a way to get them off their back.
“We are considering some legal means to speed up the time frame for KYC upgrades but for now we are operating within the guidelines from the CBN,” Olumese said.
Experts say a lot more needs to be done by regulators to protect customers. Olawole Omotosho, director of engineering at Sterling Bank, said it is time for the industry to have a central fraud blacklist database “where anybody who received proceeds of frauds gets blacklisted until they clear themselves”.
“No financial services should be allowed until such people are cleared. No account opening, no ability to transfer out or receive funds, no agency banking access, blocking using NIN, BVN or mobile number, and easy method of adding or validating profiles,” Omotosho said.
It is similar to Project Radar that some fintech companies, led by Flutterwave, Kuda, and Branch in Nigeria, were reportedly quietly working on earlier in the year. As per Semafor, startups planned to tackle fraudulent transactions within their networks, starting with plans for a shared list of suspected criminals which is then compiled in a registry tagged Project Radar. The registry would enable companies to pool details, including banking and government identity data, of individuals and groups that have attempted or made fraudulent transactions.
Read also: Banks lose N6bn to fraud in six months – Report
Since the project was reported in March, not much has been heard about its progress. BusinessDay reached out to Flutterwave concerning the current state of the registry, but there was no response at the time of writing this article.
Fasipe, of Interswitch, recommends sanctions for institutions and fintechs with poor KYC; prosecution of fraudulent merchants, agents, and customers; and fraud-proof products before going live.
