CBN, NIBSS alarmed over rising Internet fraud
The disturbing rate of Internet fraud in the financial services sector came under the spotlights on Friday as the Central Bank of Nigeria and the Nigeria Inter-Bank Settlement System expressed worry over the growing menace.
They wondered why people who use mobile lines and bank accounts to defraud others could not be swiftly apprehended and prosecuted despite the mandatory NIN-SIM linkage introduced by the Federal Government.
They therefore stressed the need for all stakeholders, especially the banks, Nigeria Communications Commission and security agencies, to do more to address the problem.
Speaking at a webinar organised by the Committee of e-Banking Industry Heads, with the theme ‘Digital Fraud and the need for a national Intelligence programme’, the Director of Payments System at the CBN, Musa Jimoh, stated that the rate of frauds in the sector had expanded and that the perpetrators were exploiting new channels to compromise the system.
The Ministry of Communications had in 2017 disclosed that Nigeria loses about N127bn yearly to cases of Internet frauds across all the sectors of the economy. It added that the majority of the frauds were perpetrated on foreign domain names but had become popular among Nigeria’s millions of Internet users.
However, Jimoh gave an assurance that the apex bank was closely monitoring the financial services space to ensure that the activities of the fraudsters were brought to an end.
He stated, “The rate and incidence of fraud have actually expanded. More frauds are being committed. Once you open a new channel, people study it and they begin to penetrate. Once the CBN issues a regulation around the payments system, the next thing they do is to see where the compromises are.
“That is why I like the theme of this event to enable us to seek national collaboration to fight cybercriminals in this country and across the world.”
He noted however that it would be diversionary to think frauds were committed by external persons only. “We also look at banks; we are not going to deceive ourselves that fraud is only committed by the customers,” he said. “We believe that frauds could happen within the banks, which was why we introduced the dual authorisation process whereby a transaction cannot start and end with one person.
“We also ask banks to provide security and protection mechanisms around the information of their customers in their possession. The Payment Card Industry Data Security Standard, known as PCI DSS, was also made mandatory, in which case every bank has to secure the data its customers provided in a way that they cannot be stolen.”
Jimoh, who pointed out that most of the information used by the fraudsters to defraud customers were due to the leakages in the banks, narrated how some persons attempted to defraud him by sending him a text message that he needed to replace his ATM card and that he should send some information if he wanted it fixed.
“What struck me was that, in the message, they put another (phone) number I could call if I wanted it resolved,” he noted. “The number that sent the message and the one the person asked me to call are available and these are active numbers. I tried (calling) the numbers and they connected.
“My question is, what do we do to these people? By today’s configuration, no line can be active without the National Identification Number and if that phone is active within the banking industry, it has a million targets. So, we should know the owners of those lines and the need for collaboration has become very mandatory between the police, other security agencies and the Nigerian Financial Intelligence Unit.
“The NCC also has to come in because every SIM has biometric data attached to it and should be identified. We need to collaborate so we can take these monsters out of the system. I do not see any reason why somebody should use a phone to commit an offence and that person’s phone or account information is still active within the system.”
He said people who commit infractions in the banking system were being placed on a watchlist and they would be made “miserable” within the financial services system.
Similarly, the Director, Risk Management, CBN, Dr Blaise Ijebor, pointed out that Internet fraud was a rapidly evolving problem and that the only way to tackle it was to deploy a more advanced response.
He stated, “Another area where we need the cooperation of the banks is tracing. We need to block and blacklist every account found wanting,” adding that perpetrators must be brought to book so as to serve as a deterrent to others.
The Managing Director and Chief Executive Officer, NIBSS, Premier Oiwoh, also called for improved information and knowledge sharing in the financial services sector to tackle the menace.
Oiwoh said, “The director (Jimoh) raised a vital point that every line in Nigeria today is registered and such lines should be blocked. But after blocking those lines, who followed up to find who those lines were registered to, which accounts were linked to them and what else they have done?
“From one fraud, we can raise 20 questions and answering those questions would help to stop the fraud as well as know how they operate. The CBN and other regulatory bodies have to work and ensure the policies are there to support the operators. Also, the industry operators, like the banks and others within the ecosystem, need to do what it takes. The police, NFIU, EFCC (Economic and Financial Crimes Commission) and others have to play their roles. The fraud worries everybody.”
The Chairperson of CeBIH, Ms Celestina Appeal, noted that as online banking became seamless, the attendant risks also increased. She noted that as stakeholders dialogue on minimising the risk exposure, the fraudsters also hold strategy sessions to devise new ways of defrauding people.
She added, “Today, more purchases are done through online payments. E-banking is now globalised. But as things become seamless, there will be risks. The fraudsters are also trying to expand their strategies. Every year, the finance sector records losses in billions. According to NIBSS’ reports, the volume of fraud successfully carried out has increased about four times between 2019 and 2021.
“If current trends continue, by 2030 online fraud may overtake even the plastic frauds, which is the fraud we have on cards.”
Interpol hits banks
Meanwhile, a deputy commissioner with the International Police Organisation, Usman Ahmed, said at the webinar that banks were only interested in making money and do not want to spend money to fund investigations. He described fraud investigation as an expensive venture that police might not be able to fund alone.
He said conversations around collaboration were important, but lamented that beyond the beautiful speeches at such gatherings, quality collaboration between agencies was poor.
He added, “To be very honest, such collaborations are emphasised in forums like this. How many institutions are ready to spend money? The Nigerian banks just want to make money; they don’t want to spend money. That is my experience of almost two decades with them, having also served in the EFCC.
“They (banks) like making money without spending money, and if a fraud happens, they almost always want to send the liability of the fraud back to the customers in most cases. Unless you stand firm, the banks hardly want to take responsibility. They make billions but don’t want to spend millions or thousands.”
He said critical stakeholders who have the funds, especially the banks, should be able to develop the habit of voting huge monies for investigation and tracing frauds. “That is the only way going forward. Investigation is broad and costly. I must be honest with you; the national police budget is inadequate. The collaboration has to be real, that is the way to go and we must find a way to make it work,” he added.