As the world marks Cybersecurity Awareness Month, stakeholders in the Nigerian cyber space have made a strong case for an Integrated Identity Management System to be called ‘’The Nigerian Identity’’ whereby international passport, phone number, BVN belonging to one individual are grafted onto one composite interconnected file to easily detect and track perpetrators of cybercrime.
They also called for regular update of regulatory guidelines and improved collaboration between the financial sector regulators, industry operators and Nigeria Inter-Bank Settlement System Plc (NIBSS) to effectively manage emerging risks and achieve a secured digital ecosystem that facilitates safer transaction processing and customer experience.
This forms part of the submission of participants at the Information Security Society of Africa – Nigeria (ISSAN) Cybersecurity Roundtable with the theme: Re-Thinking Corporate Governance Rules on Money Transfers held in Lagos recently. The Stakeholders comprised representatives from Deposit Money Banks, FinTechs, Economic and Financial Crimes Commission (EFCC), Federal Bureau of Investigation (FBI), Central Bank of Nigeria (CBN), NIBBS, Internet Service Providers (Huawei), Tech Companies, Cybersecurity companies, Legal Practitioners, and the Press.
In a communique released at the end of the forum, they agreed that there was also the urgent need to create effective blacklists of criminals in the financial sector so that when they have committed any infraction anywhere within the industry, they should be blacklisted industry wide.
The participants identified human factor as the most critical element of a cybercrime, stressing that staff recruitment and customer on-boarding should be done with greater and continuing care and concern. They raised concerns on non-compliance to Tier 1 account transactions limits, urging operators to review and improve their respective security architectures as well as ensure the implementation of the existing regulations by the industry operators. Thus, the need for a stronger regulatory attention for FinTechs was canvassed especially in relation to enforcing the limits for Tier 1 accounts.
Other highlights of the ISSAN Roundtable include the need for the regulators to encourage and reward whistleblowers and sanction wrong information; create a platform to generate a connectivity graph for every email a customer provides for account opening to serve as red flag; address the slow pace of action in Investigating funds transferred to wrong account and a more robust regulatory and legal framework for money transfer, including ethical guidelines.
They further urged banks to make extra effort to build trust in customers’ minds; improve data protection; emphasize financial literacy for financial inclusivity; exert more effort in educating their customers on the workings of the financial system and enhance security of their Application Programming Interfaces (APIs)
In his keynote address, Director, Payment System Management, CBN, Musa Jimoh, commended the efforts of ISSAN in promoting a safer cyber space for financial transactions in the county, stressing that it is the responsibility of all stakeholders to ensure a robust payment ecosystem and a sound regulatory regime as the apex bank cannot do it alone. He further emphasized that banks and FinTechs should put adequate measures in place to protect their customers, stressing that it was the only way to embrace and trust the payment system.
“The banks should know the identity of the entity that is conducting transactions. Banks should invest and strengthen their KYC. They should monitor transactions and put adequate measures in place to trigger suspicious transactions They should continue to educate their customers and create more awareness. Consumer protection is dear to CBN. It is the obligation of the banks to protect customers who are vulnerable. Banks and FinTech’s should exhibit good market conduct to earn the trust of their customers.” he said.
Earlier in his welcome address, ISSAN President, Dr David Isiavwe, stated the need for industry operators, law enforcement agencies and financial sector regulators to ensure they are steps ahead of the activities of cybercriminals.
According to him, “the cybersecurity space is constantly evolving. As the cybercriminals do not sleep or relent, operators and regulators have a duty to not also sleep. Indeed, the protection of the cyberspace is the responsibility of all stakeholders…”
“The increasing deployment of technology to optimize and ease financial transactions has not only revolutionized the payment space, but it has also broadened the attack surface for cybercrime. Thus, it has only become necessary that guidelines and principles that provide safety to these systems are continuously adopted locally and internationally as cyber-attacks are no more a matter of “if” but “when” they will occur.” He stated.
Dr. David Isiavwe who is also the Chief Compliance Officer of Ecobank Nigeria, noted that FinTechs have a critical role to play in the future of financial services, noting that the more they innovate, the more they need to automate the attendant controls and ensure that they are strictly monitored.
ISSAN is a not-for-profit organization dedicated to the protection of Nigeria’s cyberspace. It is also significantly involved in ensuring the security of Banking Systems. It also provides a platform for information, collaboration, and ideas exchange for a safer payment ecosystem.