In light of the rising success rate of fraud initiated against banks, Specialised Deposit-Taking Institutions (SDIs) and electronic money issuers (EMIs), Lead, Financial Crimes & Anti-Money Laundering (AML) at the e-Crime Bureau, Eric Kwaku Mensah, is urging businesses, especially those in the financial industry, to develop effective fraud risk management programmes to safeguard their activities.
A recent analysis by cyber-security consultancy – e-Crime Bureau – has shown that between 2017 and 2021, attempted attacks on this segment of the financial industry totalled GH¢1.85billion, with a total loss value of GH¢194.56million, translating into a 10.5 percent success rate.
It is against this background that the AML expert is urging that pragmatic measures be taken in accordance with relevant risk management regimes, encompassing products, staff, and consumers to minimise the success rate of such attacks.
“One thing they ought to do is a comprehensive fraud risk assessment of products and services. For instance, if you roll out a mobile banking application, you do an assessment to check whether someone or a third party can use that application to commit fraud or not.
“They also have to comply with international best practices, standards or frameworks, such as ISO 27001, and the Bank of Ghana’s Cyber & Information Security Directive. I say this because there are international best practices that when institutions comply with, automatically position them to seal some loopholes,” he said.
He also suggested training for staff in the technical, risk and compliance, as well as internal and audit departments to be able to identify fraud, and raise awareness among frontline staff.
Mr. Mensah added that given the Bank of Ghana’s report that indicates that staff of banks and other Specialised Deposit-Taking Institutions involvement in fraud constituted 53.46 percent of total fraud cases in 2021, critical background checks on staff and contractors must be done to eliminate insider attacks.
The move, he believes, could tackle half of the fraud attacks on organisations; stating that among the numerous reasons, poor background investigations of staff is a primary risk factor. As such, implementing an anti-fraud policy could also be helpful.
The BoG data indicate that staff involved in fraud cases increased to 278, as compared to 253 in 2020, representing an increase of 9.88 percent in year-on-year terms.
Mr. Mensah further advised that financial institutions play their part and take consumer awareness or education seriously because they are frequently the target of fraudsters.
“This is very important. Most times criminals like to target from the customer’s side. Most of these fraudsters target the customers who are novice, so raising their awareness is key,” he said.
In addition to the organisations’ attentiveness and proactivity, he said members of the banking public must also be security-conscious and avoid entering their sensitive details such as Automated Teller Machine (ATM) or debit card information onto any unsafe websites.
“Individuals must not share their personal identification numbers (PIN) with anybody, and should not save these details on their phones. Also, avoid sharing too much information on social media and always verify messages requesting for the transfer of money from service providers,” he added.
According to the BoG’s Specialised Deposit-Taking Institutions (B&SDI) and Electronic Money Issuers (EMI) fraud report, ATM card/POS-related fraud recorded the highest loss of GH¢22million. This can be attributed to the negligence of some customers and the weak systems of some financial institutions.
Also, the Electronic Money Issuers (EMI) sector recorded 12,350 mobile money-related fraud incidents in 2021. The total value of fraud reported by EMIs for 2021 amounted to GH¢14.2million. The total E-Money-related loss recorded by EMIs in 2021 amounted to approximately GH¢12.8million.