Why rising cybercrime in banks should worry us all

Michael Niyitegeka 

What you need to know:

  • “Cybersecurity should cease to be an IT challenge but rather for everyone working in the financial sector and the customers.    

In recent years, bank fraud and crime cases have become a household topic across major regional banks as criminals have found a soft playground to fraudulently reap off customers’ money. This disinterests clients who earlier trusted banks as a haven for their finances thus jeopardising the integrity of the banking system and sector as a whole.

The majority of cases involving investigations have always linked staff to collusion with criminals in such incidents. Cybercrime and bank fraud remain the biggest challenges hitting financial institutions in the region, as these demand urgent and combined interventions.
The digitisation of financial services, while offering unprecedented convenience and accessibility, has also opened up new avenues for fraudulent activities. Cybercriminals, armed with advanced technologies and tactics, are exploiting vulnerabilities in banking systems to draw off funds, commit identity theft, and perpetrate various forms of financial fraud.

One of the trends that seems to be prevalent is that of social engineering. This is the tactic of manipulating, influencing, or deceiving a victim to gain control over a computer system, or to steal personal and financial information. Many of us have fallen prey to these tactics.
The fraudsters have mastered the art of approaching their targets through known acquaintances or through referencing contacts that you are familiar with and as such you get comfortable divulging information.
Of course, the targets are usually individuals with good account balances, and as such, there is always the inside conduit who facilitates information transfer. With the limited digital literacy, the fraudsters find it easy to manipulate their targets.

Financial institutions in the East African region have experienced several cyberattacks in the recent past. One of the primary concerns plaguing banks in the region is the fact that even with increased investment in cybersecurity infrastructure, the vice is on the upward trend.
Secondly, keeping up and ensuring all safety nets are in place is a tough challenge to the banks because of the fluid nature of the cyberattacks. Many financial institutions in the region struggle to keep pace with evolving cyber threats, often due to limited resources, technical expertise, and outdated security protocols.

Weak internal controls, inadequate oversight, and a culture of impunity contribute to the prevalence of such illicit activities
We need the people-processes-technology approach. People are the cornerstone of digital transformation and adoption and as such, we must ensure they are at the forefront.
Cybersecurity should cease to be an IT challenge but rather for everyone working in the financial sector and the customers. The customers need to be brought to speed. 

The fraudsters take advantage of these knowledge and competence gaps. As a customer, the knowledge transfer systems are always lacking, with the majority of the frontline staff struggling to keep up with the changes. This is costly to the institutions, but the return on investment is generally great.

The recent media campaign by the different players “Beera Steady” is a step in the right direction but limited in content. Processes ought to be geared towards simplifying customer experience. Once a system complicates the experience, it is an invitation in many cases for intervention and it can go bad.

Technology is never the challenge; it is finding what works for you that is always the bigger challenge.
It is crucial to foster greater collaboration and information sharing among banks, industry stakeholders, and cybersecurity experts to enhance the collective defence against cyber threats. By combining resources and expertise, financial institutions can anticipate emerging risks, share best practices, and coordinate responses to cyber incidents more effectively.

It requires an all-hands-on deck approach. Governments ought to invest in robust investigative infrastructure that is agile and responsive. It is no longer business as usual. The colossal sums of money in the fraud cases amount to economic sabotage.

Mr Niyitegeka is the executive director of Refactory Limited and the ICDL Africa country manager for Uganda.