As financial services become more technology-driven, so is the case with fraud.
The Bank of Ghana’s 2020 Banking Industry Fraud Report, ATM/POS fraud recorded the highest loss value of GH¢8.19 million in 2020, up from the GH¢1.26 million recorded in 2019, representing a 548.1% increase. This indicates a surge in cyber and ATM fraud.
E-money fraud also witnessed a significant hike in loss value. According to the report, “loss incurred through E-money fraud increased from approximately GH¢0.37 million in 2019 to an estimated GH¢1.04 million in 2020, representing a 180.0% increase.”
Per the report, a total count of 2,670 cases of banking fraud was recorded in 2020, as compared to 2,311 reported cases in 2019.
The reported value of fraud recorded by Banks and Specialized Deposit-Taking Institutions in Ghana in 2020 was about GH¢1 billion. This represents an increase of over 750 per cent as compared to the reported value of fraud recorded in 2019, which stood at about GH¢115 million.
Reasons for the Surge in Cyber and ATM fraud
The outbreak of the COVID-19 pandemic pushed bank customers to use alternative forms of payments and financial transactions of which include ATMs, banking apps, and mobile money services.
The increase in the usage of the above-listed alternative channels, unfortunately, came with it poor personal safety perception and inadequate customer sensitization by banking institutions. These factors drove the surge in cyber fraud and fraud perpetrated through ATMs/POS.
BoG’s Financial Industry Security Operating Center
To address the surge in cyber and ATM fraud, the Governor of the Bank of Ghana, Dr Ernest Addison indicated the Central Bank’s preparedness to connect 23 leading banks in the country to its newly established Financial Industry Security Operating Center next year.
In a news item recently published, a 42-year-old man was found to have 656 ATM cards connected to nine banks operating in Ghana and Nigeria.
Addressing the case, Dr Ernest Addison said, ‘this is a developing matter, we are investigating it. As you know, financial services are becoming technology-driven financial services, the risk associated with ATMs will also go up. Fortunately, we are looking very closely at that.”
Consequently, the Bank of Ghana now has a security operating centre that monitors the activity of cyber fraud. However, it is yet to establish a Financial Industries Hub that will connect all the banks to better position financial institutions to monitor the cyber risk associated with the country’s financial system.
“We have the security operating centre at the Bank of Ghana, which monitors our cyber resilience. Currently, we are in the midst of establishing a Financial Industries Hub,” Dr Ernest Addison said.
“I believe the Bank of Ghana is ready, the Agriculture Development Bank is getting connected. Hopefully, by a year from now, we will have all 23 banks connected to the industries hub, and we will be able to monitor the cyber risk associated with the entire banking system in Ghana,” Dr Ernest Addison further stated.
With that said, what does it all mean? How will the establishment of a new Financial Industry Security Operations Centre help in the fight against cyber fraud? To understand this, we must first look into what is a Security Operation Centre (SOC)?
What is Security Operation Centre (SOC)?
Gartner, a Stamford, Connecticut-based technology research and consulting company, defines a security operations centre as “a team, often operating in shifts 24/7, and a facility dedicated to and organized to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfil and assess regulatory compliance.”
SOC teams are responsible for monitoring and analyzing activity on networks, and servers to detect, analyze, respond to, report on, and prevent cybersecurity incidents.
By enrolling the banks in its new Financial Industry Security Operating Centre, SOC teams at BoG can work closely with the bank’s incident response teams to ensure security issues are averted or addressed quickly upon discovery.
Surge in Cyber and ATM fraud – Other Mitigating Measures
In the Bank of Ghana’s 2020 Banking Industry Fraud Report, financial institutions and E-money Issuers were called upon to implement transaction monitoring systems that can identify unusual spending patterns and potentially fraudulent transactions.
The banking industry must also put in place measures that would raise awareness of cybercrime among consumers primarily through information sharing. According to the report, this could be achieved through the use of a Fraud Intelligence Sharing System (FISS).
“The FISS is a central industry database – an extremely secure, flexible, and cost-effective intelligence system designed to support the card and retail banking industries in the fight against fraud. It can be used to identify linkages and patterns in frauds, thereby playing an important role in protecting consumers,” the report revealed.