Research Question 2: What are the perceived factors that have considerable influence on the increase in e-banking fraud in Nigeria?
140
Table 5.3: Contributing Factors to the E-banking Fraud Increase
S/N Contributing Factors
SA
A
U
D
SD
C1 Pressure to meet business and personal targets
51.5% 35.2% 5.5% 5.5% 2.4%
C2 Inadequate fraud detection tools
37.0% 45.5% 1.2% 12.1% 4.2%
C3 Collusion between employees and external parties
41.2% 33.9% 3.0% 14.5% 7.3%
C4 Lost cards, stolen personal identification data
52.7% 34.5% 1.8% 7.3% 3.6%
C5 Changes to strategies without changing in business procedures 38.2% 38.2% 3.6% 15.2% 4.8%
C6 New products without adequate control and training in place 50.3% 35.8% 1.2% 9.7% 3.0%
C7 Lack of a fraud risk framework within the organization
35.1% 42.9% 0.6% 17.3% 4.2%
C8 Difficulty integrating data from various sources
48.2% 35.1% 2.4% 10.7% 3.6%
C9 Difficulty investigating crimes across borders
50.3% 40.8% 1.8% 4.8% 2.3%
C10 Irregular electricity power supply in Nigeria
37.6% 27.9% 3.0% 23.6% 7.9%
C11 Lack of forensic accounting professionals
36.4% 34.5% 3.0% 21.8% 4.2%
C12 Downloading, browsing, chatting and spending long time on soc 33.9% 20.6% 4.8% 22.4% 18.2%
C13 Weak litigation support in prosecution process
44.8% 37.1% 2.4% 13.3% 2.4%
C14 Lack of oversight by senior management on deviations from exis 33.9% 20.6% 4.2% 23.6% 17.6%
C15 Issuing of counterfeit credit cards by the employees of the issue 44.2% 36.4% 3.0% 12.7% 3.6%
C16 System with virus, weak software, lack of antivirus, weak passw 43.0% 38.8% 0.0% 13.3% 4.8%
C17 Lack of customer and staff awareness of fraud incidence
37.6% 43.6% 1.8% 13.9% 3.0%
C18 Lack of dedicated technology tools for investigation and insuffic 38.8% 35.8% 3.0% 15.8% 6.7%
C19 Poor coordination with law enforcement
44.8% 35.2% 2.4% 10.9% 6.7%
C20 Lack of effective and efficient internet network facilities
35.8% 35.2% 6.1% 15.8% 7.3%
C21 Absence of quality forensic analysis
49.1% 32.1% 3.0% 11.5% 4.2%
C22 Use of the same password for different accounts
32.7% 43.6% 0.6% 19.4% 3.6%
C23 Lack of rule of law
45.5% 33.9% 4.2% 12.7% 3.6%
C24 Poor system administration and ineffective maintenance
42.5% 43.6% 2.2% 7.3% 4.4%
C25 Lack of forensic accounting professionals and absence of quality 43.8% 37.6% 5.0% 8.1% 5.6%
C26 Lack of dedicated technology tools for investigation
46.1% 33.9% 0.0% 14.0% 6.0%
C27 Insufficient financial resources
35.8% 42.7% 2.0% 10.5% 8.0%
C28 Infectiveness of law enforcement agency
18.5% 33.7% 0.0% 27.8% 20.0%
141
Table 5.3 above, presents the analyses of the findings of the outcome of the survey on the factors that contributing to the increase of e-banking fraud in the banking industries. Quite a lot of respondents agreed that there are several reasons and significant challenges for the increase in e-banking fraud incidents for Nigerian banks. The findings and supported studies are discussed below.
Table 5.3, shows that the pressure to meet business and personal targets, inadequate fraud detection and prevention tools within the organisation and collusion between employees and external parties influence the increase in e-banking fraud. This corroborates with Albrech et al. (2010) illustrated pressure with examples that pressure can be in the form of the following: financial losses, living beyond one’s means, business distress, competitors’ challenge, greediness, credit crises, personal debt, poor credit management, unexpected financial need, frustration at the work, organizational failure, ineffective performance at the place of work, and lack of promotion at place of work. Kassem and Higson (2012) explained that a person becomes a fraudster when they consider themselves as having financial obligations which are known as non-socially authorized and therefore must be satisfied secretly.
The findings in Table 5.3 presents that lost cards and stolen personal identification data, changing of business strategies without changing business procedures, introduction of new products without adequate control and training in place, lack of a fraud risk framework within the organization for customers, difficulty integrating data from various sources influence the increase of e-banking fraud in the Nigerian banking sector. The findings further shows that, difficulty of investigating crimes across borders, lack of forensic accounting professionals, downloading, browsing, chatting and spending a long time on social media, systems with viruses, weak software, lack of antivirus, weak passwords and so on, included weak litigation support in the prosecution process, lack of oversight by senior management of deviations from existing procedure and also, issuing of counterfeit credit cards by the employees of the issuing company enhance fraud perpetration in Nigerian banking institution.
142
In the same disposition, Salim (2014) online-banking fraud can be initiated from anywhere in the world by involving many perpetrators of various nationalities and use of several servers from different nations. Likewise, the European Central Bank (2014), in its survey of card fraud, reported that card payment fraud is one of the major means of fraud; for example, counterfeit cards, cards not received, lost and stolen cards. The author of this report further elucidated that contemporary mobile devices and their operating systems were not intentionally produced for the security of financial payment: the transmission of personal data and sensitive payment using radio technology exposes mobile payment to risks.
Furthermore, lack of customer and staff awareness of fraud incidence is a great challenge to prevention and detection of e-banking fraud, lack of dedicated technological tools for investigation, insufficient resources and the episodic electrical power supply in Nigeria are challenges to e-banking fraud prevention and detection in Nigerian banking industry. This supported by CIFAS, (2009), the costs of managing e-banking fraud risk and the number of electronic banking fraud incidents are always increasing due to the sophisticated techniques used by electronic banking criminals.
In the same vein, analysis of the findings in Table 5.3 prove that lack of effective and efficient internet network facilities, the absence of quality forensic analysis, using the same password for different accounts, lack of rule of law, that the ineffectiveness of law enforcement agencies contributed, poor system administration and ineffective maintenances, lack of forensic accounting professionals and absence of quality forensic analysis, lack of dedicated technology tools for investigation are the major factors that are contributing to the increase of e-banking fraud in the Nigerian banking institution. Similarly, Deloitte (2015), in the study “India Banking Fraud Survey”, discovered that there is an increase in online fraud occurrence in the banking sector because of the lack of tools and technology to discover the potential red flags.
143 5.3.3 Mechanisms for E-Banking Fraud Prevention
Research Question 3: What are the current significant mechanisms for e-banking fraud prevention in the Nigerian banking industry?
Table 5.4: Mechanisms for E-Banking Fraud Prevention
S/N Preventive Mechanisms SA A U D SD
D1 Corporate code of conduct 59.40% 34.50% 1.20% 3.60% 1.20% D2 Carrying out of internal investigation 63.60% 30.90% 0.60% 3.60% 1.20% D3 Dedicated forensic technology tools for investigat 60.60% 30.90% 3.00% 4.80% 0.60% D4 Intelligence gathering mechanisms 67.30% 26.10% 1.20% 4.80% 0.60% D5 Employment of bank verification number (BVN) a 71.50% 23.60% 1.20% 3.00% 0.60% D6 Use of token card, PINsentry card, passcode, mem 61.20% 31.50% 1.20% 5.50% 0.60% D7 Collaboration with government, regulators, law e 60.60% 33.90% 0.60% 3.60% 1.20% D8 American Express SafeKey, MasterCard SecureCod 59.40% 29.10% 1.80% 9.10% 0.60% D9 Automated Address Verification Service (AVS) 49.70% 36.40% 7.30% 6.10% 0.60% D10 Checking for cards that are being used fraudulent 54.50% 30.90% 1.80% 8.50% 8.50% D11 Fraud awareness training 68.50% 29.10% 1.20% 0.60% 0.60% D12 Employee background check 63.00% 29.10% 3.00% 4.20% 0.60% D13 Fraud control strategies, regulations, internal con 49.10% 37.00% 0% 10.90% 3.00% D14 Reporting the incident to a law enforcement agen 21.80% 55.80% 0% 21.20% 1.20% D15 Asking the individual in question to resign 44.20% 38.80% 3.60% 12.10% 1.20% D16 Upgradation of technology to combat fraud 44.20% 44.80% 3.60% 6.10% 1.20% D17 Fraud risk assessment 49.10% 24.80% 1.20% 23.60% 1.20% D18 Fraud control organization structure 46.10% 37.60% 1.20% 13.90% 1.20% D19 Clearly defined reporting structure 37.60% 22.40% 3.60% 20.00% 16.40% D20 Dedicated fraud investigative team from CBN 50.90% 36.40% 0.60% 11.50% 0.60% D21 Use of personal identification number and autom 37.60% 21.60% 3.60% 21.20% 16.40% D22 Card Security Code (CSC) 49.20% 36.40% 0.60% 12.70% 0.60% D23 Third party due diligence 46.70% 43.00% 0% 9.10% 1.20% D24 Customer screening against negative list 38.20% 47.90% 0% 12.70% 1.20% D25 Whistle-blower hotline policy 44.20% 25.50% 3.00% 15.20% 12.10% D26 Data mining 44.20% 42.40% 0.00% 12.70% 0.70% D27 Corporate governance 48.50% 36.40% 1.20% 9.10% 4.80%
144
Several respondents agreed that mechanisms need to be implemented for effective e- banking fraud prevention in the Nigerian banking sector. As shown in Table 5.4, that employment codes of conduct, carrying out of internal investigations, dedicated forensic technology tools for investigation, fraud risk assessment, fraud control organization structure, use of personal identification number and automated phone call with a registered phone number, dedicated fraud investigative team from CBN, card security code (CSC), and employing intelligence gathering mechanisms would have a positive influence on e-banking fraud prevention. This supported by Mac Freddie, (2015) in the study of “Fraud Mitigation Best Practices” fraud risk management policies and procedures are appropriate and significant for fraud prevention, detection, investigation, reporting policies, resolution and communicating them to the relevant stakeholders. Moreover, analysis of the finding in Table 5.4 shows that, the respondents agreed that employment of a bank verification number (BVN), the use of token card, PINsentry card, passcode, memorable word, personal identification number and automatic phone call with registered phone number; collaboration with government, regulators, law enforcement, academia and other partners Verified by Visa and Mastercard Secure Code, Automated Address Verification Service (AVS) and Card Security Code (CSC), checking for cards that are being used, and introduction of fraud awareness training, would play significant roles in prevention of e-banking fraud. This corroborated by Phua (2010) survey, the authors concluded that, electronic banking fraud prevention focused on fraud prevention software such as Smart Card Authentication, One Time Passwords and Biometric Authentication. Authors further and testify that biometric technology provides a better authentication technique and improves the security.
Furthermore, the analysis in Table 5.4 agreed that, the adoption of employee background checks would enhance fraud prevention, fraud control strategies, regulations and internal control policies; reporting the incident to a law enforcement agency; that upgrading technology to combat fraud, supported third party due diligence, customer screening against negative list, whistle-blower hotline policy, data mining and corporate governance would serve as a significant mechanism for preventing e-banking frauds. Nance and
145
Straub (1988) and Holling and Clark (1983) supported that information security policies about the organisational policies would prevent potential fraudulent from being committed. These author studies suggested four key areas of policy improvement that are indispensable in preventing fraud. These key areas included the full understanding of fraudsters behaviour, the dissemination of crucial information on organisational policy, the broad casting sanctions, and the implementation and enforcement of sanctions. 5.3.4. Mechanisms for E-Banking Fraud Detection
Reseach Question 4: What are the current significant mechanisms for e-banking fraud detection in the Nigerian banking industry?
Table 5.5: Mechanisms for E-Banking Fraud Detection
S/N Detection Mechanisms SA A U D SD
E1 customers’ complaints. 62.50% 29.80% 0.60% 5.40% 1.80% E2 Auto. data analysis and monitoring software 45.20% 44.00% 0.60% 7.10% 3.00% E3 Online reconciliation of account enhances e-banking fraud 36.90% 52.40% 3.60% 5.40% 3.60% E4 Fraud risk assessments and investigations 43.50% 47.00% 0.60% 6.50% 2.40% E5 Fraud detection and monitoring system 54.80% 38.10% 0.60% 4.80% 1.80% E6 Use of CCTV at point of transaction 55.40% 25.00% 0.60% 13.10% 6.00% E7 Monitoring of the internet 53.60% 32.70% 1.20% 8.90% 3.60% E8 Implementation of banking verification number (BVN) app 73.20% 20.80% 1.20% 3.00% 1.80% E9 Forensic Computer and accounting approaches. 44.60% 35.70% 2.40% 16.70% 0.60% E10 Internal whistle-blowers. 52.70% 40.00% 3.60% 7.30% 5.50% E11 Effective response plan. 51.50% 36.40% 1.20% 9.10% 1.80% E12 Data mining. 40% 25.50% 3.60% 17% 13.90% E13 Fraud controls and monitoring teams 53.40% 27.00% 0.50% 12.10% 7.00% E14 Monitoring the phishing-related websites. 51.60% 34.70% 1.20% 9.90% 2.60% E15 Anonymous complaints. 73.20% 20.80% 1.20% 3.00% 1.80% E16 Fraud detective system software. 42.60% 37.70% 2.40% 16.70% 0.60% E17 Internal surveillance equipment. 50.70% 42.00% 0% 7.30% 0% E18 ATM monitoring surveillance. 53.50% 34.40% 1.20% 9.10% 1.80% E19 Internal and external auditors. 43% 22.50% 3.60% 17% 13.90% E20 Law enforcement agents. 35.40% 30.00% 5.50% 13.10% 16.00%
146
Many of respondents agreed that there are numerous mechanisms for e-banking fraud detection in Nigerian banking sector. As shown in Table 5.5, 85percent of the respondents posted that e-banking frauds were detected through customers’ complaints, automated data analysis and transaction monitoring software, online reconciliation of accounts, and fraud risk assessments and investigations, fraud detection and monitoring systems, use of CCTV at point of transaction, internal surveillance equipment, ATM monitoring surveillance, through internal and external auditors, use of monitoring of the internet software to detect and close malware and phishing-related websites, included use of banking verification number (BVN) approach.
In addition, Table 5.5, the analysis of the respondents on detection mechanisms, the finding proved that, electronic frauds were detected through application of forensic computer and accounting approaches, internal whistle-blowers/anonymous complaints, use of data mining. This also, supported by Bhasin (2015) that, e-banking can be detected through the application of two-dimensional barcodes, biometrics, cheque image processing, data analytics and data mining, contributed to addressing the problems of fraud detection and prevention.
Likewise, Table 5.5 shows that above two-third of the respondents consented that e- banking frauds were detected through fraud controls, monitoring and analysis teams, monitoring phishing-related websites. This is in the same vein with Bhasin (2015), in an investigation into the “Menace of Frauds in the Indian Banking Industry”, found that the innovative detection and prevention technology employed by some banks, including Data Glyphs.