The banking industry lost close to two billion Birr to fraud in the past four years. The state-owned Commercial Bank of Ethiopia (CBE) accounted for half.

A three-storey building on Mozambique Street, around Mexico Square, was packed with appeared aggrieved. A taller man was navigating through the congested hallway on the first floor, appearing nervous and constantly glancing at his watch. Sisay Tegenu seemed like he was racing against time.

Sisay had good reason for his anxiety. Several who jammed the building last week were prey to financial scammers. The building houses a department of the Federal Police Crime Investigation Bureau.

The day before, Sisay was the victim of a scam. Someone called him pretending they were an employee of the Commercial Bank of Ethiopia (CBE). The scammer told Sisay he was trying to integrate his CBE account with another account he holds at the Bank of Abyssinia (BoA).

Sisay followed instructions and changed his password using his smartphone. Two hours later, he received a notification from the CBE that he had transferred 85,000 Br.

“I couldn’t believe my eyes,” he told Fortune. “I’m left with only 3,000 Br.”

The father of four suspects the scammer could be someone close to him, who should know he holds accounts at both the banks.

Berhanu Abate, head of the Bureau, was not surprised. He recently came close to falling victim to a scam perpetrated by individuals claiming to work for the CBE. Neither were the requisitions he received a novelty. The scene is an everyday occurrence for him. At least 10 people visit the Bureau each day.

“Financial fraud is spreading like wildfire,” said Berhanu.

A recent Ministry of Justice (MoJ) study revealed that the banking industry lost close to two billion Birr to fraud in the past four years. Half of these were incurred by the state-owned CBE. The Bank of Abyssinia accounted for 17pc of the loss. Published two months ago, the study was conducted on 155 cases filed in courts. It discovered commercial banks were a target for 370 billion Br in attempted fraud over the past five years.

However, this is the tip of the iceberg. The study covered a small fraction of the financial crimes committed, says Awol Sultan, senior prosecutor and head of the press secretariat at the Justice Ministry. About 700 court cases involving 85 million Br have been reported in the last two months. Close to 90pc bank frauds are committed in Addis Abeba.

“Banks are reluctant to share information with the authorities,” said Awol.

Beyond withholding information, the report alleged, some banks even attempt to negotiate with perpetrators to recover stolen money. The problem is alarming, for less than 16pc of the money stolen from banks is recovered, according to KMPG, an international consulting firm.

Berhanu says some employees working for the state-owned Ethio telecom are involved in these crimes. His bureau has held a dozen working for Ethio telecom and banks in custody, under investigations for alleged involvement in some fraud victims like Sisay.

Cheque-related fraud, likely the oldest form of financial fraud, accounts for over a third of all economic crimes. Forgery and theft of cheques are the most common. The Ethiopian banking industry is particularly vulnerable, as most branches do not have the tools to carry out ultraviolet checks to identify fraudulent cheques. However, the CBE fares relatively better at deploying ultraviolet scanners.

Another common financial crime is unauthorised withdrawal. According to Dahlak Yigezu, vice president for digital banking at the CBE, in most cases, this is committed using forged documents and IDs.

But Berhanu sees fraud in mobile banking as growing at an alarming rate. According to the Justice Ministry, crimes on electronic payment platforms account for 14pc. It is a trend likely to continue with the growth of digital banking.

Although cash remains king, electronic banking is gaining momentum. Commercial banks have adopted digital platforms enabling clients to remotely access services such as cash withdrawal, transfer, and utility payments.

Mobile banking was introduced in 2015 with the arrival of two mobile money providers – HelloCash and M-Birr. The CBE launched its digital money transfer platform (CBE-Birr) two years later, followed by Dashen Bank’s Amole mobile wallet. Awash Bank unveiled its “Awash Birr” platform two years ago.

Almost all commercial banks and microfinance institutions (MFIs) provide mobile money services today. More than a dozen mobile banking, wallet, and money platforms are operating. Combined, they facilitated transactions valued at 320 billion Br last year.

Amole Wallet has close to 3.5 million users. The CBE boasts 5.4 million users on its platform, which accounts for nearly 40pc of the country’s 14.5 million mobile banking users.

The progress is twinned by digital security vulnerability and financial fraud exposure. Rapid technological advancement plays a significant role in festering fraud as it allows scammers to thrive from virtually anywhere, argues Fitsum Wesen, a cybersecurity management expert.

Investigators like Berhanu learned that most financial crimes in mobile banking are committed through password theft. Law enforcement officers caution that strong authentication details are vital since mobile devices are easily lost or stolen. A digital banking service requires basic literacy, but most users are unaware of financial fraud, says Berhanu.

Not even financial firms are privy to the need for digital security. One of the vulnerabilities comes with using standard communication channels and the increased opportunity for hackers to access users’ phones remotely. Most service providers use these channels for their mobile money offerings. And mobile banking presents challenges, including growing malware threats targeting mobile channels.

Federal agencies like Financial Intelligence Service receive up to 2,000 complaints annually, disclosed Endale Assefa, head of communications.

“We only investigate those under our jurisdiction,” he told Fortune.

The former Financial Intelligence Centre was reconstituted as a Service earlier this year, tasked to fight growing financial fraud, money laundering and terrorism financing activities. Its investigators coordinate with their colleagues in the Information Network Security Agency (INSA) to protect financial institutions from cyber-attacks.

Agency officials recently announced more than 5,000 cyber attack attempts were made last year. They targeted 37,000 interlinked computers used by financial institutions. Fitsum warns that escalating fraud puts into question the financial sector’s sustainability.

“Unless it’s addressed in time, it could result in huge losses,” said the expert.

The banking industry recognises the growing risk. Its leaders, such as Aklilu Wubet, president of Wegagen Bank, echo experts’ words of caution. Wegagen was among the first affected by financial crimes, according to the MoJ study.

“It’s becoming a threat to the industry,” he told Fortune.

Industry players see poor internal control, the absence of separation of duties, and inadequate documentation are the major enabling factors. From where Ermias Andarge sits, presiding over Enat Bank, fraud detection mechanisms are insufficient to fight the crime effectively.

Says he: “Unless there are suspicious activities, banks have no tools to detect fraud before the threats materialise.”

But not for lack of legislative tools, argue regulators. Solomon Desta, vice governor of financial institutions at the central bank, argues that existing laws can protect the public from bank fraud.

A directive governing fraud monitoring compels banks to investigate incidents of financial fraud internally. The law requires financial institutions to report their activities quarterly to the National Bank of Ethiopia (NBE). In instances of financial crimes, they are obligated to report cases within three days.

However, these measures have proved ineffective. Although external firms audit banks annually, disclosing losses from financial fraud is rare. Awol of the Justice Ministry attributed this to banks’ having executives hesitant to provide information to auditors fearing public disclosure.

“Auditors focus on bigger transactions vulnerable to mismanagement and theft,” said Tewodros Hailu, managing partner at Degefa & Tewodros Authorized Accounting Firm.

Nevertheless, he observes the rise of bank fraud during the auditing process.

Industry players say the directive governing fraud monitoring, introduced eight years ago, does not match the advancement in technology. Solomon concedes that, although not urgent, the directive might require an amendment to cover mobile money and digital banking users.

This shows that the threat of financial fraud is no longer limited to banks. The risk becomes more perceptible as the web becomes more tangled with multiple parties sharing mobile money and other e-payment platforms. Attempts to leverage existing online banking infrastructure inherently come with risks, according to Fitsum. The digital banking landscape is changing with the arrival of financial tech (fintech) firms.

Until two years ago, only financial firms, particularly banks and microfinance institutions, were permitted to provide mobile banking services. This changed after the central bank issued a directive in August 2020, allowing non-financial institutions to join the fray. Last year, the arrival of the state-owned Ethio telecom’s “Telebirr” became a game-changer.

One of five non-financial entities to have secured permits from the central bank, Telebirr allows users to deposit, withdraw, and transfer funds using a mobile application or a USSD code. It has garnered close to 22 million users thus far, overwhelming much of its competition within a year. It has facilitated close to 30 billion Br in transactions. But not without concerns and security threats.

Ethio telecom recently suspended money transfers to Telebirr accounts under another account holder’s name. Regulators at the central bank have also put limits on bank-to-bank transfers, capping transactions at 25,000 Br.

These threats have led the state telecom provider to agree with Subex, an Indian enterprise software provider, to provide a fraud management system. Tsegaye Emanuel, the chief information security officer at Ethio telecom, hopes the system will enable the company to adopt a proactive approach to combat risks, including mobile money fraud.

In the absence of integrated and standardised identity cards, Dahlak of the CBE cautions the difficulties of combating cheque-related fraud and unauthorised withdrawal. He sees the National ID programme as a vital tool.

“The proper implementation of the ID can go a long way to battle bank fraud,” he said.

These measures may come too little too late for victims like Sisay, who is unlikely to see his hard-earned money recovered.

PUBLISHED ON Aug 27,2022 [ VOL 23 , NO 1165]

How useful was this post?

Click on a star to rate it!

Average rating 5 / 5. Vote count: 1

No votes so far! Be the first to rate this post.

Put your comments here

N.B: A submit button will appear once you fill out all the required fields.

Editors' Pick