Two months ago, a well-dressed man in his thirties walked into Dawit Basazinew's furniture store on Africa Avenue (Bole Road) and selected a long list of items worth over 70,000 Br. Dawit, the store's owner, was accustomed to delivering sold items the day after payment, but the customer's urgency raised some concerns. The situation became suspicious when Dawit received a screenshot of a payment transfer on his phone.

"I immediately noticed something was off," Dawit told Fortune.

The fake bank deposit looked like it had been made in Weliso City, Oromia Regional State, a 100-kilometer journey from the capital.



"There is no way he could have travelled that far and in that little time," the veteran retailer says.

Dawit ordered his employees to pause the delivery of the goods and went to check the authenticity of the bank account, which proved to be fake.

He says without meticulous attention to detail, sellers can easily be swindled by digital transactions in the rush to move inventory.

The rising use of digital financial technologies has simplified transactions, expanded financial inclusion and streamlined commerce while introducing new risks to customers and institutions alike.

A report by the National Bank of Ethiopia(NBE) released two weeks ago highlights increased operational risk for commercial banks with the expanded introduction of new technology-based products and services. It indicates that bank frauds and forgeries, including false texts and calls, withdrawals using stolen ATM cards, false financial instruments, and embezzlement, doubled to one billion birr in 2023.

The Bank for International Settlements(BIS) defines digital fraud as including operational risk, social engineering(phishing emails or SMS), and cyber risk. It has recently extended the scope to include elements of spoofing (impersonation of a bank), fake financial products, and account takeovers.

Nahom Mekbib, a thirty-year-old technician, was contacted by an individual purporting to be from a commercial bank's digital banking staff three months ago working on 'system integration'. He was told to open his mobile banking app and given step-by-step instructions, culminating in a request for a PIN.

"I refused to give him the code, which agitated him," Nahom told Fortune.

Last year, the thirty-year-old was scammed out of 3,000 Br for a fake digital investment scheme on the popular online messaging application Telegram, which made him more cautious.

"I have stopped opening links altogether," he says

A report on global financial fraud by the International Criminal Police Organization (INTERPOL) released last month reveals a rise in digital scams involving advance payments, investments, and business email fraud. It highlights a growing sophistication of criminals powered by Artificial Intelligence (AI) without the need for advanced technical skills and at relatively little cost.

Ethiopia's Financial Intelligence Services (FIS) was re-established two years ago to monitor suspicious financial transactions and combat financial crimes across all platforms. It receives around 2,100 reports annually of potentially fraudulent transactions from financial institutions.

Endale Assefa, Communication director of the FIS, points out that aggressive technology adoption will invariably increase potential fraud attempts. He says each financial institution in the country is expected to report any suspicious transaction to the Service within 24 hours of its occurrence through an internal online system.



"We prioritize the reports based on their potential harm," he told Fortune.

Endale emphasized the importance of coordination between FIS and financial institutions to identify potential fraud before it causes damage.



"If the perpetrators succeed, it becomes a criminal investigation," he said.

The Federal Police Commission Crime Investigation Bureau brought hundreds of financial fraud cases, a significant portion of which related to digital banking, before courts in 2022, with the majority being in Addis Abeba.

The director indicated that FIS assists in the subsequent criminal investigation and prosecution of fraudsters who are caught.

"Creating awareness will prevent most of the fraud," Endale says.

He suggested that most fraudsters channel money from victims to fund other criminal activities.

This sentiment is echoed in the Global Scam Alliance's 2023 report, which indicates that around one trillion dollars was stolen from victims worldwide last year, exacerbated by inadequately supervised financial technologies. As Ethiopia targets a three-year increase in the value of digital payments and financial services fourfold to 17 trillion Br, some financial institutions have begun to strengthen their security protocols.

Sosina Mengesha, Chief Digital Banking officer at the Bank of Abyssinia(BoA), says most incidents of digital financial fraud in Ethiopia arise from unsophisticated perpetrators who exploit people's lack of financial and digital literacy.

She also noted that poor Know Your Customer(KYC) practices and financial institutions' eagerness for new customers to open bank accounts have further widened the security gaps.


"Identification problems and improper password managment cause most incidents," Sosina told Fortune.

The bank employs an AI-embedded system that flags transactions and risk-based security protocols across most services. As digital financial transactions now make up 60pc of total transactions, the exposure to risks has increased.

She indicated that most problems reported by customers are handled at the branches, while an entire department dedicated to digital security exists at a corporate scale. "People need to be very cautious with their financial information," Sosina says.

Two years ago, the Ministry of Justice(MoJ) report revealed that the banks had suffered around 1.8 billion Br in losses due to fraud over four years.

The Bank, which accounted for 17pc of the losses in the study, has recently begun collecting biometric data on some branches to improve customer identification procedures.

The central bank's inaugural financial stability report indicates a marked rise, as one billion birr was defrauded within a quarter of the time from 20 banks.


Belte Fola, a portfolio manager at the National Bank of Ethiopia, says reports on attempted frauds and successes are collected from the banks every quarter to understand the scope and extent.

"Successful prevention largely depends on proper coordination," he told Fortune.

Belete referred to a directive from two years back that requires each financial institution to establish a fraud detection, reporting, and mitigation strategy as the bedrock of the regulatory framework.

"Vigilance is expected from financial institutions," he says.

Banks in Ethiopia are expected to maintain a fraud register that includes names, addresses, the type of fraud, and the position of suspected employees who are possibly involved.

Tatek Negassa, deputy chief of digital banking at Nib Bank, says financial institutions must attend to upgrading security protocols just as much as they prioritize onboarding new technology to attract customers.

"Every technology comes with risks," he told Fortune.

Tatek has observed inadequate information delivery from the banks to customers as one factor that needs significant attention to reduce risks for both.

He says customers who have not been informed of the risk are easily swindled by scammers who impersonate bank staff or forge financial instruments. Untrained staff also inadvertently pass on sensitive data to external parties.

"Proper information management is expected of customers and institutions," Tatek says.

He also pointed out that the technological capabilities across banks are not harmonized enough to track and process suspicious transactions beyond the usual dispute management procedures.

The deputy explains that poor Know Your Customer (KYC) procedures at one financial institution compound the verification difficulties for the other, with customers bearing the ultimate price.

In its 2023 report on Ethiopia, the Global Systems for Mobile Communication Association(GSMA) recommended the accelerated development of digital identification systems and electronic KYC mechanisms to reduce risks of digital financial fraud and increase mobile money adoption.

Fayda, the national ID project with real-time biometric authentication and eKYC for all use cases, with more than 4.6 million Ethiopians registered so far, has been cited as a promising development in the digital financial ecosystem.

Abenezer Feleke, strategic communications adviser at the Tony Blair Institute for Global Change and the National ID program, expects the digital ID to significantly alter the ease and security of financial services within the coming two years.

"The vision towards a cashless society is pinned on proper identification," he told Fortune.


Abenezer noted the challenges of proper customer due diligence when potential customers have multiple identities that can be used to defraud both financial institutions and the wider population.

Banks will serve as major registration centres for the Fayda project nationwide starting next September and have financed the purchase of over 6,000 kits set to arrive in the coming weeks.

"Frauds will be less likely while possible types of services increase," Abenzer says.

Digital finance consultants point out that financial institutions' acquisition, use, and management of technology are underrated risk factors that could increase fraud in the long term.

Yegeremal Meshesha, a digital finance consultant who has advised several fintech startups, has observed that most financial institutions launch digital services without obtaining the necessary international certifications.

He indicated that certifications obtained locally from institutions like the Information Network Safety Agency(INSA) are primarily concerned with the front end, interactable part of a technology product, despite the security risks embedded at the backdrop.

"Some products are risk-prone at the outset," Yegermal told Fortune.

He noted that the absence of comprehensive frameworks at the enterprise level incorporating regular audits, discrepancy checks, and account reconciliations like manual bookkeeping procedures has heightened risk factors.

"Products are forgotten after they are launched," the consultant says.

Yegermal expects intense financial and digital literacy campaigns conducted in parallel with the rush to introduce new technologies to close off most windows of opportunity for fraud.

"Sensitivity to financial information needs to be standard practice," he stressed.

Experts attribute the exposure to financial fraud to a lack of well-designed, user-friendly features, underdeveloped internal risk procedures, and the dearth of human capital.

Tewodros Tasew, one of the earliest entrants into Ethiopia's financial technology landscape, recognizes negligence in including fraud risk-minimizing user-friendly features at the early stage of the design process as one of the drivers of fraud.

He reasons that the lack of transparent fee structures in some financial technology products creates fertile ground for potential fraudsters to exploit, as users cannot tell why their money was debited.

"A small side window can easily give a cost breakdown," Tewodros told Fortune.

Tewodros also challenged the idea that digital illiteracy causes most fraud cases, arguing that financial technology companies' failure to understand their customer segment is a more significant factor. He said companies must design products with security features tailored to their market base.

Management from EthSwitch, the national switch operator, declined to comment on the development of this story.



PUBLISHED ON Apr 20,2024 [ VOL 25 , NO 1251]


How useful was this post?

Click on a star to rate it!

Average rating 5 / 5. Vote count: 2

No votes so far! Be the first to rate this post.





Editors' Pick



Editorial




Back
WhatsApp
Telegram
Email