Connect with us
Advertise With Us


CBN: Securing Nigeria’s Electronic Payment System




Over the years, electronic payment system, often referred to as e-payment system has grown to become the most acceptable process of settlement of financial transactions in all sectors of nations’ economies. E-commerce payment systems have become increasingly popular due to the widespread use of the internet-based shopping and banking operations. Financial regulatory authorities as the Central banks and Inter-bank settlement systems have the mandate to supervise happenings around the operations and functionality of the electronic enabled payment system. The understanding is that under the e-payment system, fiat currencies are the core engine of most economies, and the payments system and the banks are the financial police for that engine.

On the home front, events over time have shown that the Nigerian value exchange needs to be monitored, more secured and recorded by the regulatory authorities – the Central Bank of Nigeria (CBN) with a focus to ensure that the banking industry, and by extension, the economy runs efficiently, devoid of intrusion from fraudsters. Recent experiences indicate that payments made over the internet are still subject to higher rates of fraud than traditional payment methods in Nigeria, even though it’s not peculiar to Nigeria.

LEADERSHIP had reported that Nigeria recorded N2, 19,509,038.78 billion loss in money terms in 19,531 reported fraud cases in 2016 alone. The data that was obtained from a report by the Nigeria Electronic Fraud Forum (NeFF), revealed that ATM transactions recorded the highest volume of fraud followed by mobile. ATM recorded 9,522 fraud volumes, with N464.514 million in the year alone. There is a steady rise in the figure over the years. For example, while N2,688,669,2 million was lost to the rampaging fraudsters in 2014 through ATM channels, the number increased to N355,892,20 million in 2015, according to official data.

Given that experience, the CBN last week, came up with a regulatory framework for Bank Verification Number (BVN) Watch-list for the Nigerian Financial System. The framework which groups participants into five categories provides standards for the BVN operations and Watch-list for the Nigerian Banking Industry. The Watch-list comprises a database of bank customers’ identified by their BVNs, who have been involved in confirmed fraudulent activity in the banking industry in Nigeria. It’s meant to be implemented immediately.

The new BVN operations framework aims to facilitate common knowledge and understanding, in particular between supervisors of payment service providers (PSPs) and overseers, of issues related to the security of electronic retail payment services and instruments provided within the Nigerian banking sector. The guideline seeks to address areas where major weaknesses and vulnerabilities are detected and, where appropriate, makes clarifications, correction and recommendations, while helping to provide a database of watch-listed individuals, outline the process and operations of the Watch-List; and deter fraud incidences in the Nigerian Banking Industry. These reflect the experience of overseers and supervisors in the industry obviously based on feedback obtained in public consultations and customers’ complaints.

The new move by the apex bank which, is for the security of internet payments is expected to contribute to fighting payment fraud and enhancing consumer trust in internet payments. The guideline also houses some best practices, which Deposit Money Banks (DMBs), Nigeria Inter-Bank Settlement System (NIBSS), Other Financial Institutions (OFIs) and bank customers, governance authorities of payment schemes and other market participants, such as e-merchants, are encouraged to adopt.

As the regulator, all matters arising from the operations of the BVN and Watch-list initiatives are resolved on the desk of the regulatory body, according to the Circular that was signed by the bank’s director, banking and payments system department, Mr. Dipo Fatokun.

Under the new guide, the CBN among other things, has the sole mandate to approve eligible users for access to the BVN information; ensure that the objectives of the BVN initiatives is fully achieved; conduct oversight on BVN operations and systems and monitor other stakeholders, to ensure compliance.

he authority to review framework for the operations of the watch-list, sanction non-compliance with the regulatory guidelines rests squarely with the central bank whose director, risk management department has power to review cases referred to it before issuance of a formal clearance to an individual for the purpose of delisting from the Watch-List and mediate on issues arising from the BVN Watch-list.

While the NIBSS is expected to function primarily to ensure seamless operations of the BVN system, maintain the BVN database and ensure adequate security of the BVN information the DMBs and OFIs are meant to ensure proper capturing of the BVN data and validate same before the linkage with customers’ accounts and ensure all operated accounts are linked with the signatories’ BVN among other key functions.

The new framework provides for BVN operational processes and procedures which address issues ranging from enrollment, identification, verification, linking of Customer’s Unique ID to all related bank accounts to fraud Management and customer Information Update.

On their part, bank customers are required to abide by the Regulatory Framework for BVN Operations and the Watch-list for the Nigerian Banking Industry and report all suspicious or unauthorized activities on their accounts.

In aspect of security and data protection, the circular directed parties to the BVN operations to put secured hardware, software and encryption of messages transmitted through the BVN network in place. Apart from that, the CBN also said “BVN data shall be stored within the shores of Nigeria and shall not be routed across borders without the consent of the CBN; users of the BVN information shall establish adequate security procedures to ensure the safety and security of its information and those of its clients, which shall include physical, logical, network and enterprise security”, adding that parties will ensure that all information that its employees have obtained in the course of discharging their responsibilities are classified as confidential.

“This Framework also defines the establishment and operations of a Watch-list for the Nigerian Banking Industry, to address the increasing incidences, of frauds, with a view to engendering public confidence in the banking industry, Mr. Fotokun said, explaining that the framework, “without prejudice to existing laws, is a guide for the operations of the Watch-List in the Financial System. The Watch-list is a database of bank customers identified by their BVNs, who have been involved in confirmed fraudulent activities.”

For top players in the financial sector, the new guidelines by the Central Bank are these best practices. They say they are particularly important as the safety of internet payments depends on the responsible behaviour of all actors. Those who believe that the CBN has took the best steps to secure the nation’s payment system point to the enviable success of such reforms in other climes including those in Europe, which they say, serves to show that the apex bank is on the right part to securing confidence in the sector. This is as BVN participants are expected to ensure that risks mitigations techniques are in place to minimize operational, technical, fraud risks, etc. BVN operations should not be susceptible to sustained operational failures, as a result of system outages.



%d bloggers like this: