Nigeria’s Fintech Scene Is Wrestling With A Worsening Fraud Problem
Nigeria’s financial technology sector is facing a mounting crisis as it grapples with an alarming wave of fraud and hacking incidents. Over the first eight months of the year, three prominent fintech companies collectively lost more than NGN 5 B (~USD 6 M) to hackers, data from the Financial Institutions Training Centre (FITC) shows, sparking concerns about the industry’s vulnerability.
Earlier this year, Flutterwave, a prominent fintech company, was reported to have suffered a major security breach where hackers stole NGN 2.9 B (USD 3.7 M) from its accounts. Although the company has issued public denials of the issue, court documents revealed that Flutterwave’s legal counsel sought police assistance to recover funds from 107 bank accounts in 27 banks that allegedly received money from the illegal transfers.
Patricia Technologies, a crypto trading platform, is currently embroiled in controversy after reportedly falling victim to fraud involving both hackers and insiders, losing around USD 2 M belonging to customers who are growing impatient as the company explores repayment options. Prior to that, in 2022, MTN Nigeria, the country’s top telecoms company, was reported to have experienced unauthorized transfers totalling over NGN 10.5 B (USD 13.3 M) due to a glitch in its mobile money service shortly after its relaunch as a payment service bank.
Most recently, reports have emerged that Interswitch, a leading African payments and infrastructure giant, suffered a staggering loss of NGN 30 B (~USD 40 M) due to a system glitch that allowed merchants to fraudulently file and receive chargebacks, with a TechCabal report citing sources who suggest some of the fraud is linked to a few former and current Interswitch employees. This supports a point raised by the FITC, a financial research and advocacy organisation operated by the Central Bank of Nigeria, that losses in the sector were not solely due to external threats; insiders within these companies are suspected of colluding with hackers, making it increasingly difficult for fintech firms to safeguard their systems effectively.
This issue, however, is not confined to fintechs alone, as commercial banks in Nigeria are also contending with substantial financial losses due to fraud. A report by the FITC highlighted a significant increase in insider involvement in these incidents, emphasizing the challenges faced by both fintechs and traditional banks.
Court documents that recently became public suggest that Access Bank, the largest bank in Nigeria in terms of customer deposits, took legal action in June to retrieve NGN 3 B (USD 3.8 M) fraudulently withdrawn. Subsequently, in July, the bank filed another lawsuit to recover an additional NGN 5 B (USD 6.3 M) that had been illicitly transferred from its accounts by fraudsters.
More recently, fraud concerns reportedly prompted at least one commercial bank in Nigeria to sever connections with multiple fintechs, disrupting financial transactions for customers until the issues were resolved. Fidelity Bank, which according to local reports incurred losses of NGN 2 B (USD 2.5 M) in three separate attacks, sparked debate after it temporarily restricted fund transfers to neobanks such as PalmPay, OPay, Moniepoint and a few others. Since 2020, Nigerian financial institutions have lost a total of NGN 159 B (USD 201.5 M) due to fraud incidents, per the FITC’s calculations.
The vulnerability of fintech apps has become a pressing concern. Hackers view every new fintech app as a potential target, industry experts reckon, testing the vulnerability of these systems immediately upon launch. Fintech companies are now prioritizing encryption and seeking secure partnerships, such as Project Radar, to bolster their cybersecurity measures.
The rise in fraud incidents can be attributed to relaxed transaction rules and flexible customer verification standards in Nigeria’s financial system. Phishing attacks have become prevalent, with scammers impersonating verified social media handles of local banks to collect customer information and carry out unauthorized fund transfers. These scams, combined with inadequate verification and identity management processes, have made both banks and digital challengers vulnerable to malicious actors.
Despite efforts to address the issue, the Nigerian financial system continues to face challenges related to information sharing, international collaborations, and coordination on financial fraud investigations by local law enforcement agencies. This lack of cooperation hampers the industry’s ability to effectively combat fraud and protect both businesses and customers.
As the value of electronic payments in Nigeria continues to soar, the need for urgent action to bridge existing gaps and establish a robust anti-fraud framework has come to the fore. Stakeholders maintain that collaboration between financial institutions, fintech companies, and regulatory authorities would be crucial to safeguarding the industry and ensuring the security of financial transactions in the country.