Banking Fraud in Kenya Trebles Despite System Improvements

Jay Decenella, IT audit expert
May 06, 2011 /

Instead of stemming rates of banking fraud, system improvements adopted by banks in Kenya have proven futile as fraudsters were able to funnel larger amounts in 2010 than previously recorded according to accounting firm Deloitte.

Fraudsters exploited the Real time gross settlement systems (RTGS) where funds are transferred from one bank to another on a real-time and gross basis, as well as the Safaricom’s M-Pesa mobile money transfer system.

Meanwhile, accounting firm PricewaterhouseCoopers revealed earlier this week that it has been seeing a surge in banking fraud committed by “disgruntled or disillusioned employees who are usually young and more tech-savvy than their superiors.”

PricewaterhouseCoopers based its statement on a survey conducted on 33 banks in Kenya, Rwanda, Uganda, Tanzania and Zambia this year.

In the case of Deloitte’s findings, the accounting firm said recent banning of check payments worth more than Sh1 million only produced loopholes for fraudsters to exploit the changes and steal money.

Last year, losses from banking fraud amounted to Sh3 billion taking place on the RTGS that processes payments of at least Sh1 million, the forensic services department of Deloitte found. This means that an average of Sh246 million has been lost by banks every month.

The Kenya Bankers Association (KBA) reported that in 2009, a total of Sh900 million was stolen through banking fraud, Sh2.46 billion lower than the 2010 figure.

Deloitte added that almost Sh1.2 billion of the defrauded amount has not been recovered.

The system improvements were designed to enhance competitiveness. But as Faith Basiye-Omolo, chairperson of the KBA fraud and security committee, commented, they only “created loopholes for fraud.”

In addition, from April to June 2010 RTGS vulnerabilities caused Sh270 million in losses, or 69% of the overall amount lost by banks in the entire year.

On the other hand, Safaricom’s M-Pesa mobile money transfer system drove banks to lose Sh21 million.

According to Deloitte, technology-savvy insiders were responsible for the banking fraud that occurred in March 2010, in which they were able to manipulate the electronic systems and transfer funds to their own accounts.

Basiye-Omolo noted that threats like hacking, malicious insiders, card skimming, electronic files manipulation, IT controls circumvention, unauthorized penetration and careless employees have surged as new banking systems intended for cost efficiency began to rise.

Overall, Sh72.4 billion was lost from these loopholes during the year, which represented almost 4% of the pre-tax revenue of the banking industry in Kenya.

However, the figures do not include cases which were not spotted by Deloitte, meaning the scale of banking fraud that actually took place was far more than what has been known.

In the third quarter of 2010, overall losses were pegged at Sh1.7 billion.

 

Share your opinion