The advent of digital banking in Nigeria has revolutionized financial transactions, offering convenience and accessibility to millions of users.
This transformation has enabled faster and cashless payments, fostered financial inclusion, and streamlined operations for businesses and individuals alike.
However, this digital evolution has also exposed vulnerabilities within the country’s cybersecurity framework.
As the volume of online and mobile transactions grows, so does the sophistication and frequency of fraud schemes.
Customers, particularly those with limited digital literacy, face heightened risks of phishing attacks, identity theft, and unauthorized account access.
For instance, Ayo-Bankole Akintujoye, a Lagos-based business consultant shared his ordeal when his mother lost over N320,000 to fraudsters.
Despite swift action from his bank and the Economic and Financial Crimes Commission EFCC, Nigeria’s anti-corruption agency, the experience revealed the weakness of the country’s banking systems to phishing attacks and other cybercrimes.
“But such frauds are preventable. The Government must do more to protect citizens. A government loses its right to lead once it fails at this. Nigerians are often helpless in the face of daily robberies; extortions; rape and death.” Ayo-Bankole said on his X account.
These gaps in cybersecurity erode consumer trust and also slow Nigeria’s ambition of achieving a robust and secure digital economy.
Fraud incidents tied to interbank transactions have surged, with many victims pointing to weak cybersecurity frameworks, with financial institutions often criticised for their reactive, rather than proactive approach to fraud prevention.
According to the 2020 Women and Men report released by the National Bureau of Statistics (NBS), 549 persons were arrested in Nigeria in 2019 for committing bank fraud, with 10 states accounting for 87.98% of the total number of arrests.
The list includes FCT Abuja, Nigeria’s capital, with the states of Oyo, Lagos, Kano, Borno and Enugu States. Others on the list are Kaduna, Benue, Kwara and Rivers States.
Similarly, the Nigeria Inter-Bank Settlement System (NIBSS) latest Annual Report on Cyber Fraud shows that N59.3 billion was lost to fraud between 2019 and 2023 in 467,778 cases within the last five years.
In 2023 alone, customers lost N17.67 billion across 95,620 cases, with the highest loss of N3.76 billion occurring in October 2023.
Lagos State led the top 10 states with the highest cases of fraud between 2022 and 2023, recording the topmost figure in both years.
The country’s recent embrace of innovations such as mobile banking, digital wallets, and fintech platforms has created a robust digital financial ecosystem, but stories like Ayo-Bankole’s mother have become frequent making cybersecurity in banking a pressing concern.
Nigeria’s Evolving Banking Sector
The Central Bank of Nigeria (CBN), the country’s apex financial institution, has driven digital banking adoption with initiatives like the cashless policy and the introduction of digital payment platforms.
Fintech companies have not only made financial transactions easier but also brought millions of Nigerians into the formal banking system.
However, the convenience of these platforms comes with risks. The NIBSS reported a surge in financial fraud, with N17.67 billion lost to electronic fraud in 2023.
The figure represents the monetary losses by the financial institutions and also the erosion of trust in digital financial systems, becoming a challenge to Nigeria’s ambition to achieve full financial inclusion by 2025.
Cybercriminals are exploiting the widespread use of mobile banking apps and online payment platforms.
Their tactics range from phishing and SIM swap fraud to ransomware attacks targeting banking institutions.
The Human Toll of Cybercrime
The impact of cybercrime in banking extends far beyond monetary losses. For individuals like Ayo-Bakole, the toll of losing one’s hard-earned money is immense.
Small business owners and entrepreneurs, who rely heavily on online payment systems, often find themselves grappling with disrupted operations and lost customer trust.
Fatima, a small-scale trader in Bauchi, recounted how she was tricked into revealing her bank account details through a fake customer inquiry that later stripped her of her N185,000 balance.
She said the fraudster posed as a buyer, requesting her bank details to send payment for goods.
“A few hours later, I noticed unauthorized withdrawals from my account. I don’t know how he did it, but I went to my bank twice, they said they were working on it to know what exactly happened, I will go back next week,” she told WikkiTimes.
For Fatima, the experience was a lesson in the vulnerabilities of digital transactions.
Banks and fintech companies are struggling with operational disruptions caused by cyberattacks.
In some high-profile cases in 2020 and 2024, hackers targeted the database of some leading Nigerian banks, reportedly accessing information and compromising the bank’s security systems. However, the banks later denied it.
Despite the denial, it creates doubt and undermines customer confidence in the digital financial institution, highlighting the need for stronger cybersecurity measures.
The Cost of Cyber Insecurity
The financial and societal cost of cyber insecurity is distressing with financial institutions being compelled to allocate resources to fraud investigations, customer reimbursements, and continuous system upgrades to safeguard against threats.
These expenditures, while necessary, strain operational budgets and often lead to higher service charges for customers, indirectly transferring the cost of cybercrime to the public.
For individual customers, these losses are not just monetary but also emotional, as victims particularly in rural and underserved areas often lack access to the resources, education, or advocacy needed to seek redress.
Many are unfamiliar with digital security measures or unaware of how to report incidents effectively.
While some regulations exist in Nigeria, their enforcement remains inconsistent, leaving gaps that cybercriminals exploit.
Beyond individuals, the erosion of trust in digital financial systems poses a threat to Nigeria’s goal of becoming a cashless economy.
Analysts maintained that to curb these challenges, there is a need for comprehensive reforms, including the development of proactive consumer protection frameworks, enhanced public awareness campaigns on cybersecurity, and stronger regulatory oversight.
Need for Digital Literacy
One of the major challenges in combating cybercrime in banking is the low level of digital literacy among users.
While urban dwellers and elites are gradually becoming aware of cyber threats, rural users – who are a key demographic in Nigeria’s financial inclusion drive remain particularly vulnerable.
CyberSafe Foundation’s NoGoFallMaga campaign is an example of a grassroots initiative aimed at educating Nigerians on safe digital practices.
These campaigns teach users how to recognize phishing attempts, create strong passwords, and protect sensitive banking information.
The Role of Regulatory Bodies
The CBN has implemented several measures to curb cybercrime in the banking sector including the introduction of the Risk-Based Cybersecurity Framework as a step toward equipping financial institutions against cyber threats.
This framework mandates banks to implement stringent security protocols, including two-factor authentication (2FA), encryption, and regular security audits.
Cybercrime legislation, such as the Cybercrime Act of 2015, provides a legal framework for prosecuting offenders, but implementation has been inconsistent.
Despite these measures, enforcement remains a challenge. Law enforcement agencies often lack the technical expertise and resources needed to track and apprehend cybercriminals.
The Director General of the National Information Technology Development Agency (NITDA), Kashifu Inuwa Abdullahi, said Nigeria is committed to protecting digital assets through the National Cybersecurity Architecture under the supervision of the National Security Adviser’s office.
He highlighted this when presenting cybersecurity awareness to the Jaiz Bank Board of Directors at their Abuja headquarters, with focus on the board’s critical role in cybersecurity governance to counter cyber-attacks in the financial sector.
Quoting an American businessman and CEO of Berkshire Hathaway Warren Buffett, Inuwa said, “It takes 20 years to build a reputation and only a few minutes of cyber-incident to ruin it.”
He urged financial institutions to prioritise cybersecurity in safeguarding customer data and assets.
Building Technological Strength
Technological advancements are playing a crucial role in strengthening cybersecurity in banking. Many Nigerian banks are now adopting artificial intelligence (AI) and machine learning to detect fraudulent transactions in real time.
AI systems can analyze transaction patterns and flag unusual activities, allowing banks to act swiftly to prevent fraud.
For Williams Uko, the Head of Strategy and Research NIBSS, biometric verification is another innovation transforming the banking sector.
By requiring fingerprints or facial recognition for transactions, banks can reduce the risk of unauthorized access.
Fintech companies are also embedding advanced encryption protocols into their platforms, ensuring that customer data remains secure.
Need for Collaboration
Corroborating, Paul Daniel, a Bauchi-based financial expert, said collaboration between stakeholders is key to creating a secure digital financial ecosystem.
“Banks, fintech companies, and telecom providers must work together to share threat intelligence and develop unified security protocols.
“The road to a cyber-secure Nigeria has challenges, but the potential rewards are immense.”
Paul added that by safeguarding its digital financial ecosystem, Nigeria can unlock new opportunities for growth, inclusion, and innovation, “especially when benefits of a cashless economy are accessible to all.”
He maintained that comprehensive measures, including enhanced security protocols and user education, are essential to address these challenges and sustain the growth of digital banking in Nigeria.
This report is produced under the DPI Africa Journalism Fellowship Programme of the Media Foundation for West Africa and Co-Develop
