By Babajide Komolafe
THE Chartered Institute of Bankers of Nigeria, CIBN, has called on the Central Bank of Nigeria to engage operators to develop a coherent cyber risk strategy for the banking industry.
CIBN President, Dr. Uche Olowu, made this call while delivering the keynote address at the Industry Round Table for Information Security Stakeholders of Banks in Nigeria held in Lagos.
Speaking on measures to tackle the risk of cyber threats and fraudulent activities heightened by the emergence of Fintechs in the financial industry, he said: “Regulation is key to the Fintech ecosystem as it would ensure that the full range of benefits available from the digitisation of the economy especially the financial sector are safely harnessed while minimizing the attendant risks.
“It is worthy of note that the Federal Government has put in place several measures to deter the activities of cyber criminals. Initiatives such as the Risk Based Cyber Security Framework released in June, 2018 very are commendable.
“The apex bank should have regular interface with the operators to be able to develop a coherent Cyber Risk Strategy. This is in line with the view of Christine Lagarde, Managing Director/Chairwoman, International Monetary Fund who once prescribed that, by constructively engaging with market participants at the centre of financial innovation, regulators can stay abreast of new technologies while quickly identifying new risks.”
He also called for a robust effort to address data privacy issues, Olowu said: “Banks are privy to an immense amount of data which if put in the wrong hands could be harnessed for illicit activities. The most popular example being Facebook data and the data harnessed by Cambridge Analytica through the Application Programmable Interface (API) and the interference in the 2016 American Elections.
“As a solution, I implore intermediaries such as Payment Solutions Service Providers (PSSP) to efficiently act on data breaches. Furthermore, I believe that Data Privacy challenges could be effectively tackled with adequate legislation which would enforce best practices in data protection. Also, a constant review of compliance with global standards such International Standard Organisations (ISO) and Payment Card Industry Data Security Standards (PCI-DSS) are ensured by the players in the financial service industry.”