Nigeria’s banking sector is grappling with a surge in electronic fraud, with annual losses now exceeding N1 trillion, prompting urgent calls for the Central Bank of Nigeria, CBN, to upgrade its decade-old authentication standard from two-factor authentication (2FA) to a more advanced three-factor authentication (3FA). Industry data shows digital theft—especially unauthorised transactions—has risen sharply, overwhelming existing regulatory protections.

Under current rules, banks are required to reimburse a maximum of N5 million per affected account, a cap critics say is inadequate as fraud becomes more sophisticated. Many customers have also complained of delays or outright failure by banks to refund disputed transactions, worsening public confidence in the financial system.

Electronic fraud losses have risen almost tenfold in six years—from N133bn to more than N1tn—bringing Nigeria close in value to the UK’s 2024 fraud losses of £700m (about N1.3tn). However, while the UK reimburses 98% of victims due to strong consumer-protection policies, Nigeria’s smaller banking and insurance ecosystem leaves depositors far more exposed.

Ive Chike Meme, a director at Environ, a financial-technology intelligence firm, warned that Nigerian banks are “dangerously under-protected” as cybercriminals increasingly deploy artificial intelligence tools capable of bypassing traditional security measures. He added that insider collusion remains a major driver of fraud as rogue bank employees circumvent controls.

Environ says it is discussing with the Nigerian Financial Intelligence Unit (NFIU) the deployment of a biometric “proof-of-life” digital signature, which it describes as a high-security, non-spoof technology already used by global institutions. The firm argues that such systems are essential to restoring trust in Nigeria’s fast-growing but vulnerable payments industry.

Analysts note that the CBN last enforced a major fraud-control upgrade in 2015 with the introduction of 2FA, but cybercrime has since evolved rapidly, while agencies like the EFCC and NFIU lack the authority to compel banks to adopt stronger authentication frameworks.

Meme said the CBN would “inevitably have to intervene again,” insisting that Nigeria must transition to 3FA to protect depositors, as building a N250 trillion insurance buffer is unrealistic. He added that banks that adopt stronger security early will attract more customers concerned about rising unauthorised transactions.

Industry experts warn that beyond retail victims, cybercriminals often target high-value corporate and government accounts. Yet all depositors—large or small—remain subject to the same N5m compensation cap, leaving them vulnerable until Nigeria strengthens its fraud-control and consumer-protection systems.