SM, Internal Control & Audit, IT Audit, Zenith Bank PLC Nigeria
Preventing and managing risk in a constantly evolving market
Banking is a tough industry to be in. Not only do financial institutions carry the burden of managing large amounts of money, they also have to stay on top of constantly changing legislation and the introduction of new technology and customer demands that impact how they do business and how they serve customers. As the market is dynamic, so are the antics of fraudsters.
Unfortunately, when it comes to banking, risk is the nature of the beast. Banks need robust systems that guard against fraud losses, customer information breaches and non-compliance with stringent legislation.
We are confident that as we continue the adoption of SAS fraud modules, greater benefits and values that will help to prevent losses and attrition will be delivered.
Electronic fraud is a common and growing problem that all banks battle with in Nigeria. Not being able to effectively manage e-fraud can result in increased operating costs, exposure to additional operating risk, reduced profitability and less effective controls.
“We realised that we needed to implement preventative e-fraud controls that worked in harmony with other banking controls. These controls needed to help us to manage electronic fraud incidences, gather evidence and administer successful prosecution,” says Demola Elutilo, SM, Internal Control & Audit, IT Audit at Zenith Bank PLC Nigeria.
It found the appropriate solution in SAS Fraud Framework and implemented it in three core business areas: Online Banking (Inflows and Outflows), Insider Abuse and Third Party Fraud.
“We are part of the Internal Control and Audit Group and our focus is on e-fraud management responsible for managing fraud risks on the bank’s e-channels. We are also responsible for IT audit review, control and security. A slip up in any of our controls could have massive financial and reputational consequences for the bank, so it’s crucial that these are tightly managed,” said Demola.
“Fraud should not be seen as an Internal Control and Audit issue only. It affects every facet of the business. Therefore, very early on this journey, there was commitment from various business lines. This was one of the critical factors that contributed to the overall success of this project.”
Zenith considered a number of solutions from different vendors to help it manage risk within the department. SAS came out on top because management believed the solution could add value and depth to the business.
“We have been on the SAS Journey for over three years now,” says Demola. “We started with SAS in 2013 with the implementation of both the Anti-Money Laundering and Anti-Fraud Solutions. In the beginning of the journey, there were some minor challenges but SAS has been very supportive ironing out problems as they arise.”
“The Bank approached this project on a modular basis and we identified three key milestones which have since been delivered. The milestones identified covered three core areas of our business - Online Banking (Inflows and Outflows), Insider Abuse and Third Party Fraud. SAS has been enabling the bank to detect and prevent fraudulent incidents swiftly thus preventing losses. The rollout of the project will continue and the next areas that will be covered are electronic cards, loans and treasury.”
SAS was the obvious choice when Zenith Bank was looking to improve its security and risk management around e-fraud, he adds. “The obligation we owe our customers is to secure and protect their funds using cutting-edge technologies. We are confident that we have the right platform in place to deal with these new challenges.”
Since implementing the SAS Fraud Framework, Zenith Bank has been able to detect and prevent fraudulent incidents quicker, which has helped it to prevent losses and attrition. The fraud alert generation process has reduced from six hours to between 15 and 30 minutes, and anomalies that normally took days to detect now take minutes, allowing the bank to implement mitigation measures immediately. This has improved its fraud detection and review rate by over 100% in 10 months.
Roll-out took 14 months, over three iterations, to complete. “We had some initial concerns about having the correct resources in place, as well as issues relating to data integration, but SAS was supportive and put our minds at ease. We are confident the platform will help us to manage the challenges of operating in a constantly evolving market,” says Demola.
The flexibility and granularity of control tools available within SAS solutions enabled Zenith Bank to implement appropriate fraud detection mechanisms in line with its fraud audit and control needs. The ability to integrate the SAS Fraud Framework solution with bank data from a variety of sources meant investigators no longer had to check multiple systems when investigating suspicious activity.
The solutions have also assisted the bank in regulatory compliance and in keeping pace with new requirements in the market. SAS has since become an integral part of Zenith Bank’s fraud risk management strategies and has assisted in detecting and preventing fraud losses that could have run into hundreds of millions of Naira.
“We are confident that as we continue the adoption of SAS fraud modules, greater benefits and values that will help to prevent losses and attrition will be delivered,” says Demola.
Identifying and managing risk within electronic banking.
- Zenith Bank has been able to detect and prevent fraudulent incidents quicker, which has helped it to prevent losses and attrition
- Fraud alert generation process has been drastically reduced
- Fraud detection and review rate has increased by over 100% in 10 months