Two Kenyan banks reportedly lost a combined Sh36.64 million in separate insider fraud incidents, realized after an internal audit uncovered discrepancies in the cash vault, ATM Cash and Mobicash Float.
I&M Bank’s Kisii branch former operations manager Daniel Ochieng’ Okweh was
implicated in a Sh27.14 million fraud that involved disguising lower denomination notes as Sh1,000 bills. SBM, being the other bank, lost Sh9.5 million through a cyber attack on its Mfukoni Mobile Banking app, facilitated by IT officer Melvin Wairimu Njoroge.
According to the proceedings of tje court, Mrs Njoroge left her computer remotely connected which exposed her computer to possible compromisation. The proceedings further revealed that the Fraudsters executed three transactions totaling Sh9.5 million, using accounts linked to Njoroge’s associates.
READ MORE: February 14: How to Make Valentine’s Day Special
In the wake of these events, the evolving digital finance landscape is compelled to confront an enduring challenge, that is, reconciling rapid technological innovation with the imperative for robust internal controls and agile risk management.
Across global markets, similar incidents have precipitated a reexamination of regulatory frameworks, prompting central banks and industry stakeholders to integrate real-time monitoring systems, multi-layered security architectures, strict adherence to cyber security protocols, particularly in the context of remote access and advanced anomaly detection tools-a response grounded in lessons from past financial crises and the exponential rise of cyber threats.
These incidents serve as a warning and call for increased cooperation and information exchange between banks, fintech firms, and regulatory agencies in order to proactively detect and neutralize new threats.
How can the sector promote a proactive cyber security risk management culture and go beyond reactive approaches? What creative tactics can be used to successfully strike a balance between the requirement for strong security and the need fora flawless customer experience?