24th June, 2015
Recently, Mr Adebayo Adelabu, Deputy Governor, Financial Systems Stability, Central Bank of Nigeria, CBN, said 2.4 per cent of banking revenue was lost to fraud cases. According to Adelabu, Nigerian banks lost a total of N159 billion to electronic fraud between 2000 and the first quarter of 2013, while Africa retained its position as the region with the largest fraud cases and sub-Saharan Africa maintained the unenviable position of the region with the most prevalent fraud problems (77 per cent) among the regions surveyed.
This revelation clearly shows that if unchecked, cyber crime could wreak untold damage on the economy of this country especially with the CBN’s new cash-less policy. There is no doubt that combating crime and money laundering within a cash-less economy constitutes a major additional task for the police.
The task of tackling cyber crime is enormous but it is a war no serious nation like Nigeria with a large economy must lose. Developed nations across the world are taking the war against cyber crime seriously with establishment of cyber crime agency and policy frame work to tackle the scourge. Nigeria on its part has done very little in this fight as there is currently no effective policy against cyber crime in the country.
The current legal regime is inadequate to regulate e-Commerce in Nigeria and there is no sufficient legislation to prosecute offenders. In Section 84 (1) of the Constitution, the Evidence Act appears to support the admissibility of computer-generated evidence in court. However, there are too many conditions attached to the section which have made it impossible to strictly enforce it.
For instance, it provides that there has to be proper foundation as to the working condition of the computer used in producing the piece of evidence. It equally requests that a certificate must be issued by the person who has the technological know-how about operations of the computer.
Of course, it will be difficult for one to know the state of his bank’s computer in a case where his bank is to be a defendant. What the Section implies is that if you are suing your bank, your bank has to certify that the computer used in producing the document (e.g. statement of account) was in excellent condition at the time it was produced. So, you, as the plaintiff, has to go to the defendant (the bank) to certify the evidence you are presenting in court against the bank. This is ridiculous.
An additional challenge before the Nigeria Police in cyber crime investigation is that the evolution of technology is consistent and at the introduction of every new method, the criminals devote energy and resources to detecting the shortcomings of such inventions. Those involved in cyber crime are well organised and very vast on the matters of technology. They are well ahead of some security investigation agencies in Nigeria.
To reduce the rate of cybercrime in Nigeria therefore, adequate training and retraining of those who man the forensic department of the various security agencies are necessary. In the recruitment process of the police, those who are knowledgeable in the affairs of computer technology should be enlisted adequately.
Since Nigeria has adopted a cash-less regime, regulatory agencies and lawmakers should equally as a matter of urgency, collaborate to pass a cyber crime law in order to protect consumers in the cash-less scheme. Financial institutions in the country should establish fraud detection departments.
Although crimes such as stealing-by-trick have been accommodated in the Criminal Code, there is a need to develop a comprehensive internet legislation to regulate electronic financial transactions and prevent electronic crimes. The Evidence Act as it relates to computer-generated evidence should be amended.
As long as there is an absence of a centralised electronic databank containing specific information on each individual resident and visitor to Nigeria, exposure of criminal intentions before they are executed and the effective investigation of crimes committed would continue to pose a serious challenge to security agencies.
There is therefore the need for a national database collated from the various Federal Government agencies. There is already enough data from the Federal Road Safety Commission, Independent National Electoral Commission, National Population Commission, SIM card registration data, bank accounts and voter registration data.
It is unfortunate that the National Identity Card scheme has not been as successful as expected due to several issues, including residence of the data. Nevertheless, an integration of the various data to develop a national database is critical to security and could help to ease cyber crime investigation.