Equity Bank moves to tie up loose ends

The lender is strengthening its internal controls by hiring at least six new key personnel to bolster its fraud detection and prevention team. It has already secured personnel from Kenya’s central bank and PricewaterhouseCoopers (PwC).

In an investor briefing, James Mwagi, the managing director and chief executive officer of Equity Group, stated that maintaining internal control and risk management is critical to the development of any brand, but particularly in the delicate banking and financial industry.

In an apparent attempt to help it in negotiations, the Group’s Ugandan subsidiary saw Kenneth Onyango, its executive director for commercial banking, arrested by the Ugandan police in connection with a stock loan and agent float financing scam. The bank reportedly lost over Shs62 billion as a result, with the majority of the funds being disbursed as unsecured loans to unqualified employees.

“We have realised that it’s one thing to reach the top and it’s another one to remain at the very top. And we have realised that Equity Group has on one hand become one of the strongest financial brands in the country, but we don’t believe our operations are on that level. We don’t believe our risk control environment is on that level,” Mr Mwagi told the company’s shareholders.

Cleaning up

This is why the organisation has already brought on board a senior manager for security governance and technical government, two group senior fraud managers, and a senior manager for fraud risk management. Together, they are expected to collaborate with the director of fraud risk management to identify and address relevant risks in the bank’s operations. These two positions have never existed before in the Group, which Mr Mwagi now says are aimed to “ensure the company’s internal control management.”

“Anything small that happens hurts the reputation of the brand,” he noted, “so the goal is to align the group’s risk control with the lender’s growing size.”

It’s not only in Uganda that the company has been exposed to loss of cash, but in Kenya as well.

The bank suffered theft of Shs7.5 billion in Kenya in the middle of last month from 551 account holders who had received money from allegedly an Equity Bank’s staff and used the money for transactions on a regular basis over a period of seven days. The bank’s incoming MasterCard general ledger was the source of an increase in transactions that the company’s risk management team discovered. These transactions were regularly paid out of MasterCard to 551 accounts before being transferred to 11 banks and multiple M-pesa accounts, reports from Kenyan media show.

Not an outlier

This is not the first fraud of this kind that is happening to banks. I&M Bank’s Rwanda division revealed a loss of $10.3 million (Shs40 billion) in less than three months due to fraudulent customer withdrawals last year. The sum was lost between November 1 and January 17, 2022, and exceeds the $7.6 million (Shs28.8 billion) net profit that I&M Group made from the Rwandan market in the fiscal year that ended in December 2022.

I&M Group said that some of the fraudulent withdrawals were recovered. I&M Group partnered with I&M Bank Rwanda and received MasterCard multi-currency cards, which had the capacity to store up to 17 different currencies. However, it is precisely this section that fraudsters exploited to conduct numerous currency exchanges on the MasterCard network within the card’s sub-wallets, for example, from AED to EUR and back again, yielding a profit margin of 10 percent.

Equity Group hopes to avert some of these situations by appointing a senior fraud manager for payments as well as another senior fraud manager for investments and insurance. Additional roles such as vendor management officer, enterprise resource planning support analyst, awareness analyst, and product security architect for commercial, fintech, and digital initiatives are also being considered by the company.

“There was an imbalance seen by our customers being social engineers, then losing money. We have told [our new recruits] that they must find a solution. We have to balance our reputation with our internal control management,” Mr Mwagi said.

“We are making sure that internal control comes to standards, operations also come to global standards, same with commercial. We can’t be in the Kings’ room and then slide,” he added.

Based on the information in this paper, the company appears to have approximately 15 open positions for people who are enthusiastic about using their experience to advance digital innovation, improve customer satisfaction, and support the expansion of Equity Group.

Once bitten, twice shy

The lender received applications for new positions up to this past workweek. The senior fraud manager for the group will oversee the evaluation of fraud risk assessments for both new and current credit products and services. They will also make sure anti-fraud controls are assessed as part of the risk and control self-assessments conducted by the lending business and operation units. Additionally, they would have to carry out risk assessments for credit fraud, applying a risk-based methodology to companies, goods, procedures, and systems in order to spot new fraud trends, weak points, and opportunities for development.

This would necessitate them working together with heads of risk at the subsidiary companies to develop thorough strategies for managing credit fraud risk that are in line with the organisation’s enterprise risk management framework.

Some of the job’s descriptions require them to “monitor Key Performance Indicators (KPIs) for credit fraud, analysing trends and their impact on the business, while measuring the effectiveness of fraud prevention and detection controls.” However, in order to qualify for this, they would need to have a Bachelor’s degree in Information Technology, accounting, business administration, or risk management in addition to more than seven years of experience working in the financial services industry, with at least five of those years spent managing, preventing, detecting, or investigating fraud risk.