Olakunle Michael Folami
The rate at which computer and Information and Communication Technology (ICT) are mobilized to perpetrate crime in Nigeria is becoming worrisome. The amounts of money lose to the activities of fraudsters adopting sophisticated methods of defrauding banks and people surpass that of traditional ways of fraudulent activities. With the introduction of ATM in Nigeria, banks have set another pace for unprecedented fraudulent activities. This study is anchored on Edwin Sutherland’s Social Differentiation Theory. Those who engage in fraudulent acts learn the techniques and methods from those they associate and interact with. The study employed the use of secondary data and in-depth interview methods. The secondary data were obtained from Nigerian Deposit Insurance Corporation annual reports for the period of five years and in-depth interviews were conducted with ten (10 ) bank chief inspectors. It was found out that amount of money lose to fraudsters through the ICT is far above the amount associated with traditional methods of committing fraud in the banking industry. Different methods of defrauding banks were revealed in this study. This paper therefore, recommended good centralized networking of computer systems, employment of professional police officers who specialized in fraud detection in banks, and regular rotation of staff and duties were also recommended in this study.
Technology is invented for the positive manipulation of social, economic, political and physical environments by man. Technological inventions came with both manifest and latent functions (Brown and Duguid, 2006; Baase 2003; and Erlbuam 1997). The manifest function of ICT is to provide support for human activities. Baase (2003) says computers have made unprecedented impacts on society. It is essential for the smooth running of day-to-day activities. Most of the things we do at work and at home as a matter of routine could not run without the use of computers, whether it is for accessing major databases, online shopping or playing a simple game of Solitaire.
The manipulation of bank activities through computer, and information and communication technology (ICT) to defraud the public made examination into the latent function of technological revolution (Mobbs, 2003). According to Ojimba (2006), when computer was invented, the intention of its inventors is to hasten data processing with effortless ease. That it has been doing efficiently by giving timely and accurate information. But like other mechanical and/ or electrical electronics devices, it has equally lent itself to manipulation. What is meant to assist in daily data operations has turned out to be an undoing. While basking in the euphoria of its efficiency, banks in Nigeria are now grappling with the fraudulent manipulations of computer and ICT. It is like a mixed blessing combining the bright and dark sides. Over the times, it has turned to a servile tool of fraud when banks and other organizations began to be computerized over two decades ago in Nigeria. The inability of bank management to control manipulations, frauds, and forgeries in bank through computer and ICT gives constitute a major challenge to the banking operation in Nigeria. Since computer fraud is carried out over a period of time, a minor one at the initial stage snowballs into a sizeable one over a period of time (The Nation, 2008).
The emergence of ‘Yahoo boys’, the hackers in the anal of the nation economic and financial crimes make banking operations through computer and ICT more problematic. Computer and ICTs enhance the ability of the scammers with effortless ease to defraud banks. Yahoo boys surf and hack the Internet to perpetrate scam in banks. They work hand-in-hand with bank staff to get access to bank data. In the last ten years, cases of computer-aided frauds in the banks have been on the increase with each year recording staggering figures (Baase, 2003). This paper therefore, aims to examine method by which computer and ICT is used to manipulate banks activities in Nigeria. It also examines the impacts of computer and ICT crime on the banks in Nigeria. The paper identifies what could be done to stem the phenomenon of bank frauds in Nigeria. The manipulation of banking operation by using computer and ICT is learned through association with other bank staff that exposed to illegal operations. There is a significant difference between the amount involved with the traditional method of defrauding banks and the use of computer and ICTs in Nigeria. Computer, and ICTs usage without proper security backup and checks in banks in Nigeria enhance fraudulent practices. This paper argues that banking fraud through computer and ICT can be reduced through association with banking staff that are exposed to a strong work ethics. The paper is divided into four sections: first, leaning the technique of banking fraud; second, fraudulent operations in banks; methods of examining computer and ICT frauds in banking sector; and finally, findings and conclusion.
Learning the Technique of Banking Fraud
This study is situated in Differential Association Theory by Edwin Sunderland (1947) to explain the experience as bank staffers that work with computer and ICT on daily basis. Sutherland’s theory departs from the pathological and biological perspectives that attributing crime to the social context of individuals only. The theory rejected biological determinism, the extreme individualism of psychiatry, as well as economic explanations of computer and ICT related crime in the banking sector. The theory provides for an alternative understanding of computer and ICT related crime that through the development of association paradigm. In contrast to both classical and biological theories, Differential Association Theory poses no obvious threats to the humane treatment of those identified as criminals. (Gaylord, 1988)
The Sutherland’s theory of differential association has nine principles:
- Criminal behavior is learned.
- Criminal behavior is learned in interaction with other persons in a process of communication.
- The principal part of the learning of criminal behavior occurs within intimate personal groups.
- When criminal behavior is learned, the learning includes techniques of committing the crime (which are sometimes very complicated, sometimes simple) and the specific direction of motives, drives, rationalizations, and attitudes.
- The specific direction of motives and drives is learned from definitions of the legal codes as favorable or unfavorable.
- A person becomes delinquent because of an excess of definitions favorable to violation of law over definitions unfavorable to violation of the law.
- Differential associations may vary in frequency, duration, priority, and intensity.
- The process of learning criminal behavior by association with criminal and anti-criminal patterns involves all of the mechanisms that are involved in any other learning.
- While criminal behavior is an expression of general needs and values, it is not explained by those needs and values, since non-criminal behavior is an expression of the same needs and values.
An important aspect of differential association theory is the frequency and intensity of interaction. The amount of time that a person is exposed to a particular definition and at what point the interaction began are both crucial for explaining criminal activity (Boundless Sociology, n.d). The process of learning criminal behavior is really not any different from the process involved in learning any other type of behavior. Sutherland maintains that there is no unique learning process associated with acquiring non-normative ways of behaving (Boundless Sociology, n.d). The principle of differential association states that a person becomes delinquent because of an “excess” of definitions favourable to violation of law over definitions unfavourable to violation of law. In other word, criminal behaviour emerges when one is exposed to more social message favouring conduct than pro-social messages (Sutherland, 1947). Sutherland argues that the concept of differential association and differential social organization could be applied to the individual and to aggregation (or group) levels. While differential association theory explains why any individual gravitates toward criminal behaviour Differential social organization explains why crime rates of different social period in the history of banking sector in the Nigeria different from each other. Edwin Sutherland’s Differential Association Theory opens a thoughtful provoking argument on the manipulation of computer and ICT to perpetrate crime in the banking sector. Sutherland suggests that the distinction between law breakers and the law abiding lies not in their personal make-up but in the content of what they learned. Computer and ICT crime, just as other white-collar criminality is learned; computer and ICT manipulation to defraud bank is learned through direct or indirect association with those who are practicing the act; those who learn this criminal behaviour are in frequent and close contact with perpetrators. ‘If you are not verse in computer usage, you cannot use it to defraud bank and manipulate money (Folami, 2000)
Fraudulent Operations in the Banking Sector
Mega Bank came with the introduction of Automate Teller Machine (ATM) to banking operations in Nigeria in 2005. Jalingo (2004) says most computer frauds are usually done with the aid of insiders. A particular instance was a case in which the account of a customer in a commercial bank was credited with a large amount that fell short of his actual balance. The fraudulent account credited was done by a computer operator in the bank. Onoh (2000) said that computer crime in the banking system is very much with us and it now comes in its most sophisticate forms than ever before. Thus, the computer has the two sides of the coin and can prove to be a double edge sword. Computer fraud are in different types and forms. An example is defrauding a bank using a genuine account of an employee who is a defrauder. Another one is through the use of fictitious account; also, fraud is carried out with the aid of an employee’s friend. Similarly this act is sometimes done using an account of a third party that depends on an employee-insider to perpetrate the crime. Computer crime can and almost certainly will render obsolete the traditional type of physical large-scale robbery involving banks, bank managers and security vans (see Parker, 1997)
According to Aluko-Olokun (2000) the majority of fraudulent act committed in the banking sector are usually committed through the use of cheque while few others are by cash theft and electronics transfer, and lately through computer manipulation. Negotiable securities will be stored magnetically and electronically as data inside computer and transmitted over communication circuits from one computer to another. Perpetrators of security theft will use the skills, knowledge, and access associated with computer and data communication technology. For example, the Inner London Crown court sentenced one Olaide Taiwo, to eight-and-a-half year imprisonment for stealing the identities of 350 people to claim £1.3million in bogus tax credits in the largest benefit scam of its kind. Olaide Taiwo, 35, hijacked the identities while working as a security guard for a number of large national companies. He then used the names to claim tens of thousands in working tax credits (Camber, 2011). Another example is a hacker that manipulated computer to perpetrate economic crimes. Abayomi Aje, a repentant scammer said that many people desperate for love and affection especially in Europe and North America have had their fingers badly burnt with Nigerian internet fraudsters having a great feast on them. He explained the ‘Modus Operandi’ thus: ‘Each person has as many as six women at a time. We would search through dating websites such as Yahoo personals, match.com and singlenet.com and create an account, usually with stolen credit cards’. The women are in most cases, desperate to get a man in her life. For those who are being difficult, you send a gift on a weekend with some nicely worded card. Once the victim has fallen in love, the next thing is to tell her you are going on a short business trip to any part of the world. You call the victim and are romantic with her on the phone. Then, after some days, you ask her for money giving her some sob story, like you were robbed or forget your money. ‘She will either agree to send the money or, if she is ready gullible, she will clear the money or money order for you. She may also be asked to receive wire transfers into her bank account’. Do you think this is possible without the connivance of bankers? No, he retorted.
It is important to examine types of frauds in order to properly situate this study in the literature. Types of computer and ICT crime is any type of act distinctly associated with computer or data manipulation in which victim involuntarily suffer or could have suffer losses, injuries or damage or in which perpetrator receive or could have received gain is refer to as a computer crime (Economic and Financial Crime Commission 2003). The types of computer and computer related crimes include first, computer-aided fraud and embezzlement. This is automated version of the good fashion manual fraud or embezzlement that has been going on for centuries by unscrupulous employees. Skilled data processing professionals usually perpetrate this type of computer fraud. However, if a user knows the system, a non- computer employee can pull off the fraud. Second, salami technique
This is consist of reducing either by a slight change in certain programme or by inserting extra instruction into programme interest bearing account by a couple of pennies or even fractions when calculating interest/dividends. Electronics data processing auditors are the ones who have sufficient skill and access to financial application to put off computer crime. Third, trojan horse. This type of computer aided crime which consists of covertly inserting unauthorized instruction into a production programme might be done to achieve material gain. System programmers/ analysts, computer operators and end users are possible perpetrators. Fourth, time (or Logic) Bomb (or Trap Door) involves in converting instruments are written and inserted into a production programs or files, or cause application software, such as payroll to or account receivable, or the whole system to crash. A time bomb is almost impossible to detect or prevent and it is almost impossible to catch the person who devise it because a clever programmer can write the instruments so that when the bomb erase the target program application or system, it destroy itself as well. Fifth, a computer virus or worm program has the capacity of instantaneously cloning a copy of it burying that copy inside other program just before it erases programs or an application, and just before it destroys itself. Perpetrators are outsiders, hackers as well as inside people such as data processing professional. Sixth, scavenging is a method of obtaining data or information by searching trash cans of banks, data processing departments, this is called physical scavenging. There are also electronics scavenging that involves searching for residual data left in a computer. Potential perpetrators are janitor, ground keepers, outsiders and DP professional or user. Seventh, data Manipulation
This is simply adding prior to or during the process of entering data into the computer system. The modus operandi of data manipulation is adding fictitious claims or account, and sending the claims clerks or clerks for the account payable amounts to the fictitious account. Potential perpetrators are anybody from programmer/analysts, computer operators, data entry operators, to end users. Eight, software piracy involves copying or theft of proprietary computer software and/or raw data or information. Moreover, if the criminal just copied the valuable software or sensitive data, it is almost impossible to detect the crime because the original software or data remains on the disk or tape, or in the computer. Experience programmers or EDP analysts, programmer/analysts, system programmers or EDP auditors are potential perpetrators.
Method of Examining Computer and ICT Fraud
This study was carried out in Lagos State, Nigeria. Lagos State, the commercial nerve center of the nation housed the headquarters of the twenty-four major banks in Nigeria, excluding micro finance banks. The data used for the analyses in this study were collected immediately after the Obasanjo’s administrative bank reform agenda which ushered in a new era of bank system in Nigeria.
Before the advent of mega banks in Nigeria, there were two thousand, three hundred and seventy four (2,374) insured commercial and merchant banks with one hundred and fifteen (115) head offices nationwide. Lagos, accounts for five hundred and thirty seven (537) commercial and merchant banks branches, and ninety seven (97) head offices, the highest in the country. (NDIC, 2006). With the reform of the nation’s banking sector in 2005, Nigeria now has twenty five mega banks (see www.cenbank.org).
Technique of Data Collection
Secondary data used in this study were collected from the cases of fraud reported to the Nigeria Deposit Insurance Corporation (NDIC) by all the insured commercial and merchant banks in Nigeria between 2006 and 2008. The qualitative method was predominantly in-depth interviews. The interviews were carried out among ten (10) Bank Chief Inspectors, and six (06) Assistant Director/Director Central Bank of Nigeria (CBN). The commercial and merchant banks chosen were the ones with the highest number of reported cases of fraud. The limitation of secondary data in this study is that methods and ways of perpetrating different forms of fraud were not highlighted. This however, necessitated the use of qualitative technique to address these shortcomings.
Analysis of Data
Descriptive analysis was employed to analyze data collected through the secondary source. The qualitative data were subjected to thematic analysis. Comprehensive inferences and conclusions were drawn from the analysis.
Results and Conclusion
The returns of insured banks on fraud and forgeries were analyzed. The periods span between 2007 and 2008. Each year is divided into quarters to provide basis for how intense phenomenon of bank frauds is in Nigeria.
An exorbitant amount of money, about 55billion lost to fraudsters within this period. As shown in the table, there was a total of 2,007 reported cases of attempted frauds and forgeries involving over 53.0 billion in 2008 compared with 1,553 reported cases of frauds and forgeries involving =N=10.01 billion in year 2007. The expected loss components of the reported cases of frauds and forgeries, that is, those whose probability of recovery was low as well as those not frauds and forgeries in insured banks in 2008. The chunk of this amount was processed through computer and ICTs.
The slight reduction in the amount of returns on fraud by both the insured commercial and merchant banks in 2007 might due to the fact that most of the affected banks preferred not to report the incidences to the Nigeria Deposit Insurance Corporation (NDIC). Vanguard, (2008) reported that the incidence of 72 million computer fraud which was perpetrated in the United Bank of Africa (UBA) in 2008 was not reported by the authority of the bank to the NDIC. A participant in in-depth interviews when commenting on the incidence of fraud in the banks said:
The introduction of electronics device like computer to process activities in banks has increased the level of crime in the banking sector. According to him, computer as we know is ‘Garbage in Garbage out’. Many bank staff have used computer to manipulate accounts. Of recent, computer related frauds have been on the increase. Though, it has its own advantages but it has contributed in no small measure to huge rate of bank fraud. An example was a fraud detected recently in one of our branches was there was a fraud of about #80 million. The fraud was perpetrated through the means of computer which involved a group of staff.
Manipulation of banks through computer and ICT has heavy burden on banks. It involves large amount of money. The reported cases of bank fraud increases yearly as bank staffers were exposed to ICT. Immediate anti-fraud mechanism should have been introduced to stem the trend.
The secondary data shows the distribution of banks’ members of staff that involved in fraudulent practices between 2003 and 2008. Table 3 above shows the status and number of banks’ staff involved in frauds and forgeries in the past three years. A total of 313 members of staff of banks were reported to be involved in frauds and forgeries in 2008, an increase of about 14.65% when compared with the previous year’s figure of 273. Of the total, core operations staff such as supervisors, officers, accountants, managers, executive assistants, clerks and cashiers totalled 223, thus accounting for about 71.25 percent. That represented a decrease of 4.57 percentage points relative to the 2007 position. Bank frauds increased among the staff that have access to computer and involved in electronics money transfer. Other categories are messengers, cleaners/security guards 7(21.11 percent) that were involved in fraud in various banks between 2006 and 2008. Frauds and forgeries were also common among temporary staff 165 (53.95) between 2006 and 2008.
The above findings are corroborated by the in-depth interviews conducted with some bankers in the selected banks:
The introduction of electronics devices like computer to process activities in the banks has some negative effects. The idea of information technology is a very challenging one. What is designed to serve human beings has become the enemy of human beings’ (Emokpae, an Assistant Director (Examination).
However, electronics machine such as computer has helped tremendously to quicken bank operations and made crime detection in banks very easy.
Electronics machine in banks has assisted operations in banks a lot. No matter its shortcomings, computer functions in the bank are indispensable. It has helped a lot in speedy international money transfer.
Detection and Prevention of Computer and ICT Related Crimes
The influence of sophisticated machines like electronic fund transfer, computer etcetera on bank fraud is very significant. Aluko-Olokun (2000) said that majority of fraud committed in the banking sector are usually committed through electronics transfer and computer manipulation. Computer technology is an imported sophisticated and complex way of defrauding banks in Nigeria today. Computer crime takes the form of computer aided fraud and embezzlement, Salami technique, Trojan horse, Time bomb, Virus and Worm, Scavenging, Data manipulation and Software privacy. To prevent computer and ICT fraud, better networking and routine check of money transfer and transactions would frustrate the fraudsters. A bank chief Inspector explained:
The best weapon to fight ICT fraud is better information collection, exchange and use of intelligence. Prevention can range from in-house remedies such as greater supervision; the inscription of the information traveling between computer to prevent computer fraud; to tighten control on financial markets; and of course, the exchange of information about new developments.
A participant said that human supervision of ICT high waves can bring incidence of ICT manipulation to the barest minimum.
Effective control is the most potent antidote against fraud. He stressed that, you must to have effective control measure in place; you must have effective inspectorate team in your bank, so that whenever there are things going wrong, the Chief Inspector will be able to detect the flaws and ensures the control measures are effective.
Another participant added to ways by which computer and ICT fraud can be reduced in the Nigerian Banking sector.
ICT should be subjected to a high level of security consciousness to guard against improper use, that is posting and diversion. He said the more computerization the banking system, the easier it will be for inspection. It will be possible to stay in Lagos and monitor accounts throughout the country, if all branches are hooked up on high waves.
The idea that human elements in the incidence of banking fraud through computer and ICT can be minimized provided there are effective control measures in place. However, no one is immune to bank fraud. As earlier mentioned in the literature, whatever you garbage into computer, you get garbage as a result.
Computer and other information and communication technology have now become major instruments to defraud banks in Nigeria. Fraud is a fast growing menace in the nation’s banking system. Fraud in the banking industry has been deteriorating as hardly a day passed without the public being informed about some form of fraud in one bank or the other which involved staff, non-staff and the collusion of both staff and non-staff to defraud banks. This study however, revealed that the use of ICT to defraud banks has now found its way into banking operations. Computer crime in the banks is a sophisticated and complex way of defrauding banks in Nigeria. It takes the form of computer aided fraud and embezzlement, salami technique, Trojan horse, time bomb, virus, and software piracy. The secondary data also revealed that the influence of electronics on bank has a significant relationship with high incidence of fraud in the Nigerian banking sector. The interview conducted with a participant corroborated this finding. For example, in one of their bank branches it was discovered recently that there was a fraud of about #800 million through the means of computer manipulation.
There are also a strong correlation between high incidence of fraud in the banking sector and the phenomenon of information and communication technology. It was discovered in this paper that fraud which involved a large amount of money has affected the financial position of many banks thus led to total collapse. The incidence of frauds in the banking sector has also had band wagon effects on the nation’s economy. Public confidence in the banking sector has been significantly eroded. In-depth interview conducted with a participant revealed that ICT fraud has dented the image of the nation on the international scene. People around the globe treat Nigerians with disdain. They have problem of credibility with this country as a result of discovery from time to time one form of electronics fraud or the other.
The incidence of electronics fraud in the banking sector is taking unprecedented tolls on the bank stakeholders, customers and the nation’s economy. This paper suggested that a legislation that will allow for the training of a special squad in the Federal Investigation and Intelligent Bureau (FIIB) of the Nigerian Police which could have access to the computer network of the banks to enable them to detect and expose any form of computer related crimes with a great dispatch. According to NDIC reports (2009), the causes of frauds and forgeries can be classified under two generic factors namely: the institutional or internal factors and environmental or societal factors. Institutional causes of frauds and forgeries in insured banks include poor accounting and weak internal control systems, ineffective supervision of subordinates, uncompetitive remuneration and perceived sense of inequity in reward, disregard of Know Your Customers (KYC) rules, et cetera. Environmental causes of fraud include undue societal demands, low moral values, slow and tortuous legal process, lack of effective deterrent or punishment and at times reluctance on the part of individual banks to report fraud cases due to the negative publicity it could attract for their image. Given the substantial growth in the quantum of frauds and forgeries in 2008 compared to 2007 as highlighted in this section, it is important that insured banks should strengthen their internal control and security systems to reduce the incidence of computer related frauds and forgeries. Insured banks should also thoroughly screen prospective employees by obtaining status reports from previous employers and relevant agencies and to desist from deploying casual staff to sensitive positions. Insured banks should also endeavour to educate their customers on the use of the Automatic Teller Machines (ATM) and other e-banking services on the need to safeguard their Personal Identification Numbers (PINs).
Banks must ensure regular rotation of duties and staff to prevent an individual from staying too long on a computer system or in a department. There should be inter -branch and intra-bank regular rotation of bank staff.
In conclusion, the menace of computer related fraud has to be addressed by those who are connected with the wellbeing of the nation’s financial institution with sincerity and diligence. This decadence in the banking sector has resulted into financial incapacity, economic failure, vicious circle of poverty and international disrepute.
Aluko- Olokun. A (2000) ‘Nigerian Banks and Computer’: National
Concord, Oct.19, 2000.
Baase. S (2003) A Gift of Fire. Prentice Hall, 2003, second edition.
Brown J.S & Duguid .P (2000) ‘The Social Life of Information’. Harvard
Business School, 2000.
Boundless Sociology. (n.d). Differential Association Theory. Boundless
Sociology. Boundless, 21 Jul. 2015. Retrieved 19 Oct. 2015 from
Button. G, Coulter. J & Lee. J (1995 ) Computers, Minds and Conduct
Camber, R. (2011), ‘The Nigerian who stole 350 IDs to claim £1.3m
benefits’ www.dailmail.co.uk/news/article-1360037. (date:
Cullen & Agnew (2002). Criminological Theory: Past to Present (Essential
Readings). Los Angeles, CA: Roxbury.
Eric. B (2004) Requirements Engineering: Social and Technical Issues,
edited by Marina Jirotka and Joseph Goguen Academic Press,
Erlbaum. L (1997) Social Science, Technical Systems, and Cooperative
Work, edited by Geoffrey Bowker, Susan Leigh Star, William
Turner and Les Gasser .
Folami, O.M (2000) ‘Crime in the Banking Sector’. M.Sc Thesis submitted
to the Department of Sociology, Obafemi Awolowo University,
Ile-Ife, Feb 2000. Published by LAP incorporation, Germany,
Gaylord, Mark S and John F. Galliher. (1988). The criminology of Edwin
Sutherland. Transaction, Inc
Mobbs, P (2003) Computer Crime: The Law on the Misuse of Computers
and Networks. GreenNet Civil Society Internet Rights Project.
Revision 1, April 2003. http://www.internetrights.org.uk/
Ojigbede, S.I (2006) ‘Fraud in Banks’ a Paper Presented at the Effective
Bank Inspection. FITC, Lagos 6-17 Oct, 2006.
Pecar, J.A (1975) ‘White Collar Crime and Social Control’ International
Journal of Criminology and Penology pp. 183-199.Sutherland, E
(1945). Is White-Collar Crime crime?. American sociological
review, 10(April):132-139The Cultures of Computing, edited by
Susan Leigh Star. Blackwell, 1995
The Nation (2008) ‘Making Money from Cybercrime Easier Than Ever’
The Nation Newspaper Publication, March 25, 2008
Ugbamadu, U (2004) ‘Collapse of Banks’ Bussiness Times, Jan. 31, 2004, pp.7
www.ndic.org Nigeria Deposit Insurance Corporation Annual Report 2004
www.ndic.org Nigeria Deposit Insurance Corporation Annual Report 2005
www.ndic.org Nigeria Deposit Insurance Corporation Annual Report 2006
www.ndic.org Nigeria Deposit Insurance Corporation Annual Report 2007
www.ndic.org Nigeria Deposit Insurance Corporation Annual Report 2008
www.ndic.org Nigeria Deposit Insurance Corporation Annual Report 2009