The legacy of innovation at Heritage Bank Limited was reinforced last week as the bank received the Payment Card Industry Data Security Standard, PCI DSS certification, in addition to the ISO/IEC 27001:2013 award. The PCI DSS is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.
The PCIDSS, administered by the Security Standards Council, offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process — including prevention, detection and appropriate reaction to security incidents.
The standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions.
The certification was in recognition of the bank’s commitment to effective and secured financial system which has put the bank in the league of big players in the industry and confer internationally-recognised standard on its operations.
It will also put Heritage Bank in a good stead to protect the funds of its customers and frustrate efforts by fraudsters to access their information and assets.
Over the years, substantial part of banks’ revenue was lost to fraud with no single bank spared.
From the Financial Institutions Training Centre, FITC report on Frauds and Forgeries in Banks (January – September 2014), a total of 8,502 cases were reported. The total amount of money involved was N23.34 billion, out of which N3.01 billion was actually lost.
The Nigerian Deposit Insurance Corporation, NDIC in its 2014 report also noted a significant increase in the reported cases of fraud and forgeries in the industry, besides several others that are neither reported nor captured in official data.
According to NDIC, in the year ended December 31, 2014, Nigerian banks reported 10,612 fraud cases, as against 3,786 in the corresponding period of 2013, “representing an increase of 182.77 per cent.”
The amount involved rose by N3.81 billion or 17.5 per cent from N21.80 billion in 2013 to N25.61 billion, even as “expected/actual loss increased from N5.76 billion in 2013 to N6.19 billion.”
The report also noted that the rise in “expected/actual loss in fraud and forgeries was mainly due to the astronomical increase in the incidence of web-based (online banking)/ATM and fraudulent transfer/withdrawal of deposit frauds.”
Presenting the PCI DSS and ISO certification award last week on behalf of his government, the Deputy High Commissioner in Nigeria, Mr. Ray Kyles commended the bank for setting high standard in the financial industry and pledged the continued support of the British government for Nigeria’s financial institutions. “It is not an easy task. This award remains a cornerstone of your reputation,” he said.
In his reaction, the Managing Director of the bank, Mr. Ifie Sekibo, noted that banking is a business of risks management, from assets to data, adding that it is fundamental that whatever a customer keeps in a bank is in safe custody. “We are a service company providing banking service; and we are the best in the class of security of our information systems. It means funds kept with us are safe. This award is a validation of our mission to promote high ethical standards, integrity, and good business practices,” he said.
Sekibo stated that innovation is inevitable for the banking industry. This, he said, is due to changing dynamics across the globe which has penetrated banking. He therefore, reiterated the commitment of his bank to introducing more innovative banking products and services to meet the needs of its customers