E-Fraud in Nigerian Banks: Why and How?

The advent of the internet and the adoption of e-payment platforms as a convenient means of payment have increased the extent of occurrence of e-fraud and cyber-attacks in Nigerian Banks. The study, therefore, investigated why and how e-frauds are perpetrated in the Deposits Money Banks in Nigeria by employees. The survey research design was adopted. Primary data were sourced from 120 fraud investigation officers in the Banks through the administration of structured questionnaires. Data were analysed using simple percentages. Results revealed that e-frauds were perpetrated by the employees whose employment was threatened as a result of not achieving deposit targets and using either expert or legitimate power to connive with other employees to commit e-fraud against the Banks. Furthermore, findings revealed that job losses were occasioned by disruptive technologies and economic challenges which often lead to employees’ disengagement without or little compensation created fear in the mind of employees to commit e-fraud through Phishing, Pharming, and breach of internal checks. The study recommended that unachievable deposits and sales targets should be discouraged in the Banks through our labour laws. Also, the human resources department of the Banks should institute whistleblowing policy that can assist employees to get a re-prieve from a supervisor that may want to influence them using any form of power to commit e-fraud. Finally, it was recommended that e-fraud con-sciousness of the general users of e-payment channels and employees’ sensi-tization on negative consequences of employees’ e-frauds should be height-ened through frequent education and continuous training.

losing financial resources may be a reason of not fully adopting the use of e-channels (Salawu & Salawu, 2007;Elumaro & Obaniyi, 2018).
The global adoption of e-payment platforms as preferred means of payment has necessitated the upsurge of e-fraud occurrences in Nigeria. There is an increase in e-fraud occurrences by 33% between 2016 and 2018. Also, the actual amount lost to e-fraud increased by 84% between 2016(NDIC, 2018. The cash-less policy of the Central Bank of Nigeria (CBN) which is meant to reduce the amount of cash in circulation specifically set financial penalties for cash withdrawal above the daily cash limit withdrawal set by CBN for both individual and corporate bank customers. Individuals are meant to pay cash handling fees of 3% while corporate customers are to pay 5% on daily cash withdrawal above ₦500,000 and ₦3,000,000 respectively. Also, many of the Deposit Money Banks (DMB) discourage the withdrawal of cash less than ₦50,000 across the counter.
These measures are to encourage the use of e-channels. Meanwhile, closely related with e-payment channels such as Automated Teller Machine (ATM), Point of Sales Terminals (POS), Mobile payment systems, Internet Banking, Smart TV and Electronic Fund Transfer is e-fraud which breeds lack of trust and confidence in the use of the e-payment channels (Hoffmann & Birnbrich, 2012;Tade & Adeniyi, 2017;Elumaro & Obamuyi, 2018). It is the realisations of this challenge associated with e-payment platforms that made the Central Bank of Nigeria set up Nigerian Electronic Fraud Forum (NeFF) to safeguard the integrity of the e-payment platforms and ensure seamless business transactions without fear of losing financial resources through e-fraud. However, the monster of e-fraud continues to range despite this effort. This invariably calls for more scholarly attention on strategies to tame the scourge.

Smishing/Vishing
This takes place when e-fraud perpetrator sends text messages to defraud victims of e-fraud. Often, the text message will contain a phone number to call and once the victims call the number it would provide a ground for the e-fraud perpetrator to ask for confidential information of the unsuspecting victims. Also, it is vishing when the e-fraudsters use the hidden phone number to call the victims for sensitive information. The likely e-frauds associated with e-products of banks in Nigeria are shown in Table 1.

Theoretical Framework
Theories of Fraud Traingle, Fraud Diamond and Deception are reviewed under the theoretical review as follows:

Fraud Triangle Theory
Fraud Triangle Theory as propounded by Cressey (1953) stated three factors that lead to the commitment of any type of fraud by perpetrators. These are pressures, opportunities and rationalisation. According to Albrecht et al. (2008), the pressures, opportunities and rationalization are assumed but real to e-fraud perpetrators. This theory is relevant to this study because it could be applied to why employees of DMB commit e-fraud in Nigeria. There are financial pressures and non-financial pressures. While financial pressures could be the need to ride a good car, build own house, give good donations in religious organisations to be accorded a high status, provide for immediate and extended family needs, etc., the non-financial pressure could be the need to report better performance at the branch as the branch is profiled as a profit centre, frustration with work and fear B. M. Ololade et al. Phishing through scam email to harvest login details and subsequent bypass of system security through expert and superior knowledge of cybersecurity infrastructure. Wrong account mapping with the intent to commit e-fraud by financial institution employees.
2 Mobile Banking Services (USSD) These are banking services delivered to customers of DMBs through mobile phone technology. It requires the use of a registered telephone line of the banks' customers at the account opening stage. The GSM line will receive banking transaction alerts and Unstructured Supplementary Service Data (USSD) platform could be used to transfer fund, pay bills, check account balance and request for account statement.
SIM swaps either through theft or in collusion with Telcom agents which will allow the e-fraudster to take over the account from the real owner.

Telephone Banking Services
Banking services are rendered to customers through pre-programmed telephone voice communication. The customers must supply Personal Identification Number (PIN) for authentication. It is mainly used for mainly inquiry on account details.

Theft of Personal Identification Number (PIN)
could allow e-fraud perpetrator to gain access to account sensitive details.

Electronic (Smart) Card services
These are electronic purses that are preloaded by DMB's customers for making payment and settlement of bills. The card could be used on Automated Machine and Point-of-Sales (POS).
Pharming or Malware to harvest the security features of the card could be launched by e-fraud perpetrators against the victims.

Debit/Credit Cards
While debit cards are linked to the account of the customers in DBM, credit cards are linked to the credit account on availment of credit facilities to customers of DMB. They are secured with chip and PIN and could be used on ATM, POS and WEB to carry out banking services.
Pharming and Skimming attacks.
Theft of cards and PIN by the insider e-fraud perpetrators.
Unsuspecting victims of e-frauds could also be called over the phone for his security details of the cards by e-fraudsters.

Web Purchases Services
This is e-payment systems that allow DMB customers to pay for goods and services online through the internet without the use of the physical cards on the websites of the Merchants (Airline operators, supermarkets, Telco operators, Government agencies, Schools etc.). It requires the knowledge of the card numbers, PIN and CVV at the back of the e-cards.
Phishing, Malware, etc. There could also be Theft of cards and PIN by the insider e-fraud perpetrators.
Similarly, unsuspecting victims of e-frauds could also be called over the phone for his security details of the cards by e-fraudsters. Finally, perceived rationalisation occurs when the perpetrator of fraud rationalize his fraudulent act as being acceptable. For internal e-fraud in Nigerian banks, perpetrators of fraud may rationalise the act of fraud by the thought of "we are not well paid compare to the work that we do, the need to meet our branch performance targets for us to retain our jobs, my family members are sick and they need financial help, my immediate family financial needs is more than my salary, we need to be rich through our smartness" etc.

Fraud Diamond Theory
This was first presented by Wolfe and Hermanson (2004) in the December CPA Journal. In this theory, a fourth dimension named capability was added to the three elements of the Fraud Triangle Theory. This is because without capability it may be seemingly impossible to commit fraud. Therefore, the potential fraud perpetrators must have the skill, be in a position of trust or have the capacity to commit fraud. The theory proposes that an individual's capability, personal trait and abilities could play a major role in determining fraud occurrence (Salawu, 2019). (2004) identified the following features that give fraud perpetrators capability to commit fraud as follows: 1) authoritative position or function within an organisation 2) ability to manipulate the weaknesses of the organisation's internal control system to perpetrate fraud 3) boldness to undertake fraudulent actions with the mind that they will not be discovered and 4) ability to cover up fraudulent activities for a long period to protect being caught.

Wolfe and Hermanson
The fraud triangle and diamond theories are relevant to the study as they provide the theoretical framework that is used to provide explanations on why and how employees of Nigerian banks engage in e-frauds.

Theory of Deception
Deception is often used by a con artist to dispose of a victim of financial resources and valuables in many business negotiations (Schweitzer, 1997). The theory of deception specifies seven operational tactics often used by fraud perpetrators to defraud unsuspecting victims (Grazioli & Jarvenpaa, 2003a, 2003bJohnson et al., 2001). These tactics are Masking (Hiding or destroying critical Since e-frauds are perpetrated through the internet, con artists find it easy to use

Empirical Review
Akinyomi (2012)   ing into consideration as the study restricted fraudsters to relatives, friends and lovers of the victims. This is a gap in the literature that this study fills.
Finally, Elumaro and Obamuyi (2018) investigated the relationship between card frauds and customers' confidence in alternative banking channels (e-channels) in Nigeria and found a negative relationship between the two. This is because e-fraud breeds uncertainty in the financial ecosystem and subsequently leads to lack of trust in the alternative banking channels. This will result in the avoidance of e-channels by the public. The study recommended collaborations among the banks and their regulatory agencies to nib at the bud card frauds occurrences.
The findings of Elumaro and Obamuyi also conformed with that of Hoffmann and Birnbrich (2012) who asserted that victims of card frauds' confidence and trust in using alternative banking platforms to conduct their business transactions become shaken with a perception that the e-platforms are not safe for their financial transactions. This study is different from the study of (Elumaro & Obamuyi, 2018)

in that it focuses on why and how employees of Deposit Money
Banks (DBM) commit e-fraud rather than the effect of e-fraud on customers' confidence to use alternative banking channels which is the focus of Elumaro and Obamuyi (2018).

Methodology
The survey research design was adopted for the achievement of the objectives of the study which are to investigate why and how employees of DMBs in Nigeria perpetrated e-fraud and proffer possible e-fraud prevention measures that would curtail the scourge within the financial ecosystem. Primary data for the study was gathered through the administration of a structured questionnaire from one hundred and twenty (120)  showed that the research instrument is reliable.

Demographic Analysis of the Respondents
The respondents are well-knowledgeable experts in e-fraud investigations, preventions and computer systems security. They are directly responsible for investigating e-frauds involving outsiders and employees in their respective banks. Table 2 shows the demographic analysis of the Respondents concerning their age, education and professional background and years of experience in e-fraud investigation.
The respondents' age group is majorly less than 25 -45 as 78% of the respondents are in this age group. This is considered satisfactory as respondents born    While 87% of the respondents agreed that fear of job losses occasioned by the inability to meet deposits targets and other performance indicators set by Management made employees commit e-fraud, 86% of the respondents agreed that fear of job losses or job insecurity arising from incessant corporate downsizing which throws employees into the job market without terminal benefits induced employees to commit e-fraud. According to Albrecht et al. (2008), this fear may not be real but very real to the perpetrator of e-fraud. Similarly, frustration coming from staying too long on a grade (6 years and above) without progression in career path was identified as a reason why employees of Deposit Money Banks commit e-fraud as 77% of the respondents agreed to this fact while 23% of the respondents disagreed. All the Deposit Money Banks use contract or temporary staff in their operations. The contract or temporary staff have a least a year contract with the option of annual renewal subject to satisfactory performance. 87% of the respondents agreed that the use of contract or temporary staff creates employees' dissatisfaction that leads to commitment of e-fraud while 13% of the respondents disagreed.

Analysis of Respondents' Responses to Why Employees of Deposit Money Banks (DMB) Engage in E-Fraud
Furthermore, 82% of the respondents agreed that abuse of privilege position of the DMBs employees as intermediaries between depositors and borrowers which enable them to have access to customers' sensitive financial information induce employees to commit e-fraud while 18% disagreed. The employees are in a fiduciary position which makes customers and potential customers divulge sensitive information to them. However, abuse of this position of trust leads to the commitment of e-fraud. The Fraud Diamond Theory as presented by Wolfe and Hermanson (2004) is very relevant here to explain that employees of banks develop the capability to commit e-fraud as a result of the fiduciary and intermediary positions they occupy in the deployment of financial resources from the deficit units to surplus units of the economy.
Finally, greed on the side of employees of Deposit Money Banks is equally identified as a reason for a commitment of e-fraud as 94% of the respondents agreed that greed to acquire unnecessary personal assets and effects make employees of DMB to engage in e-fraud while 6% of the respondents disagreed.
This is in line with the findings of Akinyomi (2012) which identified greed as the main reason why employees of banks commit fraud.

Analysis of Respondents' Responses to How Employees of Deposit Money Banks (DMB) Perpetrate E-Fraud
In a bid to boost revenue, bottom lines and enhance the use of e-cards for earning e-products fees, some DMB engage in massive production of e-cards for their customers without the customers' authorisations meanwhile customers' account would have been debited for ₦1000 being the cost the cards (One of the authors received a debit alert from his bank for e-card he never requested for during this study). This resulted in an opportunity to commit e-fraud in the DMB as 95% of the respondents agreed that employees steal customers' e-cards and PIN, most especially those produced without the consent of the customers Computer Technology (ICT) skills request co-employees to do a task in the course of discharge of his job responsibilities that eventually amount to e-frauds.

Conclusion and Recommendations
E-frauds in Nigerian banks are not only committed by outsiders but also by the employees of the Deposit Money Banks and this call for caution on the side of all users of e-products anytime they have dealings with their banks. The reasons employees commit e-frauds could be classified into two which are financial pressure and non-financial pressure. Financial pressure could be from relatives, friends and religious organisations the employees belong to who often demand that employees of banks should give them money to meet their personal and operational needs. Also, financial pressure could arise from the employees aspiring to acquire personal effects whose costs are above his or her income. Non-financial pressure arises from fear of job losses or job insecurity occasioned by the inability to meet unreasonable financial targets (Deposits, Credit facilities etc.) set by Management and disruptive technologies that often instigate corporate downsizing and restructuring. Besides, employees' dissatisfaction and frustration because of being used as a contract or temporary staff and staying too long on a grade without hope of career progression are non-financial pressure that becomes real to employees to commit e-frauds.
Apart from Phishing, Smishing and Vishing, employees of banks also collude together to carry out authorised debit and alternations to customers account as a means of committing e-fraud. Furthermore, legitimate and expertise power are used to co-opt other employees to commit e-frauds against the organisations and customers. Finally, National Assembly Committees on Labour and Productivity in Nigeria should introduce a bill to accommodate how employees of DMB whose employment would be terminated because of unavoidable corporate downsizing should be compensated for job losses by their employers in the 21 st Century.
This will ease off tension and pressure of employees that presently work under intense uncertainties of job security to participate in e-fraud in the Deposit Money Banks.

Suggestion for Further Studies
The present study only focuses on e-fraud from the perspectives of employees of banks without taking into consideration the Executive Management employees' e-frauds which also exist in the industry. Also, the strengths and weaknesses of regulatory framework to prevent e-fraud and stimulate customers' confidence and financial inclusion were not assessed.