How to mitigate your microfinance bank’s risk of fraud

Over the past ten years, the number of detected fraud cases within the microfinance and mobile money industries is rising. Some cases are reported and publicised like the Tigo case in Uganda in 2014 and more recently, the Integrated Microfinance Bank case in Lagos.

The news is populated by cases of fraud, both conducted by internal staff and by external agents, customers or third parties. For both types of fraud, industry experts arrive at similar advice for leaders of microfinance banks who want to mitigate their risks.

man at desk with laptop

Strengthen your microfinance bank’s internal controls

Internal fraud leads to economic loss for financial service providers and the individuals and families they serve in their communities. To prevent fraud, microfinance banks need to implement comprehensive fraud management programs with stronger internal controls. The control in place must hold microfinance banks to appropriate levels of monitoring, tracking, detection, authorisation and access rights.

According to best practice detailed by CGAP’s analysis, there must be:

  • Clear separation of duties for staff who initiate and approve transactions
  • Improved security by requiring at least two passwords to access the system
  • An internal department dedicated to monitoring and addressing fraud
  • Automated reconciliation systems
  • Automated transaction monitoring

Mobile money services require strong internal controls

Mobile money is part of the reason for the rising number of fraud cases among microfinance banks. While mobile money is boosting access to financial services in hard-to-reach, remote communities, it creates more opportunities for fraud.

Mobile money introduces certain risks, explained by CGAP’s report, that must be managed: product risk, channel risk and agent risk. Because most microfinance bank clients demand mobile money services, your microfinance bank needs to actively mitigate risks of fraud while rolling out new mobile services.

two people using tablets and calculator

Oradian enables you to take control

Oradian’s core banking system, Instafin, enables you and your team to implement stronger internal control that mitigate your risks of fraud. Oradian enables you to take control by configuring Instafin to match your organisational structure and corresponding user access rights and by tracking all user and transaction activity.

Define your user access rights to match your organisational structure

In Instafin’s administration section, you control who can access each of Instafin’s modules. You define and manage each user’s access rights based on their role within your organisation. This means that you assign access to each of Instafin’s modules for each Instafin user as needed.

In the administration section, some of the key functions are:

  • Transaction configuration: to view and manage transaction approval configuration
  • System setup: to activate or deactivate each module of Instafin
  • Users: to create and manage user access to the system
  • Roles and user rights: to define user profiles to which a user can be linked
  • Password policy: to defined password security level, number of failed login attempts allowed, lockout policy and session expiration time
  • User reports: to track activity of users

You can also configure Instafin to mirror your organisation in the following ways:

  • Organisation structure: to view, create and manage all organisational levels of the institution
  • Branches: to view and create branches
  • Centres: to view and create centres
  • Move clients: to transfer clients from one branch to another, from a credit officer to another, etc.
  • General settings: to define operational days, loan classification categories, number of organisation levels above branch level, client and account ID automated generation setup and approval processes for clients
  • Payment methods: to create and manage payment methods available to the institution and to each branch

Define settings in Instafin’s teller module

Instafin’s teller module is built to allow handling cash transactions while reducing the risk of fraud. It enables you to track physical cash flow on an operational, day-to-day level and the ability to know the exact situation for disbursement and fund collection with transparency and efficiency. 

No transaction can ever be deleted from the system, so transactions remain visible forever. These controls are of paramount importance to prevent fraud and increase operational control. 

Supervisors set the upper and lower limits for each teller, track each individual transaction, and settle the balances at the end of the working day.   

As always with Instafin, all associated reporting is available in real-time, allowing spot checks, full audits, and the investigation of possible cash differences without interruption of branch operations.   

Download CGAP’s brief on fraud in mobile financial services