Skip to content
Tiatra, LLCTiatra, LLC
Tiatra, LLC
Information Technology Solutions for Washington, DC Government Agencies
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact
 
  • Home
  • About Us
  • Services
    • IT Engineering and Support
    • Software Development
    • Information Assurance and Testing
    • Project and Program Management
  • Clients & Partners
  • Careers
  • News
  • Contact

Steps CIOs should take to protect customer data in Nigeria’s open banking systems

Due to Nigeria’s fintech boom borne out of its open banking framework, the Central Bank of Nigeria (CBN) has published a much-awaited regulation draft to govern open banking procedures. And at its core is the need to secure customer data through a robust set of requirements.

The regulations streamline how entities who handle customer banking information will secure their systems and share details within protected application program interfaces. They’ll also seek to standardize policies for all open banking participants, and come at a time when the country is enjoying a boom of fintech and banking services that have attracted international funding in the startup space.

According to the Africa Funding Startup 2021 report, Nigerian fintech has brought in more than half of the US$4.6 billion of total African startups, which underpins the growing need for more financial products, and facilitates greater data sharing across banking and payments systems that open banking provides.

For Emmanuel Morka, CIO at Access Bank Ghana, open banking is the future and enterprises should seize on the opportunity.

“Traditional banking is fading away,” he says. “Open banking is the only way you can set systems like agency banking, mobile banking and use dollars.”

He notes that fintech has been at the forefront of the open banking system in the region and believes it will spread across the continent. But wherever there’s money, there’s insecurity and the free exchange of application programming interface (API) across banking platforms has opened opportunities and risks as well. Unsecured systems and API channels can be a point of vulnerability.

Securing customer data

“One of my headaches as a CIO is no one is fully protected,” Morka said, adding that open banking has to ensure that customer data and assets aren’t compromised, so all endpoints in his organization must be fortified. The Operational Guidelines for Open Banking in Nigeria published by the CBN stress that customer data security is critical for the safety of the open banking model. The preliminary draft will guide the industry discussion before the final guidelines are put in place by the end of the year.

The foremost thing to secure data, according to Morka, is to expose fit-for-purpose data for consumption. This means that CIOs need to limit data accessibility to what is requested and can be used.

“I see open banking as an exposure of some data over a secured standardized channel to third parties for consumer banking,” he said. “I am the bridge between business and technology.”

He also says that it’s not only the core banking products that need protection but also tools on CRM and other software that centers on customer data.

The framework provided by the CBN also considers constant monitoring of systems of third-party API users in the open banking system. TeamApt, a Nigeria-based fintech startup, has helped over 300,000 businesses use its digital banking platform and is anchored in open banking.

The company sees legislation such as the Nigeria Data Protection Regulation (NDPR) as a big consideration for companies dealing with personal data.

“Due to the sheer size of personally identifiable information being shared, in the hands of bad actors, this data can be used to pilfer bank accounts, erode credit ratings, and conduct identity theft on a large scale,” said Tosin Eniolorunda, founder and CEO of TeamApt.

Organizations like banks also suffer using resources to recover stolen data, losing customer trust in the process, he said.

“These regulations ensure that customers have some sort of control over how their data is collected, processed and shared,” he says.

The Central Bank’s regulation has also factored in the NDPR requirements to craft how financial institutions manage customer data, and the regulations outline that consent is needed for use of customer data in open banking to avail them of financial products and services.

Six steps to achieve a secure open data platform

There are several steps IT experts can take to make sure customer data are in line with privacy laws, and that security across all systems is in place to shield these data points from leakage.

1. Technology leaders must have their systems and processes adhere to privacy laws and the final guidelines to be published by the CBN. “It’s important that executive teams work closely with lawyers who have the necessary data experience to advise on the requirements and implications of applicable regulations and guidelines like those released by the CBN on open banking,” says Eniolorunda.

2. Morka suggests that only a customer’s information that’s relevant to a transaction should be used—something he calls fit-for-purpose data. Not all data points need to be exposed during transactions. CIOs need to ascertain what type of data can be enough for transactions to securely take place.

3. Eniolorunda encourages the use of technology in know your customer (KYC) processes. Morka also says that the use of artificial intelligence (AI) should be implemented to make the process of KYC easier on financial institutions while making it accurate and efficient.

4. There needs to be constant evaluation of banking systems and APIs used in transactions, according to Morka. In terms of supply chains, Eniolorunda adds that companies must ensure that third-party vendors they use have the highest possible security standards, and the security programs of these vendors must be routinely audited and validated.

5. Customer education is key. Morka agrees that some technologies like smartphones and internet access have not reached most rural regions in African countries. This hinders the appropriate use of banking technology and slows down its adoption. For those who have embraced digital banking, constant education on how to keep their accounts secure is essential.

6. The collaboration between stakeholders will make the banking ecosystem robust and guide its growth. The CBN, through its Open Banking Guidelines, seeks to ensure that its oversight affords more collaboration for superior digital banking products for customers.

Banking, Data and Information Security


Read More from This Article: Steps CIOs should take to protect customer data in Nigeria’s open banking systems
Source: News

Category: NewsAugust 5, 2022
Tags: art

Post navigation

PreviousPrevious post:Las Vegas CIO shapes city of future on IoT, cloudNextNext post:Transformational AI: Take Inspiration from Successful Implementers

Related posts

휴먼컨설팅그룹, HR 솔루션 ‘휴넬’ 업그레이드 발표
May 9, 2025
Epicor expands AI offerings, launches new green initiative
May 9, 2025
MS도 합류··· 구글의 A2A 프로토콜, AI 에이전트 분야의 공용어 될까?
May 9, 2025
오픈AI, 아시아 4국에 데이터 레지던시 도입··· 한국 기업 데이터는 한국 서버에 저장
May 9, 2025
SAS supercharges Viya platform with AI agents, copilots, and synthetic data tools
May 8, 2025
IBM aims to set industry standard for enterprise AI with ITBench SaaS launch
May 8, 2025
Recent Posts
  • 휴먼컨설팅그룹, HR 솔루션 ‘휴넬’ 업그레이드 발표
  • Epicor expands AI offerings, launches new green initiative
  • MS도 합류··· 구글의 A2A 프로토콜, AI 에이전트 분야의 공용어 될까?
  • 오픈AI, 아시아 4국에 데이터 레지던시 도입··· 한국 기업 데이터는 한국 서버에 저장
  • SAS supercharges Viya platform with AI agents, copilots, and synthetic data tools
Recent Comments
    Archives
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • May 2023
    • April 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • October 2022
    • September 2022
    • August 2022
    • July 2022
    • June 2022
    • May 2022
    • April 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • September 2021
    • August 2021
    • July 2021
    • June 2021
    • May 2021
    • April 2021
    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    Categories
    • News
    Meta
    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    Tiatra LLC.

    Tiatra, LLC, based in the Washington, DC metropolitan area, proudly serves federal government agencies, organizations that work with the government and other commercial businesses and organizations. Tiatra specializes in a broad range of information technology (IT) development and management services incorporating solid engineering, attention to client needs, and meeting or exceeding any security parameters required. Our small yet innovative company is structured with a full complement of the necessary technical experts, working with hands-on management, to provide a high level of service and competitive pricing for your systems and engineering requirements.

    Find us on:

    FacebookTwitterLinkedin

    Submitclear

    Tiatra, LLC
    Copyright 2016. All rights reserved.