No fewer than 12 banks are still struggling to meet the new deadline set by the Central Bank of Nigeria for banks to become Payment Card Industry Data Security Standards-certified.
The PCIDSS certification is a global requirement for banks and other institutions involved in the storage, transmission and processing of payment card holders data.
The CBN had last week set November 30, 2014, for banks operating in the country to become PCIDSS-certified or risk severe sanctions.
The new deadline came nearly 16 months after the end of the CBN’s initial deadline for the nation’s banks to meet the payment card security standards.
The move is part of efforts to further combat card fraud in the financial system, while helping to instil confidence in the minds of Nigerians as part of the reformation of the payment system, according to the central bank.
But on Sunday, CBN sources disclosed to our correspondent, on the condition of anonymity because they were not authorised to speak on the matter, that only 10 out of the 24 banks in the country had been become PCDSS-certified.
A central bank official close to the matter said, “Only 10 banks are fully PCIDSS-certified at the moment. The remaining banks are also close to becoming certified. Most of the banks not yet certified are actually at various stages of getting certified.
“I think almost all the banks will become certified before the November deadline. CBN appointed Qualified Security Assessors will be visiting them from time to time to approve the various stages of compliance until they will become fully certified.”
The central bank had in a circular entitled ‘Circular on timeline for PCIDSS certification by all deposit money banks, switches, processors’, last week threatened to “invoke appropriate sanctions for non-compliance with the provisions of this circular.”
The circular, signed by the CBN Director of Banking & Payments Systems, Mr. Dipo Fatokun, recalled that a previous circular on the need to combat card fraud had asked banks to comply with the PCIDSS before December 31, 2012.
The extension of the deadline, the circular added, followed requests by many asking for additional time to enable them complete the certification process.
The CBN had also engaged the services of three Qualified Security Assessors to conduct pre-certification assessment of banks to determine their readiness.
The circular added, “The result of the assessment showed that while many banks and processors have complied with the standards, some are at various stages of compliance.”
Meanwhile, a CBN report on card fraud cases for the first half of 2013, which was released on February 19 this year, stated that 2,478 fraud and forgery cases were recorded in banks, valued at N22.4bn. The figure was higher than the 2,300 recorded cases, valued at N7.1bn in the corresponding period of 2012.
The report added, “Of this amount, actual loss incurred by the banks was N3.8bn, representing 17.1 per cent of the total fraud amount, compared with N2.5bn in the corresponding period of 2012 and were carried through diverse means.
“They include fraudulent withdrawals from customers’ accounts, suppression and conversion of customers’ deposits, theft, illegal funds transfer, cheque defalcations, and fraudulent ATM withdrawals, among others.
Source: Punch (by Oyetunji Abioye)
