Technology Banker September/October 2015 by Technology Banker

The Voice of Technology and Finance in Africa

www.technologybanker.com

September/October 2015 £3.99

SOLVING SECURITY CHALLENGES WITH COLLABORATIVE INNOVATION Focusing beyond technology

Transforming retail banking in Africa

Keeping a continuous commitment to compliance

Driving cyber security from a

Looking ahead: global predictions for

How to maintain PCI DSS compliance

customer’s perspective.

the retail banking industry.

and prevent data breaches.

…the ideal solutions for SME growth

• SMERP Platform built for Micro, Small and Medium Enterprises (MSMEs) • Manages accounting, inventory, sales and a lot more • Supports MSMEs in manufacturing, retail, distribution, service providers etc. • Cloud solution developed to manage the operations of MSMEs • Offered as a service thereby removing the barrier to technology adoption by this segment • Tailored solution for the different business segments within the MSMEs space www.smerp.com.ng

Computer Warehouse Group Plc Headquarters Block 54A, Plot 10, Off Rufus Giwa Street Off Adebayo Doherty Road Off Admiralty Way Lekki Phase 1, Lagos

CWG webshop (Openshopen) is a secure, web based, online e-commerce platform that enables a store owner generally referred to as merchant to open her own individual online store where her products can be sold online. This easy e-commerce platform allows merchants to have their online shops in just three simple steps. It is a comprehensive solution that enables merchants to sell on the internet by creating an online store that uniquely identifies the merchant and her business online. www.openshopen.ng

Tel: 234-1-2706065 01-2809800 Ext.: 1000 Fax: 234-1-2706064 Email: info.cwl@cwg-plc.com Website: www.cwg-plc.com

e On the rise – th

an banking

future of Afric

s cal landscape ha and technologi al ci an fin s a’ e Afric w trends over th reshaped by ne ly nt ta ns co en be rminals (PoS), Point of Sale te s, M T A g in ud g, years, incl anchless bankin obile money, br m g, in nk ba mobile ent & cards, Big Data, paym g, in nk ba cy agen d regulation. compliance an

p hose relationshi omers alike, w st cu d an s nk of banking ed both ba vative methods no This has affect in d an w ne omers, thrive as long as d safety of cust will continue to an e nc ie en nv loped for the co transformed. keep being deve nstantly being co is re ltu cu whose financial ndscape cial services la an fin s a’ ic fr A will ing decade estion is, what But the key qu t that the follow ub do no is re ars’ time? The see Africa’s be like in 10 ye owth that could gr r fo es iti un of citing opport te with the rest will provide ex ough to compe en st bu ro g in nology and t becom offerings, tech h, emerging marke pt de n, io at istic rms of its soph the world in te profitability. sfully at could succes th t lle bu er lv si the raphic future nology remains Africa’s demog As always, tech of s fit ne be e tapping into th get new vative ways to close the gap by no in ith w s nk e continent’s ba and provide th ard. customers on bo please write our readers, so u, yo om fr ar he would love to As always, we email. your views by to us and send , Warm Regards Remi Akinjomo tor Managing Edi

www.technologybanker.com

Contacts: Publisher - Stefan Grossetti Editor - Ian Powell Deputy Editor - John Bennett Sales & Marketing - Jenny Howard Managing Editor - Remi Akinjomo Head of Operations - Monika Derfinakova Head Office UK 10th Floor, 88 Wood Street, London EC2V 7RS Tel: +44 (0) 1442 459 1536 info@technologybanker.com www.technologybanker.com Nigeria Partners Humid Links House 5B, Close D, Oba Oyekan, Lekki, Lagos

The contents of this publication are subject to copyright protection and reproduction in whole or part, whether mechanical or electronic is expressly forbidden without prior written consent of the editor. Views expressed in the publication do not necessarily reflect those of the editor or publisher. We welcome contributions, however, publication is at the discretion of the editor. We also take no responsibility for the return of materials. Whilst every care is taken to ensure accuracy, we cannot be held liable for any inaccuracies. All rights reserved.

©Technology Banker 2015 ISSN 2051-9435

AUGUST 2015

www.technologybanker.com

September/October 2015 Edition

News in Brief

14 Keeping a continuous commitment to compliance

Wonuola Martins explains three ways that companies can protect vital data by keeping a continuous commitment to compliance

New trends for global retail banking

François Chaffard reports on the latest trends and technologies, such as digitisation, on-boarding and EMV, transforming retail banking in Africa.

20 Eliminating risks through ethical hacking

Digital Encode is using its advisory services to educate organisations about how to tackle the latest cyber threats.

Focusing beyond technology

Osioke O. Ojior on adaptive identification, how IT can accelerate business success and the intelligent application of Information Technology.

Solving security challenges with collaborative innovation

Bassem Bouzid on collaborating closely with customers, delivering world class security services and developing the right decisions at the right time.

Is cash still king or yesterday’s hero?

Vinolan David, Head of Card Issuing at Standard Bank, writes about the increasing demand for electronic transactions in many African countries, and the powerful solutions it is hoped will ultimately move most Africans out of the traditional ATM and bank branch queues

36 Interoperability the key to financial inclusion

Interoperability is helping to fuel the next wave of growth in Africa’s mobile money service, writes Srinivas Nidugondi, Sr.

A Nucleus of innovation delivers success

Percy Thaver explains how Nucleus Software is successfully responding to market opportunities and challenges by devising new strategies and products.

44 Setting the standard in cardholder protection

Bolaji Beredugo, a consultant with Digital Encode, explains Requirements 1 and 2 of the Payment Card Industry Data Security Standard.

Events for your Diary

Finding solutions in challenging times

Problems and prospects – the challenges facing Islamic Banking in Africa

www.technologybanker.com

AUGUST 2015

NEWS IN BRIEF

Airtel Ghana reaches mobile money milestone The number of registered customers using Airtel Ghana’s mobile money platform has now reached the two million mark. This new milestone represents a 25 percent growth within just two months. A statement by the company’s Corporate Communications and External Affairs Manager, Maame Dufie Cudjoe, said the continuous rise in subscribers to the mobile money service was evidence that more people are now embracing the concept of a cashless economy and many were choosing Airtel’s simple, secure and instant mobile money platform to join the new era of mobilecommerce. The statement said that Airtel Ghana’s goal has been to propel Ghana into a cashless economy by improving security and the instantaneous delivery of financial transactions and the recent surge in subscribers is an encouraging step towards that objective. Innovations by the company include the introduction of Tap ‘N’ Pay, a service that enables customers to make payments with Airtel Money with just a tap of their mobile phones. “The 2 million customer milestone goes beyond mere numbers,” said Hannah Agbozo, Airtel’s Director for Legal and Corporate Affairs. “It shatters the myths about how to scale social innovation in banking to expand financial inclusion by offering a simple, affordable model to reach out to millions of Ghanaians who want to save or transact in a convenient, fast, reliable and affordable manner.”

AUGUST 2015

BlackBerry to buy crisis alerts firm AtHoc BlackBerry Ltd has agreed to buy AtHoc, a privately held company that provides secure, networked crisis communications. AtHoc’s services are used by a number of large companies and government agencies, including the U.S. Department of Defence, the U.S. Department of Homeland Security and a host of public and private blue chip companies across the world. The terms of the transaction have not been disclosed yet, but the deal is expected to be completed in BlackBerry’s 2016 fiscal third quarter. It is the latest in a string of acquisitions by the smartphone pioneer and will be subject to the customary closing conditions. “BlackBerry is making strategic investments in security, privacy and

the Internet of Things, and acquiring AtHoc will enable us to provide a holistic, end-to-end approach to communications,” said John Chen, BlackBerry’s Executive Chairman and CEO. “AtHoc’s technology and expertise will play a key role as BlackBerry works to connect and secure a broad range of endpoints.” AtHoc’s President and CEO, Guy Miasnik, said: “We both share a common vision of a securely connected world. Federal departments, state and local agencies, and commercial enterprises alike depend on AtHoc to communicate reliably during their most critical moments. Becoming part of BlackBerry will give us the ability to scale more quickly to expand our global reach and introduce new applications.”

ICT giant showcases distinct products at breakfast event Dell showcased a wide array of differentiated products in the market at its recent breakfast event in Lagos, which was organised for Chief Information Officers of Nigerian organisations. The products on display all came with standard-based systems that do not lock users solely to its platforms, thereby providing them with an open approach ecosystem, flexible scaling and modular systems, as well as end-to-end solutions. Dell’s Enterprise Product Manager, Shams Hassan, said his company has lots of differentiated products in the areas of networking and storage. “Dell is not only into laptops and desktops as most people believe,” he said. “We are also a very strong player in server and storage, as well as networking.” Dell Nigeria’s Country Manager, Akin Banuso, also spoke about Dell’s Precision Workstations that help to boost productivity by integrating the latest industry-standard technologies into a highly reliable platform.

www.technologybanker.com

NEWS IN BRIEF

Concerns grow that Nigeria is falling behind with IPV6 migration Stakeholders in the African region are concerned about a lack of commitment by Nigeria and other African countries to the migration from Internet Protocol Version 4 (IPv4) to the latest IP address system, Internet Protocol Version 6 (IPv6). The migration to IPV6 is seen as vital, as it is the communications protocol that provides identification and location system for computers on networks and routes traffic across the internet, and a number of countries around the world, including Japan, Korea, China, the USA and in Europe, are deploying the IPv6 across their networks and services. But the IPv6 adoption rate has on the whole been slow so far – with only 2.7 per cent of the top one million websites ready for it – and this is especially the case in Africa. Action is now needed as IPv4 resources have now been exhausted and are gradually going into extinction, according

Nigerian MFBs aiming to defy the odds

Despite the many challenges currently facing Nigeria’s Microfinance Banks (MFBs) some are defying the odds and providing quality services, maintaining sound financial discipline and creating value for shareholders. The Nigeria Deposit Insurance Corporation’s (NDIC) has pointed out that corporate governance challenges, weak capital base, poor asset quality, high operating costs, scarcity of loanable funds, low literacy levels and inadequate Management Information System are still bedeviling the industry. But some optimists believe that if the Central Bank of Nigeria (CBN), NDIC and other regulatory agencies

www.technologybanker.com

to the Internet Assigned Numbers Authority (IANA), the body responsible for the global coordination of the Domain Name System (DNS) Root, IP addressing, and other internet protocol resources. As a result, the Nigeria Communications Commission (NCC) has been urged to set guidelines for the transition from IPv4 transition to IPv6 to ensure that Nigerians enjoy the improvements to addressing, configuration, maintenance and internet security. Mr Lanre Ajayi, President of the Association of Telecommunications Companies of Nigeria (ATCON), is unhappy about Nigeria’s slow progress towards IPv6 adoption and warned that the country could be left behind. He has cited Nigeria’s failure to meet the International Telecommunications Union’s (ITU) 2015 digital broadcasting transition and stressed that this should not be repeated with the IP version transition. “NCC as a national commission should cautiously rollout IPv6 transition policy,” he said at an ATCON forum in Lagos.

could provide both moral and financial supports for the industry, and the Federal Government took action to improve the harsh operating environment, MFBs operations would become more prosperous. The NDIC’s yearly report and statement of accounts of 2014 showed that the sub-sector’s total assets grew by 12.26 per cent from 197.44 billion in 2013 to N221.65 billion in 2014, while total loans and advances moved from N85.44 billion in 2013 to N114.70 billion in 2014. In addition, the Special Insured Institutions Fund (SIIF), a pool of insurance premiums by MFBs, rose by 23.39 per cent from N57.71 billion as at December 31, 2013 to N71.21 billion as at December 31, 2014. When the figures of NPF Microfinance Bank Plc, which is now one of the leading microfinance banks in this sub-sector, were recently reviewed by Augusto & Co, the exercise ended with an ‘A’ rating. The MFB was declared as a company with good financial

condition and strong capacity to repay obligations on a timely basis. In the last three years, NPF Microfinance Bank’s business volumes have grown moderately, with their total assets rising at a Compound Annual Growth Rate (CAGR) of 19 per cent; total loans and advances also growing at a CAGR of 17 percent over the same period and net earnings’ growth of 15 percent from 2013 to N2 billion as at December 31, 2014. Pre-tax return on equity and pretax return on asset have averaged 15.6 percent and 7.1 percent respectively over the three-year period, while costto-income ratio averaged 68.7 percent over the same period (2014: 69.3%). The pre-tax profit increased by 21% to N617 million during the year ended 31 December 2014, while return on asset remained unchanged at 6.3 percent and return on equity improved to 15.4 percent. This is a promising development that other Nigerian MFBs will now hope they can emulate.

AUGUST 2015

NEWS IN BRIEF

Skye launches ‘big enough’ advertising campaign Skye Bank Plc has launched a new television and radio advertising campaign, entitled “The Skye is big enough”, which states the Nigerian bank’s determination to meet the needs of its customers. The adverts profile some successful Nigerians with humble beginnings in order to inspire customers to achieve their objectives. The bank’s Executive Director, Corporate Services, Mrs Abimbola Izu, said the campaign shows that Skye Bank is big enough for anything that customers have a passion for and anything they dream about. “We are not only saying we are big enough in terms of size, but we are big enough in terms of the skills, technology, sound corporate governance structure, system, policy, risk management principles in place, knowledgeable and dynamic management we have,” she said.

Governor praises Fidelity Bank for reducing Nigeria’s inequality Sokoto State Governor, Rt. Hon. Aminu Waziri Tambuwal, has praised the Fidelity Bank Helping Hands Programme (FHHP) for helping to reduce inequality in Nigeria. He commended the initiative and praised the bank for their vision while commissioning the state’s Orphanage Home, which as been renovated by the bank’s staff, saying that such gestures are rare, especially amongst commercially driven organisations. “This project is an indication that Fidelity Bank is truly acting according to script of empowering the good people of Sokoto State and by extension, Nigeria.”

GTBank wins international excellence award GTBank was named ‘Best Bank in Nigeria’ at the 2015 Euromoney Awards, which were held in London in July. The Euromoney Awards for Excellence cover more than 20 global product categories in over 100 countries around the world by recognising institutions that have demonstrated leadership, innovation, and momentum in the markets they operate. Euromoney magazine editor, Clive Horwood, said: “Competition for the awards was arguably the toughest it has been since the start of the global financial crisis. GTBank stands out, not only because of its stellar performance, but by its ability to define what its core strengths are, abide by these strengths and build its business around them.”

Banks buying into Bitcoin technology Bitcoin was once widely dismissed as little more than a way for drug dealers to move money around anonymously, but now some of the world’s biggest banks are buying into the technology behind it. Underlying the digital currency is the blockchain, a record of every transaction ever made that is updated every 10 minutes and shared by a global network of computers. But the data that can be secured by the blockchain is not restricted to bitcoin transactions. Any two parties can use it to exchange information, such as stock deals, legal contracts and property records, within minutes. This means it could cut out the middleman and help the fight against corruption, as the process by which the data is secured makes it virtually impossible to tamper with. Banks reckon it could save them money by making their operations faster, more efficient and more transparent.

AUGUST 2015

www.technologybanker.com

NEWS IN BRIEF

South African banks face disappointing Nigerian results There are concerns that some of South Africa’s largest financial firms will unveil poor results from their Nigerian operation after Standard Bank’s Nigerian subsidiary posted a 52% reduction in pre-tax profits for the six months to June. Central banking reforms, pre-election jitters and the impact of the oil price’s decline on the country’s economy have all been blamed for these poor interim results, which could wipe 2.5% off Standard Bank’s earnings when it releases its next results. The bank’s share price fell 1.23% to R160/share on the JSE the day after its West African subsidiary published its results. FirstRand subsidiary RMB and Barclays Africa also have corporate banking operations in Nigeria that could be affected, with RMB’s results expected in September.Stanbic’s Finance Chief, Arthur Oginga, said moves by the Central Bank of Nigeria to tighten monetary policy had placed pressure on market liquidity and raised the cost of holding funds. As part of its cash-reserving ratio (CRR) requirement, the Reserve Bank required lenders to hold a higher proportion of private sector deposits on their books. The slide in global energy prices, which severely harmed the oil-exporting country, has also hit fee and commission income. Mr Oginga believes Stanbic’s fortunes will turn once the economy recovers, as the bank is improving its operations in a number of ways. A new electronic banking system has been set up and the bank has improved its production infrastructure. Stanbic is also planning a major upgrade of its core banking set-up.

www.technologybanker.com

BEE’s decade of success Standard Bank has said its black economic empowerment (BEE) scheme, Tutuwa, has created wealth of more than R10.7bn over the past decade. It has benefited almost 6,500 individuals and businesses, including 6,100 current and former Standard Bank employees, two broad-based strategic partners, 261 small, medium and micro enterprises (SMMEs) and the empowerment groups Safika and Shanduka. The maturity of the deal and the value created has allowed its beneficiaries to leverage the value that has been created to expand their respective businesses. Standard Bank Group has said it is imperative to have leading black business groups among its empowerment partners that would provide leadership in assisting management to meet the strategic business objectives in a rapidly transforming banking market. Standard Bank CEO Sim Tshabalala said the BEE deal has had a positive effect on the South African economy, generating “no less than a R1bn” in taxes.

African Bank’s transformation “will take time” African Bank is working hard to transform itself into a “good bank”, with the help of Curator Tom Winterboer, but it will be some time before the group will be listed on the JSE again. The bank reported an annual loss of 9,3bn for the year to end September 2014, with further losses of just below R3bn being predicted for the present book year. It is still collecting R2bn/month from customers, but lending has dropped to a monthly R600m. Incoming CEO Brian Riley envisages an entry into the online lending market, but Mr Winterboer believes it will take time for the bank to establish a track record that will make it attractive to investors again. “We envisage a time period of at least two years before it could list on the JSE,” he said.

AUGUST 2015

NEWS IN BRIEF

SWIFT data shows impressive African growth New figures released before the SWIFT (Society for Worldwide Interbank Financial Telecommunication) African Regional Conference (ARC) have shown that its payment business in Africa is outperforming the total growth of the business globally. ARC brings together policy makers, industry leaders and the broader financial community from around African 40 countries, and the data showed that payment traffic volumes in Africa have grown by 13.2%, versus 8.8% growth for SWIFT worldwide. The data also shows that Africa was the fastest growing region for payments traffic, surpassing EMEA at 6.9%, the Americas at 12.1% and Apac at 12.6% growth. In addition to this, SWIFT traffic between African countries has recorded its highest ever growth rate. At a country level, many of the African nations have experienced a startling pace of growth. In Angola, for example, payments traffic have risen by more than 78% in the year to day, versus the same period last year, and in West Africa, Ghana’s payments traffic rose by almost 30% and its securities by almost 55%. It’s been a similar story in East Africa. For example, payment message traffic in Kenya increased by 23.1%, \\\

Cracking the Code on Customer Value Banks must be able to crack the code on customer value if they are going to win the digital banking race, according to Cognizant Business Consulting’s Vice-President Sandy Gopalan. “Retail banks across the globe have adopted digital technologies – be it internet banking or mobile / smart phone banking – as well as the ability to manage customers to improve operational efficiency,” he said. “With digital banking penetration of just 15-18%, India has a lot of ground to cover. However, the fact that India has the highest internet user base after the U.S. and China, and very high mobile phone penetration also represents an upside for the banks.” Mr Gopalan believes that digital technologies now present a huge opportunity for Indian banks to deepen customer

AUGUST 2015

while its securities related growth was a startling 122.3%. In Tanzania, payments rose by 32.9% and securities by 45%, and payments in Uganda were up by 17.5% and securities by 31.6%. The data also revealed that SWIFT traffic between the African countries has recorded its highest ever growth rate, underpinning the evolution of the intra-African transaction corridors. Christian Sarafidis, SWIFT’s Deputy Chief Executive of EMEA, said: “Through the development of the SWIFT index, we know that the data is closely correlated to economic activity. “Rising SWIFT traffic volumes are therefore an indicator of economic growth. The figures revealed today show strong organic growth across Africa and in East Africa particularly, and serve as validation of the positive growth trends we are witnessing in the region.” Hugo Smit, SWIFT’s Head of Sub-Sahara Africa, confirmed that Africa is an important market for the society. “Once again, Africa has outperformed most of our other regions and has proven itself a critical component of our global business,” he said. “Because the continent has such huge growth potential, we are continuing to invest more resources to support the local financial community. It’s very heartening to see such impressive growth in both West and East Africa, where are currently opening new SWIFT offices.”

relationships, increase their customer base, overcome various regulatory barriers and access a great wealth of technology that currently emanates from the start-up sector. However, to really make the most of these big opportunities, banks will need to broaden their appeal, convince the client that there is something in it for them and come up with a compelling value proposition for their customers, other than merely convenience. To do this, they will need to answer the client’s question, “what’s in it for me?” He said that charging their customers nominal fees for inperson or physical transactions in order to increase the use of digital banking is not the answer. Mr Gopalan predicts that Indian’s extremely value conscious customers will only come onboard in large numbers when they see there is unquestionable value, as they are beginning to do in the case of e-commerce.

www.technologybanker.com

NEWS IN BRIEF

Zenith pledges commitment to best practice standards The Chairman of Zenith Bank Plc, Jim Ovia, has pledging his commitment to global best practices after receiving three global certifications on Information and Security Technology recently. The bank was awarded the British Standards Institution (BSI) for Information Management System ISO/IEC 27001:2013, Information Technology Service Management System ISO/IEC 20000-1:2011 and Business Continual Management System, ISO 22301:2012. Mr Ovia, who made the best practice pledge as part of his bank’s efforts to deepen its brand and ensure good customer experience, said: “Our commitment to these internationally accepted standards stems from a resolve to deepen customer experience through greater information security, an efficient IT management system and a robust business continuity plan that emphasises the protection of the customers and their investments. “Certification to these three standards is strong proof of the bank’s commitment to implement policies and practices that meet globally recognised standards.” The bank’s CEO, Peter Amamgbo, said: “We are proud to have achieved this milestone. Technology is at the core of our business strategy in order to meet our customers’ needs. For us, the customer is the reason we are in business, therefore it is essential that we deliver exceptional customer services.”

Cognizant recognised as a “leader” by new research report Cognizant Business Consulting has been named a “Leader” in Business Transformation Consultancies by Forrester Research Inc.’s latest report. Entitled, ‘The Forrester Wave™: Business Transformation Consultancies, Q3 2015’, the new report evaluated the strengths and weaknesses of 10 of the top business transformation consultancies. It evaluated global consultancies on 23 criteria in the three categories of current offering, strategy and market presence, in order to help customers select the right partner for their business transformations. Leaders were identified by the report as being partners who are “innovative, consistent, and complete.” According to a Forrester Research survey of global services decision-

www.technologybanker.com

UBA launches new hassle-free code for BVN registration The United Bank for Africa Plc (UBA) has boosted the Bank Verification Number (BVN) project by launching a new process that will enable its customers to submit their BVNs both simply and conveniently. Group Managing Director and CEO, Mr Phillips Oduoza, unveiled the short code, which is *919*6#, while launching the process in Lagos. Customers will be able to use it to send their BVN to the bank. Mr Oduoza said UBA has put the measures in place by leveraging its information technology infrastructure, and he hopes the initiative will give a tremendous boost to the BVN project’s overall success. “With 2.7 million registrations, UBA is the leading bank in BVN registrations among banks in Nigeria. We invite all customers to take advantage of this innovation, one of many initiatives of the bank to provide convenient banking solutions and excellent service to our customer,” he said.

makers, reducing costs, improving customer experience, and revenue growth are the top three drivers for recent business transformation projects. “Cognizant was the surprise in this field of more traditional business-consulting names because of how quickly it has built up high-quality assets for large-scale business transformations,” stated the report. The report also noted that, “The firm is extremely aggressive in building up software and other reusable assets and is positioned to exploit the long-term trend toward assetbased consulting.” Mark Livingston, Executive Vice-President of Cognizant Business Consulting, said: “Innovation and differentiation are at the core of the business transformation we lead for clients today. Organisational structures and go-to-market approaches designed before the digital economy are increasingly losing relevance.

AUGUST 2015

NEWS IN BRIEF

Shareholders ratify Skye Bank’s merger with Mainstreet Skye Bank Nigeria Plc has announced that it is targeting an increase in return on equity (ROE) by 13.17 per cent at the end of 2015 financial year after its shareholders unanimously approved the successful takeover of Mainstreet Bank Ltd. The Group’s Managing Director/ Chief Executive Officer, Mr Timothy Oguntayo, disclosed that net interest income is expected to rise by seven percent in the present financial year, as a result of the takeover. He added that deposit mobilisation is now being pursued vigorously to ensure that it

generates funding to meet the target. Mr Oguntayo, who spoke during Skye Bank’s recent pre-annual general meeting in Lagos, said the strategic intent of Mainstreet Bank’s acquisition was to accelerate both growth and leverage opportunities in retail banking across Nigeria. He added that the merger was expected to deliver significant operational synergies that will result in resource optimisation and enhancement of shareholder value, as well as create opportunities to deploy e-channels products and capabilities to Mainstreet Bank’s clients. Mr Oguntayo added that the Skye Bank’s board had taken far-reaching measures towards attaining a seamless

and efficient integration of the two financial institutions, adding that the merger process is scheduled to be completed by mid-year 2015 financial years. He said the bank had completed the integration of its operation with Mainstreet Bank by 50 percent, and looked to the future by explaining Skye’s plans to ensure that customers would both embrace the electronic banking culture and be able to enjoy a pleasant banking experience across all the channels. The acquisition will make Skye the country’s fourth largest bank by branch network, as it now has 469 branches across Nigeria and 887 automated teller machines (ATMs).

Ghanaian banks engaged in trade finance to meet temporary foreign exchange shortfalls with an initial investment of $200 million, expand lines of credit to Ghanaian Banks to enable them finance import of essential goods, including energy generation, and pursue the ongoing discussion with the Volta River Authority to provide it with additional funding of up to $300 million to enable it continue to pay for feed-stock imports and to clear arrears to local banks. Afreximbank would also increase its support to Ghana under the Bank’s Export Development Programme, help

the country enhance its trade supporting infrastructure, including power generation, and also help boost its service exports, particularly in tourism Sector, he added. The facilities included $150 million to the Volta River Authority to support capacity expansion and refurbishment activities; $70 million to a Ghanaian company to enable it offer mining and engineering services to international mining companies; $250 million to the Bank of Ghana to address short-term liquidity challenges; and $70 million to two Ghanaian-owned cocoa processing companies, he said.

Afreximbank plans initiative to help Ghana address foreign exchange liquidity challenge The African Export-Import Bank (Afreximbank) has announced a proposal to introduce foreign exchange swap arrangements aimed at advancing the availability of foreign exchange to the Bank of Ghana as part of a foreign exchange liquidity support for imports into Ghana. Dr. Benedict Oramah, President Designate of the Bank, who made the announcement on Friday 7th August 2015 in Accra during a meeting with Seth Terkper, Ghana’s Minister of Finance, said that the initiative was part of a country assistance programme which Afreximbank was developing to help Ghana address the economic challenges it was facing as a result of the recent global financial crisis. Dr. Oramah said that, as part of the country assistance programme, Afreximbank planned to support

AUGUST 2015

www.technologybanker.com

COMPLIANCE

Keeping a continuous commitment to compliance Wonuola Martins, Consultant at Digital Jewels Ltd, recommends three important actions that you can take to sustain your PCIDSS Compliance and reduce the risk of data breaches.

Wonuola Martins Consultant, Digital Jewels Ltd

AUGUST 2015

So, there you have it: you’ve just received your shiny, new certificate signifying your company’s compliance to the stringent, and occasionally, tedious PCI DSS requirements. As congratulatory messages are bandied about the room, you heave a sigh of relief that the arduous journey has come to an end, but for the annual “rite” of maintaining compliance status. Perhaps, it would be best to inform all and sundry that a successful PCI DSS journey does not end with the submission of a bulky, compliant Report on Compliance (ROC). Rather, it is just the beginning of the journey or challenge, as many would put it, of maintaining compliance. The PCI DSS compliance programme undoubtedly involves a lot of resources: human, material, time, etc. However, once the certification has been attained, compliance maintenance is often forgotten by a number of organisations until next year, when the annual assessment date draws near. Then, frenetic activity ensues as attempts are made to cover gaps, gather evidence and adjust processes in preparation for the validation.

Increased risk of data breaches This approach will probably lead to stressed out staff, chaotic initiatives and unidentified or overlooked gaps that can lead to weak controls and ultimately jeopardise organisational compliance status. In this scenario, such organisations may only be complaint on the day of validation, as compliance becomes a mere ritual and a box to tick in the annual plans, which places them at increased risk of compromise and data breach. Companies can, however, increase their chances of being compliant every day, rather than just at the point of validation, and maintain a healthy security posture and increase the return of investment (ROI) by putting the following key recommendations into action. Continuous Executive Commitment to Compliance Firstly, continuous executive commitment ensures that ownership is taken by the organisation’s leadership, rather than being the sole responsibility of the security team or personnel that

www.technologybanker.com

All about technology for banking and finance in Africa

The Voice for Banking and Finance in Africa

TECHNOLOGY INNOVATION

scope – as is recommended by the PCI DSS standard – organisations would reduce the resources, expenses and risk of non-compliance. It equally helps to simplify the compliance programme. While there is a tendency to focus primarily on technology to reduce the scope, changing business or IT practices can also help to achieve this objective. After all, the PCI DSS compliance programme is not just about system components. It is also intended for the people and processes that store, process or transmit cardholder data or sensitive authentication data. The other benefits of scope reduction may include a reduction in risk, workload and costs that would result in a simpler programme to manage.

are tasked with the responsibility of the compliance programme. This is important, as once certification has been attained, there is a risk that a company’s executive focus on PCI DSS will recede into the background, thus resulting in a loss of the organisational PCI DSS awareness that was hitherto enjoyed earlier in the process. Executive commitment ensures there is staff commitment to the realisation of the compliance objectives, and assurance that any potential impact

AUGUST 2015

to compliance is considered before strategic business decisions are made, alongside the availability of resources for PCI DSS procedures and activities . Understand your Scope and Review Regularly Secondly, minimise the scope. The definition of the scope is central to the PCI DSS programme’s success, but determining this can be extremely challenging and demanding in terms of the resources used. By minimising the

Measure, Measure, Measure Thirdly, even though the PCI DSS standard does not include metrics, by which compliance may be measured, the development of performance metrics provides a gauge by which PCI DSS controls and other compliance initiatives can be assessed for effectiveness. As they say, you can’t manage what you don’t measure. The employment of metrics would demonstrate the progress and efficiency of the compliance programme and aid in the appropriate allocation of resources. This would prove particularly useful in this era of technology changes and ensure that there is proper tracking of the compliance programme. Studies have shown that organisations which experience data breaches have little or no compliance with PCI DSS controls. While compliance is no guarantee that a company will not be breached, it definitely helps to reduce the likelihood. Maintaining an effective compliance programme by adhering to the above recommendations shows that compliance efforts need not have to be a headache or stress inducer.

www.technologybanker.com

PAYMENTS

New trends for global retail banking François Chaffard, Director Banking Solutions & Services for Africa & Middle East at Gemalto, predicts dramatic changes in retail banking, including universal EMV adoption and innovative ways of enabling NFC and mobile payments through new forms of wearable technology.

2015 is proving an interesting year for the retail banking industry, and it is clear there are more changes afoot with the rise and adoption of new technologies in everyone’s daily life that are dramatically and irreversibly changing the landscape of retail banking. Banking customers are becoming increasingly self-directed, expecting their banks to deliver convenient yet secure ways to pay, manage their accounts and conduct simple operations, as well as interact online to offer these services on all their mobile devices 24/7. For banking players, this digitisation means that cost reduction is imperative. For non-banking players there is a serious cross-industry battle for positioning in digital payment services, as well as ultimately for consumers’ digital identity. There is also a battle to be their security gatekeeper.

www.technologybanker.com

More banks go digital This digitisation effort is very visible, especially when it comes to the automation of banking services, fulfilment of payment devices and the transfer of these services to digital channels, such as phones, tablets and computers. While there will be a reward for those banks that embrace the move to digitised processes (mostly on operational cost cuts), the risk of seeing customers adopt new digital services from other providers than their primary one, is well identified for those who are slow to respond to changing customer demands. In this context, the role of “high street” banks would be significantly diminished and value would migrate to more innovative (and efficient) providers. While major banks have already started this digital transformation process and

will continue on this path, we expect to see this trend extend to the bulk of the other banks during the rest of 2015. On-boarding new customers expands This year, we will see traditional, physical in-branch touch points lose ground to online on-boarding. In addition, we also expect to see an extension of eBanking services, such as loan contracts and account openings, resulting in an increasing need to authenticate the applicants and secure transactions. All this will be provided in a “seamless” manner, with the digital channel(s) being integrated across various product lines, which means that the bank will ultimately act as an aggregator of services. On the road to financial inclusion Nearly 50% or 2.5 billion adults are currently unbanked, with most of them

AUGUST 2015

PAYMENTS

living in developing countries in South Asia, Africa and the Middle East and North Africa (MENA) region. Financial inclusion is a hot topic and many stakeholders, such as mobile operators, banks and governments, are working towards it. In South Africa, for instance, banks have deployed multi-application prepaid banking cards that combine both payment functionality and transport to address the underserved with a payment mean. In Saudi Arabia, banks are also rolling out prepaid payment cards for their work forces. In other countries, governments are looking to implement EMV payment functionality on the national citizen e-ID cards. As for mobile network operators, they are helping to address the unbanked through Mobile Financial Services solutions. It is interesting to highlight that 52% of all mobile money services take place in sub-Saharan Africa, making it the leading region worldwide. Successful mobile solutions, such as Vodacom’s M-Pesa and MTN’s Mobile Money, are making a difference and lately Vodacom complemented its M-Pesa mobile money solution with an M-Pesa EMV prepaid card, providing end users with both remote and proximity payment tools. To work around the lack of payment infrastructures, which is also a challenge, retailers are opting for mobile Point-Of-Sales (mPOS) devices, which are more financially accessible to small businesses. Payments battle intensifies Of all the banking services, payment is the one that generates the most frequent and sensitive touch points between banks and customers. Banks are the traditional incumbent players in the payment industry, but they are under increasing pressure from new non-banking players with innovative and convenient value propositions that can challenge their prevalent position and redefine some of the revenue streams. To counter these new competitions, 2015 will see banks put together comprehensive offers that rely on

www.technologybanker.com

a variety of payment means, from traditional cards to cross-channel digital payment propositions. EMV reaching truly universal status The standard for interoperability and security of in-store transactions, launched 15 years ago, is now becoming globally recognised, with the US market adopting EMV next year and China also pursuing migration to it. EMV is at the heart of the banks’ payment offering and its universal adoption across the globe has become one of the most valuable asset for banks in this battle of payment, and it will strengthen their positioning as EMV adoption increases this year. The contactless wave to accelerate Most of the cards issued in China are dual interface cards, and these now outnumber traditional ‘contact only’ cards in many countries. This massive deployment and adoption of contactless technology has paved the way for other ‘form factors’ (including the mobile hosted payment applications) and the emergence of payment through wearable technologies. As NFC continues to become more mainstream and new wearable devices come to market, 2015 is the year that more payments are starting to be made in this way. NFC Mobile in-store payment will take off 2015 might eventually be the year when NFC mobile proximity payments take off, in the wake of Apple Pay and HCE announcements this year. It’s clear that people are still getting to grips with the technology, as research from InfoScout reveals that 95% of iPhone 6 users with Apple Pay weren’t even aware they had it or didn’t use it. However, as Apple helps to make NFC payments more mainstream, the industry expects this to change quite dramatically. In addition, we also expect more new initiatives to be revealed that will start to merge instore payments with online cloud-based payments, delivering a more consistent customer experience.

Mobile commerce value propositions will become richer As people become more tech savvy and user expectations increase, digital natives are starting to demand the same functionality across all their mobile platforms, and an equivalent level of usability and security as they receive traditional online channels. New services will also be added to the shoppers’ experience, thanks to the geolocalisation capabilities of mobile phones that can interact within the store premises. Managing the diversity and fragmentation puzzle will become a new challenge. Managing and issuing payment credentials to multiple payment devices, with different form factors, operating systems and security frameworks in place, is proving to be an increasingly challenging issue for the banks. Maintaining security as a prerequisite As security is the foundation of trust, it is necessary to foster the adoption of these digital banking services. In an increasingly complex ecosystem, security solutions will have to adapt without inconveniencing the user or hindering their service experience. Furthermore, tokenisation, biometrics, diverse secure elements and trusted environments will be combined to offer the best trade-off between the usability and security of sensitive data. As you can see, there is a lot going on in the retail banking space and 2015 is proving to be a very interesting year. It will be fascinating to look back at the end of the year to see how each of these developments progress, but far and away the most exciting trends at the moment are those that involve universal EMV adoption and new innovative ways of enabling NFC and mobile payments through new forms of wearable technology.

AUGUST 2015

SECURITY

Eliminating risks through ethical hacking Wale Peter explains how Digital Encode provides African financial institutions with threat education, advisory services and ethical hacking to solve their network security problems.

Obadare Peter Adewale Consultant, Digital Encode Ltd

If you happen to be in an audience listening to the founders of Digital Encode talk about their work, it is possible that half the things they say will fly over your head and the other half will fly way, way over. It is important to pay attention because the knowledge and insight they share not only helps companies and individuals to survive the threats and compromises that threaten their virtual world, but also helps to build trust and assurance in the e-payment industry and cyberspace as a whole. Myriad of threats In todayâ&#x20AC;&#x2122;s interconnected society, information systems are vulnerable to a myriad of threats, such as unwanted intrusions, illicit insider corruption or the dissemination of data and unexpected losses from man-made tragedy. In Nigeria, nobody puts that reality more in perspective than Digital Encode. The firmâ&#x20AC;&#x2122;s expertise lies in using ethical hacking, otherwise known

AUGUST 2015

as Penetration Testing, to solve multifaceted enterprise network security and audit problems. Ethical hacking? Yes, not all hackers use their work for evil or malicious intent. In fact, businesses that are serious about their enterprise security hire ethical hackers, called Penetration Testers, to probe and improve networks, applications and systems with the ultimate goal of preventing data theft and fraud. Security becoming a pressing concern The research firm Gartner estimated that worldwide spending for enterprise IT (think ethical hacking) grew by 5.9 percent between 2009 and 2010 to a total of $2.7 trillion. At the same time, security is becoming a more pressing concern. Gartner expects to see an increase of nearly 40 percent in spending on worldwide security services during the five-year period from 2011 to 2015, eventually surpassing $49.1 billion. At Digital Encode, technology

www.technologybanker.com

SECURITY

serves two purposes: to increase revenue (make money) and reduce cost (save money). Digital Encode also provides advisory services towards improvements in Information Security Management, Network Security, Vulnerability Management, Penetration Testing, Computer Forensics, Business Continuity and Risk Management. Human-centric analysis Founded in 2003, the company focuses on broad threats and vulnerabilities to information systems. Its work is assuring information and managing risks that are related to the use, processing, storage and transmission of information or data, and the systems and processes used for those purposes. It derives its value from offering human-centric analysis to the vulnerabilities in information assets and threats capable of exploiting those assets. In a proactive response to the Central Bank of Nigeria’s IT Standards blueprint implementation for the Nigerian banks, Digital Encode has been privileged to become a “Trusted Advisor” to reputable Nigerian Banks like First Bank of Nigeria, Sterling Bank, Diamond Bank, Standard Chartered Bank, Wema Bank, Union Bank and Fidelity Bank in their compliance journey to Payment Card Industry Data Security Standard (PCI DSS). Digital Encode has helped these organisations to scale though administrative, physical and technical

hurdles to attain PCI DSS certification. The brains behind Digital Encode are their Chief Operating Officer, Obadare Peter Adewale, and Chief Technical Officer, Oluseyi Akindeinde, who believe it is essential for electronic transactions in Nigeria to be protected, as the CBN cash-less policy gains momentum. Explaining that protection tends to sound intricate and complicated, but then so is fraud and hacking. Growing problem Complex and intricate fraud schemes, like phishing, smishing, and vishing, including ATM skimming, all represent a constant threat and growing problem. While online shopping, mobile money transfer and online banking are making lives easier for many Nigerians, the technologies used offer smart criminals easy ways to steal not only money, but also data that could be used to compromise both the entire payment system and the users’ faith in it. While banks are doing everything they can to protect their infrastructures, Digital Encode does well to remind every payment operator that all their customers who use phones and computers are now exposed to numerous vulnerabilities, which are easier to compromise. Mobile phone use for banking is on the rise, and it is the same for social media apps for mobile users, including Twitter and Facebook. With more banks now on social networks, a number of fake sites are using social networks to try and trick people into giving up vital personal information. Vital warning for employers At fraud conferences, Digital Encode frequently counsels employers to “beware of disgruntled employees”. In fact, beware of employees, period. The point is that attacks are often launched inside an organisation by – or with the connivance – of discontented individuals working for an organisation. Most

AUGUST 2015

compromises of internal data can be traced to an employee. This is especially true when the compromised information couldn’t have been hacked. To fight these incidents, Digital Encode offers countermeasures that involve mitigating and eliminating the risks, and prescribes prevention, detection and response to threats. It has made inroads into threat education and the information it shares uses structured analytics to improve situational awareness, which appeals to banks, mobile money operators, merchants and even government. Educating and enhancing organisations Digital Encode conducts digital forensics and predictive analysis and lab simulations to assist in educating organisations, while enhancing their abilities to manage risk and develop security strategies that matter. With a growing national focus on cyber security and information assurance, Digital Encode’s unique business model is a mixture of niche services, including advisory services, towards improvements in Information Security Management, Business Continuity, Vulnerability Management, Penetration Testing, Computer Forensics, IT Governance, Risk Management and Compliance. Wealth of experience In 2013, Digital Encode was appointed a technical consultant to the Nigerian Electronic Fraud Forum, an initiative of the Central Bank of Nigeria that has been set up for the identification, mitigation, prevention and prosecution of all electronic fraud-related acts perpetrated in Nigeria.

www.technologybanker.com

Money needed in Nigeria

Receive money through Western Union

Add money onto a VTN VCASH Account

• Money can be added into their VTN VCASH account* in Nigeria. • Loved ones can pay monthly expenses straight from their mobile phones.** • Convenient and reliable!

For more information, visit virtualterminalnetwork.com See reverse for details

Available through:

EXECUTIVE INTERVIEW

Focusing beyond technology

Osioke O. Ojior, Chief Risk Officer at the Nigeria Inter-Bank Settlement System (NIBSS) Plc, provides executive leadership for Enterprise Risk Management, Information Security and Regulatory Compliance. During our interview he discusses the key technology issues and challenges facing him, including cyber security, biometric banking and identity management threats to Africaâ&#x20AC;&#x2122;s financial services.

Who in the technology industry most influenced your career? William Wade was my manager during my career at Worldspan L.P. (now Travelport Limited) in Atlanta, USA. He was influential as a colleague, friend and mentor, which was particularly useful as I started my professional career at an early age. As my immediate supervisor, William encouraged me to perform with a high level of ambition and courage that has enabled me to focus beyond technology. He was instrumental in my transition from a budding career,

AUGUST 2015

which was deeply rooted in Information Technology, to an emerging career in information security and risk management. Businesses today operate in an interconnected ecosystem and cyber security risks have evolved. What must enterprises do to ensure that cyber security is at both the front and centre of their business? Your customer should be at both the front and centre of your business, because that is who buys goods or services from

your business. Making cyber security (or cyber security risk) the front and centre of your business would imply that you are in the business of cyber security. While security and risk management are important objectives for a business, without the customer you have no business. Know your customer in an interconnected ecosystem and ensure that customers are at the front and centre of the business. Enterprises must capture the top problems that customers face in their environments, and should then

www.technologybanker.com

EXECUTIVE INTERVIEW

derive their refreshed value proposition from the intersection of the problem and the solution. We should drive cyber security and associated risk from the customer’s perspective to operate our business in this interconnected ecosystem. As Chief Risk Officer, what sets you apart? Some interviews were of the opinion that a CRO is a “risk – focused CEO, a strategic thinker and catalyst of change. What is your view on this? I aspire to continuously understand both the strategic objectives of the organisation and the intentions of the CEO, so that risk management is then strategic and transformative. While I agree somewhat that “a CRO is a risk – focused CEO, a strategic thinker and catalyst of change” I propose that the risk executive (function) serves as the primary liaison for the chief executive to senior management and other stakeholders who have a vested interest in the mission and business success of the organisation. Focusing on risk instead of value (or reward) may not enable the CRO to understand the strategic objectives of the organisation (or the intentions of the CEO). What identity management strategies should enterprises be deploying to ensure they can meet the security challenges of an increasingly connected and cloud-based business environment? There should be one strategy for a business enterprise, rather than a set of strategies. Strategy should be one set of choices that are integrated to inform the organisation about the initiatives that are sensible and likely to produce the outcome the organisation actually wants. This integrated set of choices enables the business to create sustainable advantage and superior financial value. An organisation should have an identity management strategy if its business is identity management. That said, I think that the Information Technology and information security

www.technologybanker.com

plans for organisations operating in cyberspace should include initiatives and investments for service and adaptive identification. This is because external services often appear dynamically and adversaries may compromise individual authentication mechanisms and subsequently attempt to impersonate legitimate users. Service identification (and authentication) supports service-oriented architectures and other distributed architectural approaches. Systems should determine dynamically whether external providers and their associated services are authentic. Adaptive identification (and authentication) requires selected users to provide additional authentication information under specific circumstances, such as individuals accessing information they do not typically access as part of their role or responsibilities, or accessing greater quantities of information than they would routinely access. With the new rise of biometric banking in Nigeria, enterprises should plan initiatives to integrate the Bank Verification Number (BVN) with their identification and authentication capabilities for both internal and external users. The BVN is an initiative of the Central Bank of Nigeria (CBN) in conjunction with the Bankers Committee, which NIBSS operates on behalf of the industry. Integration with BVN would also enhance service and adaptive identification initiatives for enterprises that operate in the securitychallenged cyberspace. In the past, decision makers have always moved IT to the side and classed it as ‘techie things’ that nobody understands. Today, IT is a vital part of business and cannot sit on the sidelines anymore. Is IT the backbone or a speed bump for business success? I think the backbone for business success is people, both customers and staff. Information Technology can facilitate or even accelerate business success,

particularly when the organisation uses technology to make products more effective or deliver services efficiently. For many businesses today, the intelligent application of Information Technology is essential for their success, particularly when it creates and satisfies customers demand. However, Information Technology can be a speed bump or hinder and even obstruct business success if the organisation does not align its technology initiatives and investments with the organisation’s strategic objectives. This is particularly likely when the business has a set of strategies, including one for Information Technology, instead of a singular strategy that is one integrated set of choices for the business. It is important to integrate Information Technology in the strategy for the business by deciding what technology capabilities need to be in place to facilitate how the business will serve customers – this is why Information Technology may enable business success. What do you think the financial services landscape in Africa will look like 10 years from now? Whether you think of Nigeria as a frontier market or an emerging market economy, it is the largest economy in Africa and the advances in the financial system here influence the financial services landscape in Africa. This is particularly the case in the payment system in Nigeria, where we still have incredible room for growth and development. The larger financial services landscape of Africa will still have room for exponential growth. I imagine that we would have greater financial inclusions across much of sub-Saharan Africa in particular. As democracies in Africa mature and there is greater political stability in a country like Nigeria, 10 years from now the financial services landscape across Africa should surpass many of our current expectations.

AUGUST 2015

ice

tech nica na l sup ge port dp rin ts erv ice s

ge na ma

urem

en ts

t u l o

mation

e ar tw

m ocu

s n io

office auto

f so

ma t en

proc

g na

ent

t& en

vin i h arc

erv

as y t i ual

distributor

g n i k r etwo

re u t c u r e t s c a n r f a in ur

y t i r u c e e-S

Africa’s Leading Distributor of IT Infrastructure Astel is the leading distributor of IT infrastructure, office automation and e-Security solutions in Africa. We have years of experience in the region and understand exactly which products and solutions are needed by computer dealers, value added resellers and software houses to satisfy their customers. We distribute a diverse range of products from the word’s leading manufacturers, meaning Astel need be your only point of call for all your IT requirements.

Ph: +44 208 453 0400 info@astel-uk.com www.astel-uk.com United Kingdom • Kenya • Nigeria

TECHNOLOGY INNOVATION

Solving security challenges with collaborative innovation We interview Bassem Bouzid, Senior Vice-President and Managing Director of Diebold EMEA, about the company’s pioneering ATMs, its relentless pursuit of innovation and the future of Africa’s retail banking channels.

Diebold might not be a name that is familiar to everyone. Can you give us an overview of its history in the ATM industry? Diebold was founded in Cincinnati, Ohio, in 1859 by Charles Diebold, a German immigrant who had experience as a lock repairman. By 1870, Diebold had created a national reputation as a quality manufacturer of safes and held patents on at least 67 different safe designs. The Great Chicago Fire in 1871 brought our company national recognition, which resulted in a flood of orders to the little safe company. A total of 878 Diebold safes survived the conflagration, preserving their contents intact and unharmed. Over the years, Diebold has continued to expand its security product line and became a mark of quality and security. Diebold’s many industry innovations

www.technologybanker.com

and our products’ protection capabilities have perfectly adapted to the demands of an ever-growing financial market. For example, we manufactured double Wedge-lock doors weighing 87-1/2 tons for the First National Bank of Chicago in 1968. In 1966, we decided to combine our expertise in office systems, safes and security to design something new called an automated teller machine (or ATM). In 1970, the first Diebold ATM was sold. Since then, Diebold has worked on developing solutions that meet evolving market needs and has achieved a number of industry firsts, including the introduction of the first iris-recognition ATM in the United States, and more recently a skimming resistant secure card reader and anti-microbial ATM screen. For over 150 years, Diebold has

helped both businesses and consumers secure, obtain and safeguard their most precious assets. Throughout these years, the opportunities and threats have changed, but our relentless pursuit of purposeful innovation to stay ahead of it all has remained the same. No matter how impossible a challenge might seem, Diebold uses innovation to solve it. So what is Diebold doing with its ATMs to combat Africa’s unreliable power supply? Diebold’s collaborative innovation begins with a hypothesis, an idea that is borne out of a profound understanding of the needs of financial institutions and consumers. Through intense research and proactive engagement with key stakeholders, as well as ongoing interaction with collaborators, Diebold examines the idea, challenges it and

AUGUST 2015

umidLinks

01 MANAGED SERVICES

We offer a range of flexible ITIL driven managed services, from outsourcing a single element of your IT to a full ICT infrastructure outsource. We have a wealth of experience delivering managed services across a wide range of sectors. 1. 2. 3. 4.

Application Support – Microsoft Portal /Application developments/Hosting Reduce your print costs with a Managed Print Solution – self managed Managed Print as a service – outsourced service

02 PROFESSIONAL SERVICES

HumidLinks works side-by-side with you to develop technology-enabled business strategies to improve performance and reduce costs, both now and in the future. And our job doesn't end with a strategy presentation – we continue to work with you to turn those strategies into reality. 1. 2. 3. 4. 5. 6.

Alliances/Partnerships/Business Consultancy Implementation Services/IT Audit Services/On-site support with dedicated resources Technical Consultancy - Design and improve/Scalable Network Infrastructure Setup Campus wide Network Setup/Hotspot Services/ Hotspot user Billing solution Unified Threat management/Wireless Area Mapping AAA services/NOC Topological Layout/Network Load Balancing and Failover

03 IT HUMAN CAPITAL EMPOWERMENT A majority of CIOs cite the difficulty of finding skilled, talented IT professionals – likely the result of high market demand, emerging technology and innovation, such as distributed work in the cloud, aging workforce and Gen Y factors, and an intense regulatory environment. Yes, talent can be hard to find - but not if you know where to look – with a smart workforce acquisition and management system second to none. • Empowerment Portal – Provides a platform to aggregate fresh and evolving IT talents for development and strategic mentorship to drive achievement of respective IT aspirations both in the entrepreneurial and employment space. • Mentor Portal – Provides a platform for experienced IT experts to lend their services under voluntary grounds towards providing direction to fresh and evolving IT talents. This would be in various capacities ranging from assistance with internships to training to sponsorships for certification in various IT fields. This platform would however also be open to corporate IT firms inclusive of possible collaborations with various OEMs • HumidLinks Microsoft Army – Enrol and develop your Microsoft skills aided by high qualified Microsoft mentors. The platform also would enable you to learn basis entrepreneurial skills to start your Microsoft business within a short period or join our mentor team. • Part Time Services Portal – Provides a platform to aggregate various experienced IT talents for current and future projects to drive achievement of IT aspirations driven by passion in specific areas while also pursuing a stable career path.

5B, Close D, Oba Oyekan, Lekki, Lagos

info@humidlinks.com

+234 (809) 945 6777

www.humidlinks.com

TECHNOLOGY INNOVATION

turns it inside out, until there’s no question that it can transform financial experiences. For example, the Diebold 429 ATM can operate on as little as 70 watts of power, consuming up to 40 percent less energy than other models, which enables financial institutions to better serve people living in areas with limited power. The Diebold 429 is equipped with a smart power management system that continuously monitors the total power needed to operate and perform transactions. The system automatically chooses which power source to draw from – either the internal battery or alternating current (AC) power grid – ensuring that the unit does not exceed 100 watts of power usage. To further reduce power consumption from the energy grid, the terminal can use solar power as a third power source. The Diebold 429 also features a unique dispenser control technology that works in tandem with the smart power system to enable all of the modules within the ATM to operate with minimal power requirements. For example, the modules in a typical ATM operate at 48 volts of power to dispense notes at a standard rate. With the Diebold 429, all of the modules operate at 24 volts of power, while still dispensing notes at the same rate. This design also reduces the need for power cooling fans. This means that if there were 2 million ATMs in the world, with an average energy consumption of 135 kilowatthours (kWh) per month, switching just 1 million of the world’s ATMs to Diebold 429 ATMs would reduce the global ATM energy consumption by more than 1 billion kWh annually. This translates to a reduction of approximately 914,393 metric tons of carbon emissions, which is equivalent to the carbon emissions of from more than 100 million gallons of gasoline. The 429 will serve as a platform

www.technologybanker.com

for power consumption and energy conservation in our future ATM designs, enabling more opportunities to incorporate optional solar panels and backup batteries. The development of the world’s greenest ATM aligns with Diebold’s global commitment, which is to reduce waste, prevent pollution, promote recycling and conserve resources. Among Diebold’s sustainability initiatives, we provide complete end-of-life disposal services for ATMs and other products, which ensure that all components are discarded in an environmentally sound way. What are Diebold’s main areas of business and what is your geographical reach in Africa? Diebold’s main area of business in Africa is the delivery of world class services led by software-enabled technology, which enables financial institutions to connect their customers with the physical and virtual world of cash. Operating a direct organisation in South Africa and collaborating with a network of business partners across North, East and West Africa, Diebold is strongly positioned to support the growth and development of financial institutions across this complex continent. We have a strong presence in Morocco, where there is a Diebold direct office, which allows us to cover the French speaking part of Africa, and an office in Kenya for East Africa coverage, as well as the largest channel of partners across the African continent that provide us with global coverage. Diebold has come a long way over the past 150 years. How do you see the company developing over the next 20 years? As we continue to collaboratively innovate, we will do more than just create something new. We will collectively drive more purposeful solutions that address very real challenges for

financial institutions and consumers. The experiences of tomorrow will be different from those that we power today, perhaps even radically different. This is because the needs of people and financial institutions – and the capabilities of technology – are persistently shifting. For Diebold, that means our work will never finish evolving, and it means we will never stop pursuing innovations that can solve even the most complex problems. These are innovations built on a comprehensive understanding of consumer and business trends, with the sole purpose of helping our customers – and their customers – to succeed and achieve. What do you think Africa’s retail banking channels will be like 10 years from now? Africa is a diverse and complex continent with varying economic and political climates that affect the banking industry. That said, the consistent theme across countries with significant levels of unbanked and underbanked customers is the need for financial institutions with considerable opportunity. Africa has in many ways created a transactions and payments infrastructure that is much more advanced than in other parts of the world, where legacy banking structures have slowed down progress. The banks that will succeed and grow will embrace and integrate into the non-traditional payments space and engage the underbanked and unbanked with new and unique services. This is where Diebold will support this growth – by staying ahead of market demand and collaborating closely with our customers to ensure we are innovating by developing the right solutions at the right time in order to meet the expectations of our customer’s customer anywhere, at any time and in any way.

AUGUST 2015

ISLAMIC BANKING

Finding solutions in challenging times Islamic Banking is facing numerous technological challenges in Africa, as well as exciting opportunities to improve its operations and profitability, writes Adefemi Mohammed Onanuga, Chief Information Security Officer at Jaiz Bank Plc.

The African banking landscape continues to experience rapid growth as operators relentlessly deploy technology in order to drive innovation and increase financial inclusion. This is being driven primarily by the use of web and mobile channels, payment cards, ATM, POS, mobile and agency banking that have helped to increase the number of offerings and channels available to customers. For example, ATMs dominate banking outlets, while other channels, such as internet banking, have become a standard service. In the same vein, the rapid penetration of internet services across the continent has served as the backbone to each innovative drive, and has to a large extent determined the mode of interactions between the banks and their customers, as well as customer expectations. But when it comes to customers’ needs, consumers have developed an insatiable appetite for instant services that can only be achieved by technology. Challenging times for Islamic Banking Unfortunately, this is being stunted by challenges, such as the technology infrastructure gap, regulatory inadequacy and access to the finance that is needed to acquire cutting-edge technology. A typical example of this is the persistent

AUGUST 2015

shortage of electricity that leads to both constant power cuts and increasing costs for operators. In addition, the demography, which is the key growth driver, is significantly illiterate, poverty stricken and financially excluded, and there is little recourse to public governance institutions. The challenges currently faced include: • The need for internet access… and I mean fast internet! There has been considerable growth in broadband connectivity with the landing of submarine cables and expansion of backbone networks. So a lot has gone well, although the private sector takes most of the credit. Internet access, however, is still very much limited to capital cities, and enormous investments in both the intercity connectivity of networks and coverage of rural areas would help to cover this deficit and increase penetration. • A lack of recourse for consumers, which has encouraged the current prevalence of financial crimes. This is partly due to the absence of a centralised database for sharing transaction data that could detect and prevent fraudulent transactions, and the lack of tight legislation on electronic crimes. Investing in

•

fraud prevention technology that facilitates information sharing should be a priority for banks. Security and privacy concerns: the perceived and actual levels of security should be high in order to encourage widespread use and acceptance of innovation through mobile channels, without compromising privacy. In addition, the possibility of financial losses should be low and consumers must have confidence in the delivery of these services. Banks must improve their business continuity strategies so that they can optimise their investments in both infrastructure and technology in line with their recovery objectives. The colocation of disaster recovery sites is a cost-saving measure, but lukewarm cooperation from other parties, who are at most times competitors, can severely hamper the recovery process.

Solutions to improve operations and profitability Banks face numerous challenges in today’s operating environment, such as high overheads, a brick and mortar branch development approach, technology acquisitions, contact centres, etc. In spite of these challenges,

www.technologybanker.com

All about technology for banking and finance in Africa

The Voice for Banking and Finance in Africa

ISLAMIC BANKING

the banks are undaunted in their determination to improve operations and drive profitability. Facing the challenges alone or as a group, they must act fast because they may never have a better chance. This can be achieved by: •

•

Improving data and network security is a priority because banks deal with volumes of confidential customer information. A single case of a data breach can deal a deathblow to a bank’s revenue or severely hurt its image, resulting in loss of customer confidence. Leveraging technology, in terms of Big Data and CRM, to deliver specific products to customers “just in time” by analysing data. Developing new products through electronic delivery channels. This would help to take services to the customers, who increasingly shy away from the traditional brick and mortar approach of the branch banking model. ATM, online banking, POS and mobile banking would help to achieve this. Leveraging cloud services to both reduce costs and grow efficiency. Banks can use cloud services to increase start-up time, flexibility and capacity because they have almost access to hardware, software and pay-as-you-go services. Communication costs also have to be optimised by unifying communications of all corporate information assets into a bundled service.

The system of operations of Contemporary Islamic Banking has gained significant traction because its annual growth has weathered the challenges of the recent financial turmoil due to prudent investment strategies. In fact, Islamic Banking has grown the world over because it offers a range of products and services that are beneficial to the customers and investors, and its principles are seen as being more attractive than those of conventional

AUGUST 2015

financial services. In summary, the basic differentiator is Islamic Banking’s focus on real assets and its avoidance of the complexity and ambiguity of conventional banking products. This ethical approach is the core of Shariah law, which prohibits usury, interest, speculation, gambling, or activities and transactions that are harmful to the society, people and the environment. Islamic Banking embraces risk sharing as opposed to risk transfer and therefore all its financing is linked to real assets. As a result, there is no debt financing that significantly contributes to the financial turmoil witnessed in recent years. Islamic Banking is growing at a pace of 15-20% per annum with an asset of over 1.3 Trillion US Dollars. The development has cut across all the continents, including Europe and the Americas where some Islamic banks have been established. Regulatory and compliance in Islamic Banking Islamic Banking is more regulated than conventional banking. This is because, in addition to all the existing regulations, Islamic banks have to abide by Shariah principles in all their transactions. This has resulted in the establishment of the Shariah Boards at both national and institutional levels. In addition to these two aspects of the Shariah Governance Framework, there must also be a Shariah Audit and compliance. This works directly with the Shariah Board to ensure that all transactions strictly comply with Shariah principles. There are multiple interpretations of Shariah regulations by scholars across the markets. These can pose a challenge as it means there is no standardised application of the principles, which makes the industry unclear about certain aspects of Islamic banking. As Islamic banks continue to innovate, they will offer Shariah compliant alternatives to nearly every conventional banking product and the divide between both banking models will eventually fade out.

Comparisons with its conventional banking cousin As Islamic Banking’s functions and operations are strictly based on Shariah principles, it promotes risk sharing between the financier and the user of the fund, which is based on real asset-based financing rather than money trading. This promotes equitable justice, ethics and morality. Corporate Social responsibility is obligatory, whereas the main aim of its conventional banking counterpart is unrestricted profit maximisation. As the capital provider is assured of a predetermined rate of interest, it effectively makes the rich richer and the poor poorer. Corporate social responsibility is also voluntary, so morality and ethics are considered after profit. Risks of acquiring and implementing an Islamic Banking system To maintain the growth and expansion of the financial system (which includes conventional and Islamic Banking) huge investments in information systems and technology are both necessary. Technology vendors have reacted to this by developing solutions to assist banks in improving their services, offers, capabilities and efficiency in line with meeting risk management and compliance requirements. Despite the huge growth in the Islamic Banking sector, there are still a lot of untapped opportunities, especially from

www.technologybanker.com

ISLAMIC BANKING

developing markets where access to formal financial services is low. As Islamic banks strive to meet this demand gap, they encounter some challenges like efficiently responding to market demands, in terms of Shariah-compliant financial products, as well as maintaining sound internal control and risk management systems to match the unique compliance requirements. The risks of implementing Islamic Banking are synonymous with those of conventional banking in most respects; however, because of its peculiar compliance and regulatory require-

www.technologybanker.com

ments, some risks are unique and cannot be ignored. Looking at the common risks of implementing the conventional and Islamic systems, we might consider both the operational and delivery risks, such as poor implementation, budget and time inefficiency, as well as when delivery does not meet requirements, because these may have changed over time, due to delays, lack of understanding or requirements. There are also intellectual property risks, such as non-compliance with legislative, regulatory and compliance requirements that relate to the development and use of proprietary software, and we also have liability risks, such as maintaining supplier relationships and service delivery. These mean that the liability of exposure from a supplier’s claim is minimised. A unique and major challenge in implementing Islamic Banking is the absence of standardisation in the interpretation of Shariah law, which leads to multiple standards across the banking systems. Standards set by the Islamic Financial Services Board (IFSB) and the Accounting and Auditing Organization for Islamic Financial Institutions (AAOIFI) are not universally accepted, nor adopted. There are other notable

challenges in the form of unrecognisable income from non-permissible sources, e.g. interest on deposits with the Apex bank, lack of access to liquidity instruments and the complexity of products (sale, leasing and agency contracts). Which vendor solutions are better – module or pure play? The right solution depends on the organisation’s needs in terms of features, and of course, its particular environment. Some organisations tend towards simplicity and others focus on security, customisation or features. Nonetheless, modular pure-play solutions offer an opportunity to improve the quality and efficiency of the business, as long as they are deployed to suit the organisations’ particular needs and environment. Amongst its many features, pure play solutions offer better collaboration, while customisation is usually a oneoff. As a result, employees spend more time on content, rather than learning a mastery of different suites that would effectively increase productivity. For organisations leveraging on a mature pure play platform, cost of ownership will be reduced if they continue to stick with it, rather than jettisoning it for a modular system. However, when we consider the fact that data takes many forms and formats, with each format often having its own mechanism for collaboration, it is possible some pure play systems may not effectively deal with the enterprise as a whole, if the product does not offer the suite and customisation that is needed. Therefore, support personnel would have to spend time on ensuring that the enterprise data is customised for the interoperability of all solutions. This effectively leads to banks working around problems, which is not ideal for business continuity purposes, so modular solutions may be more beneficial in that respect.

AUGUST 2015

THOUGHT LEADERSHIP

Is cash still king or yesterday’s hero? Vinolan David, Head of Card Issuing at Standard Bank, writes about the increasing demand for electronic transactions in many African countries, and the powerful solutions it is hoped will ultimately move most Africans out of the traditional ATM and bank branch queues.

Depending on who you speak to, cash is either still king or simply yesterday’s hero. But what everyone agrees on is that the payment ecosystem of today is drastically different to what it was 20 years ago, and technological innovations are quickly driving businesses and individuals to conduct more of their banking online. It is a truism that there is something about using cash that makes many people sleep better at night. In fact, global studies by MasterCard have found that even though the world’s population has access to multiple payment options, cash still accounts for 85% of all consumer transactions throughout the world. Even in the most cashless countries, like France and the Netherlands, cash was

AUGUST 2015

still found to account for 40% or more of all consumer transactions. In many emerging markets, the cashless share of consumer transactions was found to be “effectively negligible”. And yet recent reports out of Europe have heralded stronger moves than we have ever seen before to a truly cashless society. The Independent, for example, stated on May 15 that Denmark had moved one step closer to becoming the world’s first cashless society. Its government has proposed scrapping the obligation for retailers to accept cash as payment. Reducing costs and increasing productivity The Danish government said that as of next year, businesses such as clothing

retailers, restaurants and petrol stations should no longer be legally bound to accept cash payments. The proposal is part of a package of economic growth measures that aims to reduce the costs of Danish businesses and increase their productivity. It is generally accepted that Scandinavian countries have been leading the pack in the move towards a cashless society, with four out of five purchases in Sweden being made electronically, according to The Local in Stockholm. Businesses and consumers are quickly realising that electronic solutions can both bring down costs and remove the need to count, transport and store cash, as well as reduce the risk of

www.technologybanker.com

THOUGHT LEADERSHIP

armed robberies, which are still a major problem in many African countries. But it is unlikely every country is prepared to take a major leap like Denmark has just yet. For now, expect cash to still be a very popular choice on the African continent. Leaps in payment technology It is also likely that the choices made in the future will differ greatly, depending on which country you are in. While Scandinavian countries like Denmark are making leaps in their use of payments technology, a country like Italy still prefers cash. It seems the main driving force is the willingness of citizens themselves to use this smart technology. For example, almost a third of the population in Denmark uses an official Danske Bank app called MobilePay. These technological shifts are also catching on in the US and UK, and it is only a matter of time before other countries get the scale and traction of Denmark. Technology in Africa is already allowing people to send money by using their cellphones and to make payments by simply tapping their phones on purchase. There is certainly an increasing demand for electronic transactions in many African countries, with people in

www.technologybanker.com

Kenya fully aware of the benefits that technology can bring to banking. Banks have been moving in lock-step with this demand and have already found powerful solutions that will ultimately move most people out of the traditional ATM or bank branch queues. But an important point about the ecosystem in Africa is that a large proportion of the population remains outside of the formal banking system, and will continue to be preyed upon by loan sharks and reckless lenders who are only too willing to dish out loans at exorbitant rates without ever explaining the terms. Meeting the challenge But strides are now being made to root this out and enable more and more people to join the electronic transaction ecosystem in Africa. There is a major drive by the government and the banking sector itself to pull more people into the formal sector. As banks, we are prepared to meet this challenge and provide solutions to consumers across the continent. A recent Finscope survey found that the banked population in South Africa has increased considerably from 2012. It says 79% of adults aged 16 or older are formerly served by the banking sector,

which is up from 72% in 2012. But this growth is being driven by transactional products and lending, rather than saving. Finscope found that 58% of adults in South Africa do not save and 19% still rely on informal mechanisms to save, like joining a savings group or ‘stokvel’. Driving change through innovation Banks will need to continue innovating to keep abreast of their customer’s needs and to help drive change. Putting customers at the heart of the solution is the only way that the banking system will truly move forward, via increased efficiency, lower costs, higher levels of security and, ultimately, improved savings rates. Current banking innovations on the use of wallet technologies, such as Masterpass, are further removing the need for cash by enabling customer to pay for their parking by using their bank cards. As more merchants allow this form of payment, contactless payments that also allow you to “pay and go” are making low-value payments much easier and many more customers’ lives simpler. With innovations of this nature being both enabled and driven by banks, it is envisaged that cash in your pocket may soon be a thing of the past.

AUGUST 2015

MOBILE BANKING

Interoperability the key to financial inclusion Srinivas Nidugondi, Sr., VP & Head of Mobile Financial Solutions at Mahindra Comviva, explains how interoperability can bring about many benefits by helping both platforms and ecosystem members to achieve reduced costs, greater customer value and an increased choice for end customers.

The proliferation of mobile devices has increased in the past decade. There is no doubt that they are now moving beyond their role as a simple communication channel and becoming enablers for a wide range of functionalities, ranging from entertainment to commerce. We are progressively moving towards a “mobile first” world where the first time consumer will access financial services and digital commerce through a mobile phone. Increasingly, consumers are becoming more comfortable using mobiles for payment and the emerging world seems to be setting the benchmark when it comes to digital financial services. Africa’s payment landscape is touted globally as a case for mobile, as it is the only channel that is available for users to access financial services. New wave of growth Mobile payments are set for a new wave of growth, but disruption is also increasing because there is a blurring of the industry’s landscape. Sporadic innovations have been occurring over

AUGUST 2015

the last decade to suit local scenarios and disruptive innovation inevitably involves a degree of fragmentation, especially in the short term. A move towards interoperability between different platforms may help to solve the current confusion and complexity in the mobile payment platforms landscape. Interoperability will fuel the next wave of growth in mobile money service. In broad terms, it is the interconnection of mobile money services with external parties, and its aim is to create value for both customers and commercial players alike. Viewed as a “silver bullet” for greater financial inclusion, it is increasingly cited as a solution that will both increase transaction volumes and extend the range of financial products that are offered through the mobile phone. Creating values for customers and service providers Opportunities for interoperability arise where interconnections with external parties can create greater value for

customers and service providers than a single mobile money service provider can create alone. Once an opportunity for interoperability has been identified, it needs to be strategically or financially compelling for all the parties involved to be able to jointly pursue it. Thus, interoperability can bring about many benefits, helping platforms and ecosystem members to achieve reduced costs, greater customer value through enhanced functionality and convenience, and ultimately an increased choice for end customers. To assess the opportunity, it is important to define what services fall within this category, as well as those that are adjacent to it. The universe of these services is expanding rapidly as a result of the growing desire to connect a pure mobile money network with other money transfer networks as boundaries blur between payments. When it comes to mobile money transfer, it is important to view interoperability in the following three ways: • Domestic interoperability – the abil-

www.technologybanker.com

MOBILE BANKING

ity to transfer money between two different mobile money services in the same region. With the industry working together to join the dots in the global mobile money ecosystem, systems are changing in some regions. Tanzania’s experience in 2014 is a good example. It became the first country in Africa to successfully develop and implement domestic interoperability. Its three mobile money heavyweights — Airtel, Tigo and Zantel – signed an inter-

www.technologybanker.com

•

operability agreement, enabling users of their respective Airtel Money, Tigo M-Pesa and Zantel’s EzyPesa services to send money to each other from their handsets. The hopes of over 16 million mobile money customers in Tanzania were pinned on this service. For the first time in this space, mobile money platforms run by telecom operators were seen to be taking a collaborative approach – which was both account-to-account or wallet-to-

wallet and in real-time – to send and receive money directly between the mobile money accounts of these two service providers. The service simplified off-net money transfers and enabled recipients to make transactions through the convenience of their own mobile phone without cashing out. Tanzania is just the tip of the iceberg, however. We are now likely to see a number of markets jumping onto the interoperability bandwagon.Facilitating Internation-

AUGUST 2015

MOBILE BANKING

al remittance by interconnecting with a third party – this involves a partnership between an operator and MTO or a remittance hub. Users send money to another country via companies like Western Union and recipients receive it in their mobile money account and collect it from the mobile money agent. A good example is Econet Wireless Services

AUGUST 2015

•

in Zimbabwe, which is facilitating inward remittance via a partnership with WorldRemit and Western Union to enable anyone around the world to transfer money to an EcoCash wallet. Interoperability with cross-border mobile money providers. Another aspect of international money transfers is the direct account-to-account

transfer of money between mobile money services in neighbouring countries or countries within the same region. For example, Bharti Airtel and MTN agreed last April to partner in order to provide an international remittance service between Burkina Faso and Côte d’Ivoire. As a result, MTN Mobile Money customers in Côte d’Ivoire can send

www.technologybanker.com

MOBILE BANKING

interlink various mobile money services and third-party payment networks. For example, a multi-country operator in Africa has implemented a switch that enables direct money transfer between the mobile money accounts of its customers in different countries. With competition intensifying, banks do not want to be left behind in the race and are collaborating with mobile money services provided by opcos and third parties in order to remain relevant in the market. Banks are working with mobile money service providers to provide an interconnection between mobile money accounts and bank accounts, which enables banked customers to transfer money between the two accounts.

money directly to Airtel Money customers in Burkina Faso. Similarly, customers of Airtel Money Zambia, Rwanda and DRC can transfer money directly to each other. Switching are another upcoming trend in mobile money interoperability. Mobile money service providers are investing in switch-like infrastructure that will

www.technologybanker.com

Seamless interoperability Mobile money providers are also investing in order to interconnect with card networks to provide a seamless interoperability with heterogeneous systems and services, bringing convenient and integrated solutions to consumers. For merchants to capitalise on an uptake in payments and revenues, it is imperative to devise solutions that enable the acceptance of payments from mobile money accounts. In turn, this places emphasis on compelling consumers to use mobile money for everyday payments. However, the merchant network of current mobile money services is limited. Customers can pay only via mobile money to merchants who are registered with the mobile money service provider. We have to move beyond the closed loop systems and embrace an open-loop merchant payment approach. To enable open-loop payments, mobile money providers are integrating with global card networks like MasterCard and Visa to issue companion cards that are linked to mobile money accounts. These can be used for payment at any MasterCard and Visa powered POS machine, both nationally and internationally. The openloop approach exponentially increases the merchant acceptance network for mobile money. Even virtual cards that

are linked to mobile money account can be issued for making online transactions. Success story The mobile money space is now something of a success story in terms of adoption rates. According to the GSMAâ&#x20AC;&#x2122;s State of the Industry 2014 report, active mobile money accounts stand at 103 million as of December 2014 (up from 73 million in 2013) and an increasing number of mobile money services were available in most emerging markets. To continue the growth of this momentum, we need to tackle the challenges in the ecosystem. The biggest of these is the lack of interoperability between mobile money services. All of the various stakeholders in the mobile money ecosystem now stand to benefit from improved interoperability. This includes operators, who would benefit because it will provide customers with more flexible payment options that could increase the number of transactions and the velocity and volume of money in the ecosystem. It is also an opportunity for regulators to draw more cash into formal financial systems, and the improved interconnections mean the establishment of secure, real-time connectivity between service providers. Customers will also benefit as it promises more accessible and flexible services, as well as greater financial inclusion, which is expected to receive a significant boost. These trailblazing initiatives in Africa have helped to demystify the concept of interoperability. We now need to continue providing customers with a reason to move to mobile payments that combine ease of use, interoperability and added value.

AUGUST 2015

TECHNOLOGY INNOVATION

A Nucleus Of Innovation Delivers Success

Nucleus Software is delivering a steady stream of exciting innovations that are providing the pioneering company with customer success and exciting opportunities for future growth. Percy Thaver, VP Africa at Nucleus Software, reports.

Two areas of banking today, Lending and Transaction Banking, are particular hotspots for innovation and competition. Retail banks are trying to build their loan books by driving down the price, creating innovative products and delivering the digital and mobile experience that customers demand. Meanwhile, corporate bankers are attracted by a combination of the low risk, recurring revenue streams and long-term customer retention that are all possible with transaction banking services. Nucleus Software focuses exclusively on these two areas of banking – and has done for nearly 30 years. In 1986, the company saw the potential to apply technological innovation to the lending process and quickly gained the reputation of being a strong and reliable partner to some of the world’s largest banks. Transaction banking followed, which included liquidity management and the financial supply chain, and Nucleus now counts some of world’s top banks amongst its customer base. Headquartered in India, Nucleus Software is a pioneer in both retail and

AUGUST 2015

corporate banking software. It combines deep domain expertise, along with an absolute commitment to building lasting partnerships with its customers. It enables banks to compete effectively in challenging markets by developing innovative products and services, helping to drive compelling customer experience and grow their businesses on a national, regional or global scale. Nucleus supports a customer base of more than 150 banks and finance companies in around 50 countries. Key reasons for Nucleus Software’s success include: • A rigorous approach to implementation that is focused on delivering long-term customer success • A compelling customer experience delivered through digital and mobile technology • A process of providing a steady stream of exciting, appropriate innovations to improve their business • Providing them with exciting opportunities for future growth

Delivering implementation success From the outset of each customer relationship, the Nucleus team focuses on customer success. A standard implementation methodology has been developed that ensures best practice is packaged and delivered consistently and efficiently. In addition, the company’s huge depth of industry expertise means that the delivery team can work with

www.technologybanker.com

TECHNOLOGY INNOVATION

each customer to advise and partner them throughout the process. Product implementation and support are both as critical as a product’s capabilities are to a bank. To ensure that the solution to be installed delivers the best results, the company undergoes various levels of problem mapping and implementation research before deciding on the most appropriate solution to suit

www.technologybanker.com

the customer’s requirements. The focus today is on methodologies that build on best practice and steer banks through the potential pitfalls of implementation to ensure a speedy and successful outcome. FinnEdge, which is Nucleus Software’s methodology, was born out of years of industry experience and customer successes, and draws on expertise from beyond the banking

sector. The objective is to deliver a solution that is on time and to budget, and exceeds customer expectations. Customer experience Digital banking is one of the hot phrases in the market today, but Nucleus has focused for some time on designing and building a fully multi-channel solution that allows banks and finance companies

AUGUST 2015

TECHNOLOGY INNOVATION

to offer the best possible user experience. Mobility solutions, such as origination, servicing and collections, are available across the lending suite, offering specialist functionality for administration staff, customer advisors, collections agents and the end customer, who is looking to start or progress a loan application, service an existing loan or get a settlement quote. In transaction banking, customers can use the mobile app for a wide range of mobile banking services with outof-the-box features across Payments, Receivables, Liquidity Management and Account Services. The experience of working with some of the world’s largest banks has built excellent understanding of the need for outstanding customer experience. This has been translated into the products and services that are offered by the company and has improved the lives of staff in many areas, as well as the customers. Innovation The finance industry has undergone a massive change driven by product innovation, technology, increasing customer sophistication, regulation and economic growth. In order to support this seismic shift in the market, Nucleus went back to the drawing board to redevelop both product suites from scratch. After soliciting input from bankers and industry experts around the world, as well as many other sources, they developed the next-generation lending and transaction banking systems that were launched in recent years. Built on the latest technology, they are cloud ready and offer a true multichannel solution to the challenges of today’s banks. Customers can access their products through mobile devices like smartphones, tablets and laptops, as well as online, by phone or at the branch. The products are designed to be scalable – a fortunate byproduct of working with the largest banks in some of the most populated countries in the world – so future growth is never an issue.

AUGUST 2015

At their heart are multiple ‘rules engines’ that control decisions in the product and help the user to easily configure new products, which can be quickly packaged and taken to market. This support for innovation means that banks can easily adapt to respond to market demands, conceiving and bringing to market new financial products very quickly. Future Growth A key to future growth is the ability to quickly innovate and respond to market opportunities or competitive challenges by devising new strategies, products and campaigns. This has traditionally been an issue for many companies with legacy IT infrastructures that have constrained the ability to change and grow. Cross-selling products to existing customers can be a key area of growth, so the broad product portfolios supported by Nucleus’s solutions can also support this. Specific offerings can be targeted to particular segments of the bank’s customer base. Customer success in South Africa Its collaboration with South Africa’s leading retail bank, Ubank, is one of the best examples of the level of expertise and execution that Nucleus Software promises and delivers to its customers. At the advent of the partnership, the bank was facing both internal and external challenges. The South African economy continued to show a slowdown and industrial relations in the mining industry remained at rock bottom. In Ubank’s words, the sector was defined by ‘strikes, wage disputes, growing safety concerns and high costs’. The mining output was stagnant, while global prices fell. Amidst this external challenging environment, Ubank wanted to reposition its lending portfolio and chose Nucleus Software as a partner to deliver the same. The first thing Nucleus Software did before deploying FinnOne was a business requirements mapping exercise,

as a part of the rigorous process. Ubank’s IT staff were closely involved, even in the integration testing phase. After achieving success at each stage, mock runs and UAT testing took place before the big bang go-live. The bank settled on a big bang because they felt that this was the best way to keep the impact on customers to a minimum and it would avoid multiple sources of data, so long as the availability risk could be mitigated. As two systems were being migrated to FinnOne, there was a need for immediate simplification. One of these was designed in-house designed and the other was from a third-party firm. One ran secured lending and the other unsecured products. The go-live happened smoothly, without any hiccups, in January 2014. The integration was fairly easy, but the planning and design was complicated. Consistency of technology Ubank has robust plans in the pipeline for mortgages, asset finance and vehicle finance, and having FinnOne implemented makes it much easier to develop and introduce new products and lines of business. While there are bigger factors at play in their fate, Ubank has developed better internal control and a platform for future growth by installing new lending software. The consistency of technology plays an inevitable role in establishing brilliant customer experience, meaning it can treat millions of individuals with a personal touch. Nucleus Software provides this consistency to its customers to drive both performance growth and profitability in order to stay ahead of the competition.

www.technologybanker.com

BUILDING FORMIDABLE

INSTITUTIONS. B R I C K

B Y

B R I C K

Developing Capacity & Capability by Strengthening IT Processes, People, Controls, Security & Governance across Africa. Digital Jewels Limited is an Informa�on Value Chain Consul�ng and Capacity Building Firm with a focus on IT Governance, Risk & Compliance and with deep competencies in Informa�on Security, Informa�on Assurance, Project Management, e‐business & Knowledge Capacity Development. The Firm is the First and Only Professional Services Firm in Africa to be accredited to the ISO27001 Global Standard for Informa�on Security and is also a Payment Card System Industry Data Security Standard Qualiﬁed Security Assessor (PCIDSS QSA).

C O N TA C T U S T O D AY

Secure . Assure . Enable . Empower . Manage Plot 12, Frajend Close Osborne Foreshore Estate, Ikoyi Lagos. +234(0) 815 200 0120 | www.digitaljewels.net

digitaljewels

@digitaljewels

OPINION

Setting the standard in cardholder protection Bolaji Beredugo, a consultant with Digital Encode, explains Requirements 1 and 2 of the Payment Card Industry Data Security Standard.

The Payment Card Industry Data Security Standard (PCI DSS) is the authorised program of goals and associated security controls and processes that keep payment card data safe from exploitation. It is also a set of requirements designed to ensure that ALL companies which process, store or transmit credit card information maintain a secure environment. It is overseen by the Payment Card Industry Security Standards Council (PCI SSC), which was formed in September 2006 to manage the mission, objectives and intent of the PCI DSS with the core objective of improving payment account security throughout the card payment transaction process. It comprises six goals and twelve requirements with over 100 testing procedures to ensure that the control objectives of the requirement are met with regards to the entityâ&#x20AC;&#x2122;s cardholder data environment. In cases where the controls cannot be applied due to business constraints or other verified and documented constraints, compensating controls may be used to meet the

AUGUST 2015

intent of the requirement. The first part of this series of articles focuses on Requirements 1 and 2. REQUIREMENT 1 Installing and maintaining firewall configuration to protect cardholder data Requirement 1 of the PCI DSS standard consists of 7 sub-requirements and 21 testing procedures. These ensure that the entity properly segments and protects an entityâ&#x20AC;&#x2122;s cardholder data environment (CHD) by using firewalls and routers. They also ensure that proper procedures and processes are in place and being followed that will continually monitor and review changes to the firewall and routers configuration and rule set. This creates proper documentation pertaining to each activity that is performed. It requires organisations who store, process or transmit cardholder data to establish and implement firewall and router configuration standards, which

meet the intent of the requirement for firewall and router security management best practices, procedures and proper documentation routine. This is to be carried out by designated personnel. It also requires the assignment of specific roles and responsibilities for the management of these network components and to ensure that these procedures and processes are executed, as documented by the responsible personnel and at the appointed time. First line of defence This is very important because firewall and routers are usually the first line of defence for an entityâ&#x20AC;&#x2122;s network, and so proper due diligence and attention must be paid to their management and security configuration. Firewalls and router management and security configuration are the main focus of this requirement. A firewall enables organisations to control network traffic in and out of a sensitive network environment and can also segment a network into different security zones. It can also block network traffic

www.technologybanker.com

OPINION

http://pcidsscompliance.net/ that does not meet the specific security criteria of the organisation and restrict traffic from an untrusted network to the environment that is being protected (both ingress and egress filtering), which is usually the CHD environment (CHD). It is also used to segment the CHD environment and prevent access from unauthorised sources into or out of the cardholder environment. Protocols and services that are not explicitly authorised to operate within the network should be blocked by the firewall or router. In addition, insignificant paths to and from untrusted networks can provide unprotected pathways into key systems. These pathways can be used to tunnel stolen cardholder data out of the CHD environment. Regular monitoring Requirement 1 aims to address these issues. Therefore, to meet PCI DSS compliance with Requirement 1, a process must exist and be documented, which describes how the firewall and routers are to be properly configured to secu-

www.technologybanker.com

rity baselines. These must also be monitored and the rule sets reviewed regularly to meet and preferably exceed the requirements, while also supporting the business goals of the organisation. Requirement 1 is a standard that provides industry knowledge and guidance on security management and the configuration of network perimeter devices and DMZ routers. It also provides testing procedures to ensure that proper ingress and egress filtering are in place for the CHD environment. The requirement also necessitates that proper documentation be put in place for all services, ports and protocols that are allowed into and out of the card

data environment, with relevant business justification for each service, port and protocols being allowed through the firewall protecting the CHD environment. Thorough review Organisations need to thoroughly review their firewall configurations and the policies that control the traffic flowing into and out of a network. Because business application needs and customer requirements change over time, many rules are adjusted to allow for additional ports and services to be initiated that allow open communication between trusted and untrusted segments. All of the changes on these

AUGUST 2015

OPINION

devices must be approved, accurately documented, validated and reviewed on a regular basis to make sure that all hardening procedures are adhered to and assets are securely configured. Configurations must protect assets that are in scope of the PCI DSS program for the organisation. REQUIREMENT 2 Do not use vendor-supplied defaults for system passwords and other security parameters Requirement 2 of the PCI DSS standard consists of 12 sub-requirements and 44 testing procedures to ensure that vendorsupplied defaults and unnecessary default accounts are disabled before any system is installed on the network. (This applies to all system components, not just operating systems). This also applies to security devices, applications, SNMP community strings and Wireless access point encryption keys. It ensures that all system components are configured to industry-accepted standards, according to hardening guidelines from authoritative industry sources like NIST (National Institute of Standards and Technology), CIS (Center for Information Security) and SANS (SysAdmin Audit Network Security (SAN) Institute for servers, routers, switches and applications in scope. Efficient itimisation Requirement 2 also stipulates that one primary function per server should be implemented in the IT environment. This is to prevent functions that require different security levels from co-existing on the same server. It also mandates that an inventory of system components that are in scope for PCI DSS must be available, that the list of hardware and software components in scope of PCI DSS are maintained and a description of the function of each system component included to enable an organisation to accurately and efficiently

AUGUST 2015

visualise and itemise the scope of their environment for implementing PCI DSS controls. Without an inventory, some system components could be forgotten and inadvertently excluded from the organisationâ&#x20AC;&#x2122;s configuration standard. Requirement 2 also mandates that only one primary function per server is implemented to prevent functions that require different security levels from co-existing on the same server, meaning that web servers, database servers and DNS should be implemented on separate servers, even when virtualisation technology is used. If server functions that need different security levels are located on the same server, the security level of the functions with higher security needs would be reduced due to the presence of the lower-security functions. Stopping future security weaknesses Additionally, the server functions with a lower security level might introduce security weaknesses to other functions on the same server. By considering the security needs of different server functions as part of the system configuration standards and related processes, organisations can ensure that the functions requiring different security levels donâ&#x20AC;&#x2122;t co-exist on the same server. Requirement 2 also requires that systems in use only enable necessary services, protocols and daemons, as required for the function of the system. This is advised because there are many protocols a business may have enabled by default that are commonly used by malicious individuals to compromise a network. These include print services (if they are not required) plug and play services, etc. It also mandates additional security features for any insecure service in use, wrapping those protocols that must be deployed and documented. Enabling security features before new servers are deployed prevents servers being installed into the environment with insecure configurations. Ensuring that all insecure services, protocols and

daemons are adequately secured with appropriate security features makes it more difficult for hackers to take advantage of commonly used points of compromise within a network. Mandates that prevent misuse Requirement 2 also mandates that all security parameters pertaining to the system component in view should be configured to prevent misuse. In order for systems to be configured securely, the personnel responsible for configuration and/or administering systems must be knowledgeable in the specific security parameters and settings that apply to the system. In addition, all non-console administrative access must be encrypted to avoid sniffing attacks against the connection that an attacker can use to disclose sensitive authentication data. Recent changes were made to the PCI DSS, which moved from version 2.0 to 3.0. These fell into either of the three categories; clarifications, additional guidance or Evolving Requirement. For Requirement 1, there was one evolving requirement (1.12 to 1.1.2 and 1.1.3) and five clarification changes (1.1.X, 1.1.5, 12.2, 1.2.3, 1.3.4 and 1.4). Requirement 2 had four clarification changes (2.1, 2.1.1, 2.2, 2.2.2) and one evolving requirement (2.4) to maintain an inventory of system components in scope for PCI DSS to support the development of configuration standards. Conclusion PCI DSS is therefore an industry standard that can greatly improve the security posture of an organisation that stores, transmits or processes cardholder data, if it is properly implemented and maintained. This should be done by knowledgeable professionals with the requisite experience and knowledge to assist an entity to achieve its PCI DSS certification within a reasonable timeframe at a minimised cost.

www.technologybanker.com

tworks E Ne x C

i-t

t An

t ef

g rtEd e Sof t

s tem s y

id Gr

ri erp

e ev

rin

set

s As

tio

ent

gem

na Ma

CWL

EVENTS FOR YOUR DIARY

Sep - Dec 2015

9 - 11 September 2015 7TH ANNUAL RETAIL BANKING AFRICA

Conference focus on getting an understanding of the development of retail financial services across sub-Saharan Africa and see how disruption in financial services changes the lives of consumers and financial operators.

10 - 11 September 2015 2ND ANNUAL AFRICA TELECOMS FRAUD, REVENUE ASSURANCE & RISK MANAGEMENT FORUM 2015

Each year Africa’s mobile/cellular carriers lose the equivalent of almost one and three quarter billion US dollars through theft of service and related frauds. Fraud & revenue loss in telecoms continues to be a major priority for big businesses in Africa.

14 - 15 September 2015 MIDDLE EAST BANKING INNOVATION SUMMIT 2015

The UAE’s overarching commitment to sustained economic, financial and social development has led to a tremendous boom in innovation in general. With the Expo 2020 well poised to be the event holding the world’s attention, innovation has become the focal point like never before.

15 - 16 September 2015 AITEC BANKING & MOBILE MONEY COMESA 2015

African banks have a great challenge in overcoming their heritage of colonial banking, which was designed to cater primarily for government, corporate and high-worth individuals. The bottom part of the pyramid has been badly neglected.

15 - 16 September 2015 CARDS & PAYMENTS EAST AFRICA

Banks and financial institutions across East Africa are transforming the way they connect with their customers by providing safer, quicker and more transparent alternatives to cash.

17 - 18 September 2015 ATMIA AFRICA 2015 CONFERENCE AND EXPO

The conference line-up is full of case studies and forward-looking assessments of where payments are going, whether bitcoin or money transfers, and the vital role cash and ATM transactions, including cardless programmes, will play long into the future.

AUGUST 2015

www.technologybanker.com

17 - 18 September 2015 CYBER SECURITY MANAGEMENT FORUM FOR THE FINANCIAL SECTOR

Cyber security breaches not only impact an institutionâ&#x20AC;&#x2122;s bottom line, but also its reputation, brand, and intellectual property.

13 - 14 October 2015 ATM SECURITY 2015

The event is complemented by a vendor technology exhibition area where delegates can view the latest ATM security products and services, share ideas and experiences and network with colleagues in the industry.

29 - 30 October 2015 43RD EFMA CONGRESS: BANKING TRANSFORMATION

Attracting heads of retail, business areas, strategy, development and transformation from the world over, this Congress will discuss the transformation of existing institutions in all its forms, even new business models when the existing structures are too burdensome to upgrade.

9 - 10 November 2015 BRANCH TRANSFORMATION 2015

Banks are under unprecedented pressure to keep costs under control, while improving customer service. Internet and mobile banking channels in turn set new records for mass adoption, while customers visit staffed outlets less frequently.

1 - 3 December 2015 MOBILE MONEY & DIGITAL PAYMENTS GLOBAL 2015

The format of the event will be interactive, including live polls, implementation workshops, breakout discussion forums and more.

1 - 3 December 2015 INDIA ATMS 2015

In addition to the two-day conference, delegates have the opportunity to view the latest technology from the worldâ&#x20AC;&#x2122;s leading ATM technology suppliers.

AUGUST 2015

PREMIUM VENDORS DIRECTORY

Computer Warehouse Group offer integrated ICT solutions that add value to the operations of diverse clientele, using highly skilled and well motivated workforce. CWG work with best-inclass partners and technologies from all over the world.

Digital Jewels Limited is an ISMS Certified Information Value Chain Consulting and Capacity Building Firm specialising in Information Technology and Project Management and first in Africa to achieve accreditation to the ISO27001.

Fiserv, Inc., a leading global provider of information management and electronic commerce systems for the financial services industry, providing integrated technology and services that create value and results for our clients.

GRGBanking, a leading provider of currency recognition and cash processing solutions in the global market with great potential and rapid development with comprehensive solutions widely used in Finance, Telecom, CIT and Retail sectors.

Global Bankers Institute is a Training, Communication and Consulting Firm dedicated to serving the financial services community. It provides modern training without sacrificing the principles on which todayâ&#x20AC;&#x2122;s banks were built.

Infosys is a global leader in consulting, technology and outsourcing solutions, helping enterprises transform and thrive in a changing world in areas such as in mobility, sustainability, big data and cloud computing.

Entersekt is an innovator in transaction authentication and introducing an isolated communication channel between phone and financial institution that avoids reliance on the open Internet for user and transaction verification.

VCASH allows you to transfer and receive money locally and through Western Union using your phone or online, plus much more. VCASH is fully licensed by the Central Bank of Nigeria to deploy mobile payment services in Nigeria.

SatADSL offers corporate internet access by satellite, with flexible subscriptions, state-of-the-art equipment and attractive price-setting with a set of tools which allow Distributors, Corporate and Individual users to monitor the terminals they operate.

Website: http://www.entersekt.com

Website: https://www.virtualterminalnetwork.com/Home

Website: http://www.satadsl.net

Website: http://www.cwlgroup.com

Website: http://www.fiserv.com/index. Website: https://www.digitaljewels.net htm

Website: http://www.globalbankersin- Website: http://www.infosys.com/ Website: http://www.grgbanking.com/ stitute.com/index.php pages/index.aspx en/index.asp

Your business not listed here? Get brand awareness and Win new business with Technology Banker Premium Pages Contact Jenny Howard on: +44 (0) 208 528 1536 jenny@technologybanker.com

Mobile Money Transfer VTN VCASH and Western Union Mobile Money Transfer service with Western Union and VTN is an easy, fast and convenient way for VTN customers in Nigeria to receive money from abroad on their VCASH account.

In a few quick steps, a Western Union® Money Transfer can be added into a VTN VCASH account in Nigeria. 1 Western Union sender makes a money transfer at a Western Union® Agent location or online on a Western Union transactional website (where available). 2 Sender provides the VTN receiver the Western Union MTCN tracking number. 3 With the MTCN number, the VCASH customer can follow the Western Union menu prompts on their VTN phone to add the funds directly* onto their VCASH account! 4 The VCASH customer will enter their PIN, for user authentication. Additional information about the transaction may also be requested. (See diagram below) A 1. Send Money 2. Western Union 3. Check Balance 4. Mobile Top-up 5. Pay Bill Select

Western Union

1. Pick-up money

Western Union

Please enter 10-digit Western Union MTCN: _ (3 unsuccessful attempts will result in account blocking)

Select

Cancel

Select

Cancel

Western Union

Please enter the amount you are expecting to receive: _ (3 unsuccessful attempts will result in account blocking)

Select

Cancel

Western Union

Please enter your PIN to continue: _

Pick-up Confirmation: Western Union has deposited XXXXX into your account No. 00045XXX

Select

Cancel

5 The VCASH customer will receive an SMS notification confirming the deposit of funds into VCASH.

If the Western Union sender provides their mobile number on the Western Union Send Form, they will also receive a text message when the funds are delivered1.

Did you know? VCASH consumers in Nigeria can use funds in their VCASH account as determined by VTN, including: • Pay bills • Withdraw cash • Purchase airtime • Buy goods and services For more information, visit virtualterminalnetwork.com or WesternUnionMobile.com Available through:

* Funds will be paid to receiver’s VTN VCASH account provider for credit to account tied to receiver’s mobile number. Additional third- party charges may apply, including SMS and account over-limit and cash-out fees. Funds availability subject to terms and conditions of service. See Send Form for Restrictions. ** Service options are determined by the mobile phone service provider. 1 Standard Message and Data rates may apply. VTN, VCASH and the VTN logo are trademarks of Virtual Terminal Network. © 2013 Western Union Holdings, Inc. All Rights Reserved.

Human Capital Performance Improvement Audit Are you completely satisfied with the Return on Investment (ROI) from your current training? Are your training budgets driven by business goals and Key Performance Indicators (KPIs)? Are you holding training vendors accountable for quantifiable business improvements? Based on over 25 years of providing the BEST! Training, Communication and Consulting Solutions to the banking industry worldwide, the leaders of Global Bankers Institute have designed the Human Capital Performance Improvement (HCPI) Audit. The HCPI Audit is the first-of-its-kind service to offer the following benefits: 1) Ongoing Performance Improvement Plan based on cascading Strategic and Operational Goals. 2) Comprehensive Training Plan with behavioral outcomes aligned to Key Performance Indicators (KPIs) and Key Performance Measures (KPMs) resulting in a concrete Return on Investment for all training. 3) Effective Training showing measurable benefits in Sales, Customer Satisfaction, Operations Productivity and Quality, Employee Motivation, Risk, and Compliance, as well as any other identified bank goal. 4) Efficient Use of Training Budget through improved curriculum priorities and vendor selection and negotiation. 5) Holding Training Vendors Accountable by making them partners in the HCPI Audit process and requiring that they accept responsibility for delivering measureable improvement through their programs. Please contact me to let us know how we may best serve you. Global Bankers Institute brings experience, innovation and value, providing the BEST! Training, Communication and Consulting solutions to the financial services industry.

Dr. Linda Eagle Founder and President Global Bankers Institute 245 Park Avenue New York, NY 10167 +1.212.579.5500 ext. 3106 +1.646.236.7538 (mobile) linda.eagle@globalbankersinstitute.com www.globalbankersinstitute.com

Global Bankers Institute