The finance sector in Uganda is on a drive to reduce transaction times at their bank in favour of a faster and more reliable way to serve customers.
Banks want customers to spend as less time in banking halls as possible, while getting top-notch service. But as the financial sector goes digital, is Uganda cyber secure?
“The absence of a flexible, timely and cost-effective means of verifying the identity of consumers of financial services has been a major and continuing constraint to financial inclusion and credit growth in Uganda,” Twinemanzi Tumubweine, the executive director of Supervision at Bank of Uganda, said at a recent event.
He said the manual customer due diligence is open to fraud and, therefore, dents the confidence in a financial system that is currently leveraging the use of technology to bring excluded masses into the formal financial system.
Banks now say that the introduction of digital services will save them a lot more money that they are spending to process paperwork and maintain a large branch network.
To bolster the technology systems in the industry, Bank of Uganda, Financial Sector Deepening Uganda (FSDU), and Uganda Bankers’ Association (UBA) recently partnered with a digital identity verification platform that is set to reduce the time that one can process a loan.
Laboremus Uganda, a Ugandan financial technology company, is supposed to build the solution that will, under the supervision of BOU, use National Identification and Registration Authority’s existing records to authenticate customer data.
This is supposed to speed up a process that previously involved application of financial cards by loan applicants from credit reference bureaus before vetting by credit officers, a process that was very tiresome.
While the banking industry might have all the reasons to embrace digital solutions, access to internet services remains a challenge to many Ugandans. Also, many of those who have access to internet are not conversant with the banking services.
Micheal Niyitegeka, the director at Refactory Uganda, a software skilling firm, is an advocate for improvement of the digital usage capacity of consumers before these technological enhancements hit the financial market.
“If we are going to make the economy dependent on digital, we need to think about the digital competence of the citizens (consumers). You can find someone out of university and they cannot competently send an email,” he said.
As fast-paced as the technological developments in the financial sector may be, they still leave looming questions on Uganda’s capacity to protect customer data from cybercrime.
The National Information Technology Authority Uganda (NITA-U) is the operational arm for government that coordinates the implementation of Uganda’s National Cyber Security Strategy and has so far been able to do their work with minimal incident.
NITA-U has in place a directorate of Information Security which was established to provide leadership, organizational structures and processes at the national level to achieve and maintain information security.
According to Emma Mugabi, the manager, Governance and Risk at NITA-U, they have tried to put in place parameters to protect consumer data that has been effective so far.
“NITA-U put in place the National Information Security Framework (NISF), which provides mandatory controls that government agencies and critical infrastructure operators are required to implement and maintain. This ensures presence of appropriate information security controls in the e-services offered by respective agencies by design,” Mugabi said.
The Uganda National Computer Emergency Response Team and Coordination Center (CERT.UG/CC) that analyses threat and vulnerability information relevant to the Ugandan cyber landscape is kept abreast with the latest threats that are targeting the Ugandan cyberspace and they have done well to protect consumer data in Uganda.
“The CERT.UG/CC maintains a technology watch with daily threat advisories and early warnings to critical infrastructure operators. This provides information on existing threats as well as advisory on how to avoid so that the informed entities are proactive in their defense strategies.”
“The CERT.UG/CC is linked with international bodies that have the same objectives due to the borderless nature of the internet,” Mugabi emphasized.