Fintech investments come with significant cybersecurity risks which are mostly ignored and misunderstood in the race to accumulate customers and grow transaction volume. The legal, regulatory, and policy framework also present a host of landmines.These are the key takeaways from the cybersecurity discussion I led at Nigeria Com and West Africa Com, the leading conferences for telecoms in the West African region. Joining me was the preeminent IT lawyer in the region, Leon Patrice Sarr.
Consider these challenges:
– You should not generalize about the quality, or even the existence of cybersecurity regulations, a regulatory agency, a legal framework, coordination between countries, or other capacities in West Africa.
– A major Fintech objective is to build creditworthiness and provide loans to the “unbanked” – those who are traditionally excluded by the formal financial system. West Africans have always participated in peer-to-peer borrowing and informal savings schemes where participants are authenticated via social relationships. In contrast, Fintech systems must authenticate people digitally, often by collecting and storing sensitive biometric data. This is a big security risk.
– A lack of transparency in the legal, regulatory, political, and social framework in countries will remain a big challenge for the due diligence process.
Led by the boom of mobile money services in Africa and the opportunity to bring the traditionally “unbanked” into the formal banking system, investments in Fintech represent the bulk of over $2B worth of tech venture investments in Africa during 2019, according to Partech Partners. At the same time the International Monetary Fund (IMF) warns “There is a need to balance the trade-off between the benefits that Fintech technologies may generate and potential added risks and vulnerabilities.”