Njuguna Ndung’u (pictured), the Central Bank of Kenya’s governor, has highlighted the risks accompanying the country’s widespread adoption of mobile money services. He said increased usage brought “inherent system-wide implications”, according to Mobile Money Africa. Led by Safaricom’s M-Pesa, Kenya has become a textbook example of a mobile money deployment which other countries have been eager to emulate. Hence, the significance when the country’s banking regulator warns on security concerns. The governor highlighted fraud, loss of money and invasion of privacy as potential threats to the public. Money laundering and hacking were two other possible headaches, said Ndung’u.
The country’s central bank has already moved to tighten rules on mobile money services. At the end of last month, it was announced that mobile operators will have to file a security audit report with the central bank in future as well as introduce new processes to protect their IT systems from hackers. The new rules, which are set to come into effect within the next few days, will require additional investment by operators in areas such as external audit services, new software and additional data storage. The tightened policy is based on the benchmark PCI Data Security Standard used by the leading credit card providers such as Amex, MasterCard and Visa.