With service delivery in the financial service sector being gradually taken over by Artificial Intelligence(AI), Nigerians are at risk of data abuse from financial service providers, NATIONAL ECONOMY can now reveal.
AI is simulation of human intelligence into a machine format such that the machine can do things that are routine in nature, faster.
As much as artificial intelligence is good for promotion of banking, insurance and pension businesses, experts have pointed out the challenge in data protection and privacy.
There are concerns that private data submitted to financial sector providers which ought to be in secret, could be exposed through AI, thereby, serving as a breeding ground for cyber criminals to launch attack on unsuspecting customers of banks and other financial service providers.
To this end, Nigerians have been warned to beware of AI-induced software they download on their phones as most of them spy on private information that could be hacked by hackers to perpetrate their evil act.
Financial firms have reported significant direct losses, totaling almost $12 billion since 2004 and $2.5 billion since 2020, the International Monetary Fund (IMF) has disclosed.
In its April 2024 Global Financial Stability Report released recently, IMF stated that attacks on financial firms account for nearly one-fifth of the total, of which banks are the most exposed.
Similarly, IT professionals are concerned about the threat landscape associated with Artificial Intelligence (AI), even as they have revealed that attackers are now using sophisticated linguistic techniques, such as longer sentences, more punctuation, and increased text volume, to carry out attacks, particularly, in the financial industry.
As they anticipate more threat actors utilising AI to enlarge every facet of their offensive toolbox, IT experts claimed that generative AI enables attackers to quickly and efficiently create complex and targeted attacks.
The latest report from Computer Crime Research Center (CCRC) has projected that the cost of cybercrime will rise to $12trillion by 2024 due to AI technology,saying, “As we move forward in 2024 and 2025, the market will see attackers adopting AI to carry out their attacks. AI will be adopted to deliver more cost-efficient, rapid development of new malware and ransomware variants.
“Deepfake technologies will take phishing and impersonation attacks to a new level. Businesses will embrace AI but will be threatened by its use in novel cyberattacks. There is also a risk that the dynamic character of AI-driven attacks could make static defense mechanisms ineffective.
“Vertical segments covering manufacturing, retail, professional services, financial, and utilities will be the most vulnerable. This is partly driven by vulnerabilities across the legacy nature of their network, technology maturity, and elevated risk impact levels to the business as a result of cyber-attacks,” the report revealed.
It added that, even though, cybersecurity is now a board-level issue, there is need to be greater involvement at the executive board level by driving cybersecurity risk governance and steering committees to help minimize the risks imposed on the company or government entity.
Corroborating the findings of the research, retired director, Nigeria Deposit Insurance Corporation (NDIC), Dr. Jacob Afolabi observed that there have been a plethora of significant incidents concerning cyber threats in 2023, all of which have a wide range of effects on governmental or organizational entities.
Afolabi explained that, Al technologies often collect and analyze large amounts of data, raising issues related to data privacy and security. “As Al technologies become increasingly sophisticated, the security risks associated with their use and the potential for misuse also increase. Hackers and malicious actors can harness the power of Al to develop more advanced cyberattacks, bypass security measures, and exploit vulnerabilities in systems,” he asserted.
To mitigate privacy risks, Afolabi advocated strict data protection regulations and safe data handling practices. “To mitigate these security risks, governments and organizations need to develop best practices for secure Al development and deployment and foster international cooperation to establish global norms and regulations that protect against Al security threats,” he advised.
While overreliance on Al systems may lead to a loss of creativity, critical thinking skills, and human intuition, the retired director harped on the need to strike a balance between Al-assisted decision-making and human input, which is vital to preserving human cognitive abilities.
“Al-driven automation has the potential to lead to job losses across various industries, particularly for low-skilled workers. To mitigate the risk, the workforce must adapt and acquire new skills to remain relevant in the changing landscape. This is especially true for lower-skilled workers in the current labor force.
“It is crucial to develop new legal frameworks and regulations to address the unique issues arising from Al technologies, including liability and intellectual property rights. Legal systems must evolve to keep pace with technological advancements and protect the rights of everyone. There is also the need for developers and researchers to have robust testing, validation, and monitoring processes capable of identifying and fixing such issues before they escalate,” he added.
In the same vein, government affairs director, Microsoft Africa, Akua Gyekye, stated that, when it comes to using AI safely, one of the most effective ways to accelerate progress is to build on existing governmental frameworks.
Several African countries, he stressed, have already begun to formulate their own legal and policy frameworks and are helping to lead discussions around AI policy and strategy development on a regional, continental, and global scale, offering valuable insights for other countries looking to do the same, adding that, while at different stages of implementation, they all are looking to find balance between the need to create guardrails for the new technology and at the same time, wanting to help a nascent industry grow, innovate, and adopt these new and emerging technologies.
She stated that, the African Union (AU) continues to convene experts from across the continent and this year published a policy draft containing a comprehensive continental strategy for AI regulations for African countries.
The head, Corporate Planning, Strategy and Risk Management at the Nigerian Communications Commission (NCC), Kelechi Nwankwo, explained that the fast-disruptive world of the telecoms industry has witnessed convergence of diverse technological advancements with the potential of reshaping the future.
“From 5G networks, the Internet of Things (IoT), and Artificial Intelligence (AI), to Cloud Computing and beyond, the possibilities are limitless. However, with great opportunities, comes great risks, and it is our collective responsibility to address these risks and possibly safeguarding the industry’s growth and sustainability”, he said.
Meanwhile, the managing director/CEO, Guinea Insurance Plc, Ademola Abidogun, said, in as much as artificial intelligence is good for promotion of insurance and pension businesses, the challenge lies in data protection.
“AI helps profile customers and assist in carving out product that suits the needs of each customer, relying on their data to know what each customer wants at any point in time.
“Yet, as good as AI is, there is the issues of data protection and privacy. This is critical so that sensitive information about a customer is not abused by data harvesters, thereby, tramping on his or her privacy. There should be regulation on data that can be harvested for use and on some sensitive information, there should be consent before those information can be used. Stakeholders should come together to address this, especially, in the era of cyber crime and attacks,” he stated.
The IMF had earlier said, cyber events constitute a major operational risk that might jeopardize the operational stability of financial institutions and negatively impact macrofinancial stability as a whole.
“A cyber incident at a financial institution or a country’s critical infrastructure could generate macro-financial stability risks through three key channels: loss of confidence, lack of substitutes for the services rendered, and interconnectedness. While cyber incidents thus far have not been systemic, ongoing rapid digital transformation and technological innovation such as artificial intelligence and heightened global geopolitical tensions exacerbate the risk,”it said.
To strengthen resilience in the financial sector, the IMF, suggested that central banks and authorities must create a sufficient national cybersecurity strategy and implement efficient regulation and supervisory measures, which should include: regular evaluation of the state of cybersecurity and detection of possible systemic vulnerabilities resulting from concentrations and interconnections, including those arising from third-party service providers; improved cyber-related governance to lower cyber risk and supports the idea of promoting cyber ‘maturity’ among financial sector companies, including board-level access to cybersecurity knowledge, among others.
On his part, the chairman of the Committee of Chief Information Security Officers of Nigerian Financial Institutions (CCISONFI), Mr. Festus Amede, stated the importance of implementing robust security measures to protect sensitive financial data in the face of emerging threats.
Phillips Consulting Limited (PCL), in a report, noted that, the surge in big data, driven by customers’ digital interactions and the utilization of structured and unstructured data, along with the rapid expansion of cloud technology and robust computational resources, has accelerated this transformative change, enabling organizations to embrace AI with unprecedented readiness.
