Central
Bank of Nigeria, CBN, has assured stakeholders of mobile payment system in the
country of adequate risk management structure.
In the new guidelines for the
regulation of agent banking and agent banking relationships in Nigeria mobile
money agent network, posted on its website the apex bank stated that in view of
the peculiarity of the operations of the mobile money operations MMOs and the
unique risks associated with their operations, certain requirements have been
instituted to mitigate risks arising from their activities.
According to CBN, the risk mitigation techniques are in place
to minimise operational, liquidity, technical, fraud, financial and money
laundering risks. It will also ensure that the mobile payments system shall not
be susceptible to sustained operational failures, as a result of system outages.
In addition, risk management officer shall be assigned by the MMOs, who are to provide internal risk management oversight. The CBN will review the risk management program, including all the controls that are in place to manage the risks from time to time.
The central role of the settlement infrastructure requires that MMOs shall: Ensure that the mobile payment settlement platform automatically generates transaction settlement information/records. Adopt standard messaging formats as provided by NIBSS, for all schemes for settlement purposes.
Maintain audit trail and settlement log for a minimum of seven years. Fulfil other conditions that may be reviewed by the regulatory authorities from time to time. CBN also assured that MMOs should maintain proper backup infrastructure, Implement a disaster recovery and business continuity plan, periodically test the effectiveness of the backup infrastructure and business continuity plan.
For establishing certainty of transactions through mobile payments, MMOs shall ensure the following: Summary of transaction requested must be displayed to the user for confirmation.
The transaction summary shall include, the phone numbers of the paying user and receiving user, transaction description, the transaction amount, date and time and a unique transaction identifier.
By confirming the summary, the user commits to the transaction, option for the user to save such transaction summary, upon completion of the transaction, the user receives an electronic receipt which shall conform to the transaction summary earlier displayed and the option for saving the electronic receipt shall be available to the user.
The electronic summary of transaction and the electronic receipt should be securely logged and the log maintained online for a minimum period of three months and subsequently archived for a minimum period of seven years.
However, if a complaint arises before the expiration of the seven years, the log in respect of such pending complaints shall be maintained until the case is completely resolved or discharged.
Regulatory authorities, law enforcement agencies or arbiters are granted access to the log, when required, for the purpose of certifying a printed copy for evidential purposes.
In addition, risk management officer shall be assigned by the MMOs, who are to provide internal risk management oversight. The CBN will review the risk management program, including all the controls that are in place to manage the risks from time to time.
The central role of the settlement infrastructure requires that MMOs shall: Ensure that the mobile payment settlement platform automatically generates transaction settlement information/records. Adopt standard messaging formats as provided by NIBSS, for all schemes for settlement purposes.
Maintain audit trail and settlement log for a minimum of seven years. Fulfil other conditions that may be reviewed by the regulatory authorities from time to time. CBN also assured that MMOs should maintain proper backup infrastructure, Implement a disaster recovery and business continuity plan, periodically test the effectiveness of the backup infrastructure and business continuity plan.
For establishing certainty of transactions through mobile payments, MMOs shall ensure the following: Summary of transaction requested must be displayed to the user for confirmation.
The transaction summary shall include, the phone numbers of the paying user and receiving user, transaction description, the transaction amount, date and time and a unique transaction identifier.
By confirming the summary, the user commits to the transaction, option for the user to save such transaction summary, upon completion of the transaction, the user receives an electronic receipt which shall conform to the transaction summary earlier displayed and the option for saving the electronic receipt shall be available to the user.
The electronic summary of transaction and the electronic receipt should be securely logged and the log maintained online for a minimum period of three months and subsequently archived for a minimum period of seven years.
However, if a complaint arises before the expiration of the seven years, the log in respect of such pending complaints shall be maintained until the case is completely resolved or discharged.
Regulatory authorities, law enforcement agencies or arbiters are granted access to the log, when required, for the purpose of certifying a printed copy for evidential purposes.
No comments:
Post a Comment