Flutterwave said it discovered, on October 10, 2023, that several PoS device merchants had abused their access by performing illegal transfers on its platform due to a “technical glitch.”
Flutterwave, Africa’s most valuable startup, will contact
over 6,000 account holders across 35 banks and financial institutions to
recover ₦19 billion (*$24 million) illegally transferred by POS merchants after
a High Court ruling on February 1.
“In 2023, we discovered that certain POS device merchants
abused their access by conducting unauthorized transactions. In response to
this, we temporarily suspended the accounts where funds were improperly
transferred,” Flutterwave said in a statement to TechCabal. The company insists
that no customer funds were lost.
The February order —a Mareva injunction— lets Flutterwave
recover the funds and assets of the identified account holders, which is
crucial because the account holders may have spent the funds received in
October 2023.
“We continue to actively engage with the relevant
authorities to investigate and address the situation,” Flutterwave added.
An earlier court order placed debit restrictions on those
accounts two months after the incident, court documents obtained by TechCabal
show.
Per the most recent order granted on February 1, 2024, 35
financial institutions, including Opay, Paga, Palmpay, Access Bank, VFD Bank,
Zenith, Polaris and Providus Bank, must share the email addresses and telephone
numbers of the account holders.
Flutterwave will contact the over 6,000 account holders
“through their respective email addresses and by SMS and Whatsapp messages to
their respective telephone numbers,” according to court documents
The fintech company may use a recovery agency for this, a
lawyer familiar with similar processes said.
A timeline of the incident
“On 10th October 2023, there was a technical glitch in our
client’s operating system, which resulted in funds being automatically
transferred to the bank accounts of customers listed in Schedule A of this
memorandum,” a letter from Flutterwave’s lawyers said.
Immediately after the “technical glitch” was discovered,
Flutterwave contacted the bank and fintechs, notifying them of the glitch and
the resulting erroneous funds transfers.
“The merchants listed did not provide any service to our
client and were not entitled to funds that were erroneously transferred and
have continued to keep said funds,” the letter from Flutterwave’s lawyers
added.
Flutterwave also offered indemnity to the banks if they
reversed the erroneous transfers. Typically, a reversal request would require
the receiving bank to also go to court to seek further approval.
Flutterwave incident highlights the importance of KYC
The success of Flutterwave’s recovery efforts will depend on
financial institutions like Opay, Palmpay and Moniepoint having accurate
customer information. It also relies on banks having up-to-date information on
their customers.
However, recent fraud incidents show this may not always be
true. Neobanks, in a drive to boost financial inclusion, have popularised
easy-to-open accounts with lax KYC requirements, and traditional banks do not
necessarily have accurate information either. For instance, customers are not
mandated to tell their banks when they change addresses, emails or phone
numbers.
These KYC troubles are happening while there’s also a
significant rise in fraud attempts in Nigeria’s financial services industry,
and traditional banks have placed the blame on the neobanks.
Fidelity Bank, a commercial bank that holds ₦3.1 trillion
($2.1 billion) in customer deposits, blocked transfers to several neobanks over
concerns that neobank wallets and accounts were an easy way to move monies that
had been fraudulently obtained,
In December, the Central Bank of Nigeria mandated all
financial institutions to implement stricter Know Your Customer (KYC) measures,
requiring all customers to provide their bank verification number (BVN) or a
national identification number (NIN) for account or wallet opening by March
2024.
0 comments:
Post a Comment