THE REVOLUTION OF ELECTRONIC BANKING AND LEGAL RISKS IN THE DRC

banking_online

The banking industry has undergone exponential technological effects that have revolutionized the business and changed consumer habits in the Democratic Republic of Congo as well as in the world. The emergence of e-banking, otherwise known as online banking, has brought countless benefits to consumers by offering faster and cheaper transactions. However, it poses legal problems that require speedy regulation of technology to solve the problems that arise in financial transactions between consumers and banks.

By Gaby Kabue Kayombo, Managing Partner de RightsEmpower

 

Introduction

Certainly, at actual time a digital revolution that results in the powerful breakthrough of the Internet is experienced in the relationship between banking institutions and consumers. Studies on the digital revolution show that the banking sector occupies the 2nd position, or 32%, after High Technology in the digital transformation. Banks were among the first to adopt new technologies, however a number of major innovations, for example online payment services, mobile money and electronic money came from non-banking institutions including telecommunication and internet companies (2016 World Bank World Development Report “Abridged Digital Dividend”). In addition, the 2014 Global Findex database report reveals that between 2011 and 2014, 700 million people opened an account with a bank, a financial institution or a banking service provider from their mobile phones. These statistics amply prove the positive consequences of the innovations that contributed to the development of the sector and the proliferation of banks around the world.

The electronic banking service offers fast, easy and permanent access to remote financial services, including checking the balance, bill payments, transfer of funds, application or individual blocking of cards in case of loss and possibly changing your password, downloading bank statements, printing bank statements, loading multi-beneficiary files, communicating securely with your manager from the mailbox[1], placing an order for online checkbooks and transfer order books, online application for the payment of a check, consultation of your outstanding loans, your deposits and your portfolio of domiciled bills of exchange, consultation of exchange rates and interest, currency converter etc. And access to these services is done without the client necessarily having to resort to face-to-face or physical contact with bank staff. It has enabled bank customers to save waiting time and travel to the counters to reserve them only for cash transactions. It should be noted that e-banking offers more efficient services and at a much better price, for example, a transaction costing about $1 in a traditional agency, or $0.60 on the telephone, costs only $0.02 online[2].

In the context of the DRC, the banking sector has become a competitive market with more than fifteen commercial banks operating there, and technological progress is one of the factors of the market revolution.

Trend of the electronic bank in DRC

Indeed, the electronic banking in other words “remote banking or Internet banking” continues to impact the financial market in the DRC like in other countries around the world. As a competitive sector, no bank is exempted from the online banking service; they intensify their services through the creation of websites, the establishment of electronic counters: ATM (Automated Teller Machine) in shopping centers, petrol stations, university institutions, bank headquarters, etc. Other banks are mobilizing computer infrastructures such as laptops on the desks in their offices to offer electronic self-service to customers. The creation of mobile applications is another explosive technological process of the digital age that has revolutionized the business of banks, the proliferation of bank cards (MasterCard, VisaCard, prepaid cards, etc.) offering services such as payments, withdrawals and credits and also allowing cardholders to securely conduct online transactions. Each bank or network of banks holds its own card labels. Banks attach considerable importance to the expansion of Internet service in their services that present an ambitious and innovative future of their economic and financial activities.

By way of example, the Commercial Bank of Congo, one of the former reference banks in the Democratic Republic of Congo since 1909, set up an IT and telecommunication department with the mission of making available to the bank the computing in its entirety and also to put in place medium-term strategies and directly to daily operationality. In order to meet the standard of the technological era, BCDC plans to optimize its continuity in digitalization with desktop publishing software and a very advanced e-learning software.

This is also the case of RawBank, which has in its structure an IT and Digital Banking Department which is a strategic support for the bank[3]. For the latter, the majority of products and services are accessible on the mobile and customers can consult anywhere. The evolution of e-banking is a real challenge for banks to target and attract customers by offering them an easy-to-use, affordable and accessible service.

In a survey conducted by RightsEmpower Law Firm & Consultancy, particularly by its Online Banking department, from commercial banks operating in the Democratic Republic of Congo, a bank agent who remained anonymous told us that customer attendance at branch offices has dropped drastically by 36% in recent years. However, in most cases, agencies counters remain an essential security route for obtaining cash and salaries for state officials. And banking is today the way by which the State does pay the agents of the political institutions, the Public Administration, the Police, the Army, the Security Services, the teachers, the Doctors, the Magistrates, etc[4].

The evolution is also seen in the electronic payment of certain bills of service providers such as electricity, water, airtimes, etc. But, it is obvious to say that this way of payment is not yet intensively used in the DRC compared to the growing countries in ICT (South Africa, Kenya, Nigeria, etc.).

Legal issues of the emergence of electronic banking in DRC

In spite of innumerable innovations in the banking sector, we should note that technological progress has also given rise to new legal challenges, which both the regulatory authorities and the legislature need to monitor and ensure control.

  1. Challenge of virtual banks

The boom of Internet has allowed all organizations in the world to deliver services across borders. E-banking uses technology that, by its very nature, is designed to extend the virtual geographic reach of banking activities without the need for a similar physical presence of institutions. Such expansion of banking markets across national boundaries is already a major prudential issue for enhancing cross-border cooperation between supervisors[5].

It is in this perspective that banks’ services are of great economic and financial importance, use the Internet to offer remote services to consumers. In any case, this issue is an important legal challenge that is currently being posed for the digital transformation.

In the Democratic Republic of Congo, banks are one of five categories to which the regulation on credit institutions applies. Under the law on credit institutions in Congo, before a bank engages in activities on the national territory, it must first obtain the approval of the Central Bank[6]. In addition, it must be incorporated as a commercial company for the purpose of carrying out deemed commercial acts in accordance with the texts relating to commercial companies (OHADA).

However, nowadays, several banks are using the Internet device to evade the established regulatory and control conditions. They can simply and easily contract via the Internet and offer services in any discretion. And the big legal question that arises is how the Central Bank as a supervisory body, can force those banks that offer their services remotely over the Internet outside Congolese territory to obtain the accreditation and incorporation into commercial companies in Congo? Existing banking regulations do not provide an explicit answer to this question. In other words, the existing laws are not adapted to the innovations of Technology that the banking industry is exponentially experimenting in order to regulate and control the services provided by it. Paradoxically, existing laws are insufficient to trace the origins of electronic services that are provided. The supervisory body of the banking sector must imperatively reflect and make necessary recommendations for new laws that can be adopted to address aspects of virtual banks.

  1. Challenge of unauthorized payment transactions

Internet banking services have generated innumerable risks of unauthorized payment transactions and fraud in the daily lives of consumers, which requires special vigilance of the supervisory and control body. The consumers of the electronic services of the banks daily experiment these risks, for which sometimes the internal legal texts are silent and limited to overcome them. In practice with these Internet banking services, it can be seen that the consumer can complain to a bank that has made unauthorized payments.

The problem of unauthorized payment transactions is frequent and very experienced by consumers. It is generally considered as the consequence of a technical malfunction of the bank or the negligence of the user who has stolen the credit card. In fact, in all cases of the stated figures, the consumer suffers enormous damage that requires establishing the responsibilities of the consumer and those of the bank.

However, the existing banking legislation should expressly define the responsibilities between the two parties (consumer and bank) when one of the parties is the victim of misappropriation of electronic instruments. Some Western legislation have already extensively reserved legal solutions arguing that in the event of unauthorized payment, a sharing of responsibility is required, generally favorable to the consumer whose payment instrument was diverted. This implies that he can get the refund of the misappropriated sum, under deduction[7]. But the case law is severe with consumers, it argues that the cardholders require the intervention of the bank, however the bank refuses to compensate them, believing that they would have committed serious negligence by leaving the card to be stolen. In this same approach, Nicole L’Heureux and Louise Langevin in their book entitled “Payment Cards: Legal Aspects” assert that in a lawsuit involving the responsibility of a consumer following an unauthorized transfer, the financial institution is presumed responsible unless it proves that the electronic transfer of funds was authorized[8].

Despite the internal procedures established by some commercial banks on unauthorized payment transactions, the supervisory and control authority (Central Bank of Congo) will have to establish a regulatory framework that establishes the challenge mechanisms for a payment transaction unauthorized or poorly executed.

The rules deriving from such an instrument would be a good directive with the objective of establishing a common legal framework enabling the establishment of a genuine single market for payment services applicable to all banks and capable of dealing with the relations between service providers and their customers[9]. In addition, such a measure would be a device for the legal protection of consumers against bank risks incurred in financial transactions.

  1. Theft of confidential information through electronic banking

The security of confidential information relating to online banking is a keystone for access to the electronic banking service of a consumer. It is an element that determines the relationship of trust between the customer and the bank. It is for this reason that banks provide security measures for the security of their customers’ confidential data in order to protect them against theft. However, despite the degree of security provided by banks for the protection of confidential information, nothing reassures the absolute protection of the identity of consumers[10].

The phishing rate (phishing is a term used initially to describe attacks using an email and designed to steal your credentials from your online banking account[11]) is very high worldwide. A study shows that banks rank first, a rate of 25.76% of cases, whose customers were victims of phishing attacks around the world in 2016[12]. Far from plunging into the legal debate that divides the doctrinaires about alleged theft as a fraudulent subtraction of a material good and information theft theory as immaterial good[13]. It is important to consider the fact that caused harm (theft) to the consumer.

In those days, the DRC does not have abundant case law on unauthorized payment transactions, as the subject of ICTs has not yet undergone legislation adapted to technological progress that the world is experimenting with.

  1. Challenge of money laundering

Money laundering is a very old illicit practice endangering economic and financial systems, the negative consequences of which have forced states to set up legal mechanisms to combat the global scourge.

However, it should be noted that money laundering has intensified with the expansion of e-banking. Electronic banking preserves anonymity; once an account has been opened, the bank cannot determine whether the nominal holder is carrying out an operation, nor where the operation is taking place[14]. Banking regulations in the DRC require credit institutions to verify the identity and address of their customers before opening an account or booklet, to warn of securities or warrants before granting a safe or to establish any other business relationship[15].

Of course, the country has put in place a favorable legal framework to combat money laundering, but given the rapid technological progress, it is appropriate that a reform of the law on money laundering be initiated with a view to integrating new legal mechanisms adapted to technological progress that exacerbate money laundering activities.

Recommendations

The e-banking revolution poses new challenges for regulators and supervisors in the banking sector. And to meet these challenges, they must draw on the five pillars below.

Reform: The speed of technological progress and its scale in the banking sector is growing so much that existing and applicable banking laws are becoming more and more obsolete to deal with the multiple issues and operational risks posed by the expansion of the electronic banking. Currently, the traditional banking laws in the DRC are those applicable to electronic banking. And these laws can’t absolutely overcome the problems that arise. To remedy this, the legal texts of the banking sector must undergo a reform to try to make disappear or minimize the risks brought by the electronic bank. At this stage, a new reform must be undertaken by the authorities to improve the framework of the exercise of the activity of the electronic bank. Today, the legal framework of e-banking is governed by Law No. 003/2002 of 02 February 2002 on the activity and supervision of credit institutions, and Instruction No. 24 on the issuance of electronic money and electronic money institutions. A legal text that does not include aspects of e-banking. Hence the imperative need to initiate the strategy of legal and regulatory reform in this sector to have a law adapted to technological developments in the banking industry in DRC. It should be noted that a new law that incorporates e-progress aspects can manage the legal risks that would arise from the relationship between the bank and consumers of e-services.

Legalization: The emergence of the internet has led to the use of new processes, instruments and service providers whose legal nature is not yet defined in most legal texts in the DRC. This is the case of the “electronic signature”. It is an effect of the electronic age and an inescapable legal process in the activities of electronic banks. Existing laws applicable to banking activities in the DRC do not define the electronic signature, its recognition, its effects and its legal conditions. However, the legal scope of the electronic signature has been progressed in other countries such as Belgium since its laws of 20 October 2000 and 9 July 2001[16]. In the same perspective, the legal nature of the concept of “electronic banking” in the DRC should be given.

Integration: The Central Bank of Congo, as the supervisory and control body for banks in the DRC, must have a policy that integrates technology, information and communication into the assessment of operational risks in order to assess the level of security issues on confidential data. However, supervisors can examine how a bank’s management has developed its business plan for e-banking. It is essential that the banking regulators set up a compliance plan for the electronic banks to which they must comply.

Adaptability: The technological progress experienced in the banks cannot leave the Central Bank unaware of its role as bank supervisory authority, to ensure that its employees have the technological skills required to monitor and assess the evolution of risks in the sphere of electronic banking. The BCC will have to make training and capacity building of these agents mandatory to upgrade. However, an investment in computer hardware and software must be taken into account.

Harmonization: E-banking is a question of globalization, economic and financial liberalization that all nations are experimenting with. The Central Bank must make the harmonization of legal and regulatory texts applicable to electronic banking a priority. It must make this issue a keystone for intensifying cooperation with the regulatory and supervisory authorities of banks at the international and regional levels in order to take inspiration from the legal advances initiated in the electronic banking activities in other horizons. 

Conclusion

E-banking is a lever for important economic and financial development of the digital age. The innumerable technological innovations made have contributed to the improvement of the quality of the services of the banking industry. However, e-banking carries new potential legal and operational risks that require a vigilant eye of the public authorities. These risks constitute a major legal challenge for the regulatory authorities to adapt, reform and harmonize the legal and regulatory texts relating to them, with a view to minimizing the risks of electronic banking to consumers and also protecting the state against virtual banking practices.

Bibliography

  • Article 8 of Law No. 04/016 of 19 July 2004 on the fight against money laundering and the financing of terrorism, DRC.
  • Article number 10 of the Law n° 003/2002 of 02 February 2002 related to the activity and control of credit institutions in DRC.
  • 2016 Annual Report BCDC (Commercial Bank of Congo).
  • 2016 RawBank Annual Report.
  • Saleh M Nsouli and Andrea Schaechter,”The challenges of” electronic banking “, 2012.
  • Kombo Ngbuka « Problematic of banking the payroll of the agents and civil servants of the State in Bas-Uele ».
  • Michel Alglieta (professor at the University of Paris X) and Laurence Scialom (professor at the University of Lille II) “Risks of electronic money”,
  • Hervé Jacquemin: Security breaches for online banking: What does the consumer risk?,
  • Nicole L’Heureux et Louise Langevin“Payment Cards: Legal Aspects “, The Presses of the University of Laval, Sainte-Foy, 1991.
  • The new rules for the operation of Payment Services: Mini-guide-banks, 2009.
  • P. Morgan, “Protecting against & recovering from identity theft”.
  • Pieter Danhieux, The monthly newsletter for user awareness “Phishing Attack”, February 2003.
  • https://fr.statista.com/statistiques/688959/phishing-organisation-attaque-victimes-monde/
  • Mohamed CHAWKI: Theft of information: what legal framework today? Right-Tic, July, 2006.
  • Laurent GUINOTTE, Lawyer and assistant at U.LG. “Journal of the Courts“, December 14, 2002.

Legal Notice: This publication is not to be construed as a legal opinion of a lawyer or firm. Readers are encouraged to consult with our lawyers for appropriate legal advice on the law relating to their business

         © RightsEmpower 2018. All rights reserved

[1] 2016 Annual Report BCDC (Commercial Bank of Congo)

[2] Saleh M Nsouli and Andrea Schaechter,”The challenges of” electronic banking “, 2012.

[3] 2016 RawBank Annual Report

[4] Kombo Ngbuka « Problematic of banking the payroll of the agents and civil servants of the State in Bas-Uele ».

[5] Michel Alglieta (professor at the University of Paris X) and Laurence Scialom (professor at the University of Lille II) “Risks of electronic money”, 2002.

[6] Article number 10 of the Law n° 003/2002 of 02 February 2002 related to the activity and control of credit institutions in DRC.

[7] Hervé Jacquemin: Security breaches for online banking: What does the consumer risk?, 2015.

[8] Nicole L’Heureux et Louise Langevin “Payment Cards: Legal Aspects “, The Presses of the University of Laval, Sainte-Foy, 1991.

[9] The new rules for the operation of Payment Services: Mini-guide-banks, 2009.

[10] J.P. Morgan, “Protecting against & recovering from identity theft”.

[11] Pieter Danhieux, The monthly newsletter for user awareness “Phishing Attack”, February 2003.

[12] https://fr.statista.com/statistiques/688959/phishing-organisation-attaque-victimes-monde/

[13] Mohamed CHAWKI: Theft of information: what legal framework today? Right-Tic, July, 2006.

[14] Saleh M Nsouli et Andrea Schaechter, idem.

[15] Article 8 of Law No. 04/016 of 19 July 2004 on the fight against money laundering and the financing of terrorism, DRC.

[16] Laurent GUINOTTE, Lawyer and assistant at U.LG. “Journal of the Courts“, December 14, 2002.

 

You Can Download this Article Here: 

Leave a Reply

Your email address will not be published. Required fields are marked *