Fraudsters share playbooks, Nigeria’s fintechs do not; experts warn of losses

In December 2024, Nigeria’s Economic and Financial Crimes Commission (EFCC) raided a network of online scam operators and arrested 792 people. Of those, 192 were foreign nationals, and 148 of them were Chinese.

They were members of a coordinated, cross-border fraud operation who were running romance scams and cryptocurrency investment schemes out of Nigerian territory, sharing methods, pooling intelligence, and exploiting the gaps between financial institutions that had no idea what the others were seeing.

Nigeria’s fintechs, the targets of these networks, were not doing the same. Each institution sat behind its own walls, logging its own incidents, learning its own lessons, and telling nobody.

That asymmetry is at the heart of one of the most expensive structural failures in Nigeria’s fintech industry today.

The numbers make the cost of that failure visible.

In 2023, Nigerian financial institutions lost ₦17.67 billion to fraud. In 2024, that figure jumped to ₦52.26 billion, almost triple in a single year, according to data from the Nigeria Inter-Bank Settlement System (NIBSS).

Across both years, the industry lost more than ₦70 billion. Attempted fraud cases rose by 338% between 2023 and 2024 alone, a surge NIBSS attributed largely to system vulnerabilities at specific institutions and a near-total absence of coordinated early warning.

The fraud count, the number of individual cases, was actually falling. Fewer incidents, but far more money lost per incident. That pattern has a name: fraud is becoming more organised. Fewer amateurs, more syndicates. Smaller surface attacks are replaced by targeted, high-value strikes that institutions see only after the damage is done.

Akinsola Jegede, co-founder of VitalSwap, a fintech infrastructure company, put the structural problem plainly.

“A significant portion of that increase comes from how fragmented the industry’s response still is,” he said.

“Virtually every fintech in Nigeria has faced fraud attempts, but many handle incidents internally without transparency. That lack of shared visibility is a major contributor to the scale of losses.” — Akinsola Jegede, VitalSwap

Akinsola Jegede, founder, VitalSwap

The fragmentation is not invisible. In 2023, NIBSS profiled 163 financial institutions that were required to submit fraud data. Only 60 complied, which is a 37% compliance rate.

The other 63% reported nothing, creating a picture of the fraud landscape that was, by definition, incomplete.

And an incomplete picture is an advantage for attackers.

NIBSS’s own data confirms what happens when institutions stay silent. In Q4 2025, fraud reporting fell by 34%. In several cases that NIBSS later investigated, individuals linked to fraud had simply moved from one institution to the next because no alert had been shared, no name had been flagged, and no system had connected the dots.

The fraudster relocated. The industry stayed still.

What one systemic fix proved

The 2025 data tells a different story, and it is worth sitting with.

Fraud losses dropped to ₦25.85 billion in 2025, a 51% decline from the previous year. That is a significant improvement.

But the CBN and NIBSS are explicit about what drove it. The primary factor was the BVN and NIN integration, a systemic identity management reform that closed verification gaps across banks, agent networks, and digital platforms. One infrastructure intervention, applied at scale across the entire ecosystem, produced a result that years of institution-level action had not.

Jegede immediately saw the argument embedded in that data.

“That 50% reduction in one year, driven primarily by a systemic fix rather than institution-level action, is the strongest possible argument that isolation was costing Nigeria billions,” he said.

The industry’s collective silence did not protect anyone. It cost the ecosystem ₦52.26 billion in a single year. When a shared infrastructure layer was finally activated, losses were cut in half. The argument against coordination does not survive contact with that data.

So what is actually stopping it? Jegede listed the barriers without softening them.

“First, building the infrastructure for real-time, compliant intelligence sharing is expensive and complex, especially when navigating data protection concerns,” he said. “Second, most fintechs are focused on growth and may not have the resources to invest in such systems independently. Third, there are concerns about trust and competition. Firms are hesitant to expose vulnerabilities.”

Each of those barriers is real. But he was equally direct about their limits:

“These barriers are not insurmountable,” he said. “At VitalSwap, we have built internal tools for fraud intelligence and are open to extending them to other financial institutions. The opportunity exists, it just requires alignment of risk, reward, incentives, and commitment.”

Fintech prioritises competition and growth

The competitive concern deserves its own scrutiny. Fintechs treat fraud data as proprietary, as if sharing what a fraudster did last Tuesday gives away something valuable about their business. It does not.

The fraudster already knows what they did. The only party kept in the dark is the next institution in line.

“There is little justification for keeping confirmed fraudulent actors private within the industry. Making that information accessible would not only improve prevention but also deter accomplices. For instance, individuals who knowingly lend their identities for fraudulent activities.” — Akinsola Jegede, VitalSwap

He described what a functional system could look like in practice.

“A POS merchant should be able to see, in real time, that an account has been flagged for chargeback fraud and make a decision to proceed or not. If they choose to proceed despite that signal, then enforcing liability or chargebacks in the event of fraud is justified.”

Today, the reverse applies. Institutions face penalties for fraud that passed through systems with no access to intelligence that could have stopped it. The incentive structure is inverted.

There is a concept in statistics called survivorship bias. During World War II, engineers analysed bullet holes on planes that returned from combat and recommended reinforcing those areas. The statistician Abraham Wald pointed out the flaw: the planes that did not return were hit somewhere else. Reinforcing where you see damage misses the real problem entirely.

Jegede brought the same logic to Nigeria’s fintech fraud challenge. “The planes that returned had bullet holes in certain areas, so the initial rational thought was to reinforce those spots. But the real insight was the opposite. The planes that did not return were likely hit in the critical areas we could not see. So, reinforcing only where you see damage misses the real problem.”

Nigeria’s fintech industry is reinforcing the visible damage. Each institution patches the vulnerabilities that have already been exploited. Without shared intelligence, nobody knows where the next wave is coming from, because the evidence lives in somebody else’s incident log, behind a wall nobody agreed to open.

The bilateral approach that some institutions have taken is doing nothing, but Jegede argued it falls well short of what the problem demands.

Flutterwave’s partnership with the EFCC to establish a cybercrime research centre is a visible example. It signals intent. But it is one company and one regulator, and the fraud networks it is meant to address operate across dozens of institutions simultaneously.

“A series of one-off, bilateral partnerships is not enough to solve a systemic problem,” Jegede said. “In many ways, it reflects the coordination gap we are discussing. In fact, startup fintechs have better fraud intelligence than bigger institutions that could go months before realising fraud had occurred.”

NIBSS has signalled where it wants to go. Its priorities for 2026 include structured liability-sharing frameworks and transparent performance scorecards. Jegede acknowledged the intent but was clear about the sequencing problem. “It is difficult to see how that ambition can succeed without first solving for real-time intelligence sharing,” he said.

“Nigeria’s payment ecosystem operates in real time. If fraud intelligence does not move at the same speed, prevention becomes reactive. By the time one institution identifies a fraud pattern, others may already be exposed.”

The CBN’s move to enforce chargebacks on stolen funds, directing NIBSS to debit the settlement accounts of institutions that receive fraud proceeds without due diligence, is a step Jegede welcomed. But he warned that it cannot work in isolation. “Without strong enforcement and shared intelligence, it will be a futile burden on financial institutions and merchants.”

Fraudsters do not respect institutional boundaries. They move across them, exploit the silence between them, and profit from the fact that no one is watching the whole picture at once.

The data has already shown what coordination can do. ₦26 billion saved in a single year when a shared infrastructure layer was finally switched on. The question now is whether Nigeria’s fintech industry is willing to build the infrastructure that makes it permanent, before the next coordinated network finds the next gap nobody thought to share.