Consider your case projects and conduct the following 

1. Identify the different sources of risks for the project

2.analyze the risks qualitatively and quantitatively 
3. Prioritize the risks based on the magnitude
4. Develop a risk response strategy 

1. Identify the different sources of risks for the project

Key risks in the current mobile money

landscape

However, aside from the many benefits this landscape offers, it is not without risk. And
for fintech companies and traditional banks looking to launch mobile money solutions,
there are numerous emerging considerations to maintain regulatory compliance and
data protection. Key risks in the current mobile money landscape include:

1. Regulatory Limitations & Uncertainty

Every region has a unique set of financial regulations that may impact the way mobile
money services are implemented and used. In some regions, there are no laws or
standards that regulate mobile money, which is a double-edged sword for companies in
the space. On the one hand, lack of regulation may make it easier to quickly launch
cutting-edge products and services; however, lack of regulation also creates a "wild
west" environment in which it is more difficult to understand and mitigate risk.
Conversely, providers may also encounter regions with strict regulatory environments
that stand as barriers to innovation. Navigating these dynamics from region to region
can be highly challenging and resource-intensive for providers looking to operate
globally.
2. Cross-Border Enforcement
Another issue arising from the variation in mobile money regulations between
jurisdictions is the impact it has on tracking and prosecuting illegal activity that takes
place across borders. For example, if a criminal moves money from one country to
another using a mobile money service, the provider and law enforcement will only be
able to track and recover funds and pursue action against the suspect if the activities
took place in countries with established laws and processes for enforcement. Without a
framework for cooperation in multi-national investigations, it will be difficult for parties to
coordinate any enforcement or remediation effort.

3. Fraud & Corruption

Reports  have emerged showing that the areas where mobile money is growing rapidly
7

are also areas with higher rates of corruption and organised crime syndicates. The
anonymity and speed mobile money services provide to users make them naturally
attractive to criminals for money laundering, illicit financing, and other illegal activities.
The Asian Development Bank coined the term "digital smurfing" to underscore the issue
of money launderers using mobile money services to move dirty money in ways that "do
not trigger financial transparency reporting requirements.

4. New AML & KYC Needs

Systems and workflow requirements for Anti-Money Laundering and Know Your
Customer are different in a mobile money context than they are for traditional financial
services. One of the reasons mobile money is helping promote financial inclusion is that
it enables consumers to use services without providing formal identification. Thus,
financial institutions launching a mobile money offering will need to update their KYC
and AML practices to find the right balance between protecting funds and preventing
illicit activity without excluding legitimate customers or delaying the transfer of funds.
Mobile Money (MoMo) Risk
Management
As the reach and impact of mobile money increases, so too do the demands placed on risk
management controls that underpin mobile money. In their quest for business growth, mobile
money providers and other users of their platforms, including banks, need to implement the
appropriate controls that strike an appropriate balance between risk management and other
business objectives. In the end, all stakeholders need to be prepared for the risks as they
emerge and put early warning mechanisms in place to identify and control illegal activities.

Prebuilt controls against anti-

money laundering scenarios
Mobile money services are currently being deployed in many markets across the world.
However, concerns have arisen that mobile money services can be used for money laundering
and terrorist financing (AML/CTF). Following the regularly accepted norms in the electronic
financial services, RAID for Mobile Money has been designed with control mechanisms to
assure a high level of Anti-Money Laundering (AML) and Know Your Customer (KYC)
monitoring capabilities to reduce the inherent risks of AML.

Protection against account

takeover based on SIM SWAP
SIM SWAP remains one of the main root causes of mobile money account takeover. After
obtaining personally identification information, fraudsters can proceed to swap the SIM card,
thereby gaining access to all the SIM services including mobile money transfer, mobile and
internet banking, in addition to any other service that can be accessed through the SIM. It’s
tough to detect SIM card fraud before it happens. Most victims discover they have been
compromised only after accessing their account balance. RAID:FMS reduces SIM Swap fraud
by providing a real-time check on the SIM during a transaction, using USSD (Unstructured
Supplementary Service Data) authentication.
Create a higher level of assurance
for subscription fraud
As part of the “Know Your Customer Controls” (KYC), one of the default control checks
performed by RAID:FMS for MoMo is the customer de-duping checks. Every time a new
subscription is requested, RAID:FMS for MoMo Fraud uses a rule-based approach centered
around profiling and fingerprinting techniques, combined with machine learning models, to
accurately distinguish between legitimate and fraudulent mobile money subscribers and to
identify anomalous activity in real-time. This not only reduces the risks for the MoMo provider
but also contributes to better customer experience by conducting the entire fraud review
process behind the scenes.

Partner/Dealers management risk

control
Money Laundering (ML) and Terrorist Financing (TF) by merchants poses an increased
risk to the system. Mitigation by way of enhanced initial and ongoing due diligence can,
however, substantially minimize this risk. The greatest risk of ML in the system is posed
by agents and retail partners who provide access to the payment service, allow the
loading of value onto the system, or undertake due diligence activities on behalf of the
payment service provider. This risk can be mitigated by Mobileum’s RAID, by enhancing
initial and ongoing due diligence and monitoring for compliance with obligations.

Revenue assurance controls to

mitigate risk in mobile money
Monitoring is critical to the success of risk management. As mobile money deployments evolve,
product offerings increase and customer bases grow, the associated controls will also need to
be reviewed to ensure on-going effectiveness. Ensure that proper controls are in place to
guarantee that all transactions occurred correctly, and there were no mistakes during settlement
processes, by monitoring the entire MoMo value chain, during the calculation of charges, taxes,
fees, and commissions.
Prebuilt controls for MoMo
internal fraud
Unfortunately, the role of the employee has become an area of increased focus for MoMo fraud;
with employees either acting in isolation as lone individuals or as one more weapon in a criminal
organization’s armory. What makes this internal fraud so devastating is that most incidents take
18 months to detect -- enough time to put a small company out of business or severely damage
the company reputation and employee confidence. Used in the right context, rules-based
validations specifically designed for internal fraud when combined with machine-learning
algorithms can create a holistic view, enabling MoMo providers to view abnormal behavioral
patterns, achieve more accurate assessment and detect internal fraud risks earlier.

Verify and confirm identity

documents in near real-time (KYC)
As part of RAID:FMS for Mobile Money, Mobileum offers a multi-layered authentication
approach for better fraud control and customer experience, through a partnership with a leading
online electronic identity verification (eIDV) platform. The document verification algorithms
perform checks to determine authenticity and legitimacy, as well as to ensure that a document is
not forged or altered, delivering an integrated identity validation check to better manage fraud
risk across the entire customer life cycle. The multi-layered, risk-based approach leverages
disparate data assets, intelligent analytics, predictive decision policies, and knowledge-based
authentication to protect your business and enable effective account opening, identity
verification, and regulatory compliance.

Stop Smishing and protect your

subscribers from fraud
Smishing messages can include a link to click on or a phone number to call. The call to
action is, of course, fraudulent, and it attempts to violate the recipient’s privacy by
handing thieves access to a subscriber’s bank balance or persuade them to make calls
to premium rate services. Combined with our Fraud Management Solution, Mobileum’s
SMS firewall can protect your subscriber customer base against several types of fraud
by performing contextual analysis between security and fraud management feeds.
 A tool for managing the
risks in Mobile Money
MoMo Agent Fraud & Assurance
The majority of mobile money fraud incidents happen at agents where cash and e-
money intersect. Monitor the agent’s network to avoid fraudulent activities.
 Commissions stretching/split withdrawals/split deposits
 Unauthorized access to customers’ transaction PINs
 Registration of customers with fake or non-existent KYC documentation

Money Laundering
Assure regulatory conformance, including anti-money laundering procedures. Utilize
regular and accurate AML reporting for following-up on suspicious activity.
 Customer profile building, including registration info (name, unique phone number, etc)
 Limits on the amount, balance, frequency and number of transactions Real-time
monitoring of frequency, restrictions and transaction amounts, as well as total account
turnover, in a given period

Internal Fraud
One of the biggest challenges of detecting, investigating and preventing employee fraud
is the fact that there are so many types of fraud and theft that require different methods
for discovery.
 Employees and fraudsters linking wrong mobile numbers to bank accounts
 Illegal transfers from business mobile money accounts
 Fraud on the settlement of charges
 2.analyze the risks qualitatively and quantitatively 

What are the risk associated with mobile banking?

7 Security Risks of Mobile Banking -- and How to Avoid Them
 Using a fake mobile banking app. ...
 Using your mobile banking app on public Wi-Fi. ...
 Not updating your phone's operating system or apps. ...
 Storing passwords and PINs on your phone. ...
 Using an easy password. ...
 Not password protecting your phone.

Here are four of the top risks associated with mobile banking:
 Mobile malware. Smartphones are nothing more than compact computers with an
operating system and software. ...
 Phishing & SMiShing. ...
 Mobile banking apps. ...
 Unpredictable user behavior.

Risks of Digital Money

 Fraudulent payments.
 Illegal payments.
 Internal manipulation.
 Data theft.
 Breach of embargos and sanctions.

Online banking via personal computers and mobile apps on cellphones has made banking
more convenient and accessible 24 hours a day. However, there are some downsides to
online banking. While these disadvantages may not keep you from using online services, keep
these concerns in mind to avoid potential issues down the road.

Technology and Service Interruptions

Anytime we use computers or internet service, we are at the mercy of the system's
stability and efficiency. Your ability to access accounts online will naturally be affected
if your internet service is running slowly or completely out for a period of time.
Similarly, if the bank's servers go down or are temporarily unavailable due to
scheduled site maintenance, you won't be able to gain online or mobile access to your
banking information.

Security and Identity Theft Concerns

In general, online banking sites and mobile apps are designed to be secure and banks
are continually putting updated security protocols in place. However, no system is
completely foolproof and accounts can be hacked, resulting in identity theft via stolen
login credentials. So while you can use mobile or online banking with general
confidence, be careful to avoid using networks that are not secure and be careful to
change passwords and protect your login information.

Limitations on Deposits
Daily or monthly mobile deposit limitations may make it difficult for individuals, but
especially businesses to make large deposits online. Once you have reached your
designated limit, you'll need to trek to a branch to deposit money. Also, not all types of
checks are easily read by computer scanning software. For example, business checks
that are handwritten and have a black line on the reverse side to make a carbon
record in an account register may be kicked out of the online deposit system, requiring
an on-site deposit.

Convenient but Not Always Faster

While it may take very little time to deposit a check via a bank's mobile app, you still
need to wait for access to your money. Online banking provides convenience in terms
of the amount of time saved in travel or waiting in line at a branch location, but all
deposits are reviewed and funds are released for access according to bank policy,
which may take up to three business days depending on the amount deposited.

Lack of Personal Banker Relationship

For the most part you may be able to handle your general banking needs by yourself.
Yet when problems arise if you don't have a personal relationship with a banker, it
might be more difficult to get your issues resolved. While online banking sites have
customer service departments, you often need to work your way through a phone tree
and wait on hold before speaking with someone who has no knowledge of your needs
or banking history. In contrast, a local banker is motivated to serve their customers
and strengthen their personal relationships.

A Limited Scope of Services

Although you can do quite a bit with an online bank account, such as make deposits,
check balances and pay bills, there are limitations to the kinds of services you can
access. You may be able to make an initial application for opening a new account or
applying for a loan or mortgage, but in most cases you will need to visit a branch to
sign forms and show identity documentation. Similarly, even though you can transfer
money to a checking account or debit card in order to make purchases, if you need
cash, you'll have to visit a branch office or a nearby ATM.

Potential to Overspend
The ability to check account balances in the spur of the moment could potentially
cause some people to overspend the limits of their checking accounts. Without a
careful look at your checkbook or record of uncleared debit transactions, the account
balance may not accurately reflect the true amount you have available. Overdrafts and
fees might occur if you don't keep close tabs on all your transactions.

3. Prioritize the risks based on the magnitude

To successfully prioritise and control the risk of fraud, mobile money operators need to understand their
risk appetite, which is a way of expressing what costs they would be comfortable to carry. Every risk will
have a cost, as will any control. A mobile money deployment that is more conservative may be inclined
to avoid risk and be more willing to accept slower growth or higher operational costs. Alternatively, a
deployment that is more focused on rapid expansion and innovation will be more open to accepting a
greater risk exposure. What is important is that mobile money managers and those responsible for
commercial growth have guidance on appropriate levels of risk when developing commercial strategies
or exploring new service offerings.