The global financial services ecosystem is still grappling with the technology disruption being introduced by the evolution and adoption of financial technology (FinTech) solutions. A major impact of the Fintech disruption is the accelerated digitalization of financial products and services and the emergence of new business models challenging the traditional financial services providers for the new dynamic market. Undeniably, these changes are being accompanied by diverse kinds of risks amid the benefits associated with Fintech adoption. Nigeria, as the largest economy in Africa, is not exempted from this development with significant investment in Fintech over the last decade and witnessing a remarkable growth annually. This paper is designed to empirically identify the leading factors that portend risks to Fintech adoption in the Nigerian financial services industry. The overall purpose is to offer an empirical study of the potential risks of Fintech adoption in the Nigerian financial services industry for consideration among the industry players towards the design and implementation of their digital strategy projects. The methodology employed includes qualitative research through a review of previous works, and quantitative research through an online survey. The outcome has shown that, while there were several risks embedded in Fintech adoption in Nigeria, certain risk factors were taking the lead as an indication of the peculiarity of the Nigerian financial market. The paper concluded by proposing a risk management framework that could be domesticated by the operators.
Traditional financial institutions are being transformed globally through a new wave of technology diffusion and product innovations. The industry is rapidly adjusting to a redefined financial market landscape occasioned by the entrance of financial technology firms known as FinTech. A basic definition of Fintech, according to Coetzee (2019) is, “The use of technology in the provision of financial services and focuses specifically on disrupting the modus operandi of particular banks.” Fintech refers to technology-driven entities that enable financial innovations resulting to new products, services, processes, applications, and business models with associated material impacts on the financial market, financial institutions, service provision modes (Wang et al., 2020). Literature has revealed the reality of technology disruption of the financial services industry globally (Coetzee, 2019; Kola-Oyeneyin et al., 2020; Ojo & Nwaokike, 2018; Wang et al., 2020). Rather than ignore the disruption, financial institutions across the globe are responding by redefining their digital business strategies to accommodate Fintech integration to enable new products, innovative services, with contemporary business models that suit the digital aspirations of their customers. Nigeria’s Fintech investment has continued to leap exponentially with over $600 million garnered over the last five years, and more than 200 Fintech firms already thriving as standalone companies (Kola-Oyeneyin et al., 2020).
Like any technology derivative, Fintech has offered a lot of benefits to the financial services providers and consumers alike, but not without its attendant risks. Hence, the disruption has impacted the financial ecosystem with both benefits and challenges to be contended with by minimizing the risks and reinforcing the benefits (Razzaque et al., 2020; Wang et al., 2020). Also, it has been argued that irrespective of the perceived risks of Fintech, convenience or ease of use, which are its key benefits, would always influence a user's attitude to its use (Meyliana et al., 2019).
Risks associated with Fintech adoption are largely driven by events common to digital technology solutions and platforms on one hand, and the financial market on the other hand. This paper is premised on an empirical study of the risk drivers that could emanate from Fintech adoption in Nigerian financial institutions, and an assessment of their crystallization probability. Both qualitative and quantitative research methods have been employed to support this paper. The structure of the paper presents, after the introduction in Section 1, the literature review in Section 2 while the methodology is explained in Section 3. The findings were discussed in Section 4 and proceed to Section 5 where a proposed risk management framework was presented. This paper ended with a conclusion in Section 6.
The reality of risks associated with digital technologies has validated the potential risk prevalence in Fintech solutions, which are grossly driven by digital technologies and platforms. It has been argued that, although Fintech has continued to gain acceptance of users globally, its adoption is accompanied by a considerable amount of risks that the customers could be exposed to (Keong et al., 2020). As Fintech is receiving increased participation in banking, leading to more transformation of traditional banks into digital banks, it is imperative on the operators and regulators to establish a proper mechanism for effective risk management that is capable of raising users’ confidence and instil trust in the system. The general outlook of a digital bank relative to the various risk types is depicted in Figure 1
Findings on Ukrainian Fintech market have shown that legal and regulatory environment, reluctance in Fintech adoption by traditional banks, lack of open application programming interfaces (APIs) among the banks, and paucity of funds for Fintech operators are the main risk drivers constituting challenges to Fintech development (Sloboda & Demianyk, 2020). The case is similar to South African banks notable of being conservative and risk-averse to Fintech adoption due to the inherent risks associated with Fintech. However, an act of balancing that would ensure that Fintech's benefits outweigh the risks is required to enable banks to positively impact the emerging market through Fintech adoption (Coetzee, 2019).
An additional risk area is the sharing of intellectual property among the parties involved in alliances for Fintech adoption. According to a report, this has often led to misfortune as there were cases where ideas are shared in confidence only to find out that the in-house IT team has built something similar to those ideas (Sloboda & Demianyk, 2020). Cases of this nature are often handled by legal instruments like the non-disclosure agreement signed into by all parties in the alliance.
In consideration to the prevailing risks in Fintech adoption, banks have been advised to be cautious and at alert to the negative impacts of Fintech development and create necessary measures of control without losing sight of the importance of Fintech integration for the long-term stability of the banking industry through new products and services, business processes, and innovative business models (Wang et al., 2020).
The probability that a customer would incur financial losses in financial transactions conducted using Fintech is referred to as financial risk particularly when these losses would have been avoided if the same transactions had been conducted on a conventional platform (Keong et al., 2020; Razzaque et al., 2020). Financial risk can also be incurred by the financial service provider thereby distorting the operating budget of the firm. An example of a financial loss according to Khalil and Alam (2020) is when the process of launching a Fintech service has taken a longer time than planned thereby translating to an increase in the total cost of implementation. The prevalence of financial risk has heightened due to the nature of digital technology employed by Fintech, which could lead to recurrence in financial losses driven by electronic fraud (e-fraud) (Keong et al., 2020). These authors also listed other causes or drivers of financial risk as factors related to budgetary exchange framework, currency misrepresentation, and additional exchange fees that accompany the preferred value.
Razzaque et al. (2020) declared that “Legal risk obtains under circumstances in which technology outpaces regulation such that regulatory gaps manifest.” Financial institutions globally are strictly regulated by the governments following the extant laws of the individual jurisdictions. For instance, in Nigeria banks are regulated by the Central Bank of Nigeria (CBN) and the Nigeria Deposit Insurance Corporation (NDIC). Other financial institutions like the pension funds administrators, insurance firms, mortgage institutions, and the stock market have their respective regulators to ensure the stability of the industry and protection of the consumers.
Legal risk constitutes the possibility of a financial institution violating the legal and regulatory guidelines or prevailing standards of operation as provided by the industry regulators thereby exposing the firm to legal actions and imposition of fine (Khalil & Alam, 2020). Fintechs, on the other hand, are loosely regulated and the only measure being employed in some countries like China and UK is the establishment of sandboxes that ensure adequate proofing of Fintech products before they are launched to the market (Keong et al., 2020; Ojo & Nwaokike, 2018). Keong et al. (2020) cited an example of how legal risk is controlled in Malaysia, where the apex bank, the Bank Negara Malaysia (BNM) enforces a framework to test and ensure that every Fintech solution guarantees data security and privacy and safeguards of the country's financial system before rollout.
Fintechs are characterized by small, dispersed and closely interconnected companies, notable of weak internal control, poor governance structure and inadequate prudential regulation, yet engaging in risk-taking behaviours (Yuan & Xu, 2020). Adoption of Fintech in banking, therefore, requires an appropriate regulatory alignment that could guarantee a business model devoid of regulatory contraventions. Yuan and Xu (2020) further observed that, although Fintech evolved based on advancement in technology aimed at revolutionizing the financial industry, regulatory laws would play a key role in the risk governance of Fintech, and this could mean that the legal system would place some restraints on the scope and degree of Fintech innovation. Lack of comprehensive guidelines and inexplicit legal status that characterize Fintech operation is a legal risk (Keong et al., 2020). In that light, Yuan and Xu (2020) suggested implementation of legal governance that offers a comprehensive legal system for effective control of the various risks associated with Fintech innovation to achieve a balance between technological innovation and risk prevention to enable the right environment for the healthy development of the Fintech industry.
Exposure of or loss of control over customers’ personal information, trade secrets and other confidential information could amount to a potential loss known as a security risk (Keong et al., 2020; Razzaque et al., 2020). This could consequently result in information theft and degradation of integrity, privacy, confidentiality, authenticity and accountability of information (Razzaque et al., 2020). Security risk in the context of Fintech is closely related to risks associated with digital technologies due to the heavy deployment of digital components in Fintech solutions and platforms. Digital security threats like hacking, phishing, virus and e-fraud could exploit vulnerabilities in digital systems to active certain risk crystallization. However, findings have shown that perceived security risk has not hindered the use of Fintech solutions significantly (Keong et al., 2020). This is not unconnected with the advancements in security solutions like encryption, multi-factor authentication systems, digital certification, etc. that have provided increased user confidence and minimized the significance of security impact on user's intention to use Fintech.
Operational risks are motivated by internal factors that can be dimensioned into three categories - people, processes and systems in line with Basel II framework of operational risk (OR) definition within the context of Fintech (Khalil & Alam, 2020). People, processes and systems are critical elements of production and product development in any organization such that a weakness or vulnerability presented by any of these elements could result in crystallization of a risk. Table 1 explains the relationship between the risk driver categories and triggering events of operational risk.
Risk crystallization is a factor of availability of threat and vulnerability in the operation of a firm. Operational risk has been defined as the likelihood the losses are incurred as a result of failed or inefficient products, services, processes, systems, people, or business models motivated by internal or external events (Keong et al., 2020; Khalil & Alam, 2020; Razzaque et al., 2020). Therefore, financial transactions would be safe when Fintech solutions providers can produce financial products and services in an operative environment free of threats and/or vulnerabilities. Keong et al. (2020) further expressed that, “Operational risk in FinTech context refers to the possible misfortune caused by defects or failures of internal processes, people and frameworks.”
Both qualitative and quantitative research methods have been employed in this paper to achieve the stated purpose. Through an extensive literature review, a study of previous works was conducted to extrapolate theories and establish a conceptual framework around associated risks of Fintech adoption in the financial services industry with a global viewpoint and Nigeria’s perspective particularly. The qualitative analysis helped in the discovery and discourse of the various risk types and categories of operational risk with their relationship to Fintech adoption and consequential disruptions of the financial services ecosystem.
Field research was conducted on the subject matter through an online survey designed to capture primary data from the sample population of over 300 in size. The survey was administered for six weeks and a total of 188 responses were collected with a completion rate of 83%. The respondents cut across various levels of educational background and professions/industries. However, deliberate attempts were made to ensure that participants from relevant professions and industries were targeted in the survey. These included participants from banking and finance, Fintech, information technology, and consulting professions or industries, which were considered to be the key respondents to the survey’s subject matter. Figure 2 shows the distribution of the professions/industries of the respondents. From the 188 responses, 36.70% came from the banking and finance sector while 22.34% were collected from information technology (IT) sector. 5.85% was received from Fintech sector while consulting polled 9.04%. These amounted to a combination of 73.93% of the total responses gathered, which are from the key sectors identified as most relevant to the subject matter.
As designed in the survey, nine risk drivers that featured in the literature review were focused to capture participants’ ratings of their likelihood to portend risk crystallization in Nigerian financial industry as a result of Fintech adoption. The risk drivers are listed below with each risk driver (RD) assigned a numeric code:
Using a 5-scale Likert scale to rate the risk drivers, the participants were requested to “Rate the likelihood of the following [listed above] factors that portend risks to Fintech adoption in Nigeria”. However, only 156 participants responded to this question as 32 participants skipped it. The outcome of their responses is shown in Figure 3 .
The 5-scale Likert rating design provided for a scoring range between 1 (Very Low) and 5 (Very High) with a regular gradation between scale points to enhance objectivity across the items rated. The respondents’ ratings produced the statistics shown in Table 2.
The statistics in Table 2 show that all the risk factors had a Weighted Average (WA) above Medium (3) and below High (4), meaning that the respondents believed that none of these risk factors had a high probability of crystalizing or portend risk to Fintech adoption in Nigeria. However, WA above 3 is an indication of a minimal probability of the risks crystallizing.
Table 3 presents additional information for better assessment of the ratings, the Median and Standard Deviation (SD). The SD can enable us to attest the uniformity of agreement among the respondents in their ratings. The smaller the SD value the more uniform the agreement among the respondents. Furthermore, the Median value has assigned to each Mean (or WA) value the scale point to which it is closest. Hence, in Table 3 two categories can be seen – risk drivers with Median value of 3, and those with a Median value of 4. In that line, RD04, RD08 and RD09 each had a Median value of 3 placing them on Medium (3) crystallization probability, while RD01, RD02, RD03, RD05, RD06, and RD07 each had a Median value of 4 (High) crystallization probability.
Furthermore, comparison of the Weighted Average (WA) has shown that ‘cyber-security’ (WA = 3.92; SD = 1.10) was the leading risk driver in Fintech adoption in Nigeria, while ‘limited number of incubators and sandboxes for startups’ (WA = 3.38; SD = 0.99) took the last position. This result conforms with a previous finding that showed that although security risk in Fintech adoption is real, it has not hindered users’ decision to adopt Fintech, partly because advances in technology has enabled security solutions like encryption, multifactor authentication, token, etc. to provide a good level of comfort to users of Fintech solutions (Keong et al., 2020). On the other hand, a limited number of incubators and sandboxes for Fintech may not affect Fintech’s growth in Nigeria as that may never crystalize to a risk. Hence, investment in Fintech has continued to grow exponentially in Nigeria regardless of the risk drivers highlighted. Findings have shown that financial consumers grew their Fintech penetration by 54% over the past six months (Kola-Oyeneyin et al., 2020).
Regardless of the risk type, the principle of risk management is constant, which involves identifying and minimizing the threat and the vulnerability that combine to activate risk crystallization. Figure 4 gives the risk crystallization formula in graphical form.
Risk crystallization is a factor of realized threat (T) and vulnerability (V) as shown in Figure 4. Therefore, risk management should be designed to achieve a zero potential value of either the threat or vulnerability component to achieve a zero risk crystallization. Arithmetically, risk crystallization scenarios can be expressed using the risk formula thus,
Scenarios depicted in equations (i) and (ii) would result in a zero crystallization of risk since one of the multipliers (threat or vulnerability) was reduced to zero. Conversely, the scenario (iii) would result in crystallization of the risk because the multipliers were non-zero, indicating the existence of both threat and vulnerability. For a risk to crystalize there must be an existing vulnerability to be exploited by a threat.
Given the reality of risks associated with Fintech adoption and the fact that Fintech has come to stay and redefine the landscape of Nigerian financial services market, a risk management framework designed to promote stability of the emerging digital banks is recommended. Digital banks would not only need to continue contending with known risks, but they would also learn to deal with new ones that would materialize in the course of feedback received from customers, and discovery of nascent risk drivers that are resulting from emerging technologies and market dynamics.
Because of the importance of regulation and legislation to the financial industry, an ideal framework must have regulatory input embedded in it. Regulation must be specifically designed to sanitize and stabilize the Fintech sector and standardize operators’ activities to create a viable environment for Fintech integration in banking. Figure 5 depicts the proposed risk management framework.
Fintech adoption has accelerated transformation in the banking sector and financial services industry in Nigerian banks generally. Traditional banks are increasingly becoming digital by integrating Fintech in their digital business strategies. Although, the development is revolutionary and has generated wide acceptance among the financial consumers, there are attendant risks with Fintech adoption.
In this paper, qualitative and quantitative research methods have been employed to study the risks associated with Fintech adoption in Nigerian banks. It has been empirically shown that all the risk drivers identified in this study had crystallization probability ranging from medium to high. Six out of the nine risk drivers tested quantitatively had high crystallization probability while the remaining three indicated medium crystallization likelihood. Operators and regulators in the banking and financial institutions ecosystem are advised to take cognisance of this outcome for alignment in their risk management processes.
Therefore, a risk management framework has been proposed for Fintech adoption to enable a more conducive environment for bank digitalization in Nigeria through Fintech adoption. This would permit the emergence of more secure and stable financial services industry that is capable of driving the new market and the larger digital economy.
Coetzee, J. (2019). Risk aversion and the adoption of Fintech by South African banks. African Journal of Business and Economic Research, 14(4), 133–153. https://doi.org/10.31920/1750-4562/2019/14n4a6
Keong, O. C., Leong, T. K., & Bao, C. J. (2020). Perceived Risk Factors Affect Intention To Use FinTech. Journal of Accounting and Finance in Emerging Economies, 6(2), 453–463. https://doi.org/10.26710/jafee.v6i2.1101
Khalil, F., & Alam, H. M. (2020). Identification of Fintech Driven Operational Risk Events. Journal of the Research Society of Pakistan, 1(57), 75–87. http://pu.edu.pk/images/journal/history/PDF-FILES/6_57_1_20.pdf
Kola-Oyeneyin, E., Kuyoro, M., & Olanrewaju, T. (2020). Harnessing Nigeria ’ s fintech potential. McKinsey & Company, September.
Meyliana, M., Fernando, E., & Surjandy, S. (2019). The Influence of Perceived Risk and Trust in Adoption of FinTech Services in Indonesia. CommIT (Communication and Information Technology) Journal, 13(1), 31. https://doi.org/10.21512/commit.v13i1.5708
Ojo, O. V., & Nwaokike, U. (2018). Disruptive Technology and The Fintech Industry In Nigeria: Imperatives for Legal and Policy Responses. 9(3).
Razzaque, A., Cummings, R. T., Karolak, M., & Hamdan, A. (2020). The Propensity to Use FinTech: Input from Bankers in the Kingdom of Bahrain. Journal of Information and Knowledge Management, 19(1), 1–22. https://doi.org/10.1142/S0219649220400250
Sloboda, L. Y., & Demianyk, O. M. (2020). Prospects and Risks of the Fintech Initiatives in a Global Banking Industry. The Problems of Economy, 1(43), 275–282. https://doi.org/10.32983/2222-0712-2020-1-275-282
Wang, R., Liu, J., & Luo, H. (2020). Fintech development and bank risk taking in China. European Journal of Finance, 0(0), 1–22. https://doi.org/10.1080/1351847X.2020.1805782
Yuan, K., & Xu, D. (2020). Legal Governance on Fintech Risks: Effects and Lessons from China. Asian Journal of Law and Society, 7(2), 275–304. https://doi.org/10.1017/als.2020.14
Article written by Benjamin Alao, student of LIGS University.