Future Proof SACCOs for Future Uncertainties

While every industry has its own unique challenges and opportunities, SACCOs have in the last few years steadily embarked on digital transformation strategies as key drivers of their movement’s performance.

Considering that digital promises are emerging as the defining trend of the future following the shift from the era of bricks to the era to the clicks, SACCOs have a reason to enhance their cyber security capacity through increased collaboration in the realm of cyber security said sector experts during the recent virtual premier SACCOTECH Forum 2020 organized by CIO East Africa.

In a session moderated by Aprille Moraa, Managing Director, Infosphere Limited, themed Future-Proofing SACCOs for Future Uncertainties, Juan Rodriguez, EMEA Sales Director, Digital Identity Area, Entrust Datacard, Munir Njiru, General Manager, Konvergenz Network Solutions, Dr. Bright Mawudor, Head of Managed Security Services, Dimension Data (MEA), Weever Mbakaya, Founder, Sarami Africa and Abdulrazaaq Adan, ICT Manager, Stima SACCO asserted that security shall no longer be an individual’s responsibility.

“Digital security calls for concerted effort,” quipped Munir adding that unless SACCOs start their cyber security journey as they embark on the digital strategies to enhance internal capacities and members experience then cyber security poverty lines are bound to ground.

Themed, Accelerating Automation for Socio-Economic Development the virtual SACCOTECH Forum brought together deposit-taking SACCOs stakeholders comprising; the policy makers, the industry regulator, the leadership of SACCOs ranging from CEOs, CIOs/ Heads of ICT and Chief Finance Officers to explore how technology can continue to strengthen, catalyze and meet the needs of the next generation SACCOs in the quest of harnessing socio-economic development.

Unprecedented Times

Hosted during these unprecedented times, the forum reflected on previously unimaginable services that are now emerging as a reality in the journey of keeping up with the pace of the rapidly changing financial services industry to cope with the customer/SACCO membership demands that require technological interventions, sustained innovations and secure processes to uphold the cooperators digital ecosystem.

According to recent findings by Africa Cyber Security, over 95 percent of organisations within Africa operate below the cybersecurity poverty line. The Cybersecurity Poverty Line means the point below which an organisation cannot effectively protect itself against losses to cyber-attacks.

Adan noted that since it had become clearer that SACCOs are now a lucrative target for attackers and therefore stand to lose the most with the recent increase in cyber threats, it is time the organisations accelerated the journey of their enterprise’s cyber security posture.

SACCOs Back-end & Front-end

SACCOs generally have adopted a two tier architecture that characterizes their operations. To use technical terms, there is a front end and a back end. The front end is what is called Front Office Services Activity (FOSA) – a system which performs banking activities for the SACCO.

This is largely the front end used by customer-facing SACCO employees to give service to customers. The FOSA has been extended to offer internet banking, mobile banking, automated teller machines (ATM) as well as agency services. The back end is what is called the Back Office Activities (BOSA). This includes membership management, general ledger among others.

Other non-core modules are extended on top of BOSA such as human resource (HR) and payroll management, inventory management as well as document management. The FOSA and BOSA make up one monolithic application that is meant to run the SACCO.

On this account, the panelists were concerned of the level of exposure and vulnerabilities to attacks that ideally should be at the top of the minds of the SACCO boards.

Rodriguez laid empahsis on trusted identity and secure transactions solutions and noted that it is time that the SACCOs have an opportunity to work with the security expertise and best-in-class hardware security modules (HSMs) to extend their leadership position and create exciting, new offerings for members.