regulatory framework for curbing internet crimes

Report
REGULATORY FRAMEWORK
FOR CURBING INTERNET
CRIMES AND MONEY
LAUNDERING IN NIGERIA
Prof. Yemi Osinbajo, SAN
INTRODUCTION
 The global nature of the internet has created an environment
which allows criminals to perpetrate almost any illegal activity
anywhere in the world even without being physically present at the
locus of the crime.
 The most common form of internet crime is its use in the
commission of economic and financial illegalities.
 The Internet has been deployed by terrorists, particularly for
recruitment and the incitement of radical and dissident groups
against institutions and governments. This has posed a serious
threat to national and international security.
NIGERIA: REPUTATION
 NIGERIA IS WIDELY REGARDED AS THE SCAM
CAPITAL OF THE WORLD. ESPECIALLY BECAUSE
OF THE HIGH INCIDENCE OF ADVANCE FEE
FRAUD LETTERS ORIGINATING FROM NIGERIA.
REPUTATION V REALITY
FACTS TELL A DIFFERENT STORY
INTERNET SCAMS
TRACEABLE TO;

US………61%
 UK………16%
 NIGERIA…6%
THE ORIGINATORS:
The Crime Trail (FBI)
UNDERSTANDING
INTERNET FRAUD
UNDERSTANDING
INTERNET FRAUDS

1. Organize – Fraudsters work together, sharing skills, successes, and information,
allowing them to innovate faster and pool their resources for larger, more successful
attacks. Creation of Malware and apps happen here.

2. Advance –They reinvest their "earnings" to continually improve their techniques and
technologies. And they're very quick to adjust as soon as the banking community
demonstrates an ability to defeat one of their schemes.

3. Expand – Criminals are targeting more account holder touch points, including online
banking, mobile devices, and clients' ACH batch files.

4. Scale – They are moving away from single bank attacks and scaling their efforts to
reach thousands of banks, including community banks, by targeting banking platforms.

5. Evolve – Fraudsters are further adapting their approaches to compromise bank
employees to gain direct access to accounts and systems such as the FI's wire system.
NETWORK FEATURES
 Nigerian fraud operates at a retail level and has gained
notoriety because of the sheer numbers of scam emails
sent around the world. The reputational impact for
Nigeria is far worse than the actual contribution of
these acts to global internet criminality.
 Whereas Easter Europe is entirely responsible for
malware innovation and organised crime that attacks
the international financial system. Scale is monumental
running into hundreds of millions of Dollars annually
WHAT CONSTITUTES INTERNET
CRIMES
 Internet crime, computer crime, or cyber-crime is one of the fastest
growing types of illegal/criminal activities in Nigeria and
internationally.
 There are several types of internet crimes, many of which overlap.
The most common of the lot are:
 Phishing: This is where a potential internet criminal sends
fraudulent e-mails to a recipient or several recipients in an attempt
to trick them usually for the purpose of obtaining money from
them. These mails usually contain a ‘business proposal’
introducing one form of business venture or another to the
recipient. Elderly people have been said to be the most
susceptible to this type of internet crime.
419
 Section 419 of the Criminal Code Act criminalises obtaining
money by false pretenses.
 Section 311 of the Criminal Law of Lagos State, 2011
defines ‘false pretense’ as a representation, whether
deliberately, or recklessly, in writing or by conduct, which
representation is false in fact or law and which the person
making the representation knows to be false or does not
believe to be true.
 ADVANCED FEE FRAUD AND OTHER RELATED
OFFENCES ACT 2006
HACKING
 Hacking: This is similar to digital trespassing. A type of
malware criminality. It involves the infiltration of online
networks to illegally download confidential information,
manipulate functions, and in some cases, steal identities
that can be fraudulently used to purchase goods online or to
obtain money through other means.

 Section 385 of the Criminal Law of Lagos State criminalises
this conduct. Any act aimed at securing unauthorised access
to any program or data attracts a 2-year imprisonment term.
HARASSMENT
 Harassment: threats, sexual, bullying

 Section 262 of the Criminal Law of Lagos State, 2011
makes it an offense to sexually harass another person.
A 3-year imprisonment term is imposed on any
individual in breach of this provision.
 `
SEXUAL HARASSMENT
 The Section defines sexual harassment as an
unwelcome sexual advance, request for sexual favour,
and other visual, verbal or physical conduct of a sexual
nature.

 Internet stalking and harassment can be said to fall
within this definition of sexual harassment.
TERRORISM: ON-LINE
RECRITMENT


The internet has been used by various terrorist organisations and networks to
indoctrinate individuals, particularly youths, and recruit them into their rank and file.


Section 1 (2) (a) of the Nigeria Terrorism (Prevention) Act, 2011 defines terrorism as an
act which is deliberately done with malice aforethought and which may seriously harm or
damage a country or an international organisation.

 Section 3 of the Act criminalises any act that seeks to
procure any support to a terrorist organisation in its
bid to recruit new members.
TERRORISM

Section 2 (3) and 4 (1) provide that a person who belongs to a proscribed
organisation or renders support for an act of terrorism is liable on conviction to
imprisonment for a maximum term of 20 years.
 Section 13 obligates financial institutions to notify the
Financial Intelligence Unit within 72 hours of any suspicious
transactions relating to terrorism with the confidentiality of such
report strictly maintained at the pain of a minimum fine of N5m or
imprisonment for 5 years.


Internet recruitment of new members of terrorist organisations is covered under the above sections.
PREDATORS
 Sexual Offences Relating to Children:

 Pedophiles use the internet to procure children to engage in
immoral sexual activity with them.

 Section 135 of the Criminal Law of Lagos State, 2011 criminalises
unlawfully and indecently dealing with a child. This conduct
attracts a 7-year imprisonment term.

 Section 222 of the Criminal Code Act contains a similar provision.
MALWARE CRIMES
 Malware, short for malicious software, is software
used to disrupt computer operation, gather sensitive
information, or gain access to private computer
systems. It can appear in the form of code, scripts,
active content, and other software. 'Malware' is a
general term used to refer to a variety of forms of
hostile or intrusive software.
Malware (contd.)
 Malware include
 computer
viruses,
ransomware,
worms,
trojan
horses, rootkits, keyloggers, dialers, spyware, adware,
malicious BHOs,rogue security software and other malicious
programs; the majority of active malware threats are usually
worms or trojans rather than viruses.
 In law, malware is sometimes known as a computer
contaminant,
as
in
the
legal
codes
of
several U.S. states. Malware is different from defective software,
which is a legitimate software but contains harmful bugs that were
not corrected before release.
 Eastern Europe features heavily as source of most malware
creation activities.
MALAWARE ATTACKS
 Distribution of malwares and viruses into computer
softwares
 Section 388 of the Criminal Law of Lagos State prohibits the
unauthorised modification of computer data with intent to
impair the operation of the computer or hinder access to any
program on it.
 The Section prescribes a 5-year imprisonment term for a
person who defaults under the Section.
MONEY LAUNDERING
 What Is Money Laundering?
 Money laundering is or servicesthe process of concealing money,
either intentionally or by merely using financial systems that do
not identify or track its sources and destination.
 The Anti-Money Laundering/Combating Financing of Terrorism
Regulations, 2009, defines Money Laundering as the process
whereby criminals attempt to conceal the origin and or ownership
of money, property and other assets that are or were derived from
a criminal activity or activities.
THE LEGISLATION
 The Money Laundering Prohibition Act (MLPA), 2011 is the
directive as imposed by the Anti-Money Laundering (AML)
framework that prohibits the laundering of the proceeds of
crime or illegality anywhere in the world.
 By virtue of Section 1 of the Act, for financial institutions, any
transaction in excess of N5 million in the case of an
individual (previously N1million) and N10 million in the case
of a body corporate (previously N5million) shall be disclosed
to the Nigerian financial Intelligence Unit for onward
transmission to the appropriate government office.
TYPES OF MONEY
LAUNDERING
 Types of Money Laundering;
 Limitation on amount of cash payment: Section 1 of the
Money Laundering Act, 2011.
 Concealing money, either intentionally or by merely
using financial systems or services that do not identify
or track its sources and destination.
METHODS OF MONEY
LAUNDERING
 Methods of Money Laundering
 Trade-based laundering: This is the process of under or overvaluing invoices to disguise the movement of money.
 Cash Intensive Businesses: By using this method, a business
typically involved in receiving cash uses its accounts to deposit
both legitimate and criminally derived cash, claiming that all of it is
legitimate earnings. Service businesses usually adopt this method
as they have no variable costs and it is hard to decipher
discrepancies between revenues and costs.
METHODS

Structuring: This is also known as smurfing. With this method, cash is broken down into
smaller deposits to evade suspicion of money laundering. A sub-component of this is to
use smaller amounts of cash to purchase bearer instruments, such as money orders,
and then ultimately deposit those again in smaller amounts.

Round-tripping: Using this method, money is deposited in a controlled foreign
corporation offshore, usually in a tax haven where minimal or no financial records are
kept, and then shipped back as a foreign direct investment which is exempt from
taxation.

Bank capture: Here, money launderers buy controlling interests in a bank in a
jurisdiction with weak money laundering controls and then move the money through the
bank without any scrutiny or detection.

METHODS
 Bulk cash smuggling: This is a very common method of
money laundering. The money launderer physically
smuggles money to another jurisdiction and deposits it in a
financial institution, such as an offshore bank where there
are weak or minimal money laundering controls.
 Casinos: In this method, an individual walks into a casino
and pays for chips, plays for a while, and then cashes in the
chips, taking payment in a cheque, or just getting a receipt,
claiming it as gambling winnings.
Legislative framework
 MONEY LAUNDERING PROHIBITION ACT 2011
 TERRORISM (PREVENTION) (PROHIBITION) ACT 2011
 CBN KNOW YOUR CUSTOMER CIRCULARS
ESPECIALLY THE LATEST AUGUST 2012 WHICH ALIGNS
ALL EXISTING LEGISLATION AND THE REVISED
FINANCIAL ACTION TASK FORCE(FATF) 40
RECOMMENDATIONS.
 ADVANCED FEE FRAUD AND OTHER FRAUD RELATED
OFFENCES ACT 2006 (SEC 7) EFCC,(17&18) ICPC AND
NDLEA ACTS
PROVING INTERNET
CRIMES
COMPUTER-GENERATED
EVIDENCE COULD
INCLUDE……

EMAILS

INSTANT MESSAGING AND HISTORIES

PHONE RECORDS AND LOGS

ATM TRANSACTION LOGS

PRINT- OUTS

SPREADSHEETS

INFORMATION ON SOCIAL MEDIA; FACEBOOK , TWITTER

VIDEOS – YOU TUBE

DIGITAL PHOTOGRAPHS

DVDS CDS

FILES SAVED FROM ACCOUNTING PROGRAMS
CHECK-LIST FOR
GATHERING,ADMISSIBILITY
AND WEIGHT
 RELEVANCE +( LARGELY DETERMINED BY THE
EVIDENCE ACT 2011)- SECTION 1 EA 2011
 IS IT A DOCUMENT?
 WAS IT PROPERLY OBTAINED?
 HEARSAY OR DIRECT EVIDENCE
 ORIGINAL OR COPY
 CONDITIONS PRECEDENT: RELIABILITY CERTIFICATE
 WEIGHT – SECTION 34 EA
IS IT A DOCUMENT?
 FOR COUNSEL THE CRUCIAL QUESTION IN
KNOWING WHAT RULES TO APPLY IS WHAT TYPE
OF EVIDENCE IS THE PARTICULAR E-EVIDENCE?
E.G
 IS AN EMAIL BEFORE BEING PRINTED OUT A
DOCUMENT?
 IS A DVD OR CD A DOCUMENT?
 IS A POSTING ON FACEBOOK DOCUMENTARY?
WHAT IS A DOCUMENT
 SECTION 258 EA: “includes:
 ….any disc, tape, sound track,or other device in which
sounds and other data( not visual images) are
embodied so as to be capable of being reproduced.
 Any film, negative, tape or other device in which one or
more visual images are embodied
ANY DEVICE BY WHICH INFORMATION IS
RECORDED, STORED OR RETRIEVABLE INCLUDING
COMPUTER OUTPUT.- PHONES, IPADS
WHAT IS A COMPUTER
 S. 258 of the Evidence Act 2011
:
“Any device for storing and processing information, and
any reference to information being derived from other
information is a reference to its being derived from it by
calculation comparison or any other process.”
*** PHONES, IPADS, ANDROIDS, MANY ELECTRONIC
HAND HELD DEVICES QUALIFY
Computer - Generated
Documents
 RELEVANT STATEMENTS IN DOCUMENTS
PRODUCED BY COMPUTERS ARE
ADMISSIBLE SUBJECT TO CONDITIONS
PRECEDENT BEING MET, ( S. 84 of the
Evidence Act of 2011). THIS PROVISION
APPLIES TO EMAILS, TEXT MESSAGES,
POSTINGS ON FACEBOOK, TWITTER ETC
WAY FORWARD
 Developing an institutional structure to fight internet fraud.
A Cyber Security Secretariat which advises the government
on issues regarding internet policies and development.
 Enforcement of relevant internet banking regulations which
can operate to clamp down on internet related fraud and
money laundering activities.
 Collaborating with international institutions and bodies on
cyber crime and internet terrorism.
CYBERCRIME WORKING
GROUP- GET TO WORK!
 In 2003, the Nigerian Cybercrime Working Group (NCWG) was
inaugurated under the Chairmanship of the Attorney-General of the
Federation and Minister of Justice. The NCGW, which is still awaiting
legal recognition, has as its members all key law enforcement,
security, intelligence, ICT agencies of the government including the
Economic and Financial Crimes Commission (EFCC), the Nigerian
Police Force (NPF), National Security Adviser (NSA), Nigerian
Communications Commission (NCC), Department of State Services
(DSS), National Intelligence Agency (NIA), Nigerian Computer Society
(NCS), Nigerian Internet Group (NIG), Internet Services Providers’
Association of Nigeria (ISPAN), National Information Technology
Development Agency (NITDA), and individual citizens representing
public interests. The Group is expected to handle cybercrime and
cyber security matters, and coordinates enforcement, investigation as
well as prosecution, with other law enforcement agencies in the
country.

similar documents