The financial system of Lesotho has experienced prevalence of financial fraud owing to identity fraud particularly in the micro finance and banking sectors according to the Suspicious Transactions Reports (STRs) filed since the first quarter of 2024. This trend necessitated focus of attention first, on the areas of financial sector affected and second, the modus operandi adopted by the perpetrators. The focus led to extensive monitoring, analysis and stakeholder engagement that demystified the circumstances under which the fraudulent transactions are conducted, the vulnerabilities of the processes involved and the potential risks on both ends of the transactions namely loan application and commercial bank beneficiary account receiving disbursed loan.
Following the conduct of analysis and stakeholder engagement, two major risks affecting the sector were identified namely, verification of identity documents at onboarding of customers and validation of contra accounts’ number and name when disbursing and effecting loan transactions from micro finance through commercial banks. A strategic report was shared with micro finance advising them to validate the bank accounts and names preferred for loan disbursement from money lenders and demanding account confirmation from loan applicants.
The continuing prevalence of fraud incidents of this nature following the issuance of strategic analysis report has demonstrated that there is still another hurdle to overcome, and this has been established to lie with the process of verification during onboarding on both ends. This Report navigates through the currently available verification process where institutions are allowed access by the custodian of the national identity database namely the NICR to verify national identification documents and the dependability of the process’ resources relative to the attributes of the identity document that the NICR avails to users for verification. During the stakeholder engagements some reporting entities disclosed that the availed portal does not show all particulars of an identity document namely faces, names, date of birth, identity card number and serial number and security features. The conclusion drawn is that any viewing rights short of anyone of the attributes of a valid identity document renders the verification process vulnerable thus opens floodgates for its exploitation by unscrupulous customers.
INTRODUCTION
1.1 The enabling law namely the Money Laundering and Proceeds of Crime Act of 2008 as Amended, Section 15 thereof, establishes and empowers the Financial Intelligence Unit (FIU) to receive, analyse, and disseminate disclosures of financial information to investigatory authorities. During the analysis of reported STRs, the FIU is expected to identify prevalent trends and typologies of predicate offences leading to commission of money laundering offence. The Unit is thus mandated under this enabling Section to identify trends and typologies and craft recommendations advising affected reporting entities, regulators, and law enforcement agencies so that they can mitigate the risks they are exposed to, such as the identity fraud in question.
ANALYSIS
2.1 The high influx of STRs from Micro-finance institutions, received by the FIU based on identity fraud triggered specific attention aimed at countering this prevalent menace. The analysis conducted unpacked that the Know Your Customer (KYC) documentation submitted towards the loan applications to the money lending entities, were fraudulent Lesotho identity documents, bank statements, payslip for proof of income and account names that do not match the account preferred for disbursement of the loan funds. This means that the whole KYC particulars are misrepresented by the loan applicant thus misleading and defrauding both the bank and money lenders that rely on their authenticity because in some instances even the bank accounts were opened using fictious KYC documents including identity documents.
2.2 The analysis conducted by the Unit discovered that the scourge of this fraudulent enterprise has spread to the banking industry as well whereat it was discovered that the process of verification of KYC documents especially identification documents is severely compromised during onboarding process. The proper functionality of the process of verification involves the National Identification and Civil Registry (NICR) availing the viewing rights of their national identity documents database upon proper arrangements between the NICR and a rightful reporting entity that wishes to view the data base for the purpose of verification of national identity documents submitted to them for the purpose of identification. It had been determined that not all money lenders nor banks have access to the system neither does the system function perfectly where it has been secured. This has been identified as the largest contributor to prevalence and high success rate of this fraud.
2.3 The analysis conducted found that the misrepresentations are committed in multiple ways including replacing photos of faces appended on the identity documents such that the face of the person submitting the required onboarding documents matches the face appended on the fictitious identity document thus deceiving the on-boarder. In other cases, the identity document is a complete make-up such that on authentication with the NICR it is deduced that they are unknown to the NICR system and database. The analysis conducted encountered two such identity documents and they are ID#038107161656 bearing the names of Moorosi Richard Sid Harding and ID#018194127832 bearing the names of Mokemane Mara that have been proven complete make up.
2.4 More to the quandary is that some fraudulent identity documents bear legitimate serial numbers which accounts for the pilferage of unprinted identity documents stock at the Ministry of Home Affairs where identity documents are produced. Reliable information obtained during analysis points to pilferage of identity documents by the Ministry’s officers and their sale to fraudsters who use them to defraud banks and money lenders among others. The following is a tabular presentation of NICR authenticity results on some identity documents used to commit fraud:
|
ID # Status |
Identification Name |
Identification Number |
NICR Verdict |
|
Made up |
HARDING MOOROSI RICHARD SID |
038107161656 |
Made up (not in NICR system) |
|
Made up |
MARA MOKEMANE |
018194127832 |
Made up (Not in NICR system) |
|
Legitimate ID # |
LEKOETJE MAKHALA JULIA |
032114265220 |
Different face on the ID |
|
Legitimate ID # |
MOTS’OARI PESUOE NATHNAEL |
043296170125 |
Different date of issue, picture blurry |
|
Legitimate ID # |
MOTHIBELI TS’ELISO |
056229125321 |
Different picture, signature, issue date |
|
Legitimate ID # |
MOHALE SEBILI FRANCIS |
057164183629 |
Different picture and signature |
|
Legitimate ID # |
LEPHOI MALIBUSENG ROSALIA |
014356282526 |
Different picture, signature, date of issue, names |
FINDINGS
3.1 The analysis conducted revealed that unscrupulous loan applicants approach micro finance institutions to apply for loans using fraudulent documents. It was confirmed that the documents required for loan application namely, Lesotho National Identity document, payslip and bank statement are doctored by these unscrupulous loan applicants to defraud the money lender. The success rate of the fraudulent loan applications has been high with up to twelve successful fraudulent applications out of a total of thirteen fraudulent loan applications that one money lender recently succumbed to in less than five months and losing up to One Million Four Hundred Thousand Maloti (M1, 400 000.00). The loan applications that had not succeeded but still reportable as attempted fraud had adopted the same modus operandi, thus proving that the syndicate perpetuating the enterprise is potentially the same. The fraudsters target the highest amount of Two Hundred Thousand Maloti (M200,000.00) to ensure that should the application be successful the highest amount is disbursed. This is a demonstration of the gravity of the risk associated with these fraudulent applications based on identity fraud.
3.2 The main enablers of the fraudulent enterprise have been identified to be poor or non-existent verification during on-boarding of clients both on the side of micro finance institutions and the banks. This is a very serious shortcoming that warrants immediate attention especially when efforts had already been put in place to address this by providing viewing rights to financial institutions. To the dismay of the FIU, it has been found that the system still carries some deficiencies that disable thorough verification. For instance, during the engagements that FIU conducted, it was deduced that some user entities labelled the system deficient to the extent that it does not show bearers’ photos of faces of identity documents being verified. This is considered a grave hinderance to the legally binding verification process that needs speedy intervention to mitigate the risk of onboarding with fictitious documents. On the contrary, the NICR assets that it provides viewing rights to entities per their requirements on the fields they want to view. The more fields entity wants to view, is the more fees required to be paid.
RECOMMENDATIONS
4.1 On the premise of the foregoing, it is important that the following issues be attended speedily to arrest the contagion because its ripple effect has potential to affect other areas where personal identification is a requirement. First, the NICR shared system should depict pictures of the faces of identity document holders and all other distinguishing details of the identity document. The reason for this being to ensure that the use of the system helps users to verify each detail of the identity document being verified. This will render verification of the identity documents efficient thus abating the prevalence identity fraud.
4.2 The entities that use the verification platform must ensure that the system is utilised all the time when customers are onboarded. The mutual responsibility to maintain the system in perfect working condition all the time and use the system to verify all the time when prospective customers present their identity documents to fulfil identification requirement at the time of onboarding must never be compromised.
