Digital payment firms shed 1.5 million users on higher taxes, controls
Payment service providers (PSPs) lost at least 1.5 million mobile money users last year, amid an increase in tax and transaction limits, and tighter controls by the Central Bank of Kenya (CBK) to counter money laundering.
A PSP is a third-party company that allows businesses to accept electronic payments, such as credit card and debit card payments. The PSPs in Kenya include telcos such as Safaricom, Airtel, and Telkom Kenya.
The CBK’s 2023 financial sector stability report shows that Kenyans actively using mobile money services on a monthly basis dropped from 32.9 million in December 2022 to 31.4 million as of December last year.
While Kenya’s retail payments system- which accommodates mobile money- serves the highest number of customers and the value of transactions, last year recorded a particularly slow progress in the sector.
“As of December 2023, mobile money providers had a total active 30-day customer base of 31.4 million customers, a decline from 32.9 million in December 2022. About 809,000 new mobile money users registered in 12 months to December 2023, or 6.5 million more new customers registered for similar period in 2022,” the CBK report notes.
This was witnessed even as several changes were introduced in the mobile money sector, including the increase of excise duty from 15 to 20 percent since July 2023, which made transactions more expensive for users.
The CBK also increased daily mobile money transaction limits to Sh500,000 since August last year, which could have motivated users who had more than one account for transaction purposes to close some.
“This was meant to support customers, businesses, and institutions including government agencies to make and receive digital payments in larger amounts, thereby increasing the convenience of mobile money services in Kenya. It was also meant to further deepen financial inclusion and facilitate businesses that have been constrained by the size of the mobile money wallet,” the Central Bank notes.
With the expansion of transaction limits, the government introduced requirements for PSPs to enhance risk mitigation measures to identify and report risks such as money laundering, including transactions among themselves.
“These changes however came with the requirements of PSPs to implement enhanced and appropriate risk mitigation measures to identify, mitigate, and report risks, including money laundering, financing of terrorism and proliferation finance; fraud including the risk of digital or online scams; operational risks; cybersecurity; including speedy resolution of customer complaints,” the report notes.
The CBK notes that while it has licensed 20 PSPs to serve retail customers over the last two years signifying the continued growth of the mobile money economy in the country, the growth has brought forth risks including cybersecurity.
“The cyber threats were high in 2022/23 and increased between June 2023 and March 2024 than the threats reported in 2021/2022. System misconfiguration had the highest increase in 202/23 and 2023/ 24 (March) while Botnet/DDOS threats were the lowest,” it noted.
It also cited Anti-Money Laundering (AML)/Combating the Financing of Terrorism (CFT) risks, from potential use of digital products and channels to perpetrate crimes.
Total cyber threats reported between July 2023 and March 2024 were 2.3 billion, the highest number ever recorded in the country.
“Some of the cyberattacks circumvent AML/CFT requirements in such a way that makes it difficult for some PSPs and customers to detect and deter. PSPs therefore need to conduct enhanced monitoring and reporting as guided by law to mitigate the risks. Additionally, the requisite customer due diligence (CDD) processes must be applied and reviewed periodically,” the CBK stated.