Data Use Case Study:
Hibret Bank

By Emily Clayton

COMPANY OVERVIEW

About Hibret Bank

Location

Ethiopia

Sector

Banking

Size

385+ branches around Ethiopia

4,700+ employees

hibretbank.png

Hibret Bank was established in 1998 as the fifth private bank in operation in Ethiopia . With its headquarters located in the Ethiopian capital of Addis Ababa, the Bank has expanded rapidly throughout the country and now operates over 385 branches and employs over 4,700 employees. While 70% of banking happens in Addis Ababa, the Bank offers branches in other cities and reaches rural customers through a growing network of agents that are not tied to a branch.


The Bank offers a full range of financial services for companies, non-profits, and individuals in the form of both conventional banking as well as interest free banking which follows Shariah principles. Additionally, the Bank also offers products that are tailored to diaspora including deposit and loan services for Ethiopian nationals and foreign nationals of Ethiopian origin who have lived and worked abroad for more than one year.


Hibret Bank has become known in the country for its digital banking and digital platforms. In fact, Hibret Bank was a pioneer in electronic banking (or E-banking) by offering platforms such as Hibir Mobile and Hibir Online Banking to give its customers 24/7 access to bank account information and other banking services. Given that E-banking is a newer concept in the country, customers are weary of the security of these digital systems. For customers, as well as policy makers, education is an important component to successfully managing the Bank’s E-banking services.

ABOUT THE SECTOR

The private banking sector was officially established in Ethiopia in 1994 when the Ethiopian government first allowed the creation of locally owned private banks and insurance companies. The Ethiopian banking sector is currently comprised of a central bank called The National Bank of Ethiopia, a state-owned development bank, a state-owned commercial bank, and sixteen private banks.

Foreign banks are not currently permitted to provide financial services within Ethiopia, but the sector may open up in the medium term as the current government regime pursues broad economic reforms. While Ethiopia has taken steps recently towards liberalizing its financial sector, including granting initial liaison office licenses to foreign-owned banks and giving its diaspora access to the domestic financial sector (e.g., the ability to buy shares in local banks or start lending businesses), it is still one of Africa’s most tightly state-controlled banking systems.

HOW DATA IS USED

“Data is like gas or petroleum for us” stated Melaku Kebede, Hibret Bank’s Chief Executive Officer. This is because the use of data is not only necessary for the business to function (e.g., managing complex financial accounts) but is also extremely beneficial to inform business decisions.

All banking branches are connected to the headquarters’ data center through a direct connection VPN, or virtual private network, and all transactions are captured through the Oracle FLEXCUBE core banking platform. Types of data that Hibret Bank collects and stores include customer information (e.g., customer identification, credit history, account and balance information), financial transaction information (e.g., withdrawals and deposits, import and export balances), and operations data (e.g., name of the agent who facilitated the transaction, timestamps on transactions, other metadata).

From the raw data, the Oracle FLEXCUBE platform creates dynamic business intelligence reports that enable decision-making based on the data. More than 200 reports are generated for each business unit to capture key metrics and ensure strong health for the business. For example, within the lending business unit there are reports generated for asset quality and repayment schedules, and for retail banking, reports are generated for balance and transaction history.

Furthermore, internal auditors use data to protect the system against fraud by setting up internal controls to flag or freeze a suspicious looking account. For example, because most fraud happens on dormant accounts (accounts that have not seen a transaction for over 6 months), the internal auditor will receive an automatically generated notice any time a dormant account becomes active again.

Lastly, Hibret Bank captures and uses data when transacting with other institutions. For example, Hibret Bank has a partnership with Ethiopian Airlines to offer ticket sales or a co-branded credit card to customers, both of which require the transfer of data between the two companies. The Bank has also interfaced with Ethio telecom, Ethiopia’s government-owned telecommunications provider, for its pre- and post-paid mobile top up offering as well as its recently launched TeleBirr agency banking service. Hibret Bank operates through the SWIFT system when transacting with other financial institutions located outside of Ethiopia.

DATA PRIVACY, STORAGE, AND CYBERSECURITY

All of Hibret Bank’s data for core banking is housed on the premises of its headquarters in Addis Ababa in a state-of-the-art data center and secured by a closed-circuit video surveillance system and around the clock security staff. Mr. Kebede sees the physical data security as very important for the business and a similar on-premises data storage system is the norm in Ethiopia’s banking sector. Hibret Bank prides itself on being more secure than most as it is the first and only bank in the country that has secured the ISO/IEC 27001 certification for meeting international security standards for information security management. A major reason for applying for this certification was to signal to customers and government alike that Hibret Bank takes data security seriously.

Data is housed locally rather than on a remote cloud server for two main reasons: consistent access and sovereignty. Internet connectivity is not always consistent in Ethiopia as outages can occur in Addis Ababa and throughout the country. The Bank’s branches connect to the central system through a direct connection VPN, rather than through VPN over the internet, to ensure consistent connection. The Bank is hesitant to move to storing data on a remote cloud server as they have determined that switching to cloud services for data storage would require a 99.9% active internet connection, which is not currently realistic. Sovereignty is an ingrained aspect of Ethiopian culture that permeates its institutions and policy making[3]. Storing data on local servers is much more attractive than storing data on a cloud-based system, because it is completely controlled by the company and housed within Ethiopia rather than by a foreign-owned company. Even though there is no written directive about where to store financial data, Ethiopia’s central bank discourages the use of a foreign-owned cloud-based service to store customer data, as it is perceived as creating a dependency on a foreign entity, and therefore strongly encourages the use of local on-premises servers for data storage.

Compared to storing data on remote cloud servers, Hibret Bank understands that storing data locally is more complex and more expensive. This is because the storage system needs to be monitored and secured by Bank staff that are physically present at all hours. Furthermore, the Bank also needs to employ its own technical staff to service the system if problems arise. A cloud system for data storage would be cheaper and easier to manage. Additionally, cloud technologies, which enable massive data sets to be combined in one place resulting in the ability to the use of advanced analytics for integrated insights, have been shown to breed innovation in the financial sector.

The one area of the business where data is housed through cloud services is for SWIFT transactions where Hibret Bank is communicating or transacting with a bank outside of the country. “At times some of the services are in the cloud whether we like it or not,” says Mr. Kebede. “While I might prefer maintaining the core banking application on the cloud as well, this is just not that easy because when the internet is down it won’t be able to be used. We will have the opportunity to move to the cloud in the future as some of the infrastructure is improved.”

DATA POLICY REGIME

In recent years, as digital communication and transactions have become more commonplace, the Government of Ethiopia has strengthened and updated its digital economy policies. While Ethiopia does not have a general data protection law or data protection authority, digital strategies and protection are mostly managed by the individual sector governing bodies or authorities. In July 2021, Ethiopia’s central bank launched its first national digital strategy, marking an acceptance and championing of a new way of conducting business. The ambitious strategy laid out a four-pronged plan to transform the payment ecosystem by 1) modernizing and expanding the country’s digital payments infrastructure, 2) championing the adoption of digital payments, intentionally inclusive of financially excluded segments, 3) building a robust and consistent regulatory and oversight framework, and 4) creating an enabling environment for innovation.

For digital transactions to become the norm in private business, the digital invoices that are generated also need to be accepted by the government and covered through updated policies and regulations. While e-receipts are not currently accepted as a proof of payment for tax or other purposes, the central bank’s national digital strategy includes a prioritized recommendation to create legislation and processes to make e-receipts a valid document before the courts. Ethiopian government organizations have been moving to the use of more digital systems recently – in 2020 the Ethiopian Customs Authority started providing online services for declarations – which is promising for the greater regulation and acceptance of digital transactions in the private sector.

Additionally, now that people and institutions can move money digitally, more capital can be moved than ever before, and thus more restrictions have been put in place. Ethiopia’s central bank recently restricted the amount of funds that could be withdrawn daily, currently set at 50,000 Ethiopian Birr or just over $1,000 USD for an individual customer. Hibret Bank sees the enforcement of this directive as an important measure to lower the risk of a bank run as well as to promote the ease of digital banking in Ethiopia (e.g., not needing to be physically present at a bank to do business).

Mr. Kebede is appreciative of the openness of the current regime to listen to requests from the private sector related to improving the digital economy. For example, the Governor of Ethiopia’s central bank convenes all Ethiopian bank presidents on a regular basis to discuss feedback on policies. Mr. Kebede sees this open line of communication as resulting in strengthened government policies, as well as an opportunity for banks and financial technology companies to learn from one another by discussing their own digital transition. “The frequent meetings between the central bank Governor and bank presidents are very constructive and have to be encouraged and appreciated.”

FUTURE OF DATA USE

Looking to the future, Mr. Kebede is excited to harness the full value of the data the Bank is collecting. His five year wish list is to utilize business intelligence that not only provides a real time picture of current transactions, as the Bank does now, but is also predictive of future customer behavior. With these data analysis tools, the Bank will be able to proactively package and market particular products to customers as they need them. Currently, the business is more reactive, and Mr. Kebede looks forward to providing tailored and proactive outreach to the customer based on individual need.

While Mr. Kebede sees a future where the Bank will utilize cloud services to house its core business data, that future is still a long way off. Prior to such a shift in data storage, Mr. Kebede foresees a period where data will need to be replicated and stored on both local and cloud servers to breed confidence in a cloud-based system by both policy makers and consumers alike. “Since the cloud is a new way of thinking, you need to take people through the change gradually,” says Mr. Kebede.

Bibliographic reference:

E-Trade Alliance Case Study. Author: Clayton, Emily. Data Use by Hibret Bank. USAID Digital Economy and Market Development Project. September 2021.