In just eight years, Flutterwave has gone from a small Nigerian startup to a global fintech enterprise, with operations in more than 40 countries serving millions of clients.
But as the fintech platform expands into new markets and processes millions in transactions, it becomes a more appealing target for cyber criminals. The data held by Flutterwave would be a treasure trove for unethical hackers keen to rake in a fortune with a few sharp keystrokes.
To stay afloat, Flutterwave must find ways to keep ahead of sophisticated hacking attempts. At the same time, it must also comply with rules and regulations as it reaches into new areas and as governments impose greater requirements on fintech companies to ensure the safety of citizens’ money and personal data.
Toward those ends, the company has recently bolstered its security operations, including the hiring of Amaresh Mohan as its first chief risk officer. Mohan heads up the company’s efforts toward risk management, compliance, and trust and safety.
But what exactly does the head of safety at a global financial technology company do to protect his platform and clients from attack?
How Flutterwave Found Its CRO
Mohan joined Flutterwave after serving as chief risk officer at GoTo Group, a super-app giant of Southeast Asia and Indonesia’s most valuable startup company (responsible for about 2% of the country’s gross domestic product). GoTo encompasses an e-commerce business and a ride-hailing service, among other services.
Handling that kind of critical business takes serious skills, and that’s exactly what Mohan promised to bring to the role at Flutterwave. Moving from the most valuable startup in one country to the most valuable startup in Africa is a nice career jump, one that Flutterwave was excited to announce to its stakeholders.
“This is a big step forward on our journey to build sustainable, safe, and secure payment solutions that connect Africa to the world and vice versa,” said Flutterwave founder and CEO Olugbenga “GB” Agboola of the hire.
How Flutterwave Keeps Data Secure
Too often, technology outpaces the rules and restrictions that national governments put in place to prevent theft. So, while Flutterwave must prove that it can handle every on-the-books regulation before it can expand into a new nation, its security apparatus needs to keep well ahead of the written rules.
As a result, the job of the company’s chief risk officer isn’t solely about compliance. It’s also about vigilance. A large and global platform like the one created and maintained by Flutterwave is a complicated organism that requires constant attention. With every update or code alteration, there’s a risk that a hole could open that allows hacking software to slip through.
To combat this, Mohan and Flutterwave say they have developed a list of steps the company’s workers must take to ensure that any change to the product won’t leave their software open to hackers or disrupt other parts of the security apparatus.
These moves go far beyond simple beta testing. The company says it regularly engages in meticulous self-audits that examine every aspect of its platform from the ground up. At the same time, Flutterwave claims to have a rigorous trust and safety component to its business model that trains every employee on the art of safe governance and building a risk-aware team.
With fraud prevention as its goal, the company says it has created a culture that doubles down on security at every level. Mohan’s philosophy is that the best way to prevent cyberattacks includes a concerted effort by everyone at Flutterwave to take responsibility for the end user.
How Flutterwave Builds Trust
Keeping data and money safe on one of the world’s leading fintech platforms is a hard job — but even the most secure fintech apps don’t inspire trust by simply being secure. In today’s world, companies cannot sit on their cybersecurity bona fides and expect users to know, understand, or simply accept that their data is safe. A crucial role of any modern financial services company is to inspire feelings of trust in their product.
For many users, it’s not enough that a tech company adheres to the laws of its country. After all, most companies that have lost user data or underinvested in fraud prevention have also gotten stamps of approval from governments. Users must find other means to determine whether companies like Flutterwave are trustworthy stewards of their money and data.
Because users never see internal operations — and because risk assessment procedures are technologically complex and usually kept hidden — most potential Flutterwave customers rely on other outside signals to assess how safe the platform “feels” to them.
Many of these signals come from other trusted companies. When businesses see that Flutterwave is secure enough to partner with global financial giants like American Express, a layer of trust is added. When they discover that Flutterwave also works hand in hand with trusted companies like Uber, PayPal, and Google Pay, it increases the feelings of confidence the end user has.
The other ways consumers often gauge the safeness of a company is by their past. Although it’s only been around eight years, Flutterwave has amassed an impressive resume. The company has processed over 630 million individual transactions totaling over $31 billion.
These types of statistics can build trust with potential customers who will give the service a chance and find their trust is well placed. For Mohan, that’s the goal: a user experience that’s so secure, no one bothers to think about it. Besides him, of course.