Authors : Usman Ibrahim Usman; Muhammad Dini Ibrahim; Ibrahim Abdullahi Aliyu; Umar Isah; Fakhrun Jamal

Volume/Issue : Volume 10 - 2025, Issue 12 - December

Google Scholar : https://tinyurl.com/3ddtw2x6

Scribd : https://tinyurl.com/nx2paumn

DOI : https://doi.org/10.38124/ijisrt/25dec240

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Note : Google Scholar may take 30 to 40 days to display the article.

Abstract : Financial institutions serve as a backbone of our daily life by providing a reliable means to store, transfer and perform online transactions. Insider threat is a great challenge faced by financial institutions, where employees, contractors, or trust partners intentionally or unintentionally misuse or compromise systems that lead to data breaches, unauthorised access and financial loss, and disturbed operations. This paper explores the nature, types, and impacts of insider threats within the financial institutions, outlining both technological and human-related factors. It examines real-world cases of insider breaches, exposing light on the motivations and behaviours behind such incidents. This paper identifies key challenges faced by financial institution, which include difficulties in detection, regulatory burdens, and cultural issues. However, it also highlights numerous mitigation strategiesthat cover administrative, technical controls, and legal compliance controls (GDPR and HIPAA). The paper also highlightsthe need for a fair and preventive strategy that integratestechnology, awareness, and organisational policy to efficiently handle insider threats in financial institution. It pays particular attention to both technical weaknesses and human factors, such as lack of awareness or personal motivations that lead to unintentional actions. Real-world scenarios are used to illustrate how insider breaches occurred and what kinds of damage they can caused to financial institutions.

Keywords : Insider Threats, Confidentiality, Integrity, Availability, Financial Institution, Regulatory Compliance.

References :

1. L. Xiangyu, L. Qiuyang, and S. Chandel, “Social Engineering and Insider Threats,” in 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), Nanjing: IEEE, Oct. 2017, pp. 25–34. doi: 10.1109/CyberC.2017.91.
2. A. Kim, J. Oh, J. Ryu, and K. Lee, “A Review of Insider Threat Detection Approaches With IoT Perspective,” IEEE Access, vol. 8, pp. 78847–78867, 2020, doi: 10.1109/ACCESS.2020.2990195.
3. F. Whitelaw, J. Riley, and N. Elmrabit, “A Review of the Insider Threat, a Practitioner Perspective Within the U.K. Financial Services,” IEEE Access, vol. 12, pp. 34752–34768, 2024, doi: 10.1109/ACCESS.2024.3373265.
4. M. N. A. Mhiqani et al., “A new taxonomy of insider threats: an initial step in understanding authorised attack,” Int. J. Inf. Syst. Manag., vol. 1, no. 4, p. 343, 2018, doi: 10.1504/IJISAM.2018.094777.
5. G. Kul and S. Upadhyaya, “Towards a Cyber Ontology for Insider Threats in the Financial Sector”.
6. T. J. Olorunlana, “Securing the Global Cloud: Addressing Data Sovereignty, Cross-Border Compliance, and Emerging Threats in a Decentralized World,” Int. J. Sci. Archit. Technol. Environ., pp. 1394–1407, May 2025, doi: 10.63680/ijsate0525102.117.
7. A. Subhani, I. A. Khan, and A. Zubair, “Review of insider and insider threat detection in the organizations,” J. Adv. Res. Soc. Sci. Humanit., vol. 6, no. 4, Dec. 2021, doi: 10.26500/JARSSH-06-2021-0402.
8. M. N. Al-Mhiqani et al., “A Review of Insider Threat Detection: Classification, Machine Learning Techniques, Datasets, Open Challenges, and Recommendations,” Appl. Sci., vol. 10, no. 15, p. 5208, July 2020, doi: 10.3390/app10155208.
9. D. Alexander and S. Kenneth, “ML-Based Anomaly Detection for Insider Threats in Financial Institutions,” vol. 16, no. 01, 2025.
10. U. Inayat, M. Farzan, S. Mahmood, M. F. Zia, S. Hussain, and F. Pallonetto, “Insider threat mitigation: Systematic literature review,” Ain Shams Eng. J., vol. 15, no. 12, p. 103068, Dec. 2024, doi: 10.1016/j.asej.2024.103068.
11. N. Saxena, E. Hayes, E. Bertino, P. Ojo, K.-K. R. Choo, and P. Burnap, “Impact and Key Challenges of Insider Threats on Organizations and Critical Businesses,” Electronics, vol. 9, no. 9, p. 1460, Sept. 2020, doi: 10.3390/electronics9091460.
12. T. Al-Shehari and R. A. Alsowail, “An Insider Data Leakage Detection Using One-Hot Encoding, Synthetic Minority Oversampling and Machine Learning Techniques,” Entropy, vol. 23, no. 10, p. 1258, Sept. 2021, doi: 10.3390/e23101258.
13. N. F. M. Nassir, U. F. A. Rauf, Z. Zainol, and K. A. Ghani, “REVEALING THE MULTI-PERSPECTIVE FACTORS BEHIND INSIDER THREATS IN CYBERSECURITY,” vol. 17, 2024.
14. F. Jimmy, “Cybersecurity Threats and Vulnerabilities in Online Banking Systems,” Int. J. Sci. Res. Manag. IJSRM, vol. 12, no. 10, pp. 1631–1646, Oct. 2024, doi: 10.18535/ijsrm/v12i10.ec10.
15. N. Ayanbode, O. A. Abieba, N. Chukwurah, O. O. Ajayi, and A. I. Daraojimba, “Human Factors in Fintech Cybersecurity: Addressing Insider Threats and Behavioral Risks,” Int. J. Multidiscip. Res. Growth Eval., vol. 5, no. 1, pp. 1350–1356, 2024, doi: 10.54660/.IJMRGE.2024.5.1.1350-1356.
16. USA and A. Gunuganti, “Insider Threat Detection and Mitigation,” J. Math. Comput. Appl., pp. 1–6, Aug. 2024, doi: 10.47363/JMCA/2024(3)184.
17. R. A. Alsowail and T. Al-Shehari, “Techniques and countermeasures for preventing insider threats,” PeerJ Comput. Sci., vol. 8, p. e938, Apr. 2022, doi: 10.7717/peerj-cs.938.
18. N. Ayanbode, O. A. Abieba, N. Chukwurah, O. O. Ajayi, and A. I. Daraojimba, “Human Factors in Fintech Cybersecurity: Addressing Insider Threats and Behavioral Risks,” Int. J. Multidiscip. Res. Growth Eval., vol. 5, no. 1, pp. 1350–1356, 2024, doi: 10.54660/.IJMRGE.2024.5.1.1350-1356.
19. A. A. Papantoniou, “Regtech: steering the regulatory spaceship in the right direction?,” J. Bank. Financ. Technol., vol. 6, no. 1, pp. 1–16, June 2022, doi: 10.1007/s42786-022-00038-9.
20. A. Srivastava, B. Pandiya, and N. S. Nautiyal, “Application of Artificial Intelligence in Risk Assessment and Mitigation in Banks,” in Artificial Intelligence for Risk Mitigation in the Financial Industry, 1st ed., A. K. Mishra, S. Anand, N. C. Debnath, P. Pokhariyal, and A. Patel, Eds., Wiley, 2024, pp. 27–52. doi: 10.1002/9781394175574.ch2.
21. C. I. Ezekwe, “INTERNATIONAL JOURNAL OF RESEARCH AND INNOVATION IN SOCIAL SCIENCE (IJRISS),” SSRN Electron. J., 2025, doi: 10.2139/ssrn.5065151.
22. O. Efijemue, I. Ejimofor, and O. S. Owolabi, “Insider Threat Prevention in the US Banking System,” Int. J. Soft Comput., vol. 14, no. 3, pp. 17–28, Aug. 2023, doi: 10.5121/ijsc.2023.14302.
23. Akintayo Micheal Ajayi, Abraham Okandeji Omokanye, Olawale Olowu, Ademilola Olowofela Adeleye, Olayinka Mary Omole, and Ifeoluwa Uchechukwu Wada, “Detecting insider threats in banking using AI-driven anomaly detection with a data science approach to cybersecurity,” World J. Adv. Res. Rev., vol. 24, no. 2, pp. 123–132, Nov. 2024, doi: 10.30574/wjarr.2024.24.2.3182.
24. D. Almaiah, “Journal of Cyber Security and Risk Auditing Vol.2025, No.4”.
25. P. Radanliev, “Digital security by design,” Secur. J., vol. 37, no. 4, pp. 1640–1679, Dec. 2024, doi: 10.1057/s41284-024-00435-3.
26. B. U. Umoh, U. D. Ofurum, and O.-A. S. Folasade, “The Impact of Bank Fraud on Economic Stability and Public Trust in Nigeria’s Financial System,” vol. 6, 2024.
27. E. G. Kasie and N. C. Emeka, “NIGERIA DEPOSIT INSURANCE CORPORATION AS A PANACEA FOR STABILIZING NIGERIA BANKING INDUSTRY,” vol. 1, no. 2, 2024.
28. T. H. Fagade and T. Tryfonas, “Security by Compliance? A Study of Insider Threat Implications for Nigerian Banks: HCI International 2016,” Hum. Asp. Inf. Secur. Priv. Trust, pp. 128–139, June 2016, doi: 10.1007/978-3-319-39381-0_12.
29. G. Dahiya, “Insider Led Cyber Fraud in Indian Banking System,” vol. 11, no. 6, 2022.
30. Uchenna Joseph Umoga, Enoch Oluwademilade Sodiya, Olukunle Oladipupo Amoo, and Akoh Atadoga, “A critical review of emerging cybersecurity threats in financial technologies,” Int. J. Sci. Res. Arch., vol. 11, no. 1, pp. 1810–1817, Feb. 2024, doi: 10.30574/ijsra.2024.11.1.0284.
31. C. I. Ezekwe, “Analysis of Emerging Cybersecurity Threats in Nigeria’s Financial Sector: Trends, Impacts, and Mitigation Strategies,” Int. J. Res. Innov. Soc. Sci. IJRISS, 2025, doi: 10.2139/ssrn.5065151.
32. A. Chakraborty, “Cyber Security Threats In Indian Banking Sector And Implementation Of AI As A Preventive Measure,” vol. 14, no. 4, 2024.
33. “Retired manager of UP Cooperative Bank under lens for online attempt to siphon off ₹146 cr,” Hindustan Times. Oct. 2022. Accessed: Oct. 30, 2025. [Online]. Available: https://www.hindustantimes.com/cities/others/retired-manager-of-up-cooperative-bank-under-lens-for-online-attempt-to-siphon-off-rs-146-cr-101666109923029.html