Nairobi, Kenya – Kenyan banks and payment service providers are under increased pressure to enhance their fraud detection and prevention systems following a global review highlighting significant vulnerabilities to romance scams. These emotionally manipulative schemes are on the rise, with a recent report indicating that Kenyans lost an average of KSh 116,000 per victim to online dating scams in 2024 alone.

The Financial Conduct Authority (FCA) in the UK recently published findings from a review of six banks and payment firms, revealing that 'red flags' in suspicious transactions are frequently missed. The review cited instances where a single victim lost over £428,000 (approximately KSh 67 million) and another made 403 payments totalling £72,000 (approximately KSh 11.3 million) to a fraudster over a year.

Rising Threat of Romance Fraud in Kenya

Romance scams involve criminals cultivating emotional connections with victims online, often through social media and dating sites, before defrauding them of money. Over 85% of these scams originate on such platforms. In Kenya, the problem is exacerbated by high internet penetration and a growing digital economy. The Communications Authority of Kenya (CA) reported that the country lost KSh 10.71 billion to cybercrime in 2023, ranking second in Africa for such losses. Between January and March 2025, Kenya recorded 2.54 billion cyber threat incidents, a 201.7% increase from the previous quarter.

Victims of romance fraud often do not disclose the true reason for their payments, making detection challenging for financial institutions. In nearly half (42%) of the cases reviewed by the FCA, victims withheld this crucial information. This emotional manipulation makes intervention difficult, as victims may be 'under the spell' of the fraudster.

Policy and Governance Measures

The Central Bank of Kenya (CBK) has been actively working to combat financial fraud. The CBK Act (Cap. 491) provides the legal framework for regulating financial institutions and ensuring transparency. In September 2025, the CBK established the Banking Sector Cybersecurity Operations Centre to handle cyber threat intelligence, incident response, digital forensics, and cyber investigations. This centre is a key component in implementing the Computer Misuse and Cybercrime Regulations, 2024, which require financial institutions to comply and report cybersecurity incidents to the CBK.

Furthermore, the CBK has issued guidelines and regulations aimed at strengthening internal controls and fraud prevention measures within the banking sector. These include requirements for robust information technology systems, Know Your Customer (KYC) protocols, and staff training to identify and prevent fraud. The CBK also advises the public on common financial scams and how to protect themselves, urging caution against unsolicited offers and sharing personal information online.

Stakeholder Testimonies and Data

A report by TransUnion in June 2025 highlighted that 82% of Kenyans were targeted by online fraudsters between August and December 2024, with 11% admitting to falling victim. While third-party seller scams and fake job offers were prevalent, online romance scams also contributed significantly to financial losses. The average loss per Kenyan victim to online dating scams was KSh 116,000 in 2024.

Globally, romance fraud is a growing financial crime, with cases rising by 9% in the UK in the last year, costing victims £106 million (approximately KSh 16.6 billion) in 2024. The FCA's review found that despite some examples of good practice, many firms missed opportunities to identify suspicious transactions, indicating a need for better calibration of monitoring systems and improved staff training.

Risks and Implications for Kenya

The increasing sophistication of romance scams poses significant financial and emotional risks to Kenyans. The high unemployment rate, particularly among youth, may contribute to some individuals resorting to online fraud. The ease of accessing the internet further facilitates these criminal activities. The financial sector's rapid adoption of mobile money and digital wallets, while beneficial, also creates new frontiers for fraud.

The lack of comprehensive awareness among both financial professionals and consumers regarding emerging cybercrime trends further exacerbates the problem. Weak IT infrastructures and insufficient cybersecurity audits in some financial institutions also make them vulnerable to attacks.

Unanswered Questions and Controversies

While the FCA review provides valuable insights, the specific impact of these findings on Kenyan banking practices and the extent to which local banks are currently addressing these gaps remain areas for further examination. The full scale of romance fraud in Kenya is likely higher than reported due to the shame and stigma associated with being a victim.

Timeline and Next Steps

The CBK's establishment of the Cybersecurity Operations Centre in September 2025 marks a crucial step in bolstering Kenya's defences against cybercrime. Ongoing efforts to align cybersecurity guidelines with the Computer Misuse and Cybercrime Regulations, 2024, are expected to strengthen the regulatory framework.

What to Watch

Kenyans should remain vigilant against online romance scams, exercising caution when interacting with strangers on dating sites and social media. Financial institutions are expected to implement the recommended stricter controls, including enhanced monitoring systems and comprehensive staff training, to proactively identify and prevent fraudulent transactions. The effectiveness of the CBK's new Cybersecurity Operations Centre in reducing financial losses to romance fraud will be a key area to monitor.