Abstract
M.Comm.
Electronic commerce is a large and constantly growing industry (Kisimov. 2008), and
on-line transactions are returning ever-larger revenues to electronic merchants.
However, the a-commerce industry is still facing a range of problems concerning the
process of secure completion of on-line transactions. "Such problems are connected to
consumer fears dealing with the identity of on-line merchants, their security pre-cautions
and methods for accepting on-line payments" (Kisimov, 2008). According to Kim (2007),
financial institutions must ensure that the perceptions and realities surrounding security
are successfully managed, both to ensure adoption and to protect customers and the
institution from emerging threats. The South African Banking Risk Information Centre
(SABRIC) expressed its concern about the increase in phishing attacks on South African
banking clients. Banking industry data managed by SABRIC shows that the number of
phishing websites targeting local bank clients that have been detected and closed down
by the banks have more than trebled since November 2009 until February 2010. This is
a clear indication that fraudsters are constantly trying to defraud internet and cell phone
banking clients (SABRIC, 2010:1 ).
This study will aim to determine what controls financial institutions should implement to
ensure that internet and cell phone banking can be done safely and with confidence. It
will also determine whether the independent external auditors play a vital role in the
process of implementing controls and solutions. With internet and cell phone banking
growing rapidly (more than three billion people depend on cell phones every day for
business and personal use), it is of the utmost importance that the necessary controls
are implemented to protect clients' confidential information (Ciickatell, 2009a).