Regulation kills innovation, they say. For most makers, the thinking is that when governments bring regulations, nothing of value happens, because entrepreneurs cannot break things fast, on the way to financial glory. So, in most startup communities, regulation is seen as a burden.

Few days ago, someone commented on a piece I wrote on the need for blockchain regulation as follows thus: “We must leave government out of blockchain because government will stop progress and slow things down. Even Bitcoin does not need regulation. The technology world will drive this without any government help”. This is typical because the narrative is that government uses regulations to put stumbling blocks on innovation.

Unfortunately, the perspectives from most startup communities are not right when it comes to regulation. When people think that regulation is bad, they miss the deal. While poor regulation is bad and does inhibit innovation, smart regulation unlocks value and accelerates innovation. The biggest limiting factor in the development of Bitcoin and by extension blockchain is lack of regulation in U.S., the world’s most important market. Without a clear regulation, there is a ceiling on the sector growth, because there is an uncertainty with legal ramifications.

Only a stupid person will invest another person’s money on these digital currencies without clear disclosures. The risk is huge. Clients may not bother during the happy days, but should things turn south, the trial lawyers will emerge from their hiding caves. With no law to fall back that you traded, for clients, on legally available products in the land, you will be on your own.

China has regulated initial coin offering – “an unregulated means by which funds are raised for a new cryptocurrency venture” – out. South Korea has done the same. For U.S., there is no regulation which means the regulation is weak. When you do not have a regulation on things people expect to be regulated, the community takes the default as confusion. When you have confusion, it is bad for innovation.

I commend the Nigerian government on its drone regulation. It was a brilliant moment in the nation. Without wasting time, they made it so clear that they were against civilian drone development. The registration requirements and the costs were evident government does not want drones to be flying around Nigerian cities. People moved on and that was it. Personally, they made a mistake on the draconian regulation. But yet, I was thrilled they moved fast making it. If anyone wants to change that, you have the courts or the Parliament. Simply, we have a clear regulation and can work to upgrade it. You cannot raise money for drone business now without a clear certainty on what the regulation says. That is far better than raising money with no clue of the possibilities in the future.

Traffic Light

Traffic light is so important in our transportation ecosystems. We see it as a very critical technology which makes our traffic challenges manageable. But there is one thing that makes traffic light very useful. That is the law behind it. Without the law that says that you cannot run a red light, the technology has no value. So, the value of the traffic light comes from the law that drives the transportation sector.

In Nigeria, people run red lights as they know the law is weak to punish them. The same traffic light which is highly feared in some parts of the world has lower respect, in some parts of Africa, where they are installed. You may be unable to drive for years in U.S. for running a red light. In Nigeria, it may be some fees. That is the difference.

The person that made traffic light produced a good technology. But without the law, it would be ignored. So, the strength of Bitcoin/blockchain may not necessarily be the engineering behind the duo but the law that will govern them. If it is smart, the society wins. If poor, the society loses knowing that society can win if a bad technology is banned. Making that call is left to experts because what seems exciting today can bring havoc in future, especially in finance.

All Together

So as we think about regulation, the focus should be making sure they are smart and timely. Working towards smart regulation is strategic. From cryptocurrency to medtech (medical technology), when governments put regulations, markets have certainties on the future. Regulation ratifies sectors and opens the flow of capital. Nigeria needs smart ones, and fast. Smart regulation does not necessarily mean approving all new technologies since some may be unhelpful to the society. But making that call on time, removing uncertainly, makes it possible for people to realign priorities and move on to other areas.

Cybersecurity (yes, cyber-hacking) is causing severe problems across industrial sectors. As the world was processing the implications of the massive hacking attacks on Equifax, a credit rating and management company, another one was reported on Monday. Accounting giant, Deloitte, was breached.

A bombshell report on Monday revealed that Deloitte was hit by a major cyber attack that compromised its email system and certain client records. The news is a major black eye for one of the world’s “big four” accountancy and consulting firms—especially since a major part of Deloitte’s business is selling cyber security. […]

The initial report of the Deloitte breach came from the Guardian, which revealed hackers had compromised the “confidential emails and plans of some of its blue-chip clients.” In response, the firm confirmed it had suffered a cyber-attack, but played down the significance by saying “only very few clients were impacted.”

It is not just companies. Institutions like United States Securities and Exchange Commission (SEC) have been compromised as bad actors look for information to manipulate markets. Everyone is affected including governments and small businesses.  This is a huge global challenge. I have written on this in the past. I want to revisit it owing to questions from the community. Someone had asked: “how can a small company protect itself?”.

Why Are We So Exposed?

Indeed, we are exposed. The reason is the way the software industry is structured, largely in the past, though still prevalent. Before you buy software, you have to put in a company budget. The accounting people take a look and management approves. The deal is done and just like that they begin to depreciate the new acquisition. For the accountant, the software tool has been bought and there is no reason the IT department should come back, for more money, for the same software. It is bought and available for use. That has been the pattern. And that is the root cause of many of the hacking issues especially in small companies.

The company that sold you that software has a new version which fixed some security holes discovered a month after it deployed yours. Unfortunately, it has no incentive to tell you because you have paid 100% and the firm is gone. The vendor had supplied and left the premises. It happens all the time. The vendor puts a statement on its website. No one visits every vendor to read about software patches. The fact is that few customers know of any patch especially for those not deployed electronically.

Over time, your software and data become so integrated that even if you want to update to the latest software, the risk of messing up your operation puts such plans in the cooler. That was what happened in the WannaCry software when hospitals in UK were concerned that upgrading their solutions to newer versions of  the software would put some 3rd party software out of use. In other words, a company supplied software that runs on Windows XP and you have been using that software for 5 years. Everything has been working fine. If you upgrade to Windows 10, that software could malfunction because the vendor did not make it for Windows 10. So, to avoid breaking that critical software, you make sure you do not upgrade to Windows 10. That Microsoft had stopped patching the Windows XP is irrelevant to you. You just hope that bad things will not happen. Unfortunately, they do, maybe not in weeks, but in years. WannaCry was a good case study in the UK healthcare sector.

The 3^rd party vendor had since gone and getting him/her back will mean more money which you do not want to spend. You needed to have the vendor to upgrade the solution to work on Windows 10. You cannot because the accountant does not see a way to do that. You have your software and now you want more money for it. So, what do you do? You just hope nothing bad happens and so there is no update. When security issues happen, your system is one of the first to be affected.

The biggest problem in today’s software business is that interests are not aligned and that is why we are having many hacking challenges. Most times, the technologies are there but the operational fixes are not done. Without that alignment between IT and finance, no company can experience better protection. I do think the way we acquire software must evolve.

A Better Model

Work hard to convince your account people that software cannot be treated like vehicles which must be acquired and left to depreciate. Software is unique because it is “living” which means it has to be nurtured with licensing and upgrades. Where possible, pursue a path of Software as a Service (SaaS) where you do not buy software, but rather service from software. That way, the software, the security protection on it, etc are included in the service.

Today, it is only cloud offering that makes that possible. With cloud, the maker has no version. It only has a solution and that is always current. Think of Adobe model which does not have any version because its solutions are now cloud-only, meaning that it sells through subscription. Adobe gives you security protection and the service you need. You do not need software; you need a solution that does your work.

Once you can get the cloud subscription-based software, you can be sure that your software is at least update to date. To make that happen in your firm, you must convince the accountant that every month or year, money has to be made available to support the subscription.

All Together

I know that in Africa, we do not like subscription. We like to own things. But if you really want to be ahead of this cybersecurity tsunami of issues, you must learn to think differently.  Software patches do work but the problem is that most times we make sure patches do not happen.  It is as simple as turning the patch into manual update, and all the efforts from the solution providers to deliver upgrades are stymied. Cloud takes away that decision from your people and that is why it is more efficient. The product is always current and you do not need to worry about of any patch. Consider that software acquisition strategy where possible.

Good People,

Welcome to October – this is our victory month.

First, I want to thank all those that have subscribed to my new ebook – Africa’s Sankofa Innovation- which was launched last month. We have a community now. THANK YOU ALL.

Another book – Cybersecurity Africa: Policy, Management and Technology – is coming in nine days. Cybersecurity Africa will be a living document which can be updated many times in a year to keep it up to date and relevant. It will be a top destination for anything Cybersecurity in Africa. We have focused on Policy, Management and Technology to deliver value to readers of different interests. We will be releasing the Table of Contents in the coming days.

If you have subscribed to Africa’s Sankofa Innovation, you will have access to Cybersecurity Africa at no extra cost. The same applies to subsequent works we are working to help people unlock value in Africa. Once you are a Tekedia subscriber (subscribe here), all old and new materials will be available at no extra cost.

It is good to have you here.

Thank you.

Ndubuisi Ekekwe

We have great fintech (financial technology) entrepreneurs in Nigeria. The problem is that our fintech focuses on banking only. We have forgotten the insurance part of financial services. You may not blame the entrepreneurs as offering insurance services may be hard in Nigeria, some say. The argument is that trust is low and Nigerians have not opened up to insurance yet.  For the entrepreneurs, I do think the challenge is lack of quick wins in insurance, for anyone that wants to go beyond offering brokerage services to underwriting of risks. You do not make immediate commission which is typical in the fintech world. Rather, for insurance, you take a premium and find ways to invest it, hoping that the value created will be more to settle damages, should bad things happen. So, the business of insurance is not structured for startups.

Unfortunately, I will disagree. If Nigerian fintech entrepreneurs think they are risk takers, insurance is a good sector for them to show that in Nigeria. We need to develop that sector because the market is still at infancy. It is one of the most untapped industries in Nigeria and has promises ahead of it. It simply needs someone with vision and capability to unlock the opportunities.

The Nigerian insurance market is a paltry $1 billion (by premium sold) and that is for a country with more than 180 million people. (By comparison, the global market size is $4.55 trillion.)  Over the years, Nigerian insurers have been unable to expand this market owing to lack of innovation.

South Africa accounts for almost 80 per cent of all premiums in sub-Saharan Africa and the country has an insurance penetration rate — the total value of insurance premiums as a proportion of GDP — of about 13 per cent, well above the developed world average. Of the rest, Kenya is among the most advanced, with a penetration rate of 3 per cent. Nigeria’s, in comparison, is about 0.4 per cent, even though it is Africa’s most populous.

The Nigerian Insurance Industry includes the following sub-sectors: Composite, Non-life, Life and Reinsurance operators. Over the last five years, the Nigerian Insurance Industry has grown at a compound annual growth rate (CAGR) of 11%, buoyed by increased capitalization as well as the introduction of policies aimed at promoting the local market.

A Global Leader

What we are doing in fintech (yes, banktech) needs to be deployed in the insurance industry. We have brought speed, efficiency and innovation in the financial services with focus on remittance, payment, saving and lending. One company we can mimic is the Chinese ZhongAn, an online-only insurance provider, as we plot strategies to redesign the Nigerian insurance industry

Zhong An Online is a Chinese property insurance company that sells all its products online along with handling claims. The company offers e-commerce, mobile payment, and financing guarantee for internet businesses and users. Founded in 2013, Zhong An Online offers business opportunities covering various areas, including the internet-based business and household property insurance, cargo insurance, liability insurance, and credit insurance.

The company has sold 5.8 billion policies to 460 million customers since it was started in 2013. It is the industry leading player in the insuretech (insurance technology) sector where players like Lemonade, Oscar, Clover and Ladder also operate. It is part of the fabric of modern ecommerce in China and has found a way to extract value from digital transactions which it insures.

For example, its top-selling product, a shipping return policy, is sold directly on Alibaba’s shopping platform Taobao and allows shoppers to insure the cost of returning products to vendors. Ctrip, China’s largest online travel group, has helped ZhongAn market “flight delay” insurance, which allows customers to insure against late flights. Customers can buy “cracked screen” insurance when they buy a phone from the website of Xiaomi, a Chinese phonemaker

In Nigeria, we need a fintech company that can emulate what ZhangAn is doing. We have gotten online lender like Paylater.ng and Piggybank.ng. We already have payment processing startups like Paystack and VoguePay. But there is nothing in the insurance sector. Now is the time to find the insurance equivalents. ZhangAn is winning. Investors seem to have agreed that online insurance has value.

The online insurer’s stock surged as much as 18.1 percent in Hong Kong Thursday after an IPO that was more than 100 times oversubscribed. Initial share sales in the city that have raised at least $500 million have risen an average 4.2 percent on their first day of trade, data compiled by Bloomberg show.

A Model

Any company going to do this should better focus on the technology insurance element and leave the traditional one at the moment. It may not be smart to go into the extremely complicated insurance markets in Nigeria. Our attitude will not help. What ZhongAn did is a good idea and that can be replicated to seed solid partnerships with jumia, Konga, Yudala and other ecommerce companies.

With the backing of founding partners Ping An, Tencent, and Alibaba, Zhong An Onlinelaunched as China’s first online-only insurer in 2013. Last week, Zhong An filed to raise $1.5B on the Hong Kong Stock Exchange on the back of some big numbers: 7.2B insurance policies sold, 492M customers served, and close to $500M in gross written premium in 2016.

By working with these players, the business will focus on the lower level risks. Konga is already doing a small version of that with Cornerstone Insurance Plc. However, the cost model of a traditional insurance will surely make the premium expensive. The beauty of ZhongAn is the ability to price low because its expenses are low. Someone in Nigeria must find a way to unlock that value in our insurance industry.

The Cornerstone Insurance Plc is focused on the customers while the major product from ZhangAn focuses on “reimbursing merchants for the shipping costs on returned products purchased on Alibaba’s Taobao marketplace and Tmall (it also offers a shipping return policy for consumers)”. The merchants are the main customers and not just the buyers in the ecommerce ecosystems. That is an interesting business model that can work in Nigerian marketplaces giving merchants confidence to sell while also offering customers the trust to buy.

All Together

Insurance works when the buyer has confidence he/she can be protected when things go bad, and the seller knows it can make money doing so. By using technology, costs can be significantly reduced making premium affordable even when providing high value. Nigerian entrepreneurs in the fintech sector must look beyond banking to insurance. The latter has promising opportunities which we have left on the table at the moment. That must change.