Institutional Overview



The AFC Holdings was established in April 2021 following Government’s resolution to transform Agribank into a one stop shop for agriculture financing. The key mandate of the AFC Holdings is to champion sustainable agriculture financing and development in Zimbabwe. 

The group is comprised of the following subsidiaries: –

  1. AFC Commercial Bank;
  2. AFC Land and Development Bank;
  3. AFC Leasing Company; and
  4. AFC Insurance Company

AFC Holdings is wholly owned by the Government of Zimbabwe. The Ministry of Finance and Economic Development and the Ministry of Lands, Agriculture, Fisheries Water, and Rural Development, maintain 50% shareholding apiece in the institution. 

Important Security

Tips For You

  • Protect your information with proactive steps like using strong passcodes, verifying website addresses and locking your screen
  • If an email, link or attachment seems suspicious, don’t open it
  • Make sure you download apps from a trusted source and keep your technology secure with the latest updates

While we work diligently to keep digital banking with AFC safe and secure, criminals often look for ways to take advantage of customers directly. The best prevention for these schemes is education and diligence from you, the customer. Here are some of the most common types of schemes you might encounter banking online: 

Phishing is a means to commit fraud and is used by cybercriminals to trick their targets into sharing sensitive personal data, such as: login credentials, account and credit card details, and other information which can be used for impersonation purposes. They’ll often use threatening language designed to intimidate their targets, and to manipulate them into complying with their demands. Typically, such attempts are transmitted via email and SMS messaging, and usually contain links to malicious websites.

Social engineering tactics are generally subtle and coercive, and are extremely effective in terms of manipulating a person’s emotional state. Fraudsters will employ an array of techniques to build trust and deceive unsuspecting individuals into handing over information freely. They may try to achieve this by fabricating time-critical issues in order to force their targets into submission.

Recruitment scams take place when criminals post advertisements, containing fraudulent information, as a means of collecting personal data from unsuspecting individuals. Applicants may even be instructed to open accounts under false pretenses, while being told to conceal the reason behind their actions. This allows fraudsters to open and access bank accounts in their targets’ names under the guise of legitimate recruitment offers.

Data theft occurs when cybercriminals target large companies for the purpose of accessing privileged customer data, including: names, residential addresses, insurance information, bank card details, transaction data, and so on. 

Card scammers aim to steal your card details either by cloning the card or by tricking you into giving your card’s details. Immediately cancel lost or stolen cards. Keep a close eye on your bank statements to help you pick this up if it happens.

Monitor Your Accounts Regularly

Check your accounts regularly to make sure all transactions posted are ones you authorized. Report any fraudulent or suspicious activity to your bank. Get into the habit of monitoring your accounts every few days and always after you’ve done any online transactions. You will want to make sure your account was charged appropriately and that your account number isn’t being used for other purchases you didn’t make.

Avoid Clicking Through Emails

You have registered to receive account activity notifications via email alerts and updates, but you don’t have to click through the links to access your account. It’s usually much safer to log into the website manually to ensure you are entering a secure site.

Phishing emails redirect the recipient to a malicious website or fraudulent version of the bank’s website, and some are designed to collect your username, password and other personal information. Don’t be afraid to call the Contact Centre to verify whether the email came from AFC. Never respond to emails that ask to verify your identity by providing your username or password. The bank will never ask for this information via email.

Watch what you share on social media

The more you post about yourself on social networking sites, the easier it might be for someone to use that information to access your accounts, steal your identity and more. Maximizing your privacy settings on social networking sites can also help protect your personal information.

Change Your Passwords Regularly

Avoid using the same password across multiple sites and make sure you are choosing a strong password that is a mix of upper- and lower-case letters, numbers and special characters. Avoid using any words or phrases that contain your name, initials or birthdate. Also get into the habit of changing them every couple of months.

Access Your Accounts from a Secure Location

Avoid using unsecured wireless access points to jump online and log into your online accounts. You should access these accounts when you’re certain you have a secure connection. Unsecured WiFi, such as those found at airports, coffee shops and hotels, are easy to intercept, and someone could easily collect the information you’re using to log in.

Protect Your Computer/Mobile device

Make sure you’re running anti-virus protection software and the firewall is turned on so you aren’t vulnerable to any type of virus that might be downloaded and installed from a malicious site. Take the time to review different programs as well as the security features on your mobile device. Pay a little extra for a higher-quality one that will provide you with protection when you are banking online, shopping online or just opening emails.

It’s a good idea to review the privacy policy and understand what personal data an app can access before you download. It’s best to purchase or download apps from authorized stores to avoid malware.

Don’t keep sensitive information on your phone

Sensitive information includes your bank account numbers, identification information, passcodes, answers to your security questions and any other personal details. If you bank via mobile app, the information in your app should have additional protections like multifactor authentication to keep your information secure.

Check for Encryption

Look for security-enabled website addresses that start with “https” (the extra “s” indicates security). These sites take extra measures to help secure your information. This is particularly important if you’re banking online. Requests for personal information or calls for immediate action while surfing the web are almost always scams. If you suspect a link might give you a virus or steal personal data, don’t click on it. If a suspicious link is sent to you, verify that the sender and where it came from are legitimate. 

Keep Your System Up-to-date

Whether you’re using a laptop or desktop computer or mobile phone to access the internet, make sure you’re downloading appropriate updates and keeping your system up-to-date. Run anti-virus scans regularly and authorize system updates as needed. Some of the leading Trojan horse viruses only work on outdated systems, so your computer may be more vulnerable to an attack unless you continually update it.

You can also run scans on a schedule to double-check for bugs.

Notify the Bank Immediately of any Suspicious Activity or Concerns

Make sure the bank has current contact information for you so we can get in touch with you with any questions or other matters that require your attention.