Connect with us

Business News

Banks told to report fraud within 2 hours : The Standard



Banks and mobile money firms will from October be required to furnish the Central Bank of Kenya (CBK) with information on cyber-attacks on a real-time basis.
This latest measure follows a decision by the banking regulator to step up surveillance on cyber fraud.
In the new regulations, CBK wants banks and mobile money companies to submit a report within two hours of a cyber-fraud incident.

SEE ALSO :All eyes on governor’s magic fix

The guidelines on cyber-security for payment service providers that became effective this month require firms with systems that clear huge amounts such as bank-to-bank transfers to immediately file reports.
Firms with systems that move huge volumes of cash such as mobile money will also be required to file a preliminary report.
CBK noted that banking systems that it referred to as Systemically Important Payment System (SIPS) were sensitive and their failure ‘could potentially endanger the operation of the entire economy.’
The failure of mobile money platforms or System-Wide Important Payment Systems ‘could also create disruptions due to a large number of users relying on the system, thus affecting public confidence’.
“PSPs should notify CBK within 24 hours, and SWIPS and SIPS within two hours, of any cyber-security incident(s) that could have a significant and adverse impact on the PSP’s ability to provide adequate services to its customers, its reputation or financial condition… this should be followed by a comprehensive report on the incident,” reads CBK guidelines, which PSPs have 90 days to implement.

SEE ALSO :Central Bank boss warns against additional borrowing

“On a quarterly basis, PSPs shall provide CBK with a report… concerning its occurrence and handling of cybersecurity incidents.”
The apex bank has also given payment service providers, including telcos operating mobile money and traditional mobile cash platforms, up to December 31 to file strategies on how they have protected themselves against cyber fraud.
It includes having their personnel well versed with cybersecurity and the strategies to ward off possible threats.
Between January and March this year, the Kenya – Computer Incident Response Team (KE-CIRT) detected 11.2 million cyber threats.
In 2018, the economy lost Sh29.5 billion to cybercrime.

SEE ALSO :CBK ups capital requirement for microlenders

Register to advertise your products & services on our classifieds website and enjoy one month subscription free of charge and 3 free ads on the Standard newspaper.

CBKcyber-securityCentral Bank of Kenya

Source link