Home Governance Kenya announces new guidelines on cybersecurity for financial sector

Kenya announces new guidelines on cybersecurity for financial sector

Kenya Reports 37.1 Mn Cyberattacks in Q4 of 2019: Report

The banking regulator of Kenya, the Central Bank of Kenya (CBK), recently announced the launch of new guidelines on cybersecurity for the financial services sector in the country. According to Patrick Njoroge, the Governor of (CBK), the new guidelines on cybersecurity for payment services will help in curbing emerging threats in the financial industry.

“The regulatory and advisory initiatives are targeted towards safeguarding Kenya’s financial sector from cybercrime,” said Njoroge at the launch of Kenya Bankers Association (KBA) 2019 Card, Mobile, and Online Safety Awareness Campaign. “As a result, a single attack on any given commercial bank could have a devastating effect on the entire financial services system.”

“While this is an inspiring development, financial fraud is among the challenges that threaten progress in the adoption of new technologies. As an industry, we firmly believe that it is through cross-sector collaborations that we can defeat fraud and ensure a sustainable environment for growth,” said Habil Olaka, the CEO of KBA.

“It is for this reason that the banking industry has over the past few years devoted more resources towards containing fraud through staff capacity building and customer education programmes. Through the banking industry’s collaborations with the CBK and the Communications Authority of Kenya, we hope to continue securing payment platforms and innovative products in the financial sector,” Olaka added.

The Central Bank of Kenya proposed the new guidelines for cybersecurity standards last year in order to fight against banking frauds and to get a better view of the new threats that payment service providers are facing. According to the new guidelines, banks and mobile payment operators are required to file cybersecurity reports with the industry regulator. The firms are asked to notify the Central Bank of Kenya within 24 hours of any suspicious activity and also need to submit a quarterly report with CBK on the incidents experienced and how they were resolved.

In a recent press release, the Government of Kenya has dispelled the reports surrounding hacking of the National Integrated Identity Management System (NIIMS), also called Huduma Namba, as fake news. In a statement, the Ministry of Interior stated that no incident, whatsoever, has occurred.

Over the weekend, social media and local blogs were abuzz with news that Enock, an ICT student from University of Nairobi (UON) had hacked into the Huduma Namba system and deleted data collected from 21 million people.