Skip to main content

Kenya: CBK Warns Bank Boards of Ultimate Liability for Cybercrimes

N

Nyakundi Report

Newsroom 1 min read

This archive report was first published on 17 July 2019.

On July 17, 2019, the Central Bank of Kenya (CBK) issued new guidelines to payment service providers, including commercial banks and technology companies, to stem cybercrime.

The guidelines warn the boards of directors that they face ultimate liability in case of criminal breaches, including the unauthorized disclosure of customer information.

"The board of directors is ultimately responsible for the cybersecurity of the payment service provider," said the CBK.

Payment service providers, including Mastercard, Visa, Safaricom, Airtel, and Telkom, have 90 days to comply with the requirements.

The guidelines also emphasize the importance of confidentiality in customer information and the need for clearly written contracts when outsourcing services.

Be the first to react

Support

Support this reporting

M-Pesa support recorded against this story.

Send support →

Stay close

Get the briefing

Major updates by email. No spam.

Get email brief →

Share

Save share card

Download a clean portrait card for sharing.

Save image →