This archive report was first published on 17 July 2019.
On July 17, 2019, the Central Bank of Kenya (CBK) issued new guidelines to payment service providers, including commercial banks and technology companies, to stem cybercrime.
The guidelines warn the boards of directors that they face ultimate liability in case of criminal breaches, including the unauthorized disclosure of customer information.
"The board of directors is ultimately responsible for the cybersecurity of the payment service provider," said the CBK.
Payment service providers, including Mastercard, Visa, Safaricom, Airtel, and Telkom, have 90 days to comply with the requirements.
The guidelines also emphasize the importance of confidentiality in customer information and the need for clearly written contracts when outsourcing services.