To halt the growing incidents of online fraud, the Central Bank of Nigeria (CBN) has set a December 1, 2023 deadline for all banks to fully comply with the Cyber Security Framework.
The move aims at fortifying banks’ cyber defenses to avoid awful consequences.
The circular dated June 29, 2022, and signed by the CBN Director, OFIs Department, Nkiru Asiegbu was addressed to all Other Financial Institutions under the regulation of the banking sector regulator.
The Chief Strategy Officer, Deloitte West Africa, Mr. Tope Aladenusi, had last month stated that Nigeria lost N5.5trn to fraud and cybercrimes in 10 years.
He noted that as of December 2020, global losses from cybercrime were over $1 trillion. The CBN said the need for full compliance with the framework has become compelling following the recent increase in the number and sophistication of cybersecurity threats against financial institutions.
The objective of the guidelines is to among other things create a safer and more secure cyber environment that supports information system security and promotes stability of the OFI sub-sector.
It also seeks to promote and maintain public trust and confidence in the sub-sector as well as contribute towards the prevention and combating of cybercrime in the OFI sub-sector.
Also, the framework provides a risk-based approach to managing cybersecurity risk and consists of six parts including Cybersecurity Governance, and Oversight, Cybersecurity Risk Management System, Cyber Resilience Assessment, Cybersecurity Operational Resilience, Cyber-Threat Intelligence and Metrics, , Monitoring and Reporting.
The apex bank added that the guidelines represented the minimum requirements to be put in place by all OFIs.
The CBN stated that the safety and soundness of OFIs required that they operate in a safe and secure environment, hence the platform on which information is processed and transmitted should be managed in a way that ensures confidentially, integrity and availability of information as well as the avoidance of financial loss and reputation risks among others.