The Reserve Bank of Malawi (RBM) has tightened cyber security risks for commercial banks by issuing new information and cyber security risk management guidelines to replace the information technology risk management guidelines of 2016.
RBM Governor Dalitso Kabambe, who is also registrar of financial institutions, said in a statement that cyber security risk, if not properly managed, has the potential to cause disruption to the financial industry.
He said: “Information and cyber risk breaches could result in denial of service to customers, exposure of private information, deletion of or tampering with customers’ and banks’ records and inability to manage both its own as well as customers’ assets.”
In a written response on Monday, Information and Communications Technology Association of Malawi president Bram Fudzulani said cyber security is a major concern worldwide and not just in the financial industry.
He said major threats include stealing of money and the underlying technology or intellectual property.
Consumers Association of Malawi executive director John Kapito said the banking industry as a high-risk area that requires constant reviews on policies that guide and protect consumers from illicit financial transactions. The objectives of the guidelines are, among others, to provide minimum requirements on management of information and cyber security risk, strengthen banks’ information system security and protection of critical information infrastructure.