The Central Bank of Nigeria has issued the Risk-Based Cybersecurity Framework and Guidelines (the Guidelines) for Other Financial Institutions (OFI). These guidelines provide for the minimum safety requirements to be put in place by OFIs, having regard to the increasing number of sophisticated cyber security threats against financial institutions and most especially OFIs.
The objectives of the Guidelines are:
- to create a safer and more secure environment that supports information system security and promote stability of the OFI sub-sector;
- to contribute towards the prevention and combating of cybercrime in the OFI sub-sector;
- to promote the adoption and implementation of best practices and appropriate cybersecurity standards by OFIs;
- to promote and maintain public trust and confidence in the OFI sub-sector; and
- to promote a cybersecurity culture and awareness through continuous capacity building and skills development.
A framework for cybersecurity governance, risk management system, resilience assessment, operational resilience, cyber-threat intelligence, metrics, monitoring and reporting, among others has been established, and the effective date for full compliance with the provisions of the Guidelines is January 1 2023.
Please click here to access the Guidelines.
You can contact us at contact@compleolegal.com or +234 802 360 4638 for any enquiries on the Guidelines or any other technology, finance or regulatory related issue.