LogoRegulatory Alerts
2025-01-01

Circular No. 86/2025: Procedures for Handling Non-Financial Data Regarding Banking and Electronic Systems

The Palestine Monetary Authority issued Circular No. 86/2025 requiring all banks operating in Palestine to immediately implement audit trails for all non-financial system modifications and maintain backup records for at least one year. Banks must establish clear procedures for identifying customer-related financial markets on electronic systems and ensure their backup policies cover all system components with specific periodicity. Additionally, all modifications to system parameters and market data must be executed through system functions rather than direct database access.

Palestine Monetary Authority logo

Palestine

Palestine Monetary Authority

Click to view thumbnail

Palestine Monetary Authority

PALESTINE MONETARY AUTHORITY

Circular No. (86/2025)
To all banks operating in Palestine
Date: Thursday, July 31, 2025

Subject: Procedures for Handling Non-Financial Data Regarding Banking/Electronic Systems/Applications

Further to our Instructions No. (11) of 2022 regarding the Cybersecurity Regulatory Framework, specifically Item 2.11 concerning Backup and Recovery Management, and Item 2.13 concerning Event Logs and Cybersecurity Monitoring Management, you are requested to take the following actions immediately:

  1. All types of operations, especially non-financial ones, executed on the core banking system or electronic service systems (including modification/addition/deletion) must be subject to an Audit trail mechanism. This includes the nature of the modification, old and current values, and specifically but not exclusively the modification of Application Parameters and financial markets, particularly those related to customers. This enables the bank to refer to them when needed for a sufficient period of at least one year, and the backup process for this data must be included.

  2. Prepare and adopt clear procedures regarding the mechanism for identifying financial markets on electronic systems and applications related to customers.

  3. The bank's approved backup policy must include periodic specifications for retaining backups for all banking systems, especially electronic service systems, specifically (daily, monthly, annually). These systems must be included in their entirety within daily, monthly, and annual backup operations, as is the practice with the core banking system.

  4. Modifications to parameters and markets for banking systems and electronic services must be performed through system functions, avoiding direct modification through databases or from outside the system screens and functions.

Supervision Group
Palestine Monetary Authority

www.pma.ps

Ramallah & Al-Bireh Governorate - Palestine P.O. Box 452
Ramallah & Al-Bireh Governorate - Palestine P.O. Box 452 info@pma.ps | Fax: +970 2 2415310 : Fax | Tel: +970 2 2415251 : Tel | Postal code: P6160675 : Postal code

Share