Regulatory Alerts2023-03-31 | 119691Regulation on Information Security Requirements for Payment System Operators and Payment Organizations
The National Bank of the Kyrgyz Republic issued this Regulation to establish uniform information security requirements for payment system operators and payment organizations (PSO/PO). It mandates the implementation of a comprehensive information security management system, including documented policies, operational procedures, personnel responsibilities, role-based access controls, and multi-factor authentication. Furthermore, it requires continuous risk management, business continuity planning, secure internet usage, robust antivirus and backup measures, and strict event logging to minimize losses from malicious actions, system failures, and personnel errors.
Share