Regulatory Alerts2023-11-24
Regulation No 50/2022 on Cyber Security in Regulated Institutions
The National Bank of Rwanda issued Regulation No 50/2022 to mandate comprehensive cyber security frameworks for all licensed financial institutions, including banks, insurers, and microfinance entities. The regulation requires these institutions to establish dedicated IT governance committees, implement robust risk management strategies, and enforce technical controls such as multi-factor authentication, data encryption, and regular penetration testing. Institutions must also maintain continuous incident reporting, ensure business continuity through tested recovery programs, and conduct periodic self-assessments to safeguard critical operations against cyber threats.
Share