Circular on the Timeline for PCIDSS Certification by all Deposit Money Banks, Switches and Processors

BANK OF NIG BANKING AND PAYMENTS SYSTEM DEPARTMENT April 22, 2014 REF: BPS/DIR/GEN/CIR/01/004 TO: ALL DEPOSIT MONEY BANKS (DMBs), SWITCHES AND PROCESSORS.

CIRCULAR ON THE TIMELINE FOR PCIDSS CERTIFICATION BY ALL DEPOSIT MONEY BANKS, SWITCHES AND PROCESSORS. Consequent upon our circular on the need to combat card fraud, referenced BPS/DIR/GEN/CIR/01/08, dated 25th May, 2012, mandating all banks to comply with the Payment Card Industry Data Security Standards (PCIDSS) before 31st December, 2012, many banks requested for an extension of the deadline, to enable them complete the certification process.

In order to determine the readiness of the various operators, the Central Bank of Nigeria engaged the services of three Qualified Security Assessors (QSAs), to conduct Precertification assessment of the banks. The result of the Pre-certification assessment revealed that while many banks and processors have complied with the Standard, some are in various stages of compliance.

In view of the above, all Deposit Money Banks (DMBs), Switches and Processors are required to be PCIDSS certified, on or before 30th, November 2014. Please note that the Central Bank of Nigeria would invoke appropriate sanctions for noncompliance with the provision of this circular.

'Dipo Fatokun Director, Banking & Payments System Department