Regulatory Alerts2025-12-09
Notice No. 8/GBM/2025, of December 9 – Guidelines for Reporting Technological and Cyber Incidents
The Bank of Mozambique issued Notice No. 8/GBM/2025 to establish mandatory guidelines for the classification, reporting, and mitigation of technological and cyber incidents affecting credit institutions and financial companies. The regulation mandates incremental reporting within strict deadlines—24 hours for preliminary, 10 business days for interim, and 30 business days for final reports—along with quarterly aggregated submissions and a 10-year evidence preservation requirement. Additionally, Notice No. 9/GBM/2025 imposes a unified annual limit of 6,000,000,000 meticais on all cross-border payments made by Mozambican bank cardholders across the national banking system.
Share