Regulatory Alerts2022-06-02
Directive No. 05/DSB/DRO/2022
The Banco Nacional de Angola, through its Banking Supervision and Financial System Regulation Departments, has issued Directive No. 05/DSB/DRO/2022 to mandate Banking Financial Institutions to implement comprehensive policies, processes, and controls for managing Information and Communication Technology (ICT) and cybersecurity risks. The directive establishes clear governance structures, risk appetite frameworks, proportional compliance requirements, and detailed operational guidelines for risk identification, assessment, mitigation, and reporting. Institutions must submit a detailed action plan within sixty days of publication and achieve full compliance within one hundred eighty days, with non-compliance subject to penalties under existing financial institution laws.