OM-3.1.2

Entire section

Custom print

Link

Text Only

Rich Text

Print

Location:

Versions

Jan 01 2020 - Dec 31 2020
Jan 01 2021

The Board of Directors, or a designated Board Committee and senior management must establish effective management oversight over the risks associated with activities involving e-banking and electronic funds transfer. The licensee must establish policies and procedures to manage these risks which include but are not be limited to the following:

(a) The development and/or acquisition of the technology solutions;

(b) Testing of application program interfaces;

(c) Standards of communication and access and security of communication sessions, such as PCI-DSS compliance for cards;

(d) Authentication of the users;

(e) Processes and measures that protect customer data confidentiality consistent with Law No. 30 of 2018, Personal Data Protection Law (PDPL) issued on 12 July 2018;

(f) The use of enhanced fraud monitoring of movements in customers’ accounts to guard against electronic frauds using various tools and measures, such as limits on value, volume and velocity; and

(g) Security policy and risk management controls.

Amended: January 2021
Added: January 2020