The Sacco Societies Regulatory Authority (SASRA) has directed all regulated SACCOs to institute round‑the‑clock surveillance and mandatory offline data back‑ups of their digital platforms, warning of heightened cyber‑attack risks during the upcoming Easter and Labour Day holidays.
According to SASRA, analysis of past incidents shows cyber‑attacks peak during long weekends and public holidays, particularly in the final hours before the break begins and late at night during the holiday period. The long weekends flagged include April 3 to April 6, covering Good Friday and Easter Monday, and May 1 to May 3, marking Labour Day.
Acting Chief Executive Officer David Sandagi said SACCOs must take proactive measures to safeguard members’ funds and data. “All regulated SACCOs, both deposit‑taking and non‑deposit‑taking, are hereby called upon to undertake a mandatory offline back‑up of all critical data, information, and records in compliance with the Sacco Societies Act and related regulations,” he stated.
ALSO READ:
Livestock sector set for transformation as Kagwe unveils new KVB Board
The Authority instructed SACCOs to intensify monitoring of their management information systems, mobile money channels, ATMs, internet banking platforms, and other ICT infrastructures used to deliver financial services. Sandagi emphasized that institutions operating Pay Bill float accounts through third‑party systems or offering digital credit products are particularly vulnerable.
SASRA further directed SACCOs and their vendors to deploy 24/7 cyber‑security monitoring solutions, including human response mechanisms, to detect, disrupt, and report intrusions in real time. Internal controls must also be strengthened to prevent collusion between employees and third parties, with particular focus on FOSA savings accounts, mobile wallet linkages, ATM card integrations, and unusual transfers from external institutions.
The Authority reminded SACCOs to ensure all contracts with third‑party vendors comply with SASRA Circular No. SASRA/GG/1/2023 issued on June 6, 2023. Sandagi warned that any losses arising from non‑compliant engagements would be borne by the officers responsible for entering into such contracts.
ALSO READ:
TAC, Norwegian agency partner to empower youth in fish farming in bid to reduce country’s deficit
The directive follows concerns raised in recent audits about the growing exposure of SACCOs to cyber‑crime. SASRA underscored that robust surveillance and offline back‑ups are essential to protect members’ savings and maintain confidence in the cooperative financial sector.
By Masaki Enock
Get more stories from our website:Sacco Review.
For comments and clarifications, write to: Saccoreview@
Kindly follow us via our social media pages on Facebook:Sacco Review Newspaperfor timely updates
Stay ahead of the pack! Grab the latest Sacco Review newspaper!
