By segun Oniyide
The Central Bank of Nigeria (CBN) has announced banks have until November 30 to meet specified payment card security specifications, as the bank looks to combat card fraud in Nigeria’s financial system.
The move will safeguard personal and account information conveyed in processing card payments.
In a circular entitled “Circular on timeline for PCIDSS certification by all deposit money banks, switches, processors”, CBN said it would “invoke appropriate sanctions for non-compliance with the provisions of this circular”.
The document was signed by Dipo Fatokun, director of the CBN’s Banking & Payments Systems Department. He recalled a previous circular on the need to combat card fraud in 2012, which said Nigerian banks should comply with the Payment Card Industry Data Security Standards (PCIDSS) before December 31, 2012.
The extension of the deadline, the circular added, followed requests by many of the banks to enable them complete the certification process.
CBN said it has engaged the services of three Qualified Security Assessors (QSAs) to conduct pre-certification assessment of banks to determine their readiness.
“The result of the assessment showed that while many banks and processors have complied with the standards, some are at various stages of compliance,” it said.
“To mitigate the increased operational risk as a result of frauds, several measures were recommended to improve the DMBs risk management control function. These measures included the implementation of stricter internal control, improved technology audit to routinely check employees’ activities and a more thorough approach to hiring employees for highly sensitive areas of operation.”