BoZ Issues New Cyber Security Guidelines for Financial Sector

The Bank of Zambia has issued comprehensive Cyber Security Guidelines for all regulated financial institutions, effective January 2026.

The guidelines establish minimum standards for cyber risk management, incident response, and data protection across the financial sector.

Key Requirements:

Financial institutions must: • Establish dedicated cyber security units • Conduct annual penetration testing • Implement multi-factor authentication • Report cyber incidents within 24 hours • Maintain cyber insurance coverage

Compliance Timeline:

All institutions must achieve full compliance within 12 months of the effective date.